security

package

v0.0.0-...-a328902 Latest Latest Go to latest Published: Nov 7, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/devtron-labs/image-scanner

Links

Open Source Insights

Documentation ¶

Index ¶

type ImageScanConfig
- func GetImageScannerConfig() (*ImageScanConfig, error)
type ImageScanService
type ImageScanServiceImpl
- func NewImageScanServiceImpl(logger *zap.SugaredLogger, ...) *ImageScanServiceImpl
type ScanCodeRequest

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ImageScanConfig ¶

type ImageScanConfig struct {
	ScannerType           string `env:"SCANNER_TYPE" envDefault:""`
	ScanTryCount          int    `env:"IMAGE_SCAN_TRY_COUNT" envDefault:"1"`
	ScanImageTimeout      int    `env:"IMAGE_SCAN_TIMEOUT" envDefault:"10"`      // Time is considered in minutes
	ScanImageAsyncTimeout int    `env:"IMAGE_SCAN_ASYNC_TIMEOUT" envDefault:"3"` // Time is considered in minutes
}

func GetImageScannerConfig ¶

func GetImageScannerConfig() (*ImageScanConfig, error)

type ImageScanService ¶

type ImageScanService interface {
	ScanImage(scanEvent *common.ImageScanEvent, tool *repository.ScanToolMetadata, executionHistory *repository.ImageScanExecutionHistory, executionHistoryDirPath string) error
	CreateScanExecutionRegistryForClairV4(vs []*claircore.Vulnerability, event *common.ImageScanEvent, toolId int, executionHistory *repository.ImageScanExecutionHistory) ([]*claircore.Vulnerability, error)
	CreateScanExecutionRegistryForClairV2(vs []*clair.Vulnerability, event *common.ImageScanEvent, toolId int, executionHistory *repository.ImageScanExecutionHistory) ([]*clair.Vulnerability, error)
	IsImageScanned(image string, hasSource bool) (int, bool, error)
	ScanImageForTool(tool *repository.ScanToolMetadata, executionHistoryId int, executionHistoryDirPathCopy string, wg *sync.WaitGroup, userId int32, ctx context.Context, imageScanRenderDto *common.ImageScanRenderDto, isV2 bool) (string, string, error)
	CreateFolderForOutputData(executionHistoryModelId int) string
	HandleProgressingScans()
	GetActiveTool() (*repository.ScanToolMetadata, error)
	RegisterScanExecutionHistoryAndState(executionHistoryModel *repository.ImageScanExecutionHistory, tool *repository.ScanToolMetadata) (*repository.ImageScanExecutionHistory, string, error)
	GetImageScanRenderDto(registryId string, scanEvent *common.ImageScanEvent) (*common.ImageScanRenderDto, error)
	GetImageToBeScannedAndFetchCliEnv(scanEvent *common.ImageScanEvent) (string, error)
	FetchProxyUrl(scanEvent *common.ImageScanEvent) (string, []name.Option, error)
}

type ImageScanServiceImpl ¶

type ImageScanServiceImpl struct {
	Logger                                    *zap.SugaredLogger
	ScanHistoryRepository                     repository.ImageScanHistoryRepository
	ScanResultRepository                      repository.ImageScanResultRepository
	ScanObjectMetaRepository                  repository.ImageScanObjectMetaRepository
	CveStoreRepository                        repository.CveStoreRepository
	ImageScanDeployInfoRepository             repository.ImageScanDeployInfoRepository
	CiArtifactRepository                      repository.CiArtifactRepository
	ScanToolExecutionHistoryMappingRepository repository.ScanToolExecutionHistoryMappingRepository
	ScanToolMetadataRepository                repository.ScanToolMetadataRepository
	ScanStepConditionRepository               repository.ScanStepConditionRepository
	ScanToolStepRepository                    repository.ScanToolStepRepository
	ScanStepConditionMappingRepository        repository.ScanStepConditionMappingRepository
	ImageScanConfig                           *ImageScanConfig
	DockerArtifactStoreRepository             repository.DockerArtifactStoreRepository
	RegistryIndexMappingRepository            repository.RegistryIndexMappingRepository
	CliCommandEnv                             []string
}

func NewImageScanServiceImpl ¶

func NewImageScanServiceImpl(logger *zap.SugaredLogger, scanHistoryRepository repository.ImageScanHistoryRepository,
	scanResultRepository repository.ImageScanResultRepository, scanObjectMetaRepository repository.ImageScanObjectMetaRepository,
	cveStoreRepository repository.CveStoreRepository, imageScanDeployInfoRepository repository.ImageScanDeployInfoRepository,
	ciArtifactRepository repository.CiArtifactRepository,
	scanToolExecutionHistoryMappingRepository repository.ScanToolExecutionHistoryMappingRepository,
	scanToolMetadataRepository repository.ScanToolMetadataRepository,
	scanStepConditionRepository repository.ScanStepConditionRepository,
	scanToolStepRepository repository.ScanToolStepRepository,
	scanStepConditionMappingRepository repository.ScanStepConditionMappingRepository,
	imageScanConfig *ImageScanConfig,
	dockerArtifactStoreRepository repository.DockerArtifactStoreRepository, registryIndexMappingRepository repository.RegistryIndexMappingRepository) *ImageScanServiceImpl

func (*ImageScanServiceImpl) CheckConditionsForAStep ¶

func (impl *ImageScanServiceImpl) CheckConditionsForAStep(step repository.ScanToolStep, stepOutput []byte) (bool, error)

