Documentation
¶
Index ¶
- Constants
- Variables
- func TrivyReportToEnt(report *TrivyReport, now time.Time) (pkgList []*ent.PackageRecord, vulnList []*ent.Vulnerability)
- type Config
- type Context
- type DetectedVulnerability
- type GetRepoScanRequest
- type GitHubBranch
- type GitHubCheckResult
- type GitHubRepo
- type GitHubToken
- type Metadata
- type Package
- type PackageSource
- type Report
- type Repository
- type RequestRepoLabel
- type RequestSeverity
- type RespVulnerability
- type ScanReport
- type ScanRepositoryRequest
- type ScanTarget
- type SourceChanges
- type TrivyPackage
- type TrivyReport
- type TrivyResult
- type TrivyResults
- type UpdateVulnStatusRequest
- type VulnChanges
- type VulnRecord
- type VulnStatusDB
- type Vulnerability
Constants ¶
View Source
const ( VulnAdded vulnChangeType = iota VulnDeleted VulnRemained )
View Source
const (
ContextKeyLogger = "logger"
)
View Source
const (
Version = "0.0.1"
)
Variables ¶
View Source
var ( ErrDatabaseUnexpected = goerr.New("database failure") ErrDatabaseInvalidInput = goerr.New("invalid input for database") ErrItemNotFound = goerr.New("item not found") ErrInvalidSystemValue = goerr.New("invalid system value") ErrInvalidGitHubData = goerr.New("invalid github data") ErrInvalidInput = goerr.New("invalid input data") ErrAuthenticationFailed = goerr.New("authentication failed") ErrNotAuthenticated = goerr.New("not authenticated request") ErrNotAuthorized = goerr.New("not authorized request") ErrUserNotFound = goerr.New("user not found") ErrVulnerabilityNotFound = goerr.New("vulnerability not found") ErrInvalidWebhookData = goerr.New("invalid webhook data") ErrGitHubAPI = goerr.New("github API returns unexpected response") // Rule error ErrInvalidPolicyResult = goerr.New("invalid rule result") )
Functions ¶
func TrivyReportToEnt ¶
func TrivyReportToEnt(report *TrivyReport, now time.Time) (pkgList []*ent.PackageRecord, vulnList []*ent.Vulnerability)
Types ¶
type Context ¶
type Context struct {
// contains filtered or unexported fields
}
func NewContext ¶
func NewContext() *Context
func NewContextWith ¶
type DetectedVulnerability ¶
type DetectedVulnerability struct {
VulnerabilityID string `json:",omitempty"`
VendorIDs []string `json:",omitempty"`
PkgName string `json:",omitempty"`
PkgPath string `json:",omitempty"` // It will be filled in the case of language-specific packages such as egg/wheel and gemspec
InstalledVersion string `json:",omitempty"`
FixedVersion string `json:",omitempty"`
SeveritySource string `json:",omitempty"`
PrimaryURL string `json:",omitempty"`
types.Vulnerability
}
type GetRepoScanRequest ¶ added in v0.1.4
type GetRepoScanRequest struct {
GitHubRepo
Limit int `json:"limit"`
Offset int `json:"offset"`
}
type GitHubBranch ¶
type GitHubBranch struct {
GitHubRepo
Branch string `json:"branch"`
}
type GitHubCheckResult ¶ added in v0.1.2
type GitHubRepo ¶
type GitHubToken ¶
type Metadata ¶
type Metadata struct {
Size int64 `json:",omitempty"`
// Container image
ImageID string `json:",omitempty"`
DiffIDs []string `json:",omitempty"`
RepoTags []string `json:",omitempty"`
RepoDigests []string `json:",omitempty"`
}
Metadata represents a metadata of artifact
type Package ¶ added in v0.1.2
type Package struct {
ent.PackageRecord
Vulnerabilities []*Vulnerability `json:"vulnerabilities,omitempty"`
// To remove "edges" field in JSON
Edges *struct{} `json:"edges,omitempty"`
}
type PackageSource ¶ added in v0.1.2
type Report ¶
type Report struct {
// contains filtered or unexported fields
}
func MakeReport ¶
func MakeReport(scanID string, changes VulnChanges, db *VulnStatusDB, url string) *Report
func (*Report) NothingToNotify ¶
func (*Report) ToMarkdown ¶ added in v0.1.2
type Repository ¶ added in v0.1.5
type Repository struct {
