clair

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 17, 2023 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// EmptyLayerBlobSum is the blob sum of empty layers.
	EmptyLayerBlobSum = "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"

	// LegacyEmptyLayerBlobSum is the blob sum of empty layers used by docker
	// before it could support a truly empty layer.
	LegacyEmptyLayerBlobSum = "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"
)

Variables

View Source
var (
	// ErrNilGRPCConn holds the error for when the grpc connection is nil.
	ErrNilGRPCConn = errors.New("grpcConn cannot be nil")
)
View Source
var (
	// Priorities are the vulnerability priority labels.
	Priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1", "Fixable"}
)

Functions

func IsEmptyLayer

func IsEmptyLayer(blobSum digest.Digest) bool

IsEmptyLayer determines whether the blob sum is one of the known empty layers.

func Log

func Log(format string, args ...interface{})

Log passes log messages to the logging package.

func Quiet

func Quiet(format string, args ...interface{})

Quiet discards logs silently.

Types

type Clair

type Clair struct {
	URL    string
	Client *http.Client
	Logf   LogfCallback
	// contains filtered or unexported fields
}

Clair defines the client for retrieving information from the clair API.

func New

func New(url string, opt Opt) (*Clair, error)

New creates a new Clair struct with the given URL and credentials.

func (*Clair) Close added in v0.17.0

func (c *Clair) Close() error

Close closes the gRPC connection

func (*Clair) DeleteLayer

func (c *Clair) DeleteLayer(ctx context.Context, name string) error

DeleteLayer removes a layer reference from clair.

func (*Clair) GetAncestry added in v0.13.2

func (c *Clair) GetAncestry(ctx context.Context, name string) (*clairpb.GetAncestryResponse_Ancestry, error)

GetAncestry displays an ancestry and all of its features and vulnerabilities.

func (*Clair) GetLayer

func (c *Clair) GetLayer(ctx context.Context, name string, features, vulnerabilities bool) (*Layer, error)

GetLayer displays a Layer and optionally all of its features and vulnerabilities.

func (*Clair) NewClairLayer

func (c *Clair) NewClairLayer(ctx context.Context, r *registry.Registry, image string, fsLayers map[int]distribution.Descriptor, index int) (*Layer, error)

NewClairLayer will form a layer struct required for a clair scan.

func (*Clair) NewClairV3Layer added in v0.13.2

func (c *Clair) NewClairV3Layer(ctx context.Context, r *registry.Registry, image string, fsLayer distribution.Descriptor) (*clairpb.PostAncestryRequest_PostLayer, error)

NewClairV3Layer will form a layer struct required for a clair scan.

func (*Clair) PostAncestry added in v0.13.2

func (c *Clair) PostAncestry(ctx context.Context, name string, layers []*clairpb.PostAncestryRequest_PostLayer) error

PostAncestry performs the analysis of all layers from the provided path.

func (*Clair) PostLayer

func (c *Clair) PostLayer(ctx context.Context, layer *Layer) (*Layer, error)

PostLayer performs the analysis of a Layer from the provided path.

func (*Clair) Vulnerabilities

func (c *Clair) Vulnerabilities(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)

Vulnerabilities scans the given repo and tag.

func (*Clair) VulnerabilitiesV3 added in v0.13.2

func (c *Clair) VulnerabilitiesV3(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)

VulnerabilitiesV3 scans the given repo and tag using the clair v3 API.

type Error

type Error struct {
	Message string `json:"Message,omitempty"`
}

Error describes the structure of a clair error.

type ErrorTransport

type ErrorTransport struct {
	Transport http.RoundTripper
}

ErrorTransport defines the data structure for returning errors from the round tripper.

func (*ErrorTransport) RoundTrip

func (t *ErrorTransport) RoundTrip(request *http.Request) (*http.Response, error)

RoundTrip defines the round tripper for the error transport.

type Layer

type Layer struct {
	Name             string            `json:"Name,omitempty"`
	NamespaceName    string            `json:"NamespaceName,omitempty"`
	Path             string            `json:"Path,omitempty"`
	Headers          map[string]string `json:"Headers,omitempty"`
	ParentName       string            `json:"ParentName,omitempty"`
	Format           string            `json:"Format,omitempty"`
	IndexedByVersion int               `json:"IndexedByVersion,omitempty"`
	Features         []feature         `json:"Features,omitempty"`
}

Layer represents an image layer.

type LogfCallback

type LogfCallback func(format string, args ...interface{})

LogfCallback is the callback for formatting logs.

type Opt added in v0.13.1

type Opt struct {
	Debug    bool
	Insecure bool
	Timeout  time.Duration
}

Opt holds the options for a new clair client.

type Vulnerability

type Vulnerability struct {
	Name          string                 `json:"Name,omitempty"`
	NamespaceName string                 `json:"NamespaceName,omitempty"`
	Description   string                 `json:"Description,omitempty"`
	Link          string                 `json:"Link,omitempty"`
	Severity      string                 `json:"Severity,omitempty"`
	Metadata      map[string]interface{} `json:"Metadata,omitempty"`
	FixedBy       string                 `json:"FixedBy,omitempty"`
	FixedIn       []feature              `json:"FixedIn,omitempty"`
}

Vulnerability represents vulnerability entity returned by Clair.

type VulnerabilityReport

type VulnerabilityReport struct {
	Name            string
	RegistryURL     string
	Repo            string
	Tag             string
	Date            string
	Vulns           []Vulnerability
	VulnsBySeverity map[string][]Vulnerability
	BadVulns        int
}

VulnerabilityReport represents the result of a vulnerability scan of a repo.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL