Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewScanner ¶
func NewScanner(idGenerator ext.IDGenerator, config starboard.TrivyConfig) vulnerabilityreport.Scanner
NewScanner constructs a new vulnerabilityreport.Scanner, which is using an official Trivy container image to scan Kubernetes workloads.
This vulnerabilityreport.Scanner supports both trivy.Standalone and trivy.ClientServer client modes depending on the current starboard.TrivyConfig.
The trivy.ClientServer more is usually more performant, however it requires a Trivy server to be hosted and accessible at the configurable URL.
Types ¶
type Converter ¶
type Converter interface {
Convert(imageRef string, reader io.Reader) (v1alpha1.VulnerabilityScanResult, error)
}
Converter is the interface that wraps the Convert method.
Convert converts the vulnerabilities model used by Trivy to a generic model defined by the Custom Security Resource Specification.
func NewConverter ¶
func NewConverter(config starboard.TrivyConfig) Converter
type ScanReport ¶
type ScanReport struct {
Target string `json:"Target"`
Vulnerabilities []Vulnerability `json:"Vulnerabilities"`
}
type Vulnerability ¶
type Vulnerability struct {
VulnerabilityID string `json:"VulnerabilityID"`
PkgName string `json:"PkgName"`
InstalledVersion string `json:"InstalledVersion"`
FixedVersion string `json:"FixedVersion"`
Title string `json:"Title"`
Description string `json:"Description"`
Severity v1alpha1.Severity `json:"Severity"`
Layer Layer `json:"Layer"`
PrimaryURL string `json:"PrimaryURL"`
References []string `json:"References"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.