Documentation
¶
Index ¶
- Constants
- type ControllerFactory
- type FetchArena
- type FetchProxy
- type HTTP
- type Libindex
- func (l *Libindex) AffectedManifests(ctx context.Context, vulns []claircore.Vulnerability) (*claircore.AffectedManifests, error)
- func (l *Libindex) Close(ctx context.Context) error
- func (l *Libindex) DeleteManifests(ctx context.Context, d ...claircore.Digest) ([]claircore.Digest, error)
- func (l *Libindex) Index(ctx context.Context, manifest *claircore.Manifest) (*claircore.IndexReport, error)
- func (l *Libindex) IndexReport(ctx context.Context, hash claircore.Digest) (*claircore.IndexReport, bool, error)
- func (l *Libindex) State(ctx context.Context) (string, error)
- type Opts
Examples ¶
Constants ¶
const ( DefaultScanLockRetry = 5 * time.Second DefaultLayerScanConcurrency = 10 DefaultLayerFetchOpt = indexer.OnDisk )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ControllerFactory ¶
type ControllerFactory func(_ context.Context, lib *Libindex, opts *Opts) (*controller.Controller, error)
ControllerFactory is a factory method to return a Controller during libindex runtime.
type FetchArena ¶ added in v1.1.0
type FetchArena struct {
// contains filtered or unexported fields
}
FetchArena is a struct that keeps track of all the layers fetched into it, and only removes them once all the users have gone away.
Exported for use in cctool. If cctool goes away, this can get unexported.
func (*FetchArena) Close ¶ added in v1.1.0
func (a *FetchArena) Close(ctx context.Context) error
Close removes all files left in the arena.
It's not an error to have active fetchers, but may cause errors to have files unlinked underneath their users.
func (*FetchArena) Fetcher ¶ added in v1.1.0
func (a *FetchArena) Fetcher() *FetchProxy
Fetcher returns an indexer.Fetcher.
type FetchProxy ¶ added in v1.1.0
type FetchProxy struct {
// contains filtered or unexported fields
}
FetchProxy tracks the files fetched for layers.
This can be unexported if FetchArena gets unexported.
func (*FetchProxy) Close ¶ added in v1.1.0
func (p *FetchProxy) Close() error
Close marks all the layers' backing files as unused.
This method may actually delete the backing files.
type HTTP ¶ added in v0.0.10
func NewHandler ¶ added in v0.0.10
func (*HTTP) AffectedManifests ¶ added in v0.0.24
func (h *HTTP) AffectedManifests(w http.ResponseWriter, r *http.Request)
func (*HTTP) IndexReport ¶ added in v0.0.10
func (h *HTTP) IndexReport(w http.ResponseWriter, r *http.Request)
type Libindex ¶
type Libindex struct {
// holds dependencies for creating a libindex instance
*Opts
// contains filtered or unexported fields
}
Libindex implements the method set for scanning and indexing a Manifest.
Example ¶
package main
import (
"context"
"net/http"
"github.com/quay/claircore"
"github.com/quay/claircore/libindex"
)
func main() {
ctx := context.TODO()
opts := &libindex.Opts{
Migrations: true,
// see definition for more configuration options
}
lib, err := libindex.New(ctx, opts, http.DefaultClient)
if err != nil {
panic(err)
}
m := &claircore.Manifest{}
ir, err := lib.Index(ctx, m)
if err != nil {
panic(err)
}
if ir.State == "IndexError" {
panic(ir.Err)
}
}
Output:
func New ¶
New creates a new instance of libindex.
The passed http.Client will be used for fetching layers and any HTTP requests made by scanners.
func (*Libindex) AffectedManifests ¶ added in v0.0.24
func (l *Libindex) AffectedManifests(ctx context.Context, vulns []claircore.Vulnerability) (*claircore.AffectedManifests, error)
AffectedManifests retrieves a list of affected manifests when provided a list of vulnerabilities.
func (*Libindex) DeleteManifests ¶ added in v1.2.0
func (l *Libindex) DeleteManifests(ctx context.Context, d ...claircore.Digest) ([]claircore.Digest, error)
DeleteManifests removes manifests specified by the provided digests.
Providing an unknown digest is not an error.
func (*Libindex) Index ¶
func (l *Libindex) Index(ctx context.Context, manifest *claircore.Manifest) (*claircore.IndexReport, error)
Index performs a scan and index of each layer within the provided Manifest.
If the index operation cannot start an error will be returned. If an error occurs during scan the error will be propagated inside the IndexReport.
type Opts ¶
type Opts struct {
// The connection string for the data store.
//
// TODO(hank) This should be a factory function so the data store can be
// a clean abstraction.
ConnString string
// how often we should try to acquire a lock for scanning a given manifest if lock is taken
ScanLockRetry time.Duration
// the number of layers to be scanned in parallel.
LayerScanConcurrency int
// how we store layers we fetch remotely. see LayerFetchOpt type def above for more details
LayerFetchOpt indexer.LayerFetchOpt
// NoLayerValidation controls whether layers are checked to actually be
// content-addressed. With this option toggled off, callers can trigger
// layers to be indexed repeatedly by changing the identifier in the
// manifest.
NoLayerValidation bool
// set to true to have libindex check and potentially run migrations
Migrations bool
// provides an alternative method for creating a scanner during libindex runtime
// if nil the default factory will be used. useful for testing purposes
ControllerFactory ControllerFactory
// a list of ecosystems to use which define which package databases and coalescing methods we use
Ecosystems []*indexer.Ecosystem
// Airgap should be set to disallow any scanners that mark themselves as
// making network calls.
Airgap bool
// ScannerConfig holds functions that can be passed into configurable
// scanners. They're broken out by kind, and only used if a scanner
// implements the appropriate interface.
//
// Providing a function for a scanner that's not expecting it is not a fatal
// error.
ScannerConfig struct {
Package, Dist, Repo map[string]func(interface{}) error
}
// contains filtered or unexported fields
}
Opts are dependencies and options for constructing an instance of libindex
Source Files
Directories