Documentation ¶
Index ¶
- func NewHasUniqueTagCheck(dockercfg string) *hasUniqueTagCheck
- type BasedOnUBICheck
- type HasLicenseCheck
- type HasModifiedFilesCheck
- type HasNoProhibitedPackagesCheck
- func (p *HasNoProhibitedPackagesCheck) Help() certification.HelpText
- func (p *HasNoProhibitedPackagesCheck) Metadata() certification.Metadata
- func (p *HasNoProhibitedPackagesCheck) Name() string
- func (p *HasNoProhibitedPackagesCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
- type HasRequiredLabelsCheck
- type MaxLayersCheck
- type RunAsNonRootCheck
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewHasUniqueTagCheck ¶
func NewHasUniqueTagCheck(dockercfg string) *hasUniqueTagCheck
Types ¶
type BasedOnUBICheck ¶
type BasedOnUBICheck struct {
LayerHashCheckEngine layerHashChecker
}
BasedOnUBICheck evaluates if the provided image is based on the Red Hat Universal Base Image.
func NewBasedOnUbiCheck ¶
func NewBasedOnUbiCheck(layerHashChecker layerHashChecker) *BasedOnUBICheck
func (*BasedOnUBICheck) Help ¶
func (p *BasedOnUBICheck) Help() certification.HelpText
func (*BasedOnUBICheck) Metadata ¶
func (p *BasedOnUBICheck) Metadata() certification.Metadata
func (*BasedOnUBICheck) Name ¶
func (p *BasedOnUBICheck) Name() string
func (*BasedOnUBICheck) Validate ¶
func (p *BasedOnUBICheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type HasLicenseCheck ¶
type HasLicenseCheck struct{}
HasLicenseCheck evaluates that the image contains a license definition available at /licenses.
func (*HasLicenseCheck) Help ¶
func (p *HasLicenseCheck) Help() certification.HelpText
func (*HasLicenseCheck) Metadata ¶
func (p *HasLicenseCheck) Metadata() certification.Metadata
func (*HasLicenseCheck) Name ¶
func (p *HasLicenseCheck) Name() string
func (*HasLicenseCheck) Validate ¶
func (p *HasLicenseCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type HasModifiedFilesCheck ¶
type HasModifiedFilesCheck struct{}
HasModifiedFilesCheck evaluates that no files from the base layer have been modified by subsequent layers by comparing the file list installed by Packages against the file list modified in subsequent layers.
func (HasModifiedFilesCheck) Help ¶
func (p HasModifiedFilesCheck) Help() certification.HelpText
func (HasModifiedFilesCheck) Metadata ¶
func (p HasModifiedFilesCheck) Metadata() certification.Metadata
func (HasModifiedFilesCheck) Name ¶
func (p HasModifiedFilesCheck) Name() string
func (*HasModifiedFilesCheck) Validate ¶
func (p *HasModifiedFilesCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type HasNoProhibitedPackagesCheck ¶
type HasNoProhibitedPackagesCheck struct{}
HasProhibitedPackages evaluates that the image does not contain prohibited packages, which refers to packages that are not redistributable without an appropriate license.
func (*HasNoProhibitedPackagesCheck) Help ¶
func (p *HasNoProhibitedPackagesCheck) Help() certification.HelpText
func (*HasNoProhibitedPackagesCheck) Metadata ¶
func (p *HasNoProhibitedPackagesCheck) Metadata() certification.Metadata
func (*HasNoProhibitedPackagesCheck) Name ¶
func (p *HasNoProhibitedPackagesCheck) Name() string
func (*HasNoProhibitedPackagesCheck) Validate ¶
func (p *HasNoProhibitedPackagesCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type HasRequiredLabelsCheck ¶
type HasRequiredLabelsCheck struct{}
HasRequiredLabelsCheck evaluates the image manifest to ensure that the appropriate metadata labels are present on the image asset as it exists in its current container registry.
func (*HasRequiredLabelsCheck) Help ¶
func (p *HasRequiredLabelsCheck) Help() certification.HelpText
func (*HasRequiredLabelsCheck) Metadata ¶
func (p *HasRequiredLabelsCheck) Metadata() certification.Metadata
func (*HasRequiredLabelsCheck) Name ¶
func (p *HasRequiredLabelsCheck) Name() string
func (*HasRequiredLabelsCheck) Validate ¶
func (p *HasRequiredLabelsCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type MaxLayersCheck ¶
type MaxLayersCheck struct{}
UnderLayerMaxCheck ensures that the image has less layers in its assembly than a predefined maximum.
func (*MaxLayersCheck) Help ¶
func (p *MaxLayersCheck) Help() certification.HelpText
func (*MaxLayersCheck) Metadata ¶
func (p *MaxLayersCheck) Metadata() certification.Metadata
func (*MaxLayersCheck) Name ¶
func (p *MaxLayersCheck) Name() string
func (*MaxLayersCheck) Validate ¶
func (p *MaxLayersCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)
type RunAsNonRootCheck ¶
type RunAsNonRootCheck struct{}
RunAsNonRootCheck evaluates the image to determine that the runtime UID is not 0, which correlates to the root user.
func (*RunAsNonRootCheck) Help ¶
func (p *RunAsNonRootCheck) Help() certification.HelpText
func (*RunAsNonRootCheck) Metadata ¶
func (p *RunAsNonRootCheck) Metadata() certification.Metadata
func (*RunAsNonRootCheck) Name ¶
func (p *RunAsNonRootCheck) Name() string
func (*RunAsNonRootCheck) Validate ¶
func (p *RunAsNonRootCheck) Validate(ctx context.Context, imgRef certification.ImageReference) (bool, error)