v1

package

v0.2.110 Latest Latest Go to latest Published: Aug 18, 2023 License: Apache-2.0 Imports: 66 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubescape/kubevuln

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type ArmoAdapter
- func NewArmoAdapter(accountID, gatewayRestURL, eventReceiverRestURL string) *ArmoAdapter
type GrypeAdapter
- func NewGrypeAdapter(listingURL string) *GrypeAdapter
- func NewGrypeAdapterFixedDB() *GrypeAdapter
type SyftAdapter
- func NewSyftAdapter(scanTimeout time.Duration, maxImageSize int64) *SyftAdapter
- func (s *SyftAdapter) CreateSBOM(ctx context.Context, name, imageID string, options domain.RegistryOptions) (domain.SBOM, error)
- func (s *SyftAdapter) Version() string

Constants ¶

View Source

const ActionName = "vuln scan"

View Source

const ReporterName = "ca-vuln-scan"

Variables ¶

View Source

var ErrImageTooLarge = fmt.Errorf("image size exceeds maximum allowed size")

Functions ¶

This section is empty.

Types ¶

type ArmoAdapter ¶

type ArmoAdapter struct {
	// contains filtered or unexported fields
}

func NewArmoAdapter ¶

func NewArmoAdapter(accountID, gatewayRestURL, eventReceiverRestURL string) *ArmoAdapter

func (*ArmoAdapter) GetCVEExceptions ¶ added in v0.2.99

func (a *ArmoAdapter) GetCVEExceptions(ctx context.Context) (domain.CVEExceptions, error)

func (*ArmoAdapter) SendStatus ¶

func (a *ArmoAdapter) SendStatus(ctx context.Context, step int) error

SendStatus sends the given status and details to the platform

func (*ArmoAdapter) SubmitCVE ¶

func (a *ArmoAdapter) SubmitCVE(ctx context.Context, cve domain.CVEManifest, cvep domain.CVEManifest) error

SubmitCVE submits the given CVE to the platform

type GrypeAdapter ¶

type GrypeAdapter struct {
	// contains filtered or unexported fields
}

GrypeAdapter implements CVEScanner from ports using Grype's API

func NewGrypeAdapter ¶

func NewGrypeAdapter(listingURL string) *GrypeAdapter

NewGrypeAdapter initializes the GrypeAdapter structure DB loading is done via readiness probes

func NewGrypeAdapterFixedDB ¶ added in v0.2.99

func NewGrypeAdapterFixedDB() *GrypeAdapter

func (*GrypeAdapter) DBVersion ¶

func (g *GrypeAdapter) DBVersion(context.Context) string

DBVersion returns the vulnerabilities DB checksum which is used to tag CVE manifests

func (*GrypeAdapter) Ready ¶

func (g *GrypeAdapter) Ready(ctx context.Context) bool

Ready returns the status of the vulnerabilities DB

func (*GrypeAdapter) ScanSBOM ¶

func (g *GrypeAdapter) ScanSBOM(ctx context.Context, sbom domain.SBOM) (domain.CVEManifest, error)

ScanSBOM generates a CVE manifest by scanning an SBOM

func (*GrypeAdapter) Version ¶

func (g *GrypeAdapter) Version(context.Context) string

Version returns Grype's version which is used to tag CVE manifests

type SyftAdapter ¶

type SyftAdapter struct {
	// contains filtered or unexported fields
}

SyftAdapter implements SBOMCreator from ports using Syft's API

func NewSyftAdapter ¶

func NewSyftAdapter(scanTimeout time.Duration, maxImageSize int64) *SyftAdapter

NewSyftAdapter initializes the SyftAdapter struct

func (*SyftAdapter) CreateSBOM ¶

func (s *SyftAdapter) CreateSBOM(ctx context.Context, name, imageID string, options domain.RegistryOptions) (domain.SBOM, error)

CreateSBOM creates an SBOM for a given imageID, restrict parallelism to prevent disk space issues, a timeout prevents the process from hanging for too long. Format is SPDX JSON and the resulting SBOM is tagged with the Syft version.

func (*SyftAdapter) Version ¶

func (s *SyftAdapter) Version() string

Version returns Syft's version which is used to tag SBOMs

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL