Documentation
¶
Index ¶
Constants ¶
View Source
const ( Name = "xray" Usage = "Shows what's inside of your container image and reverse engineers its Dockerfile" Alias = "x" )
View Source
const ( FlagChanges = "changes" FlagChangesOutput = "changes-output" FlagLayer = "layer" FlagAddImageManifest = "add-image-manifest" FlagAddImageConfig = "add-image-config" FlagLayerChangesMax = "layer-changes-max" FlagAllChangesMax = "all-changes-max" FlagAddChangesMax = "add-changes-max" FlagModifyChangesMax = "modify-changes-max" FlagDeleteChangesMax = "delete-changes-max" FlagChangePath = "change-path" FlagChangeData = "change-data" FlagChangeDataHash = "change-data-hash" FlagReuseSavedImage = "reuse-saved-image" FlagTopChangesMax = "top-changes-max" FlagHashData = "hash-data" FlagDetectUTF8 = "detect-utf8" FlagDetectDuplicates = "detect-duplicates" FlagShowDuplicates = "show-duplicates" FlagShowSpecialPerms = "show-special-perms" FlagChangeMatchLayersOnly = "change-match-layers-only" FlagExportAllDataArtifacts = "export-all-data-artifacts" FlagDetectAllCertFiles = "detect-all-certs" FlagDetectAllCertPKFiles = "detect-all-cert-pks" FlagDetectIdentities = "detect-identities" FlagDetectIdentitiesParam = "detect-identities-param" FlagDetectIdentitiesDumpRaw = "detect-identities-dump-raw" FlagDetectScheduledTasks = "detect-scheduled-tasks" FlagDetectScheduledTasksParam = "detect-scheduled-tasks-param" FlagDetectScheduledTasksDumpRaw = "detect-scheduled-tasks-dump-raw" FlagDetectServices = "detect-services" FlagDetectServicesParam = "detect-services-param" FlagDetectServicesDumpRaw = "detect-services-dump-raw" FlagDetectSystemHooks = "detect-system-hooks" FlagDetectSystemHooksParam = "detect-system-hooks-param" FlagDetectSystemHooksDumpRaw = "detect-system-hooks-dump-raw" )
Xray command flag names
View Source
const ( FlagChangesUsage = "Show layer change details for the selected change type (values: none, all, delete, modify, add)" FlagChangesOutputUsage = "Where to show the changes (values: all, report, console)" FlagLayerUsage = "Show details for the selected layer (using layer index or ID)" FlagAddImageManifestUsage = "Add raw image manifest to the command execution report file" FlagAddImageConfigUsage = "Add raw image config object to the command execution report file" FlagLayerChangesMaxUsage = "Maximum number of changes to show for each layer" FlagAllChangesMaxUsage = "Maximum number of changes to show for all layers" FlagAddChangesMaxUsage = "Maximum number of 'add' changes to show for all layers" FlagModifyChangesMaxUsage = "Maximum number of 'modify' changes to show for all layers" FlagDeleteChangesMaxUsage = "Maximum number of 'delete' changes to show for all layers" FlagChangePathUsage = "Include changes for the files that match the path pattern (Glob/Match in Go and **)" FlagChangeDataUsage = "Include changes for the files that match the data pattern (regex)" FlagReuseSavedImageUsage = "Reuse saved container image" FlagTopChangesMaxUsage = "Maximum number of top changes to track" FlagChangeDataHashUsage = "Include changes for the files that match the provided data hashes (sha1)" FlagHashDataUsage = "Generate file data hashes" FlagDetectUTF8Usage = "Detect utf8 files and optionally extract the discovered utf8 file content" FlagDetectDuplicatesUsage = "Detect duplicate files based on their hashes" FlagShowDuplicatesUsage = "Show discovered duplicate file paths" FlagShowSpecialPermsUsage = "Show files with special permissions (setuid,setgid,sticky)" FlagChangeMatchLayersOnlyUsage = "Show only layers with change matches" FlagExportAllDataArtifactsUsage = "" /* 142-byte string literal not displayed */ FlagDetectAllCertFilesUsage = "Detect all certifcate files" FlagDetectAllCertPKFilesUsage = "Detect all certifcate private key files" FlagDetectIdentitiesUsage = "Detect system identities (users, groups) and their properties" FlagDetectIdentitiesParamUsage = "Input parameters for system identities detection" FlagDetectIdentitiesDumpRawUsage = "" /* 188-byte string literal not displayed */ FlagDetectScheduledTasksUsage = "Detect scheduled tasks and their properties" FlagDetectScheduledTasksParamUsage = "Input parameters for scheduled tasks detection" FlagDetectScheduledTasksDumpRawUsage = "" /* 195-byte string literal not displayed */ FlagDetectServicesUsage = "Detect services and their properties" FlagDetectServicesParamUsage = "Input parameters for services detection" FlagDetectServicesDumpRawUsage = "" /* 177-byte string literal not displayed */ FlagDetectSystemHooksUsage = "Detect system hooks and their properties" FlagDetectSystemHooksParamUsage = "Input parameters for system hooks detection" FlagDetectSystemHooksDumpRawUsage = "" /* 185-byte string literal not displayed */ )
Xray command flag usage info
Variables ¶
View Source
var CLI = &cli.Command{ Name: Name, Aliases: []string{Alias}, Usage: Usage, Flags: []cli.Flag{ commands.Cflag(commands.FlagCommandParamsFile), commands.Cflag(commands.FlagTarget), commands.Cflag(commands.FlagPull), commands.Cflag(commands.FlagDockerConfigPath), commands.Cflag(commands.FlagRegistryAccount), commands.Cflag(commands.FlagRegistrySecret), commands.Cflag(commands.FlagShowPullLogs), cflag(FlagChanges), cflag(FlagChangesOutput), cflag(FlagLayer), cflag(FlagAddImageManifest), cflag(FlagAddImageConfig), cflag(FlagLayerChangesMax), cflag(FlagAllChangesMax), cflag(FlagAddChangesMax), cflag(FlagModifyChangesMax), cflag(FlagDeleteChangesMax), cflag(FlagChangePath), cflag(FlagChangeData), cflag(FlagReuseSavedImage), cflag(FlagTopChangesMax), cflag(FlagChangeMatchLayersOnly), cflag(FlagHashData), cflag(FlagDetectUTF8), cflag(FlagDetectAllCertFiles), cflag(FlagDetectAllCertPKFiles), cflag(FlagDetectDuplicates), cflag(FlagShowDuplicates), cflag(FlagShowSpecialPerms), cflag(FlagChangeDataHash), cflag(FlagExportAllDataArtifacts), cflag(FlagDetectIdentities), cflag(FlagDetectIdentitiesParam), cflag(FlagDetectIdentitiesDumpRaw), cflag(FlagDetectScheduledTasks), cflag(FlagDetectScheduledTasksParam), cflag(FlagDetectScheduledTasksDumpRaw), cflag(FlagDetectServices), cflag(FlagDetectServicesParam), cflag(FlagDetectServicesDumpRaw), cflag(FlagDetectSystemHooks), cflag(FlagDetectSystemHooksParam), cflag(FlagDetectSystemHooksDumpRaw), commands.Cflag(commands.FlagRemoveFileArtifacts), }, Action: func(ctx *cli.Context) error { xc := app.NewExecutionContext(Name, ctx.String(commands.FlagConsoleFormat)) _ = ctx.String(commands.FlagCommandParamsFile) targetRef := ctx.String(commands.FlagTarget) if targetRef == "" { if ctx.Args().Len() < 1 { xc.Out.Error("param.target", "missing image ID/name") cli.ShowCommandHelp(ctx, Name) return nil } else { targetRef = ctx.Args().First() } } gcvalues, err := commands.GlobalFlagValues(ctx) if err != nil { xc.Out.Error("param.global", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } detectIdentities, err := getDetectOpParam(ctx, FlagDetectIdentities, FlagDetectIdentitiesParam, FlagDetectIdentitiesDumpRaw, detectIdentitiesDumpRawDefault, detectIdentitiesOpParamKeys) if err != nil { xc.Out.Error("param.detect_identities", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } detectScheduledTasks, err := getDetectOpParam(ctx, FlagDetectScheduledTasks, FlagDetectScheduledTasksParam, FlagDetectScheduledTasksDumpRaw, detectScheduledTasksDumpRawDefault, detectScheduledTasksOpParamKeys) if err != nil { xc.Out.Error("param.detect_scheduled_tasks", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } detectServices, err := getDetectOpParam(ctx, FlagDetectServices, FlagDetectServicesParam, FlagDetectServicesDumpRaw, detectServicesDumpRawDefault, detectServicesOpParamKeys) if err != nil { xc.Out.Error("param.detect_services", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } detectSystemHooks, err := getDetectOpParam(ctx, FlagDetectSystemHooks, FlagDetectSystemHooksParam, FlagDetectSystemHooksDumpRaw, detectSystemHooksDumpRawDefault, detectSystemHooksOpParamKeys) if err != nil { xc.Out.Error("param.detect_system_hooks", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } cparams := &CommandParams{ DetectAllCertFiles: ctx.Bool(FlagDetectAllCertFiles), DetectAllCertPKFiles: ctx.Bool(FlagDetectAllCertPKFiles), DetectIdentities: detectIdentities, DetectScheduledTasks: detectScheduledTasks, DetectServices: detectServices, DetectSystemHooks: detectSystemHooks, } xdArtifactsPath := ctx.String(FlagExportAllDataArtifacts) doPull := ctx.Bool(commands.FlagPull) dockerConfigPath := ctx.String(commands.FlagDockerConfigPath) registryAccount := ctx.String(commands.FlagRegistryAccount) registrySecret := ctx.String(commands.FlagRegistrySecret) doShowPullLogs := ctx.Bool(commands.FlagShowPullLogs) changes, err := parseChangeTypes(ctx.StringSlice(FlagChanges)) if err != nil { xc.Out.Error("param.error.change.types", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } if xdArtifactsPath != "" { changes["delete"] = struct{}{} changes["modify"] = struct{}{} changes["add"] = struct{}{} } rawChangesOutputs := ctx.StringSlice(FlagChangesOutput) if xdArtifactsPath != "" && len(rawChangesOutputs) == 0 { rawChangesOutputs = append(rawChangesOutputs, "report") } changesOutputs, err := parseChangeOutputTypes(rawChangesOutputs) if err != nil { xc.Out.Error("param.error.change.output", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } if xdArtifactsPath != "" { changesOutputs["report"] = struct{}{} } layers, err := commands.ParseTokenSet(ctx.StringSlice(FlagLayer)) if err != nil { xc.Out.Error("param.error.layer", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } layerChangesMax := ctx.Int(FlagLayerChangesMax) allChangesMax := ctx.Int(FlagAllChangesMax) addChangesMax := ctx.Int(FlagAddChangesMax) modifyChangesMax := ctx.Int(FlagModifyChangesMax) deleteChangesMax := ctx.Int(FlagDeleteChangesMax) topChangesMax := ctx.Int(FlagTopChangesMax) changePathMatchers, err := parseChangePathMatchers(ctx.StringSlice(FlagChangePath)) if err != nil { xc.Out.Error("param.error.change.path", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } changeDataMatchers, err := parseChangeDataMatchers(ctx.StringSlice(FlagChangeData)) if err != nil { xc.Out.Error("param.error.change.data", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } doAddImageManifest := ctx.Bool(FlagAddImageManifest) if xdArtifactsPath != "" { doAddImageManifest = true } doAddImageConfig := ctx.Bool(FlagAddImageConfig) if xdArtifactsPath != "" { doAddImageConfig = true } doRmFileArtifacts := ctx.Bool(commands.FlagRemoveFileArtifacts) doReuseSavedImage := ctx.Bool(FlagReuseSavedImage) doHashData := ctx.Bool(FlagHashData) if xdArtifactsPath != "" { doHashData = true } doDetectDuplicates := ctx.Bool(FlagDetectDuplicates) if doDetectDuplicates { doHashData = true } rawDetectUTF8 := ctx.String(FlagDetectUTF8) if xdArtifactsPath != "" && rawDetectUTF8 == "" { rawDetectUTF8 = "dump:utf8.tgz::10000000" } utf8Detector, err := parseDetectUTF8(rawDetectUTF8) if err != nil { xc.Out.Error("param.error.detect.utf8", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } if utf8Detector != nil && !doHashData { xc.Out.Error("param.error.detect.utf8", "--detect-utf8 requires option --hash-data") xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } doShowDuplicates := ctx.Bool(FlagShowDuplicates) doShowSpecialPerms := ctx.Bool(FlagShowSpecialPerms) changeDataHashMatchers, err := parseChangeDataHashMatchers(ctx.StringSlice(FlagChangeDataHash)) if err != nil { xc.Out.Error("param.error.change.data.hash", err.Error()) xc.Out.State("exited", ovars{ "exit.code": -1, }) xc.Exit(-1) } changeMatchLayersOnly := ctx.Bool(FlagChangeMatchLayersOnly) OnCommand( xc, gcvalues, cparams, targetRef, doPull, dockerConfigPath, registryAccount, registrySecret, doShowPullLogs, changes, changesOutputs, layers, layerChangesMax, allChangesMax, addChangesMax, modifyChangesMax, deleteChangesMax, topChangesMax, changePathMatchers, changeDataMatchers, changeDataHashMatchers, doHashData, doDetectDuplicates, doShowDuplicates, doShowSpecialPerms, changeMatchLayersOnly, doAddImageManifest, doAddImageConfig, doReuseSavedImage, doRmFileArtifacts, utf8Detector, xdArtifactsPath, ) return nil }, }
View Source
var CommandFlagSuggestions = &commands.FlagSuggestions{ Names: []prompt.Suggest{ {Text: commands.FullFlagName(commands.FlagCommandParamsFile), Description: commands.FlagCommandParamsFileUsage}, {Text: commands.FullFlagName(commands.FlagTarget), Description: commands.FlagTargetUsage}, {Text: commands.FullFlagName(commands.FlagPull), Description: commands.FlagPullUsage}, {Text: commands.FullFlagName(commands.FlagShowPullLogs), Description: commands.FlagShowPullLogsUsage}, {Text: commands.FullFlagName(commands.FlagRegistryAccount), Description: commands.FlagRegistryAccountUsage}, {Text: commands.FullFlagName(commands.FlagRegistrySecret), Description: commands.FlagRegistrySecretUsage}, {Text: commands.FullFlagName(commands.FlagDockerConfigPath), Description: commands.FlagDockerConfigPathUsage}, {Text: commands.FullFlagName(FlagChanges), Description: FlagChangesUsage}, {Text: commands.FullFlagName(FlagChangesOutput), Description: FlagChangesOutputUsage}, {Text: commands.FullFlagName(FlagLayer), Description: FlagLayerUsage}, {Text: commands.FullFlagName(FlagAddImageManifest), Description: FlagAddImageManifestUsage}, {Text: commands.FullFlagName(FlagAddImageConfig), Description: FlagAddImageConfigUsage}, {Text: commands.FullFlagName(FlagLayerChangesMax), Description: FlagLayerChangesMaxUsage}, {Text: commands.FullFlagName(FlagAllChangesMax), Description: FlagAllChangesMaxUsage}, {Text: commands.FullFlagName(FlagAddChangesMax), Description: FlagAddChangesMaxUsage}, {Text: commands.FullFlagName(FlagModifyChangesMax), Description: FlagModifyChangesMaxUsage}, {Text: commands.FullFlagName(FlagDeleteChangesMax), Description: FlagDeleteChangesMaxUsage}, {Text: commands.FullFlagName(FlagChangePath), Description: FlagChangePathUsage}, {Text: commands.FullFlagName(FlagChangeData), Description: FlagChangeDataUsage}, {Text: commands.FullFlagName(FlagReuseSavedImage), Description: FlagReuseSavedImageUsage}, {Text: commands.FullFlagName(FlagHashData), Description: FlagHashDataUsage}, {Text: commands.FullFlagName(FlagDetectUTF8), Description: FlagDetectUTF8Usage}, {Text: commands.FullFlagName(FlagDetectDuplicates), Description: FlagDetectDuplicatesUsage}, {Text: commands.FullFlagName(FlagShowDuplicates), Description: FlagShowDuplicatesUsage}, {Text: commands.FullFlagName(FlagShowSpecialPerms), Description: FlagShowSpecialPermsUsage}, {Text: commands.FullFlagName(FlagChangeDataHash), Description: FlagChangeDataHashUsage}, {Text: commands.FullFlagName(FlagTopChangesMax), Description: FlagTopChangesMaxUsage}, {Text: commands.FullFlagName(FlagDetectAllCertFiles), Description: FlagDetectAllCertFilesUsage}, {Text: commands.FullFlagName(FlagDetectAllCertPKFiles), Description: FlagDetectAllCertPKFilesUsage}, {Text: commands.FullFlagName(FlagDetectIdentities), Description: FlagDetectIdentitiesUsage}, {Text: commands.FullFlagName(FlagDetectIdentitiesParam), Description: FlagDetectIdentitiesParamUsage}, {Text: commands.FullFlagName(FlagDetectIdentitiesDumpRaw), Description: FlagDetectIdentitiesDumpRawUsage}, {Text: commands.FullFlagName(FlagExportAllDataArtifacts), Description: FlagExportAllDataArtifactsUsage}, {Text: commands.FullFlagName(commands.FlagRemoveFileArtifacts), Description: commands.FlagRemoveFileArtifactsUsage}, }, Values: map[string]commands.CompleteValue{ commands.FullFlagName(commands.FlagCommandParamsFile): commands.CompleteFile, commands.FullFlagName(commands.FlagPull): commands.CompleteBool, commands.FullFlagName(commands.FlagShowPullLogs): commands.CompleteBool, commands.FullFlagName(commands.FlagDockerConfigPath): commands.CompleteFile, commands.FullFlagName(commands.FlagTarget): commands.CompleteTarget, commands.FullFlagName(FlagChanges): completeLayerChanges, commands.FullFlagName(FlagChangesOutput): completeOutputs, commands.FullFlagName(FlagAddImageManifest): commands.CompleteBool, commands.FullFlagName(FlagAddImageConfig): commands.CompleteBool, commands.FullFlagName(FlagHashData): commands.CompleteBool, commands.FullFlagName(FlagDetectDuplicates): commands.CompleteBool, commands.FullFlagName(FlagShowDuplicates): commands.CompleteTBool, commands.FullFlagName(FlagShowSpecialPerms): commands.CompleteTBool, commands.FullFlagName(FlagReuseSavedImage): commands.CompleteTBool, commands.FullFlagName(FlagDetectAllCertFiles): commands.CompleteBool, commands.FullFlagName(FlagDetectAllCertPKFiles): commands.CompleteBool, commands.FullFlagName(FlagDetectIdentities): commands.CompleteTBool, commands.FullFlagName(commands.FlagRemoveFileArtifacts): commands.CompleteBool, }, }
View Source
var CommandSuggestion = prompt.Suggest{ Text: Name, Description: Usage, }
View Source
var Flags = map[string]cli.Flag{ FlagChanges: &cli.StringSliceFlag{ Name: FlagChanges, Value: cli.NewStringSlice(""), Usage: FlagChangesUsage, EnvVars: []string{"DSLIM_CHANGES"}, }, FlagChangesOutput: &cli.StringSliceFlag{ Name: FlagChangesOutput, Value: cli.NewStringSlice("all"), Usage: FlagChangesOutputUsage, EnvVars: []string{"DSLIM_CHANGES_OUTPUT"}, }, FlagLayer: &cli.StringSliceFlag{ Name: FlagLayer, Value: cli.NewStringSlice(), Usage: FlagLayerUsage, EnvVars: []string{"DSLIM_LAYER"}, }, FlagAddImageManifest: &cli.BoolFlag{ Name: FlagAddImageManifest, Usage: FlagAddImageManifestUsage, EnvVars: []string{"DSLIM_XRAY_IMAGE_MANIFEST"}, }, FlagAddImageConfig: &cli.BoolFlag{ Name: FlagAddImageConfig, Usage: FlagAddImageConfigUsage, EnvVars: []string{"DSLIM_XRAY_IMAGE_CONFIG"}, }, FlagLayerChangesMax: &cli.IntFlag{ Name: FlagLayerChangesMax, Value: -1, Usage: FlagLayerChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_LAYER_CHANGES_MAX"}, }, FlagAllChangesMax: &cli.IntFlag{ Name: FlagAllChangesMax, Value: -1, Usage: FlagAllChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_ALL_CHANGES_MAX"}, }, FlagAddChangesMax: &cli.IntFlag{ Name: FlagAddChangesMax, Value: -1, Usage: FlagAddChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_ADD_CHANGES_MAX"}, }, FlagModifyChangesMax: &cli.IntFlag{ Name: FlagModifyChangesMax, Value: -1, Usage: FlagModifyChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_MODIFY_CHANGES_MAX"}, }, FlagDeleteChangesMax: &cli.IntFlag{ Name: FlagDeleteChangesMax, Value: -1, Usage: FlagDeleteChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_DELETE_CHANGES_MAX"}, }, FlagChangePath: &cli.StringSliceFlag{ Name: FlagChangePath, Value: cli.NewStringSlice(), Usage: FlagChangePathUsage, EnvVars: []string{"DSLIM_XRAY_CHANGE_PATH"}, }, FlagChangeData: &cli.StringSliceFlag{ Name: FlagChangeData, Value: cli.NewStringSlice(), Usage: FlagChangeDataUsage, EnvVars: []string{"DSLIM_XRAY_CHANGE_DATA"}, }, FlagReuseSavedImage: &cli.BoolFlag{ Name: FlagReuseSavedImage, Value: true, Usage: FlagReuseSavedImageUsage, EnvVars: []string{"DSLIM_XRAY_REUSE_SAVED"}, }, FlagTopChangesMax: &cli.IntFlag{ Name: FlagTopChangesMax, Value: 20, Usage: FlagTopChangesMaxUsage, EnvVars: []string{"DSLIM_XRAY_TOP_CHANGES_MAX"}, }, FlagHashData: &cli.BoolFlag{ Name: FlagHashData, Usage: FlagHashDataUsage, EnvVars: []string{"DSLIM_XRAY_HASH_DATA"}, }, FlagDetectUTF8: &cli.StringFlag{ Name: FlagDetectUTF8, Usage: FlagDetectUTF8Usage, EnvVars: []string{"DSLIM_XRAY_DETECT_UTF8"}, }, FlagDetectDuplicates: &cli.BoolFlag{ Name: FlagDetectDuplicates, Value: true, Usage: FlagDetectDuplicatesUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_DUP"}, }, FlagShowDuplicates: &cli.BoolFlag{ Name: FlagShowDuplicates, Usage: FlagShowDuplicatesUsage, EnvVars: []string{"DSLIM_XRAY_SHOW_DUP"}, }, FlagShowSpecialPerms: &cli.BoolFlag{ Name: FlagShowSpecialPerms, Value: true, Usage: FlagShowSpecialPermsUsage, EnvVars: []string{"DSLIM_XRAY_SHOW_SPECIAL"}, }, FlagChangeDataHash: &cli.StringSliceFlag{ Name: FlagChangeDataHash, Value: cli.NewStringSlice(), Usage: FlagChangeDataHashUsage, EnvVars: []string{"DSLIM_XRAY_CHANGE_DATA_HASH"}, }, FlagChangeMatchLayersOnly: &cli.BoolFlag{ Name: FlagChangeMatchLayersOnly, Usage: FlagChangeMatchLayersOnlyUsage, EnvVars: []string{"DSLIM_XRAY_CHANGE_MATCH_LAYERS_ONLY"}, }, FlagExportAllDataArtifacts: &cli.StringFlag{ Name: FlagExportAllDataArtifacts, Usage: FlagExportAllDataArtifactsUsage, EnvVars: []string{"DSLIM_XRAY_EXPORT_ALL_DARTIFACTS"}, }, FlagDetectAllCertFiles: &cli.BoolFlag{ Name: FlagDetectAllCertFiles, Usage: FlagDetectAllCertFilesUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_ALL_CERTS"}, }, FlagDetectAllCertPKFiles: &cli.BoolFlag{ Name: FlagDetectAllCertPKFiles, Usage: FlagDetectAllCertPKFilesUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_ALL_CERT_PKS"}, }, FlagDetectIdentities: &cli.BoolFlag{ Name: FlagDetectIdentities, Value: true, Usage: FlagDetectIdentitiesUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_IDENTITIES"}, }, FlagDetectIdentitiesParam: &cli.StringSliceFlag{ Name: FlagDetectIdentitiesParam, Value: cli.NewStringSlice(), Usage: FlagDetectIdentitiesParamUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_IDENTITIES_PARAM"}, }, FlagDetectIdentitiesDumpRaw: &cli.StringFlag{ Name: FlagDetectIdentitiesDumpRaw, Usage: FlagDetectIdentitiesDumpRawUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_IDENTITIES_DUMP_RAW"}, }, FlagDetectScheduledTasks: &cli.BoolFlag{ Name: FlagDetectScheduledTasks, Value: true, Usage: FlagDetectScheduledTasksUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SCHEDULED_TASKS"}, }, FlagDetectScheduledTasksParam: &cli.StringSliceFlag{ Name: FlagDetectScheduledTasksParam, Value: cli.NewStringSlice(), Usage: FlagDetectScheduledTasksParamUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SCHEDULED_TASKS_PARAM"}, }, FlagDetectScheduledTasksDumpRaw: &cli.StringFlag{ Name: FlagDetectScheduledTasksDumpRaw, Usage: FlagDetectScheduledTasksDumpRawUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SCHEDULED_TASKS_DUMP_RAW"}, }, FlagDetectServices: &cli.BoolFlag{ Name: FlagDetectServices, Value: true, Usage: FlagDetectServicesUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SERVICES"}, }, FlagDetectServicesParam: &cli.StringSliceFlag{ Name: FlagDetectServicesParam, Value: cli.NewStringSlice(), Usage: FlagDetectServicesParamUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SERVICES_PARAM"}, }, FlagDetectServicesDumpRaw: &cli.StringFlag{ Name: FlagDetectServicesDumpRaw, Usage: FlagDetectServicesDumpRawUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SERVICES_DUMP_RAW"}, }, FlagDetectSystemHooks: &cli.BoolFlag{ Name: FlagDetectSystemHooks, Value: true, Usage: FlagDetectSystemHooksUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SYSTEM_HOOKS"}, }, FlagDetectSystemHooksParam: &cli.StringSliceFlag{ Name: FlagDetectSystemHooksParam, Value: cli.NewStringSlice(), Usage: FlagDetectSystemHooksParamUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SYSTEM_HOOKS_PARAM"}, }, FlagDetectSystemHooksDumpRaw: &cli.StringFlag{ Name: FlagDetectSystemHooksDumpRaw, Usage: FlagDetectSystemHooksDumpRawUsage, EnvVars: []string{"DSLIM_XRAY_DETECT_SYSTEM_HOOKS_DUMP_RAW"}, }, }
Functions ¶
func OnCommand ¶
func OnCommand( xc *app.ExecutionContext, gparams *commands.GenericParams, cparams *CommandParams, targetRef string, doPull bool, dockerConfigPath string, registryAccount string, registrySecret string, doShowPullLogs bool, changes map[string]struct{}, changesOutputs map[string]struct{}, layers map[string]struct{}, layerChangesMax int, allChangesMax int, addChangesMax int, modifyChangesMax int, deleteChangesMax int, topChangesMax int, changePathMatchers []*dockerimage.ChangePathMatcher, changeDataMatcherList []*dockerimage.ChangeDataMatcher, changeDataHashMatcherList []*dockerimage.ChangeDataHashMatcher, doHashData bool, doDetectDuplicates bool, doShowDuplicates bool, doShowSpecialPerms bool, changeMatchLayersOnly bool, doAddImageManifest bool, doAddImageConfig bool, doReuseSavedImage bool, doRmFileArtifacts bool, utf8Detector *dockerimage.UTF8Detector, xdArtifactsPath string, )
OnCommand implements the 'xray' command
func RegisterCommand ¶
func RegisterCommand()
Types ¶
type CommandParams ¶
type CommandParams struct {
DetectIdentities *DetectOpParam `json:"detect_identities,omitempty"`
DetectScheduledTasks *DetectOpParam `json:"detect_scheduled_tasks,omitempty"`
DetectServices *DetectOpParam `json:"detect_services,omitempty"`
DetectSystemHooks *DetectOpParam `json:"detect_system_hooks,omitempty"`
//todo: migrate simple bool param to DetectOpParam
DetectAllCertFiles bool `json:"detect_all_cert_files,omitempty"`
DetectAllCertPKFiles bool `json:"detect_all_cert_pks,omitempty"`
}
type DetectOpParam ¶
type DetectOpParam struct {
/// Operation is enabled
Enabled bool
/// Dump/save raw data
DumpRaw bool
/// Dump raw data to console
IsConsoleOut bool
/// Dump raw data to directory (otherwise save to an archive file)
IsDirOut bool
/// Output path (directory or archive path)
OutputPath string
/// Input parameters for the operation
InputParams map[string]string
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.