def __init__(self, app, instance_keys, storage):
self.app = app
self._legacy_secscan_api = None
validator = V2SecurityConfigValidator(
app.config.get("FEATURE_SECURITY_SCANNER", False),
app.config.get("SECURITY_SCANNER_ENDPOINT", None),
)
if not validator.valid():
msg = "Failed to validate security scanner V2 configuration"
logger.warning(msg)
raise InvalidConfigurationException(msg)
url_scheme_and_hostname = URLSchemeAndHostname(
app.config["PREFERRED_URL_SCHEME"], app.config["SERVER_HOSTNAME"])
self._legacy_secscan_api = SecurityScannerAPI(
app.config,
storage,
app.config["SERVER_HOSTNAME"],
app.config["HTTPCLIENT"],
uri_creator=get_blob_download_uri_getter(
app.test_request_context("/"), url_scheme_and_hostname),
instance_keys=instance_keys,
)
def __init__(self, app, instance_keys, storage):
self.app = app
self._legacy_secscan_api = None
validator = V2SecurityConfigValidator(
app.config.get("FEATURE_SECURITY_SCANNER", False),
app.config.get("SECURITY_SCANNER_ENDPOINT"),
)
if not validator.valid():
msg = "Failed to validate security scanner V2 configuration"
logger.warning(msg)
raise InvalidConfigurationException(msg)
url_scheme_and_hostname = URLSchemeAndHostname(
app.config["PREFERRED_URL_SCHEME"], app.config["SERVER_HOSTNAME"])
self._legacy_secscan_api = SecurityScannerAPI(
app.config,
storage,
app.config["SERVER_HOSTNAME"],
app.config["HTTPCLIENT"],
uri_creator=get_blob_download_uri_getter(
app.test_request_context("/"), url_scheme_and_hostname),
instance_keys=instance_keys,
)
# NOTE: This import is in here because otherwise this class would depend upon app.
# Its not great, but as this is intended to be legacy until its removed, its okay.
from util.secscan.analyzer import LayerAnalyzer
self._target_version = app.config.get(
"SECURITY_SCANNER_ENGINE_VERSION_TARGET", 3)
self._analyzer = LayerAnalyzer(app.config, self._legacy_secscan_api)
def __init__(self, app, instance_keys, storage):
self.app = app
self.storage = storage
if app.config.get("SECURITY_SCANNER_V4_ENDPOINT", None) is None:
raise InvalidConfigurationException(
"Missing SECURITY_SCANNER_V4_ENDPOINT configuration")
validator = V4SecurityConfigValidator(
app.config.get("FEATURE_SECURITY_SCANNER", False),
app.config.get("SECURITY_SCANNER_V4_ENDPOINT", None),
)
if not validator.valid():
msg = "Failed to validate security scanner V4 configuration"
logger.warning(msg)
raise InvalidConfigurationException(msg)
self._secscan_api = ClairSecurityScannerAPI(
endpoint=app.config.get("SECURITY_SCANNER_V4_ENDPOINT"),
client=app.config.get("HTTPCLIENT"),
blob_url_retriever=BlobURLRetriever(storage, instance_keys, app),
)