Documentation
¶
Index ¶
- type ImageScanService
- type ImageScanServiceImpl
- func (impl *ImageScanServiceImpl) CalculateSeverityCountInfo(vulnerabilities []*bean3.Vulnerabilities) *bean3.SeverityCount
- func (impl ImageScanServiceImpl) FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*security.ImageScanDeployInfo, error)
- func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
- func (impl *ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
- func (impl ImageScanServiceImpl) FetchScanExecutionListing(request *bean3.ImageScanRequest, deployInfoIds []int) (*bean3.ImageScanHistoryListingResponse, error)
- func (impl *ImageScanServiceImpl) GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
- func (impl *ImageScanServiceImpl) VulnerabilityExposure(request *security.VulnerabilityRequest) (*security.VulnerabilityExposureListingResponse, error)
- type PolicyService
- type PolicyServiceImpl
- func (impl *PolicyServiceImpl) DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) GetApplicablePolicy(clusterId, envId, appId int, isAppstore bool) (map[string]*security.CvePolicy, map[securityBean.Severity]*security.CvePolicy, ...)
- func (impl *PolicyServiceImpl) GetBlockedCVEList(cves []*security.CveStore, clusterId, envId, appId int, isAppstore bool) ([]*security.CveStore, error)
- func (impl *PolicyServiceImpl) GetCvePolicy(id int, userId int32) (*security.CvePolicy, error)
- func (impl *PolicyServiceImpl) GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) HasBlockedCVE(cves []*security.CveStore, cvePolicy map[string]*security.CvePolicy, ...) bool
- func (impl *PolicyServiceImpl) SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) SendEventToClairUtility(event *ScanEvent) error
- func (impl *PolicyServiceImpl) UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
- type ScanEvent
- type VerifyImageRequest
- type VerifyImageResponse
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ImageScanService ¶
type ImageScanService interface {
FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*security.ImageScanDeployInfo, error)
FetchScanExecutionListing(request *bean3.ImageScanRequest, ids []int) (*bean3.ImageScanHistoryListingResponse, error)
FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
VulnerabilityExposure(request *security.VulnerabilityRequest) (*security.VulnerabilityExposureListingResponse, error)
GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
}
type ImageScanServiceImpl ¶
type ImageScanServiceImpl struct {
Logger *zap.SugaredLogger
// contains filtered or unexported fields
}
func NewImageScanServiceImpl ¶
func NewImageScanServiceImpl(Logger *zap.SugaredLogger, scanHistoryRepository security.ImageScanHistoryRepository, scanResultRepository security.ImageScanResultRepository, scanObjectMetaRepository security.ImageScanObjectMetaRepository, cveStoreRepository security.CveStoreRepository, imageScanDeployInfoRepository security.ImageScanDeployInfoRepository, userService user.UserService, teamRepository repository2.TeamRepository, appRepository repository1.AppRepository, envService cluster.EnvironmentService, ciArtifactRepository repository.CiArtifactRepository, policyService PolicyService, pipelineRepository pipelineConfig.PipelineRepository, ciPipelineRepository pipelineConfig.CiPipelineRepository, scanToolMetaDataRepository security.ScanToolMetadataRepository, scanToolExecutionHistoryMappingRepository security.ScanToolExecutionHistoryMappingRepository, cvePolicyRepository security.CvePolicyRepository) *ImageScanServiceImpl
func (*ImageScanServiceImpl) CalculateSeverityCountInfo ¶ added in v0.7.3
func (impl *ImageScanServiceImpl) CalculateSeverityCountInfo(vulnerabilities []*bean3.Vulnerabilities) *bean3.SeverityCount
func (ImageScanServiceImpl) FetchAllDeployInfo ¶
func (impl ImageScanServiceImpl) FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*security.ImageScanDeployInfo, error)
func (ImageScanServiceImpl) FetchExecutionDetailResult ¶
func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
