Documentation ¶
Index ¶
- Constants
- Variables
- func IsEmptyLayer(blobSum digest.Digest) bool
- func Log(format string, args ...interface{})
- func Quiet(format string, args ...interface{})
- type Clair
- func (c *Clair) Close() error
- func (c *Clair) DeleteLayer(ctx context.Context, name string) error
- func (c *Clair) GetAncestry(ctx context.Context, name string) (*clairpb.GetAncestryResponse_Ancestry, error)
- func (c *Clair) GetLayer(ctx context.Context, name string, features, vulnerabilities bool) (*Layer, error)
- func (c *Clair) NewClairLayer(ctx context.Context, r *registry.Registry, image string, ...) (*Layer, error)
- func (c *Clair) NewClairV3Layer(ctx context.Context, r *registry.Registry, image string, ...) (*clairpb.PostAncestryRequest_PostLayer, error)
- func (c *Clair) PostAncestry(ctx context.Context, name string, ...) error
- func (c *Clair) PostLayer(ctx context.Context, layer *Layer) (*Layer, error)
- func (c *Clair) Vulnerabilities(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
- func (c *Clair) VulnerabilitiesV3(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
- type Error
- type ErrorTransport
- type Layer
- type LogfCallback
- type Opt
- type Vulnerability
- type VulnerabilityReport
Constants ¶
const ( // EmptyLayerBlobSum is the blob sum of empty layers. EmptyLayerBlobSum = "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4" // LegacyEmptyLayerBlobSum is the blob sum of empty layers used by docker // before it could support a truly empty layer. LegacyEmptyLayerBlobSum = "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" )
Variables ¶
var ( // ErrNilGRPCConn holds the error for when the grpc connection is nil. ErrNilGRPCConn = errors.New("grpcConn cannot be nil") )
var ( // Priorities are the vulnerability priority labels. Priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1", "Fixable"} )
Functions ¶
func IsEmptyLayer ¶
func IsEmptyLayer(blobSum digest.Digest) bool
IsEmptyLayer determines whether the blob sum is one of the known empty layers.
Types ¶
type Clair ¶
type Clair struct { URL string Client *http.Client Logf LogfCallback // contains filtered or unexported fields }
Clair defines the client for retrieving information from the clair API.
func (*Clair) DeleteLayer ¶
DeleteLayer removes a layer reference from clair.
func (*Clair) GetAncestry ¶ added in v0.13.2
func (c *Clair) GetAncestry(ctx context.Context, name string) (*clairpb.GetAncestryResponse_Ancestry, error)
GetAncestry displays an ancestry and all of its features and vulnerabilities.
func (*Clair) GetLayer ¶
func (c *Clair) GetLayer(ctx context.Context, name string, features, vulnerabilities bool) (*Layer, error)
GetLayer displays a Layer and optionally all of its features and vulnerabilities.
func (*Clair) NewClairLayer ¶
func (c *Clair) NewClairLayer(ctx context.Context, r *registry.Registry, image string, fsLayers map[int]distribution.Descriptor, index int) (*Layer, error)
NewClairLayer will form a layer struct required for a clair scan.
func (*Clair) NewClairV3Layer ¶ added in v0.13.2
func (c *Clair) NewClairV3Layer(ctx context.Context, r *registry.Registry, image string, fsLayer distribution.Descriptor) (*clairpb.PostAncestryRequest_PostLayer, error)
NewClairV3Layer will form a layer struct required for a clair scan.
func (*Clair) PostAncestry ¶ added in v0.13.2
func (c *Clair) PostAncestry(ctx context.Context, name string, layers []*clairpb.PostAncestryRequest_PostLayer) error
PostAncestry performs the analysis of all layers from the provided path.
func (*Clair) Vulnerabilities ¶
func (c *Clair) Vulnerabilities(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
Vulnerabilities scans the given repo and tag.
func (*Clair) VulnerabilitiesV3 ¶ added in v0.13.2
func (c *Clair) VulnerabilitiesV3(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
VulnerabilitiesV3 scans the given repo and tag using the clair v3 API.
type Error ¶
type Error struct {
Message string `json:"Message,omitempty"`
}
Error describes the structure of a clair error.
type ErrorTransport ¶
type ErrorTransport struct {
Transport http.RoundTripper
}
ErrorTransport defines the data structure for returning errors from the round tripper.
type Layer ¶
type Layer struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` Path string `json:"Path,omitempty"` Headers map[string]string `json:"Headers,omitempty"` ParentName string `json:"ParentName,omitempty"` Format string `json:"Format,omitempty"` IndexedByVersion int `json:"IndexedByVersion,omitempty"` Features []feature `json:"Features,omitempty"` }
Layer represents an image layer.
type LogfCallback ¶
type LogfCallback func(format string, args ...interface{})
LogfCallback is the callback for formatting logs.
type Vulnerability ¶
type Vulnerability struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` Description string `json:"Description,omitempty"` Link string `json:"Link,omitempty"` Severity string `json:"Severity,omitempty"` Metadata map[string]interface{} `json:"Metadata,omitempty"` FixedBy string `json:"FixedBy,omitempty"` FixedIn []feature `json:"FixedIn,omitempty"` }
Vulnerability represents vulnerability entity returned by Clair.
type VulnerabilityReport ¶
type VulnerabilityReport struct { Name string RegistryURL string Repo string Tag string Date string Vulns []Vulnerability VulnsBySeverity map[string][]Vulnerability BadVulns int }
VulnerabilityReport represents the result of a vulnerability scan of a repo.