Documentation
¶
Overview ¶
Package matcher implements claircore's advisory matching engine.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EnrichedMatch ¶ added in v0.5.0
func EnrichedMatch(ctx context.Context, ir *claircore.IndexReport, ms []driver.Matcher, es []driver.Enricher, s Store) (*claircore.VulnerabilityReport, error)
EnrichedMatch receives an IndexReport and creates a VulnerabilityReport containing matched vulnerabilities and any relevant enrichments.
func Match ¶ added in v0.0.10
func Match(ctx context.Context, ir *claircore.IndexReport, matchers []driver.Matcher, store datastore.Vulnerability) (*claircore.VulnerabilityReport, error)
Match receives an IndexReport and creates a VulnerabilityReport containing matched vulnerabilities
Types ¶
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller is a control structure used to find vulnerabilities affecting a set of packages.
func NewController ¶
func NewController(m driver.Matcher, store datastore.Vulnerability) *Controller
NewController is a constructor for a Controller
func (*Controller) Match ¶
func (mc *Controller) Match(ctx context.Context, records []*claircore.IndexRecord) (map[string][]*claircore.Vulnerability, error)
Match is the entrypoint for Controller.
type Store ¶ added in v0.5.0
type Store interface {
datastore.Vulnerability
datastore.Enrichment
}
Store is the interface that can retrieve Enrichments and Vulnerabilities.
Notes ¶
Bugs ¶
Match and EnrichedMatch have different semantics for errors returned by their inferior processes: Match runs all of them to completion or the incoming Context is canceled. EnrichedMatch eagerly cancels all Matchers upon the first error, ala "errgroup" semantics but purposefully does not return errors on any Enricher errors. If I recall correctly, this was on purpose. The Match function is probably obsolete now; we should work on removing it from the relevant APIs.
Source Files