Documentation
¶
Index ¶
- Variables
- type ImageScanDeployInfoService
- type ImageScanDeployInfoServiceImpl
- type ImageScanService
- type ImageScanServiceImpl
- func (impl *ImageScanServiceImpl) CalculateSeverityCountInfo(vulnerabilities []*bean3.Vulnerabilities) *bean3.SeverityCount
- func (impl ImageScanServiceImpl) FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*repository3.ImageScanDeployInfo, error)
- func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
- func (impl *ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
- func (impl ImageScanServiceImpl) FetchScanExecutionListing(request *bean3.ImageScanRequest, deployInfoIds []int) (*bean3.ImageScanHistoryListingResponse, error)
- func (impl *ImageScanServiceImpl) GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
- func (impl ImageScanServiceImpl) IsImageScanExecutionCompleted(image, imageDigest string) (bool, error)
- func (impl *ImageScanServiceImpl) VulnerabilityExposure(request *repository3.VulnerabilityRequest) (*repository3.VulnerabilityExposureListingResponse, error)
- type PolicyService
- type PolicyServiceImpl
- func (impl *PolicyServiceImpl) DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) GetApplicablePolicy(clusterId, envId, appId int, isAppstore bool) (map[string]*repository3.CvePolicy, ...)
- func (impl *PolicyServiceImpl) GetBlockedCVEList(cves []*repository3.CveStore, clusterId, envId, appId int, isAppstore bool) ([]*repository3.CveStore, error)
- func (impl *PolicyServiceImpl) GetCvePolicy(id int, userId int32) (*repository3.CvePolicy, error)
- func (impl *PolicyServiceImpl) GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) HasBlockedCVE(cves []*repository3.CveStore, cvePolicy map[string]*repository3.CvePolicy, ...) bool
- func (impl *PolicyServiceImpl) SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) SendEventToClairUtility(event *ScanEvent) error
- func (impl *PolicyServiceImpl) UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
- func (impl *PolicyServiceImpl) VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
- type ScanEvent
- type ScanToolMetadataService
- type ScanToolMetadataServiceImpl
- type VerifyImageRequest
- type VerifyImageResponse
Constants ¶
This section is empty.
Variables ¶
View Source
var ImageScanningWireSet = wire.NewSet( NewPolicyServiceImpl, wire.Bind(new(PolicyService), new(*PolicyServiceImpl)), NewImageScanServiceImpl, wire.Bind(new(ImageScanService), new(*ImageScanServiceImpl)), read.NewImageScanHistoryReadService, wire.Bind(new(read.ImageScanHistoryReadService), new(*read.ImageScanHistoryReadServiceImpl)), read.NewImageScanDeployInfoReadService, wire.Bind(new(read.ImageScanDeployInfoReadService), new(*read.ImageScanDeployInfoReadServiceImpl)), NewImageScanDeployInfoService, wire.Bind(new(ImageScanDeployInfoService), new(*ImageScanDeployInfoServiceImpl)), read.NewImageScanResultReadServiceImpl, wire.Bind(new(read.ImageScanResultReadService), new(*read.ImageScanResultReadServiceImpl)), NewScanToolMetadataServiceImpl, wire.Bind(new(ScanToolMetadataService), new(*ScanToolMetadataServiceImpl)), repository.NewImageScanHistoryRepositoryImpl, wire.Bind(new(repository.ImageScanHistoryRepository), new(*repository.ImageScanHistoryRepositoryImpl)), repository.NewImageScanResultRepositoryImpl, wire.Bind(new(repository.ImageScanResultRepository), new(*repository.ImageScanResultRepositoryImpl)), repository.NewImageScanObjectMetaRepositoryImpl, wire.Bind(new(repository.ImageScanObjectMetaRepository), new(*repository.ImageScanObjectMetaRepositoryImpl)), repository.NewCveStoreRepositoryImpl, wire.Bind(new(repository.CveStoreRepository), new(*repository.CveStoreRepositoryImpl)), repository.NewImageScanDeployInfoRepositoryImpl, wire.Bind(new(repository.ImageScanDeployInfoRepository), new(*repository.ImageScanDeployInfoRepositoryImpl)), repository.NewScanToolMetadataRepositoryImpl, wire.Bind(new(repository.ScanToolMetadataRepository), new(*repository.ScanToolMetadataRepositoryImpl)), repository.NewPolicyRepositoryImpl, wire.Bind(new(repository.CvePolicyRepository), new(*repository.CvePolicyRepositoryImpl)), repository.NewScanToolExecutionHistoryMappingRepositoryImpl, wire.Bind(new(repository.ScanToolExecutionHistoryMappingRepository), new(*repository.ScanToolExecutionHistoryMappingRepositoryImpl)), )
Functions ¶
This section is empty.
