plugin

package

v0.1.5 Latest Latest Go to latest Published: Nov 26, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/osv-scalibr

Links

Open Source Insights

Documentation ¶

Overview ¶

Package plugin collects the common code used by extractor and detector plugins.

Index ¶

func ValidateRequirements(p Plugin, capabs *Capabilities) error
type Capabilities
type OS
type Plugin
type ScanStatus
- func (s *ScanStatus) String() string
type ScanStatusEnum
type Status
- func StatusFromErr(p Plugin, partial bool, err error) *Status

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ValidateRequirements ¶ added in v0.1.3

func ValidateRequirements(p Plugin, capabs *Capabilities) error

ValidateRequirements checks that the specified scanning capabilities satisfy the requirements of a given plugin.

Types ¶

type Capabilities ¶ added in v0.1.3

type Capabilities struct {
	// A specific OS type a Plugin needs to be run on.
	OS OS
	// Whether network access is provided.
	Network bool
	// Whether the scanned artifacts can be access through direct filesystem calls.
	// True on hosts where the scan target is mounted onto the host's filesystem directly.
	// In these cases the plugin can open direct file paths with e.g. os.Open(path).
	// False if the artifact is not on the host but accessed through an abstract FS interface
	// (e.g. scanning a remote container image). In these cases the plugin must use the FS interface
	// to access the filesystem.
	DirectFS bool
	// Whether the scanner is scanning the real running system it's on. Examples where this is not the case:
	// * We're scanning a virtual filesystem unrelated to the host where SCALIBR is running.
	// * We're scanning a real filesystem of e.g. a container image that's mounted somewhere on disk.
	RunningSystem bool
}

Capabilities lists capabilities that the scanning environment provides for the plugins. A plugin can't be enabled if it has more requirements than what the scanning environment provides.

type OS ¶ added in v0.1.3

type OS int

OS is the OS the scanner is running on, or a specific OS type a Plugin needs to be run on.

const (
	OSAny     OS = iota
	OSLinux   OS = iota
	OSWindows OS = iota
	OSMac     OS = iota
	// OSUnix is used only when specifying Plugin requirements.
	// Specifies that the plugin needs to be run either on Linux or Mac.
	OSUnix OS = iota
)

OS values

type Plugin ¶

type Plugin interface {
	// A unique name used to identify this plugin.
	Name() string
	// Plugin version, should get bumped whenever major changes are made.
	Version() int
	// Requirements about the scanning environment, e.g. "needs to have network access".
	Requirements() *Capabilities
}

Plugin is the part of the plugin interface that's shared between extractors and detectors.

type ScanStatus ¶

type ScanStatus struct {
	Status        ScanStatusEnum
	FailureReason string
}

ScanStatus is the status of a scan run. In case the scan fails, FailureReason contains details.

func (*ScanStatus) String ¶

func (s *ScanStatus) String() string

String returns a string representation of the scan status.

type ScanStatusEnum ¶

type ScanStatusEnum int

ScanStatusEnum is the enum for the scan status.

const (
	ScanStatusUnspecified ScanStatusEnum = iota
	ScanStatusSucceeded
	ScanStatusPartiallySucceeded
	ScanStatusFailed
)

ScanStatusEnum values.

type Status ¶

type Status struct {
	Name    string
	Version int
	Status  *ScanStatus
}

Status contains the status and version of the inventory+vuln plugins that ran.

func StatusFromErr ¶

func StatusFromErr(p Plugin, partial bool, err error) *Status

StatusFromErr returns a successful or failed plugin scan status for a given plugin based on an error.

Source Files ¶

View all Source files

plugin.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL