Documentation ¶
Index ¶
Constants ¶
const EmptyLayer = digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")
EmptyLayer generated by Dockerfile commands such as CMD or EXPOSE always has this blobSum. For more information, see: https://www.nearform.com/blog/static-analysis-of-docker-image-vulnerabilities-with-clair/
Variables ¶
This section is empty.
Functions ¶
func AddAuthorization ¶
AddAuthorization adds a Bearer token to the v1.Layer passed to it and returns a new v1.Layer.
func GetLayerURI ¶
GetLayerURI gets the layer URI for the passed digest on the passed hostname.
func GetNewLayerURI ¶
GetNewLayerURI gets the new layer URI for the passed hostname.
Types ¶
type Config ¶
type Config struct { Hostname string `json:"hostname"` Username string `json:"username"` Password string `json:"password"` }
Config is a structure that tracks Clair specific configuration.
func (*Config) UpdateRequest ¶
UpdateRequest sets the Authorization header for the passed request.
func (*Config) UseBasicAuth ¶
UseBasicAuth returns true if connections made using this configuration should be using BasicAuth.
type LayerReference ¶
type LayerReference struct { Image reference.Canonical // The Image's reference. Current digest.Digest // The digest of the current layer. Parent digest.Digest // The digest of the parent layer. }
LayerReference is a structure containing a Layer digest, as well as the repository URI, to simplify loading a Layer from the server.
func NewLayerReference ¶
func NewLayerReference(image reference.Canonical, current, parent digest.Digest) LayerReference
NewLayerReference creates a new LayerReference based on the passed Image, and layer digest (the current digest) and that layer's parent digest.
func (*LayerReference) GetLayer ¶
func (ref *LayerReference) GetLayer() v1.Layer
GetLayer returns a layer description of the LayerReference.
func (*LayerReference) GetURI ¶
func (ref *LayerReference) GetURI() string
GetURI gets the URI that is described in the LayerReference.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner implements the interface SnakeoilScanner.
func NewScanner ¶
NewScanner creates a new Scanner.
func (*Scanner) FailOn ¶
FailOn sets severity level that a vulnerability must match or exheed to prompt a failure.
func (*Scanner) Scan ¶
func (scanner *Scanner) Scan(ctx context.Context, i voucher.ImageData) ([]voucher.Vulnerability, error)
Scan runs a scan in the Clair namespace.
func (*Scanner) SetBasicAuth ¶
SetBasicAuth sets the username and password to use for Basic Auth, and enforces the use of Basic Auth for new connections.