Documentation ¶
Index ¶
- Constants
- Variables
- func IsEmptyLayer(blobSum digest.Digest) bool
- func Log(format string, args ...interface{})
- func Quiet(format string, args ...interface{})
- type Clair
- func (c *Clair) DeleteLayer(name string) error
- func (c *Clair) GetLayer(name string, features, vulnerabilities bool) (*Layer, error)
- func (c *Clair) NewClairLayer(r *registry.Registry, image string, fsLayers []schema1.FSLayer, index int) (*Layer, error)
- func (c *Clair) PostLayer(layer *Layer) (*Layer, error)
- func (c *Clair) Vulnerabilities(r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
- type Error
- type ErrorTransport
- type Layer
- type LogfCallback
- type Vulnerability
- type VulnerabilityReport
Constants ¶
const ( // EmptyLayerBlobSum is the blob sum of empty layers. EmptyLayerBlobSum = "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4" // LegacyEmptyLayerBlobSum is the blob sum of empty layers used by docker // before it could support a truly empty layer. LegacyEmptyLayerBlobSum = "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" )
Variables ¶
var ( // Priorities are the vulnerability priority labels. Priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1", "Fixable"} )
Functions ¶
func IsEmptyLayer ¶
func IsEmptyLayer(blobSum digest.Digest) bool
IsEmptyLayer determines whether the blob sum is one of the known empty layers.
Types ¶
type Clair ¶
type Clair struct { URL string Client *http.Client Logf LogfCallback }
Clair defines the client for retriving information from the clair API.
func (*Clair) DeleteLayer ¶
DeleteLayer removes a layer reference from clair.
func (*Clair) GetLayer ¶
GetLayer displays a Layer and optionally all of its features and vulnerabilities.
func (*Clair) NewClairLayer ¶
func (c *Clair) NewClairLayer(r *registry.Registry, image string, fsLayers []schema1.FSLayer, index int) (*Layer, error)
NewClairLayer will form a layer struct required for a clar scan
func (*Clair) Vulnerabilities ¶
func (c *Clair) Vulnerabilities(r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
Vulnerabilities scans the given repo and tag
type Error ¶
type Error struct {
Message string `json:"Message,omitempty"`
}
Error describes the structure of a clair error.
type ErrorTransport ¶
type ErrorTransport struct {
Transport http.RoundTripper
}
ErrorTransport defines the data structure for returning errors from the round tripper.
type Layer ¶
type Layer struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` Path string `json:"Path,omitempty"` Headers map[string]string `json:"Headers,omitempty"` ParentName string `json:"ParentName,omitempty"` Format string `json:"Format,omitempty"` IndexedByVersion int `json:"IndexedByVersion,omitempty"` Features []feature `json:"Features,omitempty"` }
Layer represents an image layer.
type LogfCallback ¶
type LogfCallback func(format string, args ...interface{})
LogfCallback is the callback for formatting logs.
type Vulnerability ¶
type Vulnerability struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` Description string `json:"Description,omitempty"` Link string `json:"Link,omitempty"` Severity string `json:"Severity,omitempty"` Metadata map[string]interface{} `json:"Metadata,omitempty"` FixedBy string `json:"FixedBy,omitempty"` FixedIn []feature `json:"FixedIn,omitempty"` }
Vulnerability represents vulnerability entity returned by Clair.
type VulnerabilityReport ¶
type VulnerabilityReport struct { RegistryURL string Repo string Tag string Date string Vulns []Vulnerability VulnsBySeverity map[string][]Vulnerability BadVulns int }
VulnerabilityReport represents the result of a vulnerability scan of a repo.