ecr_scan_reporter package ¶
Submodules ¶
ecr_scan_reporter.cli module ¶
Console script for ecr_scan_reporter.
ecr_scan_reporter.common module ¶
ecr_scan_reporter.ecr_scan_reporter module ¶
ecr_scan_reporter.images_scanner module ¶
Module to define images to scan.
- ecr_scan_reporter.images_scanner. define_images_to_scan ( images , duration_override = None , duration_env_key = None ) [source] ¶
-
Return the list of images that need to get a scan started
- Parameters
-
-
images ( list ) –
-
duration_override ( str ) –
-
duration_env_key ( str ) –
-
- Returns
-
List of images past the timestamp
- Return type
-
list
- ecr_scan_reporter.images_scanner. get_duration ( duration_exp = None , env_key = None ) [source] ¶
-
Function to define the time delta
- Parameters
-
-
duration_exp ( str ) –
-
env_key ( str ) –
-
- Returns
-
- ecr_scan_reporter.images_scanner. list_all_images ( repo_name , images = None , next_token = None , ecr_session = None ) [source] ¶
-
Retrieves all the images of a given repository
- Parameters
-
-
repo_name ( str ) –
-
images –
-
next_token –
-
ecr_session ( boto3.session.Session ) –
-
- Returns
-
- ecr_scan_reporter.images_scanner. scan_repo_images ( repo , repo_images = None , duration_override = None , no_scan_images = False , ecr_session = None ) [source] ¶
- ecr_scan_reporter.images_scanner. trigger_images_scan ( repo_name , images_to_scan , ecr_session = None ) [source] ¶
-
Function to trigger the image scanning
- Parameters
-
-
repo_name ( str ) – Name of the repository in your account registry
-
images_to_scan ( list ) – List of images to get a scan started for
-
ecr_session ( boto3.session.Session ) – override session
-
- Returns
-
- ecr_scan_reporter.images_scanner. update_all_images_timestamp ( repo_name , source_images , batch = False , ecr_session = None ) [source] ¶
-
Function to describe images to retrieve additional information (imagePushedAt) to then be able to evaluate whether we want to scan that image
- Parameters
-
-
repo_name ( str ) –
-
source_images ( list ) –
-
batch ( bool ) –
-
ecr_session ( boto3.session.Session ) –
-
ecr_scan_reporter.lambda_functions module ¶
Lambda function handler
- ecr_scan_reporter.lambda_functions. findings_handler ( event , context ) [source] ¶
-
Entry point fo lambda function
- Parameters
-
-
event ( dict ) –
-
context –
-
- Returns
-
- ecr_scan_reporter.lambda_functions. format_mail_message ( reason , report ) [source] ¶
-
Function to format a nice mail message with the breakdown of findings and thresholds
- Parameters
-
-
reason ( str ) –
-
report ( tuple ) –
-
- Returns
-
The mail string
- Return type
-
str
ecr_scan_reporter.repos_scanner module ¶
Main module.
- ecr_scan_reporter.repos_scanner. filter_repos_from_regexp ( repos_list , repos_names_filter = None ) [source] ¶
-
Function to filter repositories based their name and a regular expression
- Parameters
-
-
repos_list –
-
repos_names_filter –
-
- Returns
-
ecr_scan_reporter.services_scanner module ¶
- ecr_scan_reporter.services_scanner. build_services_images_registries ( roles = None , lambda_session = None ) [source] ¶
- ecr_scan_reporter.services_scanner. handle_ecs_discovery ( roles = None , lambda_session = None ) [source] ¶
- ecr_scan_reporter.services_scanner. list_all_task_definitions ( definitions = None , next_token = None , ecs_session = None ) [source] ¶
-
Simple recursive function to list all the task definitions into an account+region.
- Parameters
-
-
definitions ( list ) –
-
next_token ( str ) –
-
ecs_session ( boto3.session.Session ) –
-
- Returns
-
list of active task definitions
- Return type
-
list
- ecr_scan_reporter.services_scanner. list_container_definitions_images ( task_definition , ecs_session = None ) [source] ¶
-
Simple function to list the images of a given task definition
- Parameters
-
-
task_definition ( str ) –
-
ecs_session ( boto3.session.Session ) –
-
- Returns
-
list of images
- Return type
-
list
Module contents ¶
Top-level package for ECR Scan Reporter.