func (*ImageScanServiceImpl) ConvertEndStepOutputAndSaveVulnerabilities ¶

func (impl *ImageScanServiceImpl) ConvertEndStepOutputAndSaveVulnerabilities(stepOutput []byte, executionHistoryId int, tool repository.ScanToolMetadata, step repository.ScanToolStep, userId int32) error

func (*ImageScanServiceImpl) CreateCaCertFile ¶

func (impl *ImageScanServiceImpl) CreateCaCertFile(cert string) (string, error)

func (*ImageScanServiceImpl) CreateFolderForOutputData ¶

func (impl *ImageScanServiceImpl) CreateFolderForOutputData(executionHistoryModelId int) string

func (*ImageScanServiceImpl) CreateScanExecutionRegistryForClairV2 ¶

func (impl *ImageScanServiceImpl) CreateScanExecutionRegistryForClairV2(vs []*clair.Vulnerability, event *common.ImageScanEvent, toolId int, executionHistory *repository.ImageScanExecutionHistory) ([]*clair.Vulnerability, error)

func (*ImageScanServiceImpl) CreateScanExecutionRegistryForClairV4 ¶

func (impl *ImageScanServiceImpl) CreateScanExecutionRegistryForClairV4(vs []*claircore.Vulnerability, event *common.ImageScanEvent, toolId int, executionHistory *repository.ImageScanExecutionHistory) ([]*claircore.Vulnerability, error)

func (*ImageScanServiceImpl) EvaluateCondition ¶

func (impl *ImageScanServiceImpl) EvaluateCondition(condition repository.ScanStepCondition, stepOutput []byte) (bool, error)

func (*ImageScanServiceImpl) FetchProxyUrl ¶

func (impl *ImageScanServiceImpl) FetchProxyUrl(scanEvent *common.ImageScanEvent) (string, []name.Option, error)

func (*ImageScanServiceImpl) GetActiveTool ¶

func (impl *ImageScanServiceImpl) GetActiveTool() (*repository.ScanToolMetadata, error)

func (*ImageScanServiceImpl) GetCliInputParams ¶

func (impl *ImageScanServiceImpl) GetCliInputParams(step repository.ScanToolStep, toolOutputDirPath string, imageScanRenderDto *common.ImageScanRenderDto, toolMetaData string) (string, error)

func (*ImageScanServiceImpl) GetHttpStepInputParams ¶

func (impl *ImageScanServiceImpl) GetHttpStepInputParams(step repository.ScanToolStep, toolOutputDirPath string, imageScanRenderDto *common.ImageScanRenderDto) (url.Values, map[string]string, *bytes.Buffer, error)

func (*ImageScanServiceImpl) GetImageScanRenderDto ¶

func (impl *ImageScanServiceImpl) GetImageScanRenderDto(registryId string, scanEvent *common.ImageScanEvent) (*common.ImageScanRenderDto, error)

func (*ImageScanServiceImpl) GetImageToBeScannedAndFetchCliEnv ¶

func (impl *ImageScanServiceImpl) GetImageToBeScannedAndFetchCliEnv(scanEvent *common.ImageScanEvent) (string, error)

func (*ImageScanServiceImpl) HandleProgressingScans ¶

func (impl *ImageScanServiceImpl) HandleProgressingScans()

func (*ImageScanServiceImpl) IsImageScanned ¶

func (impl *ImageScanServiceImpl) IsImageScanned(image string, hasSource bool) (int, bool, error)

func (*ImageScanServiceImpl) ProcessScanForTool ¶

func (impl *ImageScanServiceImpl) ProcessScanForTool(tool repository.ScanToolMetadata, executionHistoryDirPath string, executionHistoryId int, userId int32, ctx context.Context, imageScanRenderDto *common.ImageScanRenderDto) error

func (*ImageScanServiceImpl) ProcessScanStep ¶

func (impl *ImageScanServiceImpl) ProcessScanStep(step repository.ScanToolStep, tool repository.ScanToolMetadata, toolOutputDirPath string, ctx context.Context, imageScanRenderDto *common.ImageScanRenderDto) ([]byte, error)

func (*ImageScanServiceImpl) RegisterScanExecutionHistoryAndState ¶

func (impl *ImageScanServiceImpl) RegisterScanExecutionHistoryAndState(executionHistoryModel *repository.ImageScanExecutionHistory,
	tool *repository.ScanToolMetadata) (*repository.ImageScanExecutionHistory, string, error)

func (*ImageScanServiceImpl) RenderInputDataForAStep ¶

func (impl *ImageScanServiceImpl) RenderInputDataForAStep(inputPayloadTmpl string, outputStepIndex int, toolExecutionDirectoryPath string, imageScanRenderDto *common.ImageScanRenderDto, toolMetaData string) ([]byte, error)

func (*ImageScanServiceImpl) ScanImage ¶

func (impl *ImageScanServiceImpl) ScanImage(scanEvent *common.ImageScanEvent, tool *repository.ScanToolMetadata, executionHistory *repository.ImageScanExecutionHistory, executionHistoryDirPath string) error

func (*ImageScanServiceImpl) ScanImageForTool ¶

func (impl *ImageScanServiceImpl) ScanImageForTool(tool *repository.ScanToolMetadata, executionHistoryId int, executionHistoryDirPathCopy string, wg *sync.WaitGroup, userId int32, ctx context.Context, imageScanRenderDto *common.ImageScanRenderDto, isV2 bool) (string, string, error)

type ScanCodeRequest ¶

type ScanCodeRequest struct {
	ScanEvent               *common.ImageScanEvent
	Tool                    *repository.ScanToolMetadata
	ExecutionHistory        *repository.ImageScanExecutionHistory
	ExecutionHistoryDirPath string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL