Documentation
¶
Index ¶
- func DynamicSandboxOptions() []sandbox.Option
- func LogDynamicAnalysisError(ctx context.Context, pkg *pkgmanager.Pkg, errorPhase analysisrun.DynamicPhase, ...)
- func LogDynamicAnalysisResult(ctx context.Context, pkg *pkgmanager.Pkg, finalPhase analysisrun.DynamicPhase, ...)
- func ResolvePkg(manager *pkgmanager.PkgManager, name, version, localPath string) (pkg *pkgmanager.Pkg, err error)
- func ResolvePurl(purl packageurl.PackageURL) (*pkgmanager.Pkg, error)
- func RunStaticAnalysis(ctx context.Context, pkg *pkgmanager.Pkg, sbOpts []sandbox.Option, ...) (api.SandboxData, analysis.Status, error)
- func SaveAnalyzedPackage(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores) error
- func SaveDynamicAnalysisData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, ...) error
- func SaveFileWritesData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, ...) error
- func SaveStaticAnalysisData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, ...) error
- func StaticSandboxOptions() []sandbox.Option
- type DynamicAnalysisResult
- type ResultStores
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DynamicSandboxOptions ¶
DynamicSandboxOptions provides a set of sandbox options necessary to run dynamic analysis sandboxes.
func LogDynamicAnalysisError ¶
func LogDynamicAnalysisError(ctx context.Context, pkg *pkgmanager.Pkg, errorPhase analysisrun.DynamicPhase, err error)
LogDynamicAnalysisError indicates some error happened while attempting to run the package code, which was not caused by the package itself. This means it was not possible to analyse the package properly, and the results are invalid.
func LogDynamicAnalysisResult ¶
func LogDynamicAnalysisResult(ctx context.Context, pkg *pkgmanager.Pkg, finalPhase analysisrun.DynamicPhase, finalStatus analysis.Status)
LogDynamicAnalysisResult indicates that the package code was run successfully, and what happened when it was run. This may include errors in the analysis of the package, but not errors in the running itself.
func ResolvePkg ¶
func ResolvePkg(manager *pkgmanager.PkgManager, name, version, localPath string) (pkg *pkgmanager.Pkg, err error)
ResolvePkg creates a Pkg object with the arguments passed to the worker process.
func ResolvePurl ¶
func ResolvePurl(purl packageurl.PackageURL) (*pkgmanager.Pkg, error)
ResolvePurl creates a Pkg object from the given purl See https://github.com/package-url/purl-spec
func RunStaticAnalysis ¶
func RunStaticAnalysis(ctx context.Context, pkg *pkgmanager.Pkg, sbOpts []sandbox.Option, tasks ...staticanalysis.Task) (api.SandboxData, analysis.Status, error)
RunStaticAnalysis performs the given static analysis tasks on package code, in a sandboxed environment.
To run all available static analyses, pass staticanalysis.All as tasks. Use sbOpts to customise sandbox behaviour.
func SaveAnalyzedPackage ¶
func SaveAnalyzedPackage(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores) error
SaveAnalyzedPackage saves the analyzed package from static and dynamic analysis to the analyzed packages bucket in the ResultStores
func SaveDynamicAnalysisData ¶
func SaveDynamicAnalysisData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, data analysisrun.DynamicAnalysisData) error
SaveDynamicAnalysisData saves the data from dynamic analysis to the corresponding bucket in the ResultStores. This includes strace data, execution log, and file writes (in that order). If any operation fails, the rest are aborted
func SaveFileWritesData ¶
func SaveFileWritesData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, data analysisrun.DynamicAnalysisData) error
SaveFileWritesData saves file writes data from dynamic analysis to the file writes bucket in the ResultStores
func SaveStaticAnalysisData ¶
func SaveStaticAnalysisData(ctx context.Context, pkg *pkgmanager.Pkg, dest *ResultStores, data staticapi.SandboxData) error
SaveStaticAnalysisData saves the data from static analysis to the corresponding bucket in the ResultStores
func StaticSandboxOptions ¶
StaticSandboxOptions provides a set of sandbox options necessary to run the static analysis sandboxes.
Types ¶
type DynamicAnalysisResult ¶
type DynamicAnalysisResult struct {
Data analysisrun.DynamicAnalysisData
LastRunPhase analysisrun.DynamicPhase
LastStatus analysis.Status
}
func RunDynamicAnalysis ¶
func RunDynamicAnalysis(ctx context.Context, pkg *pkgmanager.Pkg, sbOpts []sandbox.Option, analysisCmd string) (DynamicAnalysisResult, error)
RunDynamicAnalysis runs dynamic analysis on the given package across the phases valid in the package ecosystem (e.g. import, install), in a sandbox created using the provided options. The options must specify the sandbox image to use.
analysisCmd is an optional argument used to override the default command run inside the sandbox to perform the analysis. It must support the interface described under "Adding a new Runtime Analysis script" in sandboxes/README.md
All data and status relating to analysis (including errors produced by invalid packages) is returned in the DynamicAnalysisResult struct. Status and errors are also logged to stdout.
The returned error holds any error that occurred in the runtime/sandbox infrastructure, excluding from within the analysis itself. In other words, it does not include errors produced by the package under analysis.
type ResultStores ¶
type ResultStores struct {
AnalyzedPackage *resultstore.ResultStore
DynamicAnalysis *resultstore.ResultStore
ExecutionLog *resultstore.ResultStore
FileWrites *resultstore.ResultStore
StaticAnalysis *resultstore.ResultStore
AnalyzedPackageSaved bool
}
ResultStores holds ResultStore instances for saving each kind of analysis data. They can be nil, in which case calling the associated Upload function here is a no-op
Source Files