func (*ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId ¶
func (impl *ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
func (ImageScanServiceImpl) FetchScanExecutionListing ¶
func (impl ImageScanServiceImpl) FetchScanExecutionListing(request *bean3.ImageScanRequest, deployInfoIds []int) (*bean3.ImageScanHistoryListingResponse, error)
func (*ImageScanServiceImpl) GetArtifactVulnerabilityStatus ¶ added in v0.7.0
func (impl *ImageScanServiceImpl) GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
func (*ImageScanServiceImpl) VulnerabilityExposure ¶
func (impl *ImageScanServiceImpl) VulnerabilityExposure(request *security.VulnerabilityRequest) (*security.VulnerabilityExposureListingResponse, error)
type PolicyService ¶
type PolicyService interface {
SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
GetBlockedCVEList(cves []*security.CveStore, clusterId, envId, appId int, isAppstore bool) ([]*security.CveStore, error)
VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
GetCvePolicy(id int, userId int32) (*security.CvePolicy, error)
GetApplicablePolicy(clusterId, envId, appId int, isAppstore bool) (map[string]*security.CvePolicy, map[securityBean.Severity]*security.CvePolicy, error)
HasBlockedCVE(cves []*security.CveStore, cvePolicy map[string]*security.CvePolicy, severityPolicy map[securityBean.Severity]*security.CvePolicy) bool
}
type PolicyServiceImpl ¶
type PolicyServiceImpl struct {
PipelineRepository pipelineConfig.PipelineRepository
// contains filtered or unexported fields
}
func NewPolicyServiceImpl ¶
func NewPolicyServiceImpl(environmentService cluster.EnvironmentService, logger *zap.SugaredLogger, apRepository repository1.AppRepository, pipelineOverride chartConfig.PipelineOverrideRepository, cvePolicyRepository security.CvePolicyRepository, clusterService cluster.ClusterService, PipelineRepository pipelineConfig.PipelineRepository, scanResultRepository security.ImageScanResultRepository, imageScanDeployInfoRepository security.ImageScanDeployInfoRepository, imageScanObjectMetaRepository security.ImageScanObjectMetaRepository, client *http.Client, ciArtifactRepository repository.CiArtifactRepository, ciConfig *types.CiCdConfig, scanHistoryRepository security.ImageScanHistoryRepository, cveStoreRepository security.CveStoreRepository, ciTemplateRepository pipelineConfig.CiTemplateRepository) *PolicyServiceImpl
func (*PolicyServiceImpl) DeletePolicy ¶
func (impl *PolicyServiceImpl) DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
input : policyId output: id
func (*PolicyServiceImpl) GetApplicablePolicy ¶ added in v0.4.1
func (*PolicyServiceImpl) GetBlockedCVEList ¶
func (*PolicyServiceImpl) GetCvePolicy ¶
func (*PolicyServiceImpl) GetPolicies ¶
func (impl *PolicyServiceImpl) GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
global: na cluster: clusterId environment: environmentId application : appId, envId
res:
func (*PolicyServiceImpl) HasBlockedCVE ¶ added in v0.4.1
func (*PolicyServiceImpl) SavePolicy ¶
func (impl *PolicyServiceImpl) SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
func (*PolicyServiceImpl) SendEventToClairUtility ¶
func (impl *PolicyServiceImpl) SendEventToClairUtility(event *ScanEvent) error
func (*PolicyServiceImpl) UpdatePolicy ¶
func (impl *PolicyServiceImpl) UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
1. policy id 2. action
func (*PolicyServiceImpl) VerifyImage ¶
func (impl *PolicyServiceImpl) VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
type ScanEvent ¶
type ScanEvent struct {
Image string `json:"image"`
ImageDigest string `json:"imageDigest"`
AppId int `json:"appId"`
EnvId int `json:"envId"`
PipelineId int `json:"pipelineId"`
CiArtifactId int `json:"ciArtifactId"`
UserId int `json:"userId"`
AccessKey string `json:"accessKey"`
SecretKey string `json:"secretKey"`
Token string `json:"token"`
AwsRegion string `json:"awsRegion"`
DockerRegistryId string `json:"dockerRegistryId"`
}
type VerifyImageRequest ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.