-
Notifications
You must be signed in to change notification settings - Fork 2.3k
/
target.go
92 lines (72 loc) · 2.12 KB
/
target.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package types
import (
"github.com/samber/lo"
"golang.org/x/exp/slices"
)
// VulnType represents vulnerability type
type VulnType = string
// Scanner represents the type of security scanning
type Scanner string
// Scanners is a slice of scanners
type Scanners []Scanner
const (
// VulnTypeUnknown is a vulnerability type of unknown
VulnTypeUnknown = VulnType("unknown")
// VulnTypeOS is a vulnerability type of OS packages
VulnTypeOS = VulnType("os")
// VulnTypeLibrary is a vulnerability type of programming language dependencies
VulnTypeLibrary = VulnType("library")
// UnknownScanner is the scanner of unknown
UnknownScanner = Scanner("unknown")
// NoneScanner is the scanner of none
NoneScanner = Scanner("none")
// VulnerabilityScanner is the scanner of vulnerabilities
VulnerabilityScanner = Scanner("vuln")
// MisconfigScanner is the scanner of misconfigurations
MisconfigScanner = Scanner("config")
// SecretScanner is the scanner of secrets
SecretScanner = Scanner("secret")
// RBACScanner is the scanner of rbac assessment
RBACScanner = Scanner("rbac")
// LicenseScanner is the scanner of licenses
LicenseScanner = Scanner("license")
)
var (
VulnTypes = []string{
VulnTypeOS,
VulnTypeLibrary,
}
AllScanners = Scanners{
VulnerabilityScanner,
MisconfigScanner,
RBACScanner,
SecretScanner,
LicenseScanner,
NoneScanner,
}
// AllImageConfigScanners has a list of available scanners on container image config.
// The container image in container registries consists of manifest, config and layers.
// Trivy is also able to detect security issues on the image config.
AllImageConfigScanners = Scanners{
MisconfigScanner,
SecretScanner,
NoneScanner,
}
)
func (scanners Scanners) Enabled(s Scanner) bool {
return slices.Contains(scanners, s)
}
// AnyEnabled returns true if any of the passed scanners is included.
func (scanners Scanners) AnyEnabled(ss ...Scanner) bool {
for _, s := range ss {
if scanners.Enabled(s) {
return true
}
}
return false
}
func (scanners Scanners) StringSlice() []string {
return lo.Map(scanners, func(s Scanner, _ int) string {
return string(s)
})
}