trivy

package
v0.1.0-beta.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 19, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckSeverity 

func CheckSeverity(sev, check string) bool

CheckSeverity compares two severities to see if a threshold has been met. IE: is sev: HIGH >= check: MEDIUM.

func GenerateUserData 

func GenerateUserData(s3 *s3.S3, ignoreFileName string, ignoreList []string) []byte

GenerateUserData Creates the user data that will be passed to the server being created so that a .trivyignore can be added and the scan can be run as per the users wishes.

func ValidSeverity 

func ValidSeverity(val string) bool

ValidSeverity confirms that the supplied value is a valid severity value.

Types

type CVSS 

type CVSS struct {
	Ghsa   *Score `json:"ghsa"`
	Nvd    *Score `json:"nvd"`
	Redhat *Score `json:"redhat"`
}

CVSS stores all the score data from different sources within the Trivy report.

type Month 

type Month struct {
	Reports map[string]Report
}

Month is used in reports parsing. It is contained within a Year and contains multiple trivy.Report(s).

type Report 

type Report struct {
	Name          string `json:"name"`
	ShortName     string `json:"short_name"`
	SchemaVersion int    `json:"SchemaVersion"`
	ArtifactName  string `json:"ArtifactName"`
	ArtifactType  string `json:"ArtifactType"`
	Metadata      struct {
		Os struct {
			Family string `json:"Family"`
			Name   string `json:"Name"`
		} `json:"OS"`
		ImageConfig struct {
			Architecture string    `json:"architecture"`
			Created      time.Time `json:"created"`
			Os           string    `json:"os"`
			Rootfs       struct {
				Type    string `json:"type"`
				DiffIds any    `json:"diff_ids"`
			} `json:"rootfs"`
			Config struct {
			} `json:"config"`
		} `json:"ImageConfig"`
	} `json:"Metadata"`
	Results []struct {
		Target          string            `json:"Target"`
		Class           string            `json:"Class"`
		Type            string            `json:"Type"`
		Vulnerabilities []Vulnerabilities `json:"Vulnerabilities"`
		Secrets         []Secrets         `json:"Secrets"`
	} `json:"Results"`
}

Report and all its sub-structs is used to unmarshal the json reports into a usable format.

type ScanFailedReport 

type ScanFailedReport struct {
	VulnerabilityID  string `json:"VulnerabilityID"`
	Description      string `json:"Description"`
	PkgName          string `json:"PkgName"`
	InstalledVersion string `json:"InstalledVersion"`
	Severity         string `json:"Severity"`
	Cvss             CVSS   `json:"CVSS"`
	FixedVersion     string `json:"FixedVersion"`
}

type Score 

type Score struct {
	V2Vector string  `json:"V2Vector"`
	V3Vector string  `json:"V3Vector"`
	V2Score  float64 `json:"V2Score"`
	V3Score  float64 `json:"V3Score"`
}

Score contains the score values and vectors from a Trivy report.

type Secrets 

type Secrets struct {
	RuleID    string `json:"RuleID"`
	Category  string `json:"Category"`
	Severity  string `json:"Severity"`
	Title     string `json:"Title"`
	StartLine int    `json:"StartLine"`
	EndLine   int    `json:"EndLine"`
	Code      struct {
		Lines []struct {
			Number      int    `json:"Number"`
			Content     string `json:"Content"`
			IsCause     bool   `json:"IsCause"`
			Annotation  string `json:"Annotation"`
			Truncated   bool   `json:"Truncated"`
			Highlighted string `json:"Highlighted"`
			FirstCause  bool   `json:"FirstCause"`
			LastCause   bool   `json:"LastCause"`
		} `json:"Lines"`
	} `json:"Code"`
	Match string `json:"Match"`
	Layer struct {
		Digest string `json:"Digest"`
		DiffID string `json:"DiffID"`
	} `json:"Layer"`
}

Secrets contains the secret information from a Trivy report.

type Severity 

type Severity string

Severity is used to parse the value from a report into a programmatic value that can be used for comparisons later. 

const (
	NONE     Severity = "NONE"
	LOW      Severity = "LOW"
	MEDIUM   Severity = "MEDIUM"
	HIGH     Severity = "HIGH"
	CRITICAL Severity = "CRITICAL"
)

type Vulnerabilities 

type Vulnerabilities struct {
	VulnerabilityID  string `json:"VulnerabilityID"`
	PkgID            string `json:"PkgID"`
	PkgName          string `json:"PkgName"`
	InstalledVersion string `json:"InstalledVersion"`
	Layer            struct {
		Digest string `json:"Digest"`
		DiffID string `json:"DiffID"`
	} `json:"layer"`
	SeveritySource string `json:"SeveritySource"`
	PrimaryURL     string `json:"PrimaryURL"`
	DataSource     struct {
		ID   string `json:"ID"`
		Name string `json:"Name"`
		URL  string `json:"URL"`
	} `json:"DataSource"`
	Title            string    `json:"Title"`
	Description      string    `json:"Description"`
	Severity         string    `json:"Severity"`
	CweIDs           []string  `json:"CweIDs"`
	Cvss             CVSS      `json:"CVSS"`
	References       []string  `json:"References"`
	PublishedDate    time.Time `json:"PublishedDate"`
	LastModifiedDate time.Time `json:"LastModifiedDate"`
	FixedVersion     string    `json:"FixedVersion"`
}

Vulnerabilities contains the vulnerability information from a Trivy report.

type Year 

type Year struct {
	Months map[string]Month
}

Year is used in reports parsing. It is the top level and contains multiple Month(s).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.