Documentation
¶
Overview ¶
This script minimizes the size of a trivy report by factoring out vulnerability details, so that details for common vulnerabilities are not duplicated for each instance of that vulnerability.
Index ¶
- Constants
- func ConvertTrivyResultsToImageReport(images []models.Image, reportResultByRef map[string]*models.TrivyResults, ...) []models.ImageReport
- func FetchLastReport(ctx context.Context, host, org, cluster, token string) (*models.MinimizedReport, error)
- func GetImages(ctx context.Context, namespaceBlocklist, namespaceAllowlist []string) ([]models.Image, error)
- func GetImagesToReScan(images []models.Image, lastReport models.MinimizedReport, ...) []models.Image
- func GetMatchingImages(baseImages []models.ImageDetailsWithRefs, toMatch []models.Image, ...) []models.ImageDetailsWithRefs
- func GetNewestVersions(ctx context.Context, repo, tag string, ...) ([]string, error)
- func GetNewestVersionsToScan(ctx context.Context, allReports []models.ImageReport, ...) []models.Image
- func GetRecommendationKey(repoName, specific string) string
- func GetSpecificToken(tag string) string
- func GetUnmatchingImages(baseImages []models.ImageDetailsWithRefs, toMatch []models.Image, ...) []models.ImageDetailsWithRefs
- func GetUnscannedImagesToScan(imagesInCluster []models.Image, lastReportImages []models.ImageDetailsWithRefs, ...) []models.Image
- func Minimize(images []models.ImageReport, lastReport models.MinimizedReport) models.MinimizedReport
- func ScanImage(extraFlags, pullRef string, registryOAuth2AccessTokenMap map[string]string) (*models.TrivyResults, error)
- func ScanImages(imgScanner ImageScannerFunc, images []models.Image, maxConcurrentScans int, ...) []models.ImageReport
- func Sort(versions []*semver.Version)
- func UpdateOwnersReferenceOnMatchingImages(baseImages []models.ImageDetailsWithRefs, clusterImages []models.Image) []models.ImageDetailsWithRefs
- type ImageScannerFunc
- type NewestVersions
- type Versions
Constants ¶
View Source
const DockerIOprefix = "docker.io/"
View Source
const MaxNewestVersionsToScan = 1
View Source
const TempDir = "/output/tmp"
TempDir is the directory to use for temporary storage.
Variables ¶
This section is empty.
Functions ¶
func ConvertTrivyResultsToImageReport ¶
func ConvertTrivyResultsToImageReport(images []models.Image, reportResultByRef map[string]*models.TrivyResults, trivyErrors map[string]*multierror.Error) []models.ImageReport
ConvertTrivyResultsToImageReport maps results from Trivy with metadata about the image scanned.
func FetchLastReport ¶
func FetchLastReport(ctx context.Context, host, org, cluster, token string) (*models.MinimizedReport, error)
FetchLastReport returns the last report for Trivy from Fairwinds Insights
func GetImages ¶
func GetImages(ctx context.Context, namespaceBlocklist, namespaceAllowlist []string) ([]models.Image, error)
GetImages returns the images in the current cluster.
func GetImagesToReScan ¶
func GetMatchingImages ¶
func GetMatchingImages(baseImages []models.ImageDetailsWithRefs, toMatch []models.Image, isRecommendation bool) []models.ImageDetailsWithRefs
func GetNewestVersions ¶
func GetNewestVersions(ctx context.Context, repo, tag string, registryOAuth2AccessTokenMap map[string]string) ([]string, error)
GetNewestVersions returns newest versions and newest version within same major version
func GetNewestVersionsToScan ¶
func GetRecommendationKey ¶
func GetSpecificToken ¶
func GetUnmatchingImages ¶
func GetUnmatchingImages(baseImages []models.ImageDetailsWithRefs, toMatch []models.Image, isRecommendation bool) []models.ImageDetailsWithRefs
func Minimize ¶
func Minimize(images []models.ImageReport, lastReport models.MinimizedReport) models.MinimizedReport
Minimize compresses the format of the Trivy report to de-duplicate information about vulnerabilities.
func ScanImage ¶
func ScanImage(extraFlags, pullRef string, registryOAuth2AccessTokenMap map[string]string) (*models.TrivyResults, error)
ScanImage will scan a single image with Trivy and return the results.
func ScanImages ¶
func ScanImages(imgScanner ImageScannerFunc, images []models.Image, maxConcurrentScans int, extraFlags string, registryOAuth2AccessTokenMap map[string]string) []models.ImageReport
ScanImages will download the set of images given and scan them with Trivy.
func UpdateOwnersReferenceOnMatchingImages ¶
func UpdateOwnersReferenceOnMatchingImages(baseImages []models.ImageDetailsWithRefs, clusterImages []models.Image) []models.ImageDetailsWithRefs
Types ¶
type ImageScannerFunc ¶
type NewestVersions ¶
type NewestVersions struct {
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.