Documentation ¶
Index ¶
- Constants
- Variables
- func DBUrl(release Release, repo Repo) string
- func NewEcosystem(ctx context.Context) *indexer.Ecosystem
- type Coalescer
- type Details
- type Matcher
- type Option
- type Package
- type Release
- type Repo
- type Scanner
- type SecurityDB
- type Updater
- func (u *Updater) Fetch() (io.ReadCloser, string, error)
- func (u *Updater) FetchContext(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error)
- func (u *Updater) Name() string
- func (u *Updater) Parse(r io.ReadCloser) ([]*claircore.Vulnerability, error)
- func (u *Updater) ParseContext(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error)
Constants ¶
const ( Name = "Alpine Linux" ID = "alpine" )
Common os-release fields applicable for *claircore.Distribution usage.
Variables ¶
var ReleaseToPrettyName = map[Release]string{ V3_10: "Alpine Linux v3.10", V3_9: "Alpine Linux v3.9", V3_8: "Alpine Linux v3.8", V3_7: "Alpine Linux v3.7", V3_6: "Alpine Linux v3.6", V3_5: "Alpine Linux v3.5", V3_4: "Alpine Linux v3.4", V3_3: "Alpine Linux v3.3", }
ReleaseToPrettyName maps a Release to the PrettyName found in alpine's os-release file.
Official Alpine images consistantly have a Pretty_Name field in their os-release files.
Functions ¶
Types ¶
type Coalescer ¶
type Coalescer struct {
// contains filtered or unexported fields
}
Coalescer takes individual layer artifacts and coalesces them to form the final image's package results
It is expected to run a coalescer per "ecosystem". For example it would make sense to coalesce results for dpkg, os-release, and apt scanners
func NewCoalescer ¶
NewCoalescer is a constructor for a Coalescer
func (*Coalescer) Coalesce ¶
func (c *Coalescer) Coalesce(ctx context.Context, layers []*claircore.Layer) (*claircore.IndexReport, error)
Coalesce coalesces artifacts found in layers and creates a final IndexReport with the final package details found in the image. This method blocks and when its finished the c.sr field will hold the final IndexReport
type Details ¶
type Details struct { Name string `yaml:"name"` // fixed package version string mapped to an array of CVE ids affecting the package Secfixes map[string][]string `yaml:"secfixes"` }
Details define a package's name and security fixes for said package
type Matcher ¶
type Matcher struct{}
func (*Matcher) Vulnerable ¶
func (*Matcher) Vulnerable(record *claircore.IndexRecord, vuln *claircore.Vulnerability) bool
type Scanner ¶
type Scanner struct{}
Scanner scans for packages in an apk database.
The zero value is ready to use.
type SecurityDB ¶
type SecurityDB struct { Distroversion string `yaml:"distroversion"` Reponame string `yaml:"reponame"` Urlprefix string `yaml:"urlprefix"` Apkurl string `yaml:"apkurl"` Packages []Package `yaml:"packages"` }
SecurityDB is the yaml security database structure
type Updater ¶
type Updater struct {
// contains filtered or unexported fields
}
func NewUpdater ¶
NewUpdater returns an updater configured according to the provided Options.
func (*Updater) FetchContext ¶
func (u *Updater) FetchContext(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error)
func (*Updater) Parse ¶
func (u *Updater) Parse(r io.ReadCloser) ([]*claircore.Vulnerability, error)
func (*Updater) ParseContext ¶
func (u *Updater) ParseContext(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error)