Documentation
¶
Index ¶
- Constants
- type Cache
- func (c Cache) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
- func (c Cache) Attestations(image string, aa *kritisv1beta1.AttestationAuthority) ([]attestlib.Attestation, error)
- func (c Cache) Close()
- func (c Cache) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
- func (c Cache) CreateAttestationOccurrence(noteName string, image string, p *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)
- func (c Cache) DeleteAttestationOccurrence(containerImage string, aa *kritisv1beta1.AttestationAuthority) error
- func (c Cache) UploadAttestationOccurrence(noteName string, containerImage string, att *attestlib.Attestation, ...) (*grafeas.Occurrence, error)
- func (c Cache) Vulnerabilities(image string) ([]metadata.Vulnerability, error)
- func (c Cache) WaitForVulnzAnalysis(containerImage string, timeout time.Duration) error
- type Client
- func (c Client) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
- func (c Client) Attestations(containerImage string, aa *kritisv1beta1.AttestationAuthority) ([]attestlib.Attestation, error)
- func (c Client) Close()
- func (c Client) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
- func (c Client) CreateAttestationOccurrence(noteName string, containerImage string, ...) (*grafeas.Occurrence, error)
- func (c Client) DeleteAttestationNote(aa *kritisv1beta1.AttestationAuthority) error
- func (c Client) DeleteAttestationOccurrence(containerImage string, aa *kritisv1beta1.AttestationAuthority) error
- func (c Client) DeleteOccurrence(ID string) error
- func (c Client) UploadAttestationOccurrence(noteName string, containerImage string, att *attestlib.Attestation, ...) (*grafeas.Occurrence, error)
- func (c Client) Vulnerabilities(containerImage string) ([]metadata.Vulnerability, error)
- func (c Client) WaitForVulnzAnalysis(containerImage string, timeout time.Duration) error
Constants ¶
const ( PkgVulnerability = "PACKAGE_VULNERABILITY" AttestationAuthority = "ATTESTATION_AUTHORITY" DEFAULT_DISCOVERY_NOTE_PROJECT = "goog-analysis" )
Container Analysis Library Specific Constants.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Cache ¶
type Cache struct {
// contains filtered or unexported fields
}
Cache struct defines Cache for container analysis client. Implements ReadWriteClient interface.
func NewCache ¶
func NewCache(opts ...option.ClientOption) (*Cache, error)
NewCache Create a new Cache for container analysis client.
func (Cache) AttestationNote ¶
func (c Cache) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
AttestationNote returns a note if it exists for given AttestationAuthority
func (Cache) Attestations ¶
func (c Cache) Attestations(image string, aa *kritisv1beta1.AttestationAuthority) ([]attestlib.Attestation, error)
Attestations gets Attestations for a specified image and a specified AttestationAuthority from cache or from client.
func (Cache) CreateAttestationNote ¶
func (c Cache) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
CreateAttestationNote creates an attestation note from AttestationAuthority
func (Cache) CreateAttestationOccurrence ¶ added in v0.2.0
func (c Cache) CreateAttestationOccurrence(noteName string, image string, p *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)
CreateAttestationOccurrence creates an Attestation occurrence for a given image, secret, and project.
func (Cache) DeleteAttestationOccurrence ¶
func (c Cache) DeleteAttestationOccurrence(containerImage string, aa *kritisv1beta1.AttestationAuthority) error
Delete an attestation by image and attestation authority.
func (Cache) UploadAttestationOccurrence ¶
func (c Cache) UploadAttestationOccurrence(noteName string, containerImage string, att *attestlib.Attestation, proj string, sType metadata.SignatureType) (*grafeas.Occurrence, error)
UploadAttestationOccurrence uploads an Attestation occurrence for a given note, image and project.
func (Cache) Vulnerabilities ¶
func (c Cache) Vulnerabilities(image string) ([]metadata.Vulnerability, error)
Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client struct implements ReadWriteClient and ReadOnlyClient interfaces.
func New ¶
func New(opts ...option.ClientOption) (*Client, error)
TODO: separate constructor methods for r/w and r/o clients
func (Client) AttestationNote ¶
func (c Client) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
AttestationNote returns a note if it exists for given AttestationAuthority
func (Client) Attestations ¶
func (c Client) Attestations(containerImage string, aa *kritisv1beta1.AttestationAuthority) ([]attestlib.Attestation, error)
Attestations gets AttesationAuthority Occurrences for a specified image, using the note specified in the AttestationAuthority provided. This may take a few seconds to retrieve an attestation occurrence, if it was created very recently. For GenericAttestationPolicy, this has little impact as it's expected that attestations will be created before a pod admission request is sent. For ImageSecurityPolicy, which effectively caches the previous policy decision in an attestation, the policy will be re-evaluated if an attestation occurrence has not yet been retrieved. In most cases, it's expected that ImageSecurityPolicy will return the same decision, as vulnerability scannig process takes longer than a few seconds to run and update metadata.
func (Client) CreateAttestationNote ¶
func (c Client) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)
CreateAttestationNote creates an attestation note from AttestationAuthority
func (Client) CreateAttestationOccurrence ¶ added in v0.2.0
func (c Client) CreateAttestationOccurrence(noteName string, containerImage string, pgpSigningKey *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)
CreateAttestationOccurrence creates an Attestation occurrence for a given image and secret.
func (Client) DeleteAttestationNote ¶
func (c Client) DeleteAttestationNote(aa *kritisv1beta1.AttestationAuthority) error
DeleteAttestationNote deletes a note for given AttestationAuthority
func (Client) DeleteAttestationOccurrence ¶
func (c Client) DeleteAttestationOccurrence(containerImage string, aa *kritisv1beta1.AttestationAuthority) error
Delete an attestation by image and attestation authority.
func (Client) DeleteOccurrence ¶
DeleteOccurrence deletes an occurrence with given ID
func (Client) UploadAttestationOccurrence ¶
func (c Client) UploadAttestationOccurrence(noteName string, containerImage string, att *attestlib.Attestation, proj string, sType metadata.SignatureType) (*grafeas.Occurrence, error)
UploadAttestationOccurrence uploads an Attestation occurrence for a given note, image and project.
func (Client) Vulnerabilities ¶
func (c Client) Vulnerabilities(containerImage string) ([]metadata.Vulnerability, error)
Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.
Source Files