assembler

package
v0.0.1-alpha.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateIndexOn 

func CreateIndexOn(client graphdb.Client, nodeLabel string, nodeAttribute string) error

CreateIndexOn creates database indixes in the graph database given by Client to optimize performance.

func NewObjectMetadata 

func NewObjectMetadata(s processor.SourceInformation) *objectMetadata

NewObjectMetadata creates a new instance to add metadata to nodes

func StoreGraph 

func StoreGraph(g Graph, client graphdb.Client) error

StoreSubgraph stores a Graph to the graph database given by Client

Types

type ArtifactNode 

type ArtifactNode struct {
	Name     string
	Digest   string
	Tags     []string
	NodeData objectMetadata
}

ArtifactNode is a node that represents an artifact

func (ArtifactNode) IdentifiablePropertyNames 

func (an ArtifactNode) IdentifiablePropertyNames() []string

func (ArtifactNode) Properties 

func (an ArtifactNode) Properties() map[string]interface{}

func (ArtifactNode) PropertyNames 

func (an ArtifactNode) PropertyNames() []string

func (ArtifactNode) Type 

func (an ArtifactNode) Type() string

type AssemblerInput 

type AssemblerInput = IngestPredicates

AssemblerInput represents the inputs to add to the graph

type AttestationForEdge 

type AttestationForEdge struct {
	AttestationNode AttestationNode
	ForArtifact     ArtifactNode
	ForPackage      PackageNode
}

AttestationForEdge is an edge that represents the fact that an `AttestationNode` is an attestation for an `ArtifactNode/PackageNode`. Only one of each side of the edge should be defined.

func (AttestationForEdge) IdentifiablePropertyNames 

func (e AttestationForEdge) IdentifiablePropertyNames() []string

func (AttestationForEdge) Nodes 

func (e AttestationForEdge) Nodes() (v, u GuacNode)

func (AttestationForEdge) Properties 

func (e AttestationForEdge) Properties() map[string]interface{}

func (AttestationForEdge) PropertyNames 

func (e AttestationForEdge) PropertyNames() []string

func (AttestationForEdge) Type 

func (e AttestationForEdge) Type() string

type AttestationNode 

type AttestationNode struct {
	// TODO(mihaimaruseac): Unsure what fields to store here
	FilePath        string
	Digest          string
	AttestationType string
	Payload         map[string]interface{}
	NodeData        objectMetadata
}

AttestationNode is a node that represents an attestation

func (AttestationNode) IdentifiablePropertyNames 

func (an AttestationNode) IdentifiablePropertyNames() []string

func (AttestationNode) Properties 

func (an AttestationNode) Properties() map[string]interface{}

func (AttestationNode) PropertyNames 

func (an AttestationNode) PropertyNames() []string

func (AttestationNode) Type 

func (an AttestationNode) Type() string

type BuilderNode 

type BuilderNode struct {
	BuilderType string
	BuilderId   string
	NodeData    objectMetadata
}

BuilderNode is a node that represents a builder for an artifact

func (BuilderNode) IdentifiablePropertyNames 

func (bn BuilderNode) IdentifiablePropertyNames() []string

func (BuilderNode) Properties 

func (bn BuilderNode) Properties() map[string]interface{}

func (BuilderNode) PropertyNames 

func (bn BuilderNode) PropertyNames() []string

func (BuilderNode) Type 

func (bn BuilderNode) Type() string

type BuiltByEdge 

type BuiltByEdge struct {
	ArtifactNode ArtifactNode
	BuilderNode  BuilderNode
}

BuiltByEdge is an edge that represents the fact that an `ArtifactNode` has been built by a `BuilderNode`

func (BuiltByEdge) IdentifiablePropertyNames 

func (e BuiltByEdge) IdentifiablePropertyNames() []string

func (BuiltByEdge) Nodes 

func (e BuiltByEdge) Nodes() (v, u GuacNode)

func (BuiltByEdge) Properties 

func (e BuiltByEdge) Properties() map[string]interface{}

func (BuiltByEdge) PropertyNames 

func (e BuiltByEdge) PropertyNames() []string

func (BuiltByEdge) Type 

func (e BuiltByEdge) Type() string

type CertifyBadIngest added in v0.1.0 

type CertifyBadIngest struct {
	// certifyBad describes either pkg, src or artifact
	Pkg          *generated.PkgInputSpec
	PkgMatchFlag generated.MatchFlags
	Src          *generated.SourceInputSpec
	Artifact     *generated.ArtifactInputSpec
	CertifyBad   *generated.CertifyBadInputSpec
}

type CertifyGoodIngest added in v0.1.0 

type CertifyGoodIngest struct {
	// certifyGood describes either pkg, src or artifact
	Pkg          *generated.PkgInputSpec
	PkgMatchFlag generated.MatchFlags
	Src          *generated.SourceInputSpec
	Artifact     *generated.ArtifactInputSpec
	CertifyGood  *generated.CertifyGoodInputSpec
}

type CertifyScorecardIngest added in v0.1.0 

type CertifyScorecardIngest struct {
	Source    *generated.SourceInputSpec
	Scorecard *generated.ScorecardInputSpec
}

type CertifyVulnIngest added in v0.1.0 

type CertifyVulnIngest struct {
	// pkg is required
	Pkg *generated.PkgInputSpec

	// vulnerability should be either OSV, CVE, GHSA, or none if no vulnerability is found
	OSV  *generated.OSVInputSpec
	CVE  *generated.CVEInputSpec
	GHSA *generated.GHSAInputSpec

	VulnData *generated.VulnerabilityMetaDataInput
}

type ContainsEdge 

type ContainsEdge struct {
	PackageNode       PackageNode
	ContainedArtifact ArtifactNode
}

Contains is an edge that represents the fact that an `PackageNode` contains a `ArtifactNode`

func (ContainsEdge) IdentifiablePropertyNames 

func (e ContainsEdge) IdentifiablePropertyNames() []string

func (ContainsEdge) Nodes 

func (e ContainsEdge) Nodes() (v, u GuacNode)

func (ContainsEdge) Properties 

func (e ContainsEdge) Properties() map[string]interface{}

func (ContainsEdge) PropertyNames 

func (e ContainsEdge) PropertyNames() []string

func (ContainsEdge) Type 

func (e ContainsEdge) Type() string

type DependsOnEdge 

type DependsOnEdge struct {
	ArtifactNode       ArtifactNode
	PackageNode        PackageNode
	ArtifactDependency ArtifactNode
	PackageDependency  PackageNode
}

DependsOnEdge is an edge that represents the fact that an `ArtifactNode/PackageNode` depends on another `ArtifactNode/PackageNode` Only one of each side of the edge should be defined.

func (DependsOnEdge) IdentifiablePropertyNames 

func (e DependsOnEdge) IdentifiablePropertyNames() []string

func (DependsOnEdge) Nodes 

func (e DependsOnEdge) Nodes() (v, u GuacNode)

func (DependsOnEdge) Properties 

func (e DependsOnEdge) Properties() map[string]interface{}

func (DependsOnEdge) PropertyNames 

func (e DependsOnEdge) PropertyNames() []string

func (DependsOnEdge) Type 

func (e DependsOnEdge) Type() string

type Graph 

type Graph struct {
	Nodes []GuacNode
	Edges []GuacEdge
}

Graph represents a subgraph read from the database or written to it. Note: this is experimental and might change. Please refer to source code for more details about usage.

func (*Graph) AppendGraph 

func (g *Graph) AppendGraph(gs ...Graph)

AppendGraph appends the graph g with additional graphs

type GuacEdge 

type GuacEdge interface {
	// Type returns the type of edge
	Type() string

	// Nodes returns the (v,u) nodes of the edge
	//
	// For directional edges: v-[edge]->u.
	// For non-directional edges there is no guaranteed order.
	Nodes() (v, u GuacNode)

	// Properties returns the list of properties of the edge
	Properties() map[string]interface{}

	// PropertyNames returns the names of the properties of the edge.
	//
	// If a string `s` is in the list returned by `PropertyNames` then it
	// should also be a key in the map returned by `Properties`.
	PropertyNames() []string

	// IdentifiablePropertyNames returns a list of property names that can
	// that can uniquely specify a GuacEdge, as an alternative to the two
	// node endpoints.
	//
	// Any string found in the list returned by `IdentifiablePropertyNames`
	// must also be returned by `PropertyNames`.
	//
	// TODO(mihaimaruseac): We might not need this?
	IdentifiablePropertyNames() []string
}

GuacEdge represents an edge in the GUAC graph Note: this is experimental and might change. Please refer to source code for more details about usage.

type GuacNode 

type GuacNode interface {
	// Type returns the type of node
	Type() string

	// Properties returns the list of properties of the node
	Properties() map[string]interface{}

	// PropertyNames returns the names of the properties of the node.
	//
	// If a string `s` is in the list returned by `PropertyNames` then it
	// should also be a key in the map returned by `Properties`.
	PropertyNames() []string

	// IdentifiablePropertyNames returns a list of property names that can
	// uniquely specify a GuacNode.
	//
	// Any string found in the list returned by `IdentifiablePropertyNames`
	// must also be returned by `PropertyNames`.
	IdentifiablePropertyNames() []string
}

GuacNode represents a node in the GUAC graph Note: this is experimental and might change. Please refer to source code for more details about usage.

type HasSBOMIngest added in v0.1.0 

type HasSBOMIngest struct {
	// hasSBOM describes either pkg or artifact
	Pkg      *generated.PkgInputSpec
	Artifact *generated.ArtifactInputSpec

	HasSBOM *generated.HasSBOMInputSpec
}

type HasSlsaIngest added in v0.1.0 

type HasSlsaIngest struct {
	Artifact  *generated.ArtifactInputSpec
	HasSlsa   *generated.SLSAInputSpec
	Materials []generated.ArtifactInputSpec
	Builder   *generated.BuilderInputSpec
}

type HasSourceAtIngest added in v0.1.0 

type HasSourceAtIngest struct {
	Pkg          *generated.PkgInputSpec
	PkgMatchFlag generated.MatchFlags
	Src          *generated.SourceInputSpec
	HasSourceAt  *generated.HasSourceAtInputSpec
}

type IdentityForEdge 

type IdentityForEdge struct {
	IdentityNode    IdentityNode
	AttestationNode AttestationNode
}

IdentityForEdge is an edge that represents the fact that an `IdentityNode` is an identity for an `AttestationNode`.

func (IdentityForEdge) IdentifiablePropertyNames 

func (e IdentityForEdge) IdentifiablePropertyNames() []string

func (IdentityForEdge) Nodes 

func (e IdentityForEdge) Nodes() (v, u GuacNode)

func (IdentityForEdge) Properties 

func (e IdentityForEdge) Properties() map[string]interface{}

func (IdentityForEdge) PropertyNames 

func (e IdentityForEdge) PropertyNames() []string

func (IdentityForEdge) Type 

func (e IdentityForEdge) Type() string

type IdentityNode 

type IdentityNode struct {
	ID     string
	Digest string
	// base64 encoded
	Key       string
	KeyType   string
	KeyScheme string
	NodeData  objectMetadata
}

IdentityNode is a node that represents an identity

func (IdentityNode) IdentifiablePropertyNames 

func (in IdentityNode) IdentifiablePropertyNames() []string

func (IdentityNode) Properties 

func (in IdentityNode) Properties() map[string]interface{}

func (IdentityNode) PropertyNames 

func (in IdentityNode) PropertyNames() []string

func (IdentityNode) Type 

func (in IdentityNode) Type() string

type IngestPredicates added in v0.1.0 

type IngestPredicates struct {
	CertifyScorecard []CertifyScorecardIngest
	IsDependency     []IsDependencyIngest
	IsOccurrence     []IsOccurrenceIngest
	HasSlsa          []HasSlsaIngest
	CertifyVuln      []CertifyVulnIngest
	IsVuln           []IsVulnIngest
	HasSourceAt      []HasSourceAtIngest
	CertifyBad       []CertifyBadIngest
	CertifyGood      []CertifyGoodIngest
	HasSBOM          []HasSBOMIngest
}

IngestPredicates contains the set of predicates that want to be ingested based on the GUAC ontology. It only has evidence trees as ingestion of the software trees are implicit and handled by the client library.

type IsDependencyIngest added in v0.1.0 

type IsDependencyIngest struct {
	Pkg          *generated.PkgInputSpec
	DepPkg       *generated.PkgInputSpec
	IsDependency *generated.IsDependencyInputSpec
}

type IsOccurrenceIngest added in v0.1.0 

type IsOccurrenceIngest struct {
	// Occurrence describes either pkg or src
	Pkg *generated.PkgInputSpec
	Src *generated.SourceInputSpec

	// Artifact is the required object of the occurence
	Artifact *generated.ArtifactInputSpec

	IsOccurrence *generated.IsOccurrenceInputSpec
}

type IsVulnIngest added in v0.1.0 

type IsVulnIngest struct {
	OSV    *generated.OSVInputSpec
	CVE    *generated.CVEInputSpec
	GHSA   *generated.GHSAInputSpec
	IsVuln *generated.IsVulnerabilityInputSpec
}

Only CVE or GHSA needed, not both

type MetadataForEdge 

type MetadataForEdge struct {
	// From node
	MetadataNode MetadataNode
	// To node
	ForArtifact ArtifactNode
	ForPackage  PackageNode
}

MetadataFor is an edge that represents the fact that an a metadata node represents metadata for an `ArtifactNode/PackageNode` Only one of each side of the edge should be defined.

func (MetadataForEdge) IdentifiablePropertyNames 

func (e MetadataForEdge) IdentifiablePropertyNames() []string

func (MetadataForEdge) Nodes 

func (e MetadataForEdge) Nodes() (v, u GuacNode)

func (MetadataForEdge) Properties 

func (e MetadataForEdge) Properties() map[string]interface{}

func (MetadataForEdge) PropertyNames 

func (e MetadataForEdge) PropertyNames() []string

func (MetadataForEdge) Type 

func (e MetadataForEdge) Type() string

type MetadataNode 

type MetadataNode struct {
	MetadataType string
	ID           string
	Details      map[string]interface{}
}

MetadataNode is a node that represents metadata about an artifact/package

func (MetadataNode) IdentifiablePropertyNames 

func (mn MetadataNode) IdentifiablePropertyNames() []string

func (MetadataNode) Properties 

func (mn MetadataNode) Properties() map[string]interface{}

func (MetadataNode) PropertyNames 

func (mn MetadataNode) PropertyNames() []string

func (MetadataNode) Type 

func (mn MetadataNode) Type() string

type PackageNode 

type PackageNode struct {
	Name     string
	Digest   []string
	Version  string
	Purl     string
	CPEs     []string
	Tags     []string
	NodeData objectMetadata
}

PackageNode is a node that represents an artifact

func (PackageNode) IdentifiablePropertyNames 

func (pn PackageNode) IdentifiablePropertyNames() []string

func (PackageNode) Properties 

func (pn PackageNode) Properties() map[string]interface{}

func (PackageNode) PropertyNames 

func (pn PackageNode) PropertyNames() []string

func (PackageNode) Type 

func (pn PackageNode) Type() string

type VulnerabilityNode 

type VulnerabilityNode struct {
	ID       string
	NodeData objectMetadata
}

VulnerabilityNode is a node that represents a vulnerability associated with the certifier attestation

func (VulnerabilityNode) IdentifiablePropertyNames 

func (vn VulnerabilityNode) IdentifiablePropertyNames() []string

func (VulnerabilityNode) Properties 

func (vn VulnerabilityNode) Properties() map[string]interface{}

func (VulnerabilityNode) PropertyNames 

func (vn VulnerabilityNode) PropertyNames() []string

func (VulnerabilityNode) Type 

func (vn VulnerabilityNode) Type() string

type VulnerableEdge 

type VulnerableEdge struct {
	AttestationNode   AttestationNode
	VulnerabilityNode VulnerabilityNode
}

VulnerableEdge is an edge that represents the fact that an artifact is vulnerable or not based on certification attestation This edge gets created when the attestation contains vulnerabilities

func (VulnerableEdge) IdentifiablePropertyNames 

func (e VulnerableEdge) IdentifiablePropertyNames() []string

func (VulnerableEdge) Nodes 

func (e VulnerableEdge) Nodes() (v, u GuacNode)

func (VulnerableEdge) Properties 

func (e VulnerableEdge) Properties() map[string]interface{}

func (VulnerableEdge) PropertyNames 

func (e VulnerableEdge) PropertyNames() []string

func (VulnerableEdge) Type 

func (e VulnerableEdge) Type() string

Source Files

View all Source files

Directories

Path Synopsis
helper
inmem
neo4j
generated
helpers
generated
model
resolvers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.