vulnerabilities

Documentation

Index

• type ReadWriter
• type Reader
• type Scanner
• type ScannerAsync
• type WorkloadVulnerabilities
• type Writer

Types

type ReadWriter

type ReadWriter interface {
	Reader
	Writer
}

type Reader

type Reader interface {
	Read(ctx context.Context, workload kube.Object) (WorkloadVulnerabilities, error)
}

type Scanner

type Scanner interface {
	Scan(ctx context.Context, workload kube.Object) (WorkloadVulnerabilities, error)
}

Scanner defines methods for a synchronous vulnerability scanner. The implementations of the Scanner interface are supposed to block.

Scan scans all container images of the specified Kubernetes workload. Returns a map of container names to VulnerabilityReports.

type ScannerAsync

type ScannerAsync interface {
	PrepareScanJob(ctx context.Context, workload kube.Object, spec corev1.PodSpec, auths map[string]docker.Auth) (*batchv1.Job, *corev1.Secret, error)
	GetVulnerabilityReportsByScanJob(ctx context.Context, job *batchv1.Job) (WorkloadVulnerabilities, error)
}

ScannerAsync defines methods for a vulnerability scanner which is run as a Kubernetes Job.

PrepareScanJob prepares a Job descriptor for the specified Kubernetes workload with the given Pod descriptor. The returned Job can be sent to the Kubernetes API and scheduled for execution.

GetVulnerabilityReportsByScanJob returns WorkloadVulnerabilities from the completed scan Job.

type WorkloadVulnerabilities

type WorkloadVulnerabilities map[string]starboard.VulnerabilityScanResult

WorkloadVulnerabilities holds VulnerabilityReports for each container of a Kubernetes workload.

type Writer

type Writer interface {
	Write(ctx context.Context, reports WorkloadVulnerabilities, owner metav1.Object) error
}