GitHubBranch
Labels []string `json:"labels"`
DefaultBranch string `json:"default_branch"`
}
type RequestRepoLabel ¶ added in v0.1.4
type RequestRepoLabel struct {
Name string `json:"name"`
Description string `json:"description"`
Color string `json:"color"`
}
func (*RequestRepoLabel) IsValid ¶ added in v0.1.4
func (x *RequestRepoLabel) IsValid() error
type RequestSeverity ¶ added in v0.1.1
func (*RequestSeverity) IsValid ¶ added in v0.1.1
func (x *RequestSeverity) IsValid() error
type RespVulnerability ¶
type RespVulnerability struct {
Vulnerability *ent.Vulnerability `json:"vulnerability"`
Affected []*ent.Repository `json:"affected"`
}
type ScanReport ¶ added in v0.1.5
type ScanReport struct {
Repo Repository `json:"repo"`
CommitID string `json:"commit_id"`
Sources []*PackageSource `json:"sources"`
}
func NewScanReport ¶ added in v0.1.5
func NewScanReport(scan *ent.Scan, statuses []*ent.VulnStatus, now int64) *ScanReport
type ScanRepositoryRequest ¶
type ScanRepositoryRequest struct {
ScanTarget
InstallID int64
PullReqNumber *int
PullReqAction string
}
type ScanTarget ¶
type SourceChanges ¶
type SourceChanges struct {
Added VulnChanges
Deleted VulnChanges
Remained VulnChanges
}
type TrivyPackage ¶
type TrivyPackage struct {
Name string `json:",omitempty"`
Version string `json:",omitempty"`
Release string `json:",omitempty"`
Epoch int `json:",omitempty"`
Arch string `json:",omitempty"`
SrcName string `json:",omitempty"`
SrcVersion string `json:",omitempty"`
SrcRelease string `json:",omitempty"`
SrcEpoch int `json:",omitempty"`
Modularitylabel string `json:",omitempty"` // only for Red Hat based distributions
License string `json:",omitempty"`
// Each package metadata have the file path, while the package from lock files does not have.
FilePath string `json:",omitempty"`
}
type TrivyReport ¶
type TrivyReport struct {
SchemaVersion int `json:",omitempty"`
ArtifactName string `json:",omitempty"`
ArtifactType string `json:",omitempty"`
Metadata Metadata `json:",omitempty"`
Results TrivyResults `json:",omitempty"`
}
type TrivyResult ¶
type TrivyResult struct {
Target string `json:"Target"`
Class string `json:"Class,omitempty"`
Type string `json:"Type,omitempty"`
Packages []TrivyPackage `json:"Packages,omitempty"`
Vulnerabilities []DetectedVulnerability `json:"Vulnerabilities,omitempty"`
}
type TrivyResults ¶
type TrivyResults []TrivyResult
type UpdateVulnStatusRequest ¶
type UpdateVulnStatusRequest struct {
GitHubRepo
UserID int
ent.VulnStatus
}
type VulnChanges ¶
type VulnChanges []*vulnChange
func DiffVulnRecords ¶
func DiffVulnRecords(oldPkgs, newPkgs []*ent.PackageRecord) VulnChanges
func (VulnChanges) FilterBySource ¶
func (x VulnChanges) FilterBySource(src string) VulnChanges
func (VulnChanges) FilterByType ¶
func (x VulnChanges) FilterByType(t vulnChangeType) VulnChanges
func (VulnChanges) Qualified ¶
func (x VulnChanges) Qualified(db *VulnStatusDB) VulnChanges
func (VulnChanges) Sources ¶
func (x VulnChanges) Sources() []string
type VulnRecord ¶
type VulnRecord struct {
Pkg *ent.PackageRecord
Vuln *ent.Vulnerability
}
type VulnStatusDB ¶
type VulnStatusDB struct {
// contains filtered or unexported fields
}
func NewVulnStatusDB ¶
func NewVulnStatusDB(statuses []*ent.VulnStatus, now int64) *VulnStatusDB
func (*VulnStatusDB) IsQualified ¶
func (x *VulnStatusDB) IsQualified(v *VulnRecord) bool
func (*VulnStatusDB) Lookup ¶ added in v0.1.2
func (x *VulnStatusDB) Lookup(pkg *ent.PackageRecord, vulnID string) *ent.VulnStatus
type Vulnerability ¶ added in v0.1.2
type Vulnerability struct {
ent.Vulnerability
Status *ent.VulnStatus `json:"status,omitempty"`
CustomSeverity string `json:"custom_severity"`
// To remove "edges" field in JSON
Edges *struct{} `json:"edges,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.