Types ¶
type ImageScanDeployInfoService ¶
type ImageScanDeployInfoService interface {
Save(model *repository.ImageScanDeployInfo) error
Update(model *repository.ImageScanDeployInfo) error
}
type ImageScanDeployInfoServiceImpl ¶
type ImageScanDeployInfoServiceImpl struct {
// contains filtered or unexported fields
}
func NewImageScanDeployInfoService ¶
func NewImageScanDeployInfoService(logger *zap.SugaredLogger, imageScanDeployInfoRepository repository.ImageScanDeployInfoRepository) *ImageScanDeployInfoServiceImpl
func (*ImageScanDeployInfoServiceImpl) Save ¶
func (impl *ImageScanDeployInfoServiceImpl) Save(model *repository.ImageScanDeployInfo) error
func (*ImageScanDeployInfoServiceImpl) Update ¶
func (impl *ImageScanDeployInfoServiceImpl) Update(model *repository.ImageScanDeployInfo) error
type ImageScanService ¶
type ImageScanService interface {
FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*repository3.ImageScanDeployInfo, error)
FetchScanExecutionListing(request *bean3.ImageScanRequest, ids []int) (*bean3.ImageScanHistoryListingResponse, error)
FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
VulnerabilityExposure(request *repository3.VulnerabilityRequest) (*repository3.VulnerabilityExposureListingResponse, error)
GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
IsImageScanExecutionCompleted(image, imageDigest string) (bool, error)
}
type ImageScanServiceImpl ¶
type ImageScanServiceImpl struct {
Logger *zap.SugaredLogger
// contains filtered or unexported fields
}
func NewImageScanServiceImpl ¶
func NewImageScanServiceImpl(Logger *zap.SugaredLogger, scanHistoryRepository repository3.ImageScanHistoryRepository, scanResultRepository repository3.ImageScanResultRepository, scanObjectMetaRepository repository3.ImageScanObjectMetaRepository, cveStoreRepository repository3.CveStoreRepository, imageScanDeployInfoRepository repository3.ImageScanDeployInfoRepository, userService user.UserService, appRepository repository1.AppRepository, envService environment.EnvironmentService, ciArtifactRepository repository.CiArtifactRepository, policyService PolicyService, pipelineRepository pipelineConfig.PipelineRepository, ciPipelineRepository pipelineConfig.CiPipelineRepository, scanToolMetaDataRepository repository3.ScanToolMetadataRepository, scanToolExecutionHistoryMappingRepository repository3.ScanToolExecutionHistoryMappingRepository, cvePolicyRepository repository3.CvePolicyRepository) *ImageScanServiceImpl
func (*ImageScanServiceImpl) CalculateSeverityCountInfo ¶
func (impl *ImageScanServiceImpl) CalculateSeverityCountInfo(vulnerabilities []*bean3.Vulnerabilities) *bean3.SeverityCount
func (ImageScanServiceImpl) FetchAllDeployInfo ¶
func (impl ImageScanServiceImpl) FetchAllDeployInfo(request *bean3.ImageScanRequest) ([]*repository3.ImageScanDeployInfo, error)
func (ImageScanServiceImpl) FetchExecutionDetailResult ¶
func (impl ImageScanServiceImpl) FetchExecutionDetailResult(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
func (*ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId ¶
func (impl *ImageScanServiceImpl) FetchMinScanResultByAppIdAndEnvId(request *bean3.ImageScanRequest) (*bean3.ImageScanExecutionDetail, error)
func (ImageScanServiceImpl) FetchScanExecutionListing ¶
func (impl ImageScanServiceImpl) FetchScanExecutionListing(request *bean3.ImageScanRequest, deployInfoIds []int) (*bean3.ImageScanHistoryListingResponse, error)
func (*ImageScanServiceImpl) GetArtifactVulnerabilityStatus ¶
func (impl *ImageScanServiceImpl) GetArtifactVulnerabilityStatus(ctx context.Context, request *bean2.VulnerabilityCheckRequest) (bool, error)
func (ImageScanServiceImpl) IsImageScanExecutionCompleted ¶
func (impl ImageScanServiceImpl) IsImageScanExecutionCompleted(image, imageDigest string) (bool, error)
func (*ImageScanServiceImpl) VulnerabilityExposure ¶
func (impl *ImageScanServiceImpl) VulnerabilityExposure(request *repository3.VulnerabilityRequest) (*repository3.VulnerabilityExposureListingResponse, error)
type PolicyService ¶
type PolicyService interface {
SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
GetBlockedCVEList(cves []*repository3.CveStore, clusterId, envId, appId int, isAppstore bool) ([]*repository3.CveStore, error)
VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
GetCvePolicy(id int, userId int32) (*repository3.CvePolicy, error)
GetApplicablePolicy(clusterId, envId, appId int, isAppstore bool) (map[string]*repository3.CvePolicy, map[securityBean.Severity]*repository3.CvePolicy, error)
HasBlockedCVE(cves []*repository3.CveStore, cvePolicy map[string]*repository3.CvePolicy, severityPolicy map[securityBean.Severity]*repository3.CvePolicy) bool
}
type PolicyServiceImpl ¶
type PolicyServiceImpl struct {
PipelineRepository pipelineConfig.PipelineRepository
// contains filtered or unexported fields
}
func NewPolicyServiceImpl ¶
func NewPolicyServiceImpl(environmentService environment.EnvironmentService, logger *zap.SugaredLogger, apRepository repository1.AppRepository, pipelineOverride chartConfig.PipelineOverrideRepository, cvePolicyRepository repository3.CvePolicyRepository, clusterService cluster.ClusterService, PipelineRepository pipelineConfig.PipelineRepository, scanResultRepository repository3.ImageScanResultRepository, imageScanDeployInfoRepository repository3.ImageScanDeployInfoRepository, imageScanObjectMetaRepository repository3.ImageScanObjectMetaRepository, client *http.Client, ciArtifactRepository repository.CiArtifactRepository, ciConfig *types.CiCdConfig, imageScanHistoryReadService read.ImageScanHistoryReadService, cveStoreRepository repository3.CveStoreRepository, ciTemplateRepository pipelineConfig.CiTemplateRepository) *PolicyServiceImpl
func (*PolicyServiceImpl) DeletePolicy ¶
func (impl *PolicyServiceImpl) DeletePolicy(id int, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
input : policyId output: id
func (*PolicyServiceImpl) GetApplicablePolicy ¶
func (impl *PolicyServiceImpl) GetApplicablePolicy(clusterId, envId, appId int, isAppstore bool) (map[string]*repository3.CvePolicy, map[securityBean.Severity]*repository3.CvePolicy, error)
func (*PolicyServiceImpl) GetBlockedCVEList ¶
func (impl *PolicyServiceImpl) GetBlockedCVEList(cves []*repository3.CveStore, clusterId, envId, appId int, isAppstore bool) ([]*repository3.CveStore, error)
func (*PolicyServiceImpl) GetCvePolicy ¶
func (impl *PolicyServiceImpl) GetCvePolicy(id int, userId int32) (*repository3.CvePolicy, error)
func (*PolicyServiceImpl) GetPolicies ¶
func (impl *PolicyServiceImpl) GetPolicies(policyLevel securityBean.PolicyLevel, clusterId, environmentId, appId int) (*bean.GetVulnerabilityPolicyResult, error)
global: na cluster: clusterId environment: environmentId application : appId, envId
res:
func (*PolicyServiceImpl) HasBlockedCVE ¶
func (impl *PolicyServiceImpl) HasBlockedCVE(cves []*repository3.CveStore, cvePolicy map[string]*repository3.CvePolicy, severityPolicy map[securityBean.Severity]*repository3.CvePolicy) bool
func (*PolicyServiceImpl) SavePolicy ¶
func (impl *PolicyServiceImpl) SavePolicy(request bean.CreateVulnerabilityPolicyRequest, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
func (*PolicyServiceImpl) SendEventToClairUtility ¶
func (impl *PolicyServiceImpl) SendEventToClairUtility(event *ScanEvent) error
func (*PolicyServiceImpl) UpdatePolicy ¶
func (impl *PolicyServiceImpl) UpdatePolicy(updatePolicyParams bean.UpdatePolicyParams, userId int32) (*bean.IdVulnerabilityPolicyResult, error)
1. policy id 2. action
func (*PolicyServiceImpl) VerifyImage ¶
func (impl *PolicyServiceImpl) VerifyImage(verifyImageRequest *VerifyImageRequest) (map[string][]*VerifyImageResponse, error)
type ScanEvent ¶
type ScanEvent struct {
Image string `json:"image"`
ImageDigest string `json:"imageDigest"`
AppId int `json:"appId"`
EnvId int `json:"envId"`
PipelineId int `json:"pipelineId"`
CiArtifactId int `json:"ciArtifactId"`
UserId int `json:"userId"`
AccessKey string `json:"accessKey"`
SecretKey string `json:"secretKey"`
Token string `json:"token"`
AwsRegion string `json:"awsRegion"`
DockerRegistryId string `json:"dockerRegistryId"`
}
type ScanToolMetadataService ¶
type ScanToolMetadataServiceImpl ¶
type ScanToolMetadataServiceImpl struct {
// contains filtered or unexported fields
}
func NewScanToolMetadataServiceImpl ¶
func NewScanToolMetadataServiceImpl(logger *zap.SugaredLogger, scanToolMetadataRepository repository.ScanToolMetadataRepository) *ScanToolMetadataServiceImpl
func (*ScanToolMetadataServiceImpl) MarkOtherToolsInActive ¶
func (*ScanToolMetadataServiceImpl) MarkToolAsActive ¶
func (impl *ScanToolMetadataServiceImpl) MarkToolAsActive(toolName, version string, tx *pg.Tx) error
type VerifyImageRequest ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.