secscan

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2019 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// UnknownSeverity is either a security problem that has not been assigned to
	// a priority yet or a priority that our system did not recognize.
	UnknownSeverity = "Unknown"

	// NegligibleSeverity is technically a security problem, but is only
	// theoretical in nature, requires a very special situation, has almost no
	// install base, or does no real damage. These tend not to get backport from
	// upstream, and will likely not be included in security updates unless
	// there is an easy fix and some other issue causes an update.
	NegligibleSeverity = "Negligible"

	// LowSeverity is a security problem, but is hard to exploit due to
	// environment, requires a user-assisted attack, a small install base, or
	// does very little damage.  These tend to be included in security updates
	// only when higher priority issues require an update, or if many low
	// priority issues have built up.
	LowSeverity = "Low"

	// MediumSeverity is a real security problem, and is exploitable for many
	// people.  Includes network daemon denial of service attacks, cross-site
	// scripting, and gaining user privileges.  Updates should be made soon for
	// this priority of issue.
	MediumSeverity = "Medium"

	// HighSeverity is a real problem, exploitable for many people in a default
	// installation. Includes serious remote denial of services, local root
	// privilege escalations, or data loss.
	HighSeverity = "High"

	// CriticalSeverity is a world-burning problem, exploitable for nearly all
	// people in a default installation of Linux. Includes remote root privilege
	// escalations, or massive data loss.
	CriticalSeverity = "Critical"

	// Defcon1Severity is a Critical problem which has been manually highlighted
	// by the team. It requires an immediate attention.
	Defcon1Severity = "Defcon1"
)

Variables

View Source 
var Severities = []string{
	UnknownSeverity,
	NegligibleSeverity,
	LowSeverity,
	MediumSeverity,
	HighSeverity,
	CriticalSeverity,
	Defcon1Severity,
}

Severities lists all known severities, ordered from lowest to highest.

Functions

This section is empty.

Types

type AppCapabilities 

type AppCapabilities struct {
	AppName      string              `json:"appName"`
	Capabilities map[string]Template `json:"capabilities"`
}

type Client 

type Client struct{}

func NewClient 

func NewClient() (*Client, error)

func (*Client) GetLayerDataFromTemplate 

func (c *Client) GetLayerDataFromTemplate(template string, image *image.Image, features, vulnerabilities bool) (*Layer, error)

func (*Client) Wellknown 

func (c *Client) Wellknown(host, endpoint string) (WellknownInterface, error)

type Data 

type Data struct {
	Layer Layer `json:"Layer,omitempty"`
}

type Feature 

type Feature struct {
	Name            string           `json:"Name,omitempty"`
	NamespaceName   string           `json:"NamespaceName,omitempty"`
	VersionFormat   string           `json:"VersionFormat,omitempty"`
	Version         string           `json:"Version,omitempty"`
	Vulnerabilities []*Vulnerability `json:"Vulnerabilities,omitempty"`
	AddedBy         string           `json:"AddedBy,omitempty"`
}

func (*Feature) ToSecscanFeature 

func (f *Feature) ToSecscanFeature() *secscanv1alpha1.Feature

type Interface 

type Interface interface {
	Wellknown(host, endpoint string) (WellknownInterface, error)
	GetLayerDataFromTemplate(manifestTemplate string, image *image.Image, features, vulnerabilities bool) (*Layer, error)
}

type Layer 

type Layer struct {
	Name             string            `json:"Name,omitempty"`
	NamespaceName    string            `json:"NamespaceName,omitempty"`
	Path             string            `json:"Path,omitempty"`
	Headers          map[string]string `json:"Headers,omitempty"`
	ParentName       string            `json:"ParentName,omitempty"`
	Format           string            `json:"Format,omitempty"`
	IndexedByVersion int               `json:"IndexedByVersion,omitempty"`
	Features         []*Feature        `json:"Features,omitempty"`
}

type Response 

type Response struct {
	Status string `json:"status,omitempty"`
	Data   Data   `json:"data,omitempty"`
}

type Template 

type Template map[string]string

type Vulnerability 

type Vulnerability struct {
	Name          string          `json:"Name,omitempty"`
	NamespaceName string          `json:"NamespaceName,omitempty"`
	Description   string          `json:"Description,omitempty"`
	Link          string          `json:"Link,omitempty"`
	Severity      string          `json:"Severity,omitempty"`
	Metadata      json.RawMessage `json:"Metadata,omitempty"`
	FixedBy       string          `json:"FixedBy,omitempty"`
}

func (*Vulnerability) ToSecscanVulnerability 

func (v *Vulnerability) ToSecscanVulnerability() *secscanv1alpha1.Vulnerability

type WellknownClient 

type WellknownClient struct {
	// contains filtered or unexported fields
}

func NewWellknownClient 

func NewWellknownClient(host, wellKnownEndpoint string) (*WellknownClient, error)

func (*WellknownClient) ImageSecurityTemplate 

func (wc *WellknownClient) ImageSecurityTemplate() (string, error)

func (*WellknownClient) ManifestSecurityTemplate 

func (wc *WellknownClient) ManifestSecurityTemplate() (string, error)

func (*WellknownClient) RequestBaseURI 

func (wc *WellknownClient) RequestBaseURI() string

func (*WellknownClient) ViewImageTemplate 

func (wc *WellknownClient) ViewImageTemplate() (string, error)

type WellknownInterface 

type WellknownInterface interface {
	ViewImageTemplate() (string, error)
	ManifestSecurityTemplate() (string, error)
	ImageSecurityTemplate() (string, error)
}

Source Files

View all Source files

Directories

Path Synopsis
Code generated by counterfeiter.
 Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.