export

package
v0.0.0-...-4d5bc19 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ProjectIDsAttribute    = "project_ids"
	JobNameAttribute       = "job_name"
	UserNameAttribute      = "user_name"
	StatusMessageAttribute = "status_message"
	// the scan data is a temporary file, use /tmp directory to avoid the permission issue.
	ScanDataExportDir  = "/tmp"
	QueryPageSize      = 100000
	ArtifactGroupSize  = 10000
	DigestKey          = "artifact_digest"
	CreateTimestampKey = "create_ts"
	Vendor             = "SCAN_DATA_EXPORT"
	CsvJobVendorIDKey  = CsvJobVendorID("vendorId")
)
View Source
const (
	CVEIDMatches      = "cveIdMatches"
	PackageMatches    = "packageMatches"
	ScannerMatches    = "scannerMatches"
	CVE2VectorMatches = "cve2VectorMatches"
	CVE3VectorMatches = "cve3VectorMatches"
)
View Source
const (
	// This sql template aims to select vuln data from database,
	// which receive one parameter:
	// 1. artifacts id sets
	// consider for performance, the caller will slice the artifact ids to multi
	// groups if it's length over limit, so rowNum offset is designed to ensure the
	// final row id is sequence in the final output csv file.
	VulnScanReportQueryTemplate = `` /* 1320-byte string literal not displayed */

	JobModeExport = "export"
	JobModeKey    = "mode"
	JobID         = "JobId"
	JobRequest    = "Request"
)

Variables

View Source
var (
	Mgr = NewManager()
)

Functions

This section is empty.

Types

type ArtifactDigestCalculator

type ArtifactDigestCalculator interface {
	// Calculate returns the hash for a file
	Calculate(fileName string) (digest.Digest, error)
}

ArtifactDigestCalculator is an interface to be implemented by all file hash calculators

type CsvJobVendorID

type CsvJobVendorID string

CsvJobVendorID specific type to be used in contexts

type Data

type Data struct {
	Repository     string `orm:"column(repository_name)" csv:"Repository"`
	ArtifactDigest string `orm:"column(artifact_digest)" csv:"Artifact Digest"`
	CVEId          string `orm:"column(cve_id)" csv:"CVE"`
	Package        string `orm:"column(package)" csv:"Package"`
	Version        string `orm:"column(package_version)" csv:"Current Version"`
	FixVersion     string `orm:"column(fixed_version)" csv:"Fixed in version"`
	Severity       string `orm:"column(severity)" csv:"Severity"`
	CWEIds         string `orm:"column(cwe_ids)" csv:"CWE Ids"`
	AdditionalData string `orm:"column(vendor_attributes)" csv:"Additional Data"`
	ScannerName    string `orm:"column(scanner_name)" csv:"Scanner"`
}

type DefaultFilterProcessor

type DefaultFilterProcessor struct {
	// contains filtered or unexported fields
}

func (*DefaultFilterProcessor) ProcessLabelFilter

func (dfp *DefaultFilterProcessor) ProcessLabelFilter(_ context.Context, labelIDs []int64, arts []*artifact.Artifact) ([]*artifact.Artifact, error)

func (*DefaultFilterProcessor) ProcessRepositoryFilter

func (dfp *DefaultFilterProcessor) ProcessRepositoryFilter(ctx context.Context, filter string, projectIDs []int64) ([]int64, error)

func (*DefaultFilterProcessor) ProcessTagFilter

func (dfp *DefaultFilterProcessor) ProcessTagFilter(ctx context.Context, filter string, repositoryIDs []int64) ([]*artifact.Artifact, error)

type Execution

type Execution struct {
	// ID of the execution
	ID int64
	// UserID triggering the execution
	UserID int64
	// ProjectIDs contains projects ids
	ProjectIDs []int64
	// Status provides the status of the execution
	Status string
	// StatusMessage contains the human-readable status message for the execution
	StatusMessage string
	// Trigger indicates the mode of trigger for the job execution
	Trigger string
	// StartTime contains the start time instant of the execution
	StartTime time.Time
	// EndTime contains the end time instant of the execution
	EndTime time.Time
	// ExportDataDigest contains the SHA256 hash of the exported scan data artifact
	ExportDataDigest string
	// Name of the job as specified during the export task invocation
	JobName string
	// Name of the user triggering the job
	UserName string
	// FilePresent is true if file artifact is actually present, false otherwise
	FilePresent bool
}

Execution provides details about the running status of a scan data export job

type FilterProcessor

type FilterProcessor interface {
	ProcessRepositoryFilter(ctx context.Context, filter string, projectIDs []int64) ([]int64, error)
	ProcessTagFilter(ctx context.Context, filter string, repositoryIDs []int64) ([]*artifact.Artifact, error)
	ProcessLabelFilter(ctx context.Context, labelIDs []int64, arts []*artifact.Artifact) ([]*artifact.Artifact, error)
}

func NewFilterProcessor

func NewFilterProcessor() FilterProcessor

NewFilterProcessor constructs an instance of a FilterProcessor

type Manager

type Manager interface {
	Fetch(ctx context.Context, params Params) ([]Data, error)
}

func NewManager

func NewManager() Manager

type Params

type Params struct {
	// cve ids
	CVEIds string

	// artifact ids
	ArtifactIDs []int64

	// PageNumber
	PageNumber int64

	// PageSize
	PageSize int64
}

Params specifies the filters for controlling the scan data export process

func (*Params) FromJSON

func (p *Params) FromJSON(jsonData string) error

FromJSON parses robot from json data

func (*Params) ToJSON

func (p *Params) ToJSON() (string, error)

ToJSON marshals Robot to JSON data

type Request

type Request struct {

	// UserID contains the database identity of the user initiating the export request
	UserID int

	// UserName contains the name of the user initiating the export request
	UserName string

	// JobName contains the name of the job as specified by the external client.
	JobName string

	// cve ids
	CVEIds string

	// A list of one or more labels for which to export the scan data, defaults to all if empty
	Labels []int64

	// A list of one or more projects for which to export the scan data, defaults to all if empty
	Projects []int64

	// A list of repositories for which to export the scan data, defaults to all if empty
	Repositories string

	// A list of tags for which to export the scan data, defaults to all if empty
	Tags string
}

Request encapsulates the filters to be provided when exporting the data for a scan.

func (*Request) FromJSON

func (c *Request) FromJSON(jsonData string) error

FromJSON parses robot from json data

func (*Request) ToJSON

func (c *Request) ToJSON() (string, error)

ToJSON marshals Robot to JSON data

type SHA256ArtifactDigestCalculator

type SHA256ArtifactDigestCalculator struct{}

func (*SHA256ArtifactDigestCalculator) Calculate

func (calc *SHA256ArtifactDigestCalculator) Calculate(fileName string) (digest.Digest, error)

type Task

type Task struct {
	// ID of the scan data export task
	ID int64
	// Job Id corresponding to the task
	JobID string
	// Status of the current task execution
	Status string
	// Status message for the current task execution
	StatusMessage string
}

type TriggerParam

type TriggerParam struct {
	TimeWindowMinutes int
	PageSize          int
}

type VulnerabilityDataSelector

type VulnerabilityDataSelector interface {
	Select(vulnDataRecords []Data, decoration string, pattern string) ([]Data, error)
}

VulnerabilityDataSelector is a specialized implementation of a selector leveraging the doublestar pattern to select vulnerabilities

func NewVulnerabilityDataSelector

func NewVulnerabilityDataSelector() VulnerabilityDataSelector

NewVulnerabilityDataSelector selects the vulnerability data record that matches the provided conditions

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL