trivy

package

v0.12.0-rc3 Latest Latest Go to latest Published: Sep 1, 2021 License: Apache-2.0 Imports: 15 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aquasecurity/starboard

Documentation ¶

Overview ¶

Package trivy provides primitives for working with Trivy.

Index ¶

Constants
func GetScoreFromCVSS(CVSSs map[string]*CVSS) *float64
func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator) vulnerabilityreport.Plugin
type CVSS
type Config
type Layer
type Mode
type ScanReport
type Vulnerability

Constants ¶

View Source

const (
	// Plugin the name of this plugin.
	Plugin = "Trivy"
)

Variables ¶

This section is empty.

Functions ¶

func GetScoreFromCVSS ¶ added in v0.11.0

func GetScoreFromCVSS(CVSSs map[string]*CVSS) *float64

func NewPlugin ¶

func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator) vulnerabilityreport.Plugin

NewPlugin constructs a new vulnerabilityreport.Plugin, which is using an upstream Trivy container image to scan Kubernetes workloads.

This Plugin supports both Standalone and ClientServer modes depending on the settings returned by Config.GetMode.

The ClientServer mode is usually more performant, however it requires a Trivy server accessible at the configurable Config.GetServerURL.

Types ¶

type CVSS ¶

type CVSS struct {
	V3Score *float64 `json:"V3Score,omitempty"`
}

type Config ¶

type Config struct {
	starboard.PluginConfig
}

Config defines configuration params for this plugin.

func (Config) GetImageRef ¶ added in v0.11.0

func (c Config) GetImageRef() (string, error)

GetImageRef returns upstream Trivy container image reference.

func (Config) GetInsecureRegistries ¶ added in v0.11.0

func (c Config) GetInsecureRegistries() map[string]bool

func (Config) GetMode ¶ added in v0.11.0

func (c Config) GetMode() (Mode, error)

func (Config) GetResourceRequirements ¶ added in v0.11.0

func (c Config) GetResourceRequirements() (corev1.ResourceRequirements, error)

GetResourceRequirements creates ResourceRequirements from the Config.

func (Config) GetServerURL ¶ added in v0.11.0

func (c Config) GetServerURL() (string, error)

func (Config) IgnoreFileExists ¶ added in v0.11.0

func (c Config) IgnoreFileExists() bool

type Layer ¶

type Layer struct {
	Digest string `json:"Digest"`
	DiffID string `json:"DiffID"`
}

type Mode ¶ added in v0.11.0

type Mode string

Mode describes mode in which Trivy client operates.

const (
	Standalone   Mode = "Standalone"
	ClientServer Mode = "ClientServer"
)

type ScanReport ¶

type ScanReport struct {
	Target          string          `json:"Target"`
	Vulnerabilities []Vulnerability `json:"Vulnerabilities"`
}

type Vulnerability ¶

type Vulnerability struct {
	VulnerabilityID  string            `json:"VulnerabilityID"`
	PkgName          string            `json:"PkgName"`
	InstalledVersion string            `json:"InstalledVersion"`
	FixedVersion     string            `json:"FixedVersion"`
	Title            string            `json:"Title"`
	Description      string            `json:"Description"`
	Severity         v1alpha1.Severity `json:"Severity"`
	Layer            Layer             `json:"Layer"`
	PrimaryURL       string            `json:"PrimaryURL"`
	References       []string          `json:"References"`
	Cvss             map[string]*CVSS  `json:"CVSS"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL