domain

Documentation

Index

• Constants
• Variables
• type CVEExceptions
• type CVEManifest
• type RegistryCredentials
• type RegistryOptions
• type SBOM
• type ScanCommand
• type ScanIDKey
• type Session
• type TimestampKey
• type WorkloadKey

Constants

const (
	CriticalSeverity   = "Critical"
	HighSeverity       = "High"
	MediumSeverity     = "Medium"
	LowSeverity        = "Low"
	NegligibleSeverity = "Negligible"
	UnknownSeverity    = "Unknown"
)

const (
	Accepted = iota
	Started
	Success
	Done
)

const (
	ArgsName               = "name"
	ArgsNamespace          = "namespace"
	AttributeUseHTTP       = identifiers.AttributeUseHTTP
	AttributeSkipTLSVerify = identifiers.AttributeSkipTLSVerify
)

Variables

var (
	ErrExpectedError            = errors.New("expected error")
	ErrInitVulnDB               = errors.New("vulnerability DB is not initialized, run readiness probe")
	ErrIncompleteSBOM           = errors.New("incomplete SBOM, skipping CVE scan")
	ErrOutdatedSBOM             = errors.New("SBOM is outdated")
	ErrSBOMWithPartialArtifacts = errors.New("SBOM having partial artifacts")
	ErrInvalidScanID            = errors.New("invalid scanID")
	ErrMissingApInfo            = errors.New("missing application profile information")
	ErrMissingImageInfo         = errors.New("missing image information")
	ErrMissingSBOM              = errors.New("missing SBOM")
	ErrMissingScanID            = errors.New("missing scanID")
	ErrMissingTimestamp         = errors.New("missing timestamp")
	ErrCastingWorkload          = errors.New("casting workload")
	ErrMockError                = errors.New("mock error")
	ErrTooManyRequests          = errors.New("too many requests")
)

Types

type CVEExceptions

type CVEExceptions []armotypes.VulnerabilityExceptionPolicy

type CVEManifest

type CVEManifest struct {
	Content            *v1beta1.GrypeDocument
	Annotations        map[string]string
	Labels             map[string]string
	Name               string
	Wlid               string
	SBOMCreatorName    string
	SBOMCreatorVersion string
	CVEScannerName     string
	CVEScannerVersion  string
	CVEDBVersion       string
}

CVEManifest contains a JSON CVE report manifest with some metadata

type RegistryCredentials

type RegistryCredentials struct {
	Authority string
	Username  string
	Password  string
	Token     string
}

RegistryCredentials contains OCI registry credentials required for connection it is closely related to the Stereoscope image.RegistryCredentials struct

type RegistryOptions

type RegistryOptions struct {
	Platform              string
	Credentials           []RegistryCredentials
	InsecureSkipTLSVerify bool
	InsecureUseHTTP       bool
}

RegistryOptions contains OCI registry configuration parameters required for connection it is closely related to the Stereoscope image.RegistryOptions struct used by Grype

type SBOM

type SBOM struct {
	Content            *v1beta1.SyftDocument
	Annotations        map[string]string
	Labels             map[string]string
	Name               string
	SBOMCreatorName    string
	SBOMCreatorVersion string
	Status             string
}

SBOM contains an syft SBOM in JSON format with some metadata

type ScanCommand

type ScanCommand struct {
	Args               map[string]interface{}
	ImageTagNormalized string
	ImageSlug          string
	InstanceID         string
	Wlid               string
	// deprecated
	ImageTag        string
	JobID           string
	ContainerName   string
	ParentJobID     string
	ImageHash       string
	CredentialsList []registry.AuthConfig
	Session         Session
	LastAction      int
}

type ScanIDKey

type ScanIDKey struct{}

type Session

type Session struct {
	JobIDs []string
}

type TimestampKey

type TimestampKey struct{}

type WorkloadKey

type WorkloadKey struct{}