sources

package

v0.0.0-...-7a08299 Latest Latest Go to latest Published: Mar 7, 2025 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nais/v13s

Documentation ¶

Index ¶

Constants
Variables
type Cve
type Findings
type Severity
- func (s Severity) ToInt32() int32
type Source
- func NewDependencytrackSource(client dependencytrack.Client, log *logrus.Entry) Source
type SuppressedVulnerability
type Vulnerability
type VulnerabilityMatch
type VulnerabilityMetadata
type VulnerabilitySummary
type Workload

Constants ¶

View Source

const DependencytrackSourceName = "dependencytrack"

View Source

const SeverityCritical = Severity("CRITICAL")

View Source

const SeverityHigh = Severity("HIGH")

View Source

const SeverityLow = Severity("LOW")

View Source

const SeverityMedium = Severity("MEDIUM")

View Source

const SeverityUnassigned = Severity("UNASSIGNED")

Variables ¶

View Source

var ErrNoMetrics = fmt.Errorf("no metrics found")

View Source

var ErrNoProject = fmt.Errorf("no project found")

Functions ¶

This section is empty.

Types ¶

type Cve ¶

type Cve struct {
	Id          string
	Description string
	Title       string
	Link        string
	Severity    Severity
	References  map[string]string
}

type Findings ¶

type Findings struct {
	WorkloadRef     *Workload
	Vulnerabilities []*Vulnerability
}

type Severity ¶

type Severity string

func (Severity) ToInt32 ¶

func (s Severity) ToInt32() int32

type Source ¶

type Source interface {
	Name() string
	SuppressVulnerability(ctx context.Context, suppressedVulnerability *SuppressedVulnerability) error
	GetVulnerabilities(ctx context.Context, imageName, imageTag string, includeSuppressed bool) ([]*Vulnerability, error)
	// TODO: add includeSuppressed bool
	GetVulnerabilitySummary(ctx context.Context, imageName, imageTag string) (*VulnerabilitySummary, error)
	MaintainSuppressedVulnerabilities(ctx context.Context, suppressed []*SuppressedVulnerability) error
}

func NewDependencytrackSource ¶

func NewDependencytrackSource(client dependencytrack.Client, log *logrus.Entry) Source

TODO: add a cache? maybe for projects only?

type SuppressedVulnerability ¶

type SuppressedVulnerability struct {
	ImageName    string
	ImageTag     string
	CveId        string
	Package      string
	SuppressedBy string
	Reason       string
	State        string
	Suppressed   bool
	Metadata     VulnerabilityMetadata
}

type Vulnerability ¶

type Vulnerability struct {
	Package       string
	Suppressed    bool
	Cve           *Cve
	LatestVersion string
	Metadata      VulnerabilityMetadata
}

type VulnerabilityMatch ¶

type VulnerabilityMatch struct {
	Finding  client.Finding
	VulnId   string
	VulnUuid string
	Found    bool
}

type VulnerabilityMetadata ¶

type VulnerabilityMetadata interface {
}

type VulnerabilitySummary ¶

type VulnerabilitySummary struct {
	Id         string
	Critical   int32
	High       int32
	Medium     int32
	Low        int32
	Unassigned int32
	RiskScore  int32
}

type Workload ¶

type Workload struct {
	Cluster   string
	Namespace string
	Name      string
	Type      string
	ImageName string
	ImageTag  string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL