indexer

package
v1.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 28, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Package = "package"
)

Variables

This section is empty.

Functions

func EcosystemsToScanners

func EcosystemsToScanners(ctx context.Context, ecosystems []*Ecosystem) ([]PackageScanner, []DistributionScanner, []RepositoryScanner, []FileScanner, error)

EcosystemsToScanners extracts and dedupes multiple ecosystems and returns their discrete scanners.

Types

type Coalescer

type Coalescer interface {
	Coalesce(ctx context.Context, artifacts []*LayerArtifacts) (*claircore.IndexReport, error)
}

Coalescer takes a set of layers and creates coalesced IndexReport.

A coalesced IndexReport should provide only the packages present in the final container image once all layers were applied.

type ConfigDeserializer

type ConfigDeserializer func(interface{}) error

ConfigDeserializer can be thought of as an Unmarshal function with the byte slice provided.

This will typically be something like (*json.Decoder).Decode.

type ConfigurableScanner

type ConfigurableScanner interface {
	Configure(context.Context, ConfigDeserializer) error
}

ConfigurableScanner is an interface scanners can implement to receive configuration.

type DefaultRepoScanner

type DefaultRepoScanner interface {
	DefaultRepository(context.Context) *claircore.Repository
}

DefaultRepoScanner provides a DefaultRepository method to allow Package Scanners to define what the default repository should be if the Scanner returned packages. This is useful to avoid having a dedicated RepositoryScanner for an ecosystem that largely duplicates the work of the PackageScanner and would always return the same pre-defined repository.

type DistributionScanner

type DistributionScanner interface {
	VersionedScanner
	Scan(context.Context, *claircore.Layer) ([]*claircore.Distribution, error)
}

DistributionScanner reports the Distributions found in a given layer.

type Ecosystem

type Ecosystem struct {
	PackageScanners      func(ctx context.Context) ([]PackageScanner, error)
	DistributionScanners func(ctx context.Context) ([]DistributionScanner, error)
	RepositoryScanners   func(ctx context.Context) ([]RepositoryScanner, error)
	FileScanners         func(ctx context.Context) ([]FileScanner, error)
	Coalescer            func(ctx context.Context) (Coalescer, error)
	Name                 string
}

Ecosystems group together scanners and a Coalescer which are commonly used together.

A typical ecosystem is "dpkg" which will use the "dpkg" package indexer, the "os-release" distribution scanner and the "apt" repository scanner.

A Controller will scan layers with all scanners present in its configured ecosystems.

type FetchArena

type FetchArena interface {
	Realizer(context.Context) Realizer
	Close(context.Context) error
}

FetchArena does coordination and global refcounting.

type FileScanner

type FileScanner interface {
	VersionedScanner
	Scan(context.Context, *claircore.Layer) ([]claircore.File, error)
}

FileScanner reports the Files found in a given layer.

type Indexer

type Indexer interface {
	// IndexPackages indexes a package into the persistence layer.
	IndexPackages(ctx context.Context, pkgs []*claircore.Package, layer *claircore.Layer, scnr VersionedScanner) error
	// IndexDistributions indexes distributions into the persistence layer.
	IndexDistributions(ctx context.Context, dists []*claircore.Distribution, layer *claircore.Layer, scnr VersionedScanner) error
	// IndexRepositories indexes repositories into the persistence layer.
	IndexRepositories(ctx context.Context, repos []*claircore.Repository, layer *claircore.Layer, scnr VersionedScanner) error
	// IndexFiles indexes the interesting files into the persistence layer.
	IndexFiles(ctx context.Context, files []claircore.File, layer *claircore.Layer, scnr VersionedScanner) error
	// IndexManifest should index the coalesced manifest's content given an IndexReport.
	IndexManifest(ctx context.Context, ir *claircore.IndexReport) error
}

Indexer interface provide the method set required for indexing layer and manifest contents into a persistent store.

type LayerArtifacts

type LayerArtifacts struct {
	Hash  claircore.Digest
	Pkgs  []*claircore.Package
	Dist  []*claircore.Distribution // each layer can only have a single distribution
	Repos []*claircore.Repository
	Files []claircore.File
}

LayerArifact aggregates the artifacts found within a layer.

type LayerScanner

type LayerScanner struct {
	// contains filtered or unexported fields
}

func NewLayerScanner

func NewLayerScanner(ctx context.Context, concurrent int, opts *Options) (*LayerScanner, error)

NewLayerScanner is the constructor for a LayerScanner.

