Documentation ¶
Index ¶
- type AssemblerInput
- type CertifyBadIngest
- type CertifyGoodIngest
- type CertifyLegalIngest
- type CertifyScorecardIngest
- type CertifyVulnIngest
- type HasMetadataIngest
- type HasSBOMIngest
- type HasSlsaIngest
- type HasSourceAtIngest
- type HashEqualIngest
- type IngestPredicates
- func (i IngestPredicates) GetArtifacts(ctx context.Context) []*generated.ArtifactInputSpec
- func (i IngestPredicates) GetBuilders(ctx context.Context) []*generated.BuilderInputSpec
- func (i IngestPredicates) GetLicenses(ctx context.Context) []generated.LicenseInputSpec
- func (i IngestPredicates) GetMaterials(ctx context.Context) []generated.ArtifactInputSpec
- func (i IngestPredicates) GetPackages(ctx context.Context) []*generated.PkgInputSpec
- func (i IngestPredicates) GetSources(ctx context.Context) []*generated.SourceInputSpec
- func (i IngestPredicates) GetVulnerabilities(ctx context.Context) []*generated.VulnerabilityInputSpec
- type IsDependencyIngest
- type IsOccurrenceIngest
- type PkgEqualIngest
- type PointOfContactIngest
- type VexIngest
- type VulnEqualIngest
- type VulnMetadataIngest
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AssemblerInput ¶
type AssemblerInput = IngestPredicates
AssemblerInput represents the inputs to add to the graph
type CertifyBadIngest ¶ added in v0.1.0
type CertifyBadIngest struct { // certifyBad describes either pkg, src or artifact Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` PkgMatchFlag generated.MatchFlags `json:"pkgMatchFlag,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` CertifyBad *generated.CertifyBadInputSpec `json:"certifyBad,omitempty"` }
type CertifyGoodIngest ¶ added in v0.1.0
type CertifyGoodIngest struct { // certifyGood describes either pkg, src or artifact Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` PkgMatchFlag generated.MatchFlags `json:"pkgMatchFlag,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` CertifyGood *generated.CertifyGoodInputSpec `json:"certifyGood,omitempty"` }
type CertifyLegalIngest ¶ added in v0.2.0
type CertifyLegalIngest struct { Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` Declared []generated.LicenseInputSpec `json:"declared,omitempty"` Discovered []generated.LicenseInputSpec `json:"discovered,omitempty"` CertifyLegal *generated.CertifyLegalInputSpec `json:"certifyLegal,omitempty"` }
type CertifyScorecardIngest ¶ added in v0.1.0
type CertifyScorecardIngest struct { Source *generated.SourceInputSpec `json:"source,omitempty"` Scorecard *generated.ScorecardInputSpec `json:"scorecard,omitempty"` }
type CertifyVulnIngest ¶ added in v0.1.0
type CertifyVulnIngest struct { // pkg is required Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` // vulnerability or noVuln if no vulnerability is found Vulnerability *generated.VulnerabilityInputSpec `json:"vulnerability,omitempty"` VulnData *generated.ScanMetadataInput `json:"vulnData,omitempty"` }
type HasMetadataIngest ¶ added in v0.2.0
type HasMetadataIngest struct { // hasMetadata describes either pkg, src or artifact metadata Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` PkgMatchFlag generated.MatchFlags `json:"pkgMatchFlag,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` HasMetadata *generated.HasMetadataInputSpec `json:"hasMetadata,omitempty"` }
type HasSBOMIngest ¶ added in v0.1.0
type HasSBOMIngest struct { // hasSBOM describes either pkg or artifact Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` HasSBOM *generated.HasSBOMInputSpec `json:"hasSbom,omitempty"` }
type HasSlsaIngest ¶ added in v0.1.0
type HasSlsaIngest struct { Artifact *generated.ArtifactInputSpec `json:",omitempty"` HasSlsa *generated.SLSAInputSpec `json:",omitempty"` Materials []generated.ArtifactInputSpec `json:",omitempty"` Builder *generated.BuilderInputSpec `json:",omitempty"` }
type HasSourceAtIngest ¶ added in v0.1.0
type HasSourceAtIngest struct { Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` PkgMatchFlag generated.MatchFlags `json:"pkgMatchFlag,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` HasSourceAt *generated.HasSourceAtInputSpec `json:"hasSourceAt,omitempty"` }
type HashEqualIngest ¶ added in v0.1.1
type HashEqualIngest struct { // HashEqualIngest describes two artifacts are the same Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` EqualArtifact *generated.ArtifactInputSpec `json:"equalArtifact,omitempty"` HashEqual *generated.HashEqualInputSpec `json:"hashEqual,omitempty"` }
type IngestPredicates ¶ added in v0.1.0
type IngestPredicates struct { CertifyScorecard []CertifyScorecardIngest `json:"certifyScorecard,omitempty"` IsDependency []IsDependencyIngest `json:"isDependency,omitempty"` IsOccurrence []IsOccurrenceIngest `json:"isOccurrence,omitempty"` HasSlsa []HasSlsaIngest `json:"hasSlsa,omitempty"` CertifyVuln []CertifyVulnIngest `json:"certifyVuln,omitempty"` VulnEqual []VulnEqualIngest `json:"vulnEqual,omitempty"` HasSourceAt []HasSourceAtIngest `json:"hasSourceAt,omitempty"` CertifyBad []CertifyBadIngest `json:"certifyBad,omitempty"` CertifyGood []CertifyGoodIngest `json:"certifyGood,omitempty"` HasSBOM []HasSBOMIngest `json:"hasSBOM,omitempty"` HashEqual []HashEqualIngest `json:"hashEqual,omitempty"` PkgEqual []PkgEqualIngest `json:"pkgEqual,omitempty"` Vex []VexIngest `json:"vex,omitempty"` PointOfContact []PointOfContactIngest `json:"contact,omitempty"` VulnMetadata []VulnMetadataIngest `json:"vulnMetadata,omitempty"` HasMetadata []HasMetadataIngest `json:"hasMetadata,omitempty"` CertifyLegal []CertifyLegalIngest `json:"certifyLegal,omitempty"` }
IngestPredicates contains the set of predicates that want to be ingested based on the GUAC ontology. It only has evidence trees as ingestion of the software trees are implicit and handled by the client library. TODO: fix typo in isDepedency
func (IngestPredicates) GetArtifacts ¶ added in v0.1.1
func (i IngestPredicates) GetArtifacts(ctx context.Context) []*generated.ArtifactInputSpec
func (IngestPredicates) GetBuilders ¶ added in v0.1.1
func (i IngestPredicates) GetBuilders(ctx context.Context) []*generated.BuilderInputSpec
func (IngestPredicates) GetLicenses ¶ added in v0.2.0
func (i IngestPredicates) GetLicenses(ctx context.Context) []generated.LicenseInputSpec
func (IngestPredicates) GetMaterials ¶ added in v0.1.1
func (i IngestPredicates) GetMaterials(ctx context.Context) []generated.ArtifactInputSpec
func (IngestPredicates) GetPackages ¶ added in v0.1.1
func (i IngestPredicates) GetPackages(ctx context.Context) []*generated.PkgInputSpec
func (IngestPredicates) GetSources ¶ added in v0.1.1
func (i IngestPredicates) GetSources(ctx context.Context) []*generated.SourceInputSpec
func (IngestPredicates) GetVulnerabilities ¶ added in v0.2.0
func (i IngestPredicates) GetVulnerabilities(ctx context.Context) []*generated.VulnerabilityInputSpec
type IsDependencyIngest ¶ added in v0.1.0
type IsDependencyIngest struct { Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` DepPkg *generated.PkgInputSpec `json:"depPkg,omitempty"` DepPkgMatchFlag generated.MatchFlags `json:"depPkgMatchFlag,omitempty"` IsDependency *generated.IsDependencyInputSpec `json:"isDependency,omitempty"` }
type IsOccurrenceIngest ¶ added in v0.1.0
type IsOccurrenceIngest struct { // Occurrence describes either pkg or src Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` // Artifact is the required object of the occurence Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` IsOccurrence *generated.IsOccurrenceInputSpec `json:"isOccurrence,omitempty"` }
type PkgEqualIngest ¶ added in v0.1.1
type PkgEqualIngest struct { // PkgEqualIngest describes two packages are the same Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` EqualPkg *generated.PkgInputSpec `json:"equalPkg,omitempty"` PkgEqual *generated.PkgEqualInputSpec `json:"pkgEqual,omitempty"` }
type PointOfContactIngest ¶ added in v0.1.1
type PointOfContactIngest struct { // pointOfContact describes either pkg, src or artifact Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` PkgMatchFlag generated.MatchFlags `json:"pkgMatchFlag,omitempty"` Src *generated.SourceInputSpec `json:"src,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` PointOfContact *generated.PointOfContactInputSpec `json:"pointOfContact,omitempty"` }
type VexIngest ¶ added in v0.1.1
type VexIngest struct { // pkg or artifact is required Pkg *generated.PkgInputSpec `json:"pkg,omitempty"` Artifact *generated.ArtifactInputSpec `json:"artifact,omitempty"` // vulnerability (cannot be set to noVuln) Vulnerability *generated.VulnerabilityInputSpec `json:"vulnerability,omitempty"` VexData *generated.VexStatementInputSpec `json:"vexData,omitempty"` }
type VulnEqualIngest ¶ added in v0.2.0
type VulnEqualIngest struct { Vulnerability *generated.VulnerabilityInputSpec `json:"vulnerability,omitempty"` EqualVulnerability *generated.VulnerabilityInputSpec `json:"equalVulnerability,omitempty"` VulnEqual *generated.VulnEqualInputSpec `json:"vulnEqual,omitempty"` }
type VulnMetadataIngest ¶ added in v0.2.0
type VulnMetadataIngest struct { // vulnerability (cannot be set to noVuln) Vulnerability *generated.VulnerabilityInputSpec `json:"vulnerability,omitempty"` VulnMetadata *generated.VulnerabilityMetadataInputSpec `json:"vulnData,omitempty"` }
Click to show internal directories.
Click to hide internal directories.