Documentation
¶
Index ¶
Constants ¶
View Source
const BaseImagePyPI = "python:3-alpine"
View Source
const PyPISimpleURL = "https://pypi.org/simple/"
View Source
const TypePyPI = "pypi"
Variables ¶
View Source
var IgnoredHostsPyPI = []string{"pypi.org", "files.pythonhosted.org"}
View Source
var SysdigFiltersIgnorePyPI = []string{
"not (proc.exeline='uname -p')",
"not (proc.exeline='uname -rs')",
"not (proc.exeline contains '/usr/local/bin/python -c import sys, setuptools, tokenize; sys.argv[0]')",
"not (proc.exeline contains '/usr/local/bin/python -u -c import sys, setuptools, tokenize; sys.argv[0]')",
"not (fd.name contains '/usr/local/lib/python3.8/')",
"not (fd.name contains '/lib/' and evt.arg.flags contains O_RDONLY)",
}
SysdigFiltersIgnorePyPI is the list of sysdig events that might appear suspicious, but are known parts of Python package installation.
No, these aren't perfect, but the goal is catching the low-hanging fruit and we can iterate as we go.
View Source
var SysdigFiltersPyPI = []string{
"not (fd.sip.name=pypi.org or fd.cip.name=pypi.org)",
"not (fd.sip.name=files.pythonhosted.org or fd.cip.name=files.pythonhosted.org)",
}
Functions ¶
This section is empty.
Types ¶
type BaseProcessor ¶
type BaseProcessor struct {
PackageID string
Output *library.Output
// contains filtered or unexported fields
}
func (*BaseProcessor) StartMonitoring ¶
func (p *BaseProcessor) StartMonitoring(ctx context.Context, cli docker.DockerClient) error
func (*BaseProcessor) StopMonitoring ¶
func (p *BaseProcessor) StopMonitoring() error
type PyPIProcessor ¶
type PyPIProcessor struct {
BaseProcessor
}
func NewPyPIProcessor ¶
func NewPyPIProcessor() *PyPIProcessor
Source Files
Click to show internal directories.
Click to hide internal directories.