The provided Context is only used for the duration of the call.

func (*LayerScanner) Scan

func (ls *LayerScanner) Scan(ctx context.Context, manifest claircore.Digest, layers []*claircore.Layer) error

Scan performs a concurrency controlled scan of each layer by each configured scanner, indexing the results on successful completion.

Scan will launch all layer scan goroutines immediately and then only allow the configured limit to proceed.

The provided Context controls cancellation for all scanners. The first error reported halts all work and is returned from Scan.

type Options

type Options struct {
	Client        *http.Client
	ScannerConfig struct {
		Package, Dist, Repo, File map[string]func(interface{}) error
	}
	Store        Store
	LayerScanner *LayerScanner
	FetchArena   FetchArena
	Ecosystems   []*Ecosystem
	Resolvers    []Resolver
	Vscnrs       VersionedScanners
}

Options are options to instantiate a indexer

type PackageScanner

type PackageScanner interface {
	VersionedScanner
	// Scan performs a package scan on the given layer and returns all
	// the found packages
	Scan(context.Context, *claircore.Layer) ([]*claircore.Package, error)
}

PackageScanner provides an interface for unique identification or a PackageScanner and a Scan method for extracting installed packages from an individual container layer

func NewPackageScannerMock

func NewPackageScannerMock(name, version, kind string) PackageScanner

type Querier

type Querier interface {
	// ManifestScanned returns whether the given manifest was scanned by the provided scanners.
	ManifestScanned(ctx context.Context, hash claircore.Digest, scnrs VersionedScanners) (bool, error)
	// LayerScanned returns whether the given layer was scanned by the provided scanner.
	LayerScanned(ctx context.Context, hash claircore.Digest, scnr VersionedScanner) (bool, error)
	// PackagesByLayer gets all the packages found in a layer limited by the provided scanners.
	PackagesByLayer(ctx context.Context, hash claircore.Digest, scnrs VersionedScanners) ([]*claircore.Package, error)
	// DistributionsByLayer gets all the distributions found in a layer limited by the provided scanners.
	DistributionsByLayer(ctx context.Context, hash claircore.Digest, scnrs VersionedScanners) ([]*claircore.Distribution, error)
	// RepositoriesByLayer gets all the repositories found in a layer limited by the provided scanners.
	RepositoriesByLayer(ctx context.Context, hash claircore.Digest, scnrs VersionedScanners) ([]*claircore.Repository, error)
	// FilesByLayer gets all the interesting files found in a layer limited by the provided scanners.
	FilesByLayer(ctx context.Context, hash claircore.Digest, scnrs VersionedScanners) ([]claircore.File, error)
	// IndexReport attempts to retrieve a persisted IndexReport.
	IndexReport(ctx context.Context, hash claircore.Digest) (*claircore.IndexReport, bool, error)
	// AffectedManifests returns a list of manifest digests which the target vulnerability
	// affects.
	AffectedManifests(ctx context.Context, v claircore.Vulnerability, f claircore.CheckVulnernableFunc) ([]claircore.Digest, error)
}

Querier interface provides the method set to ascertain indexed artifacts and query whether a layer or manifest has been scanned.

type RPCScanner

type RPCScanner interface {
	Configure(context.Context, ConfigDeserializer, *http.Client) error
}

RPCScanner is an interface scanners can implement to receive configuration and denote that they expect to be able to talk to the network at run time.

type Realizer

type Realizer interface {
	Realize(context.Context, []*claircore.Layer) error
	Close() error
}

Realizer is responsible for downloading a layer, uncompressing if necessary, and making the uncompressed tar contents available for reading.

type RepositoryScanner

type RepositoryScanner interface {
	VersionedScanner
	Scan(context.Context, *claircore.Layer) ([]*claircore.Repository, error)
}

type Resolver

type Resolver interface {
	Resolve(context.Context, *claircore.IndexReport, []*claircore.Layer) *claircore.IndexReport
}

Resolver is used for any reasoning that needs to be done with all the layers in context.

Resolvers are called at the end of the coalesce step when reports from separate scanners are merged.

type Setter

type Setter interface {
	// PersistManifest must store the presence of a manifest and it's layers into the system.
	//
	// Typically this will write into identity tables so later methods have a foreign key
	// to reference and data integrity is applied.
	PersistManifest(ctx context.Context, manifest claircore.Manifest) error
	// DeleteManifests removes the manifests indicated by the passed digests
	// from the backing store.
	DeleteManifests(context.Context, ...claircore.Digest) ([]claircore.Digest, error)

	// SetLayerScanned marks the provided layer hash successfully scanned by the provided versioned scanner.
	//
	// After this method is returned a call to Querier.LayerScanned with the same arguments must return true.
	SetLayerScanned(ctx context.Context, hash claircore.Digest, scnr VersionedScanner) error
	// RegisterPackageScanners registers the provided scanners with the persistence layer.
	RegisterScanners(ctx context.Context, scnrs VersionedScanners) error
	// SetIndexReport persists the current state of the IndexReport.
	//
	// IndexReports maybe in intermediate states to provide feedback for clients. this method should be
	// used to communicate scanning state updates. to signal the scan has completely successfully
	// see SetIndexFinished.
	SetIndexReport(context.Context, *claircore.IndexReport) error
	// SetIndexFinished marks a scan successfully completed.
	//
	// After this method returns a call to Querier.ManifestScanned with the manifest hash represted in the provided IndexReport
	// must return true.
	//
	// Also a call to Querier.IndexReport with the manifest hash represted in the provided IndexReport must return the IndexReport
	// in finished state.
	SetIndexFinished(ctx context.Context, sr *claircore.IndexReport, scnrs VersionedScanners) error
}

Setter interface provides the method set for required marking events, or registering components, associated with an Index operation.

type Store

type Store interface {
	Setter
	Querier
	Indexer
	// Close frees any resources associated with the Store.
	Close(context.Context) error
}

Store is an interface for dealing with objects libindex needs to persist. Stores may be implemented per storage backend.

type VersionedScanner

type VersionedScanner interface {
	// unique name of the distribution scanner.
	Name() string
	// version of this scanner. this information will be persisted with the scan.
	Version() string
	// the kind of scanner. currently only package is implemented
	Kind() string
}

VersionedScanner can be embedded into specific scanner types. This allows for methods and functions which only need to compare names and versions of scanners not to require each scanner type as an argument.

type VersionedScanners

type VersionedScanners []VersionedScanner

VersionedScanners implements a list with construction methods not concurrency safe

func MergeVS

func MergeVS(pscnr []PackageScanner, dscnr []DistributionScanner, rscnr []RepositoryScanner, fscnr []FileScanner) VersionedScanners

MergeVS merges lists of scanners into a single list of VersionedScanner types

func (*VersionedScanners) DStoVS

func (vs *VersionedScanners) DStoVS(scnrs []DistributionScanner)

DStoVS takes an array of DistributionScanners and appends VersionedScanners with VersionScanner types.

func (*VersionedScanners) FStoVS

func (vs *VersionedScanners) FStoVS(scnrs []FileScanner)

FStoVS takes an array of FileScanners and appends VersionedScanners with VersionScanner types.

func (*VersionedScanners) PStoVS

func (vs *VersionedScanners) PStoVS(scnrs []PackageScanner)

func (*VersionedScanners) RStoVS

func (vs *VersionedScanners) RStoVS(scnrs []RepositoryScanner)

RStoVS takes an array of RepositoryScanners and appends VersionedScanners with VersionScanner types.

func (VersionedScanners) VStoDS

func (vs VersionedScanners) VStoDS() []DistributionScanner

VStoDS returns an array of DistributionScanners

func (VersionedScanners) VStoPS

func (vs VersionedScanners) VStoPS() []PackageScanner

VStoPS returns an array of PackageScanners

func (VersionedScanners) VStoRS

func (vs VersionedScanners) VStoRS() []RepositoryScanner

VStoRS returns an array of RepositoryScanners

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL