orchestrator

package
v2.0.0-ccit Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 9, 2024 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultCertificationTargetId          = "00000000-0000-0000-0000-000000000000"
	DefaultCertificationTargetName        = "default"
	DefaultCertificationTargetDescription = "The default certification target"
	DefaultCertificationTargetType        = orchestrator.CertificationTarget_TARGET_TYPE_CLOUD
)

Variables

View Source
var DefaultCatalogsFolder = "catalogs"
View Source
var DefaultMetricsFile = "metrics.json"
View Source
var ErrCertificationNotFound = status.Error(codes.NotFound, "certificate not found")

ErrCertificationNotFound indicates the certification was not found

View Source
var ErrMetricNotFound = status.Error(codes.NotFound, "metric not found")

ErrMetricNotFound indicates the certification was not found

Functions

func DefaultServiceSpec

func DefaultServiceSpec() launcher.ServiceSpec

DefaultServiceSpec returns a launcher.ServiceSpec for this Service with all necessary options retrieved from the config system.

func WithAuthorizationStrategy

func WithAuthorizationStrategy(authz service.AuthorizationStrategy) service.Option[*Service]

func WithAuthorizationStrategyJWT

func WithAuthorizationStrategyJWT(key string, allowAllKey string) service.Option[*Service]

WithAuthorizationStrategyJWT is an option that configures an JWT-based authorization strategy using a specific claim key.

func WithCatalogsFolder

func WithCatalogsFolder(folder string) service.Option[*Service]

WithCatalogsFolder can be used to load catalog files from a different catalogs folder

func WithExternalCatalogs

func WithExternalCatalogs(f func() ([]*orchestrator.Catalog, error)) service.Option[*Service]

WithExternalCatalogs can be used to load catalog definitions from an external source

func WithExternalMetrics

func WithExternalMetrics(f func() ([]*assessment.Metric, error)) service.Option[*Service]

WithExternalMetrics can be used to load metric definitions from an external source

func WithMetricsFile

func WithMetricsFile(file string) service.Option[*Service]

WithMetricsFile can be used to load a different metrics file

func WithStorage

func WithStorage(storage persistence.Storage) service.Option[*Service]

WithStorage is an option to set the storage. If not set, NewService will use inmemory storage.

Types

type Service

type Service struct {
	orchestrator.UnimplementedOrchestratorServer

	// CertificationTargetHooks is a list of hook functions that can be used to inform
	// about updated CertificationTargets
	CertificationTargetHooks []orchestrator.CertificationTargetHookFunc

	// Hook
	AssessmentResultHooks []assessment.ResultHookFunc
	// contains filtered or unexported fields
}

Service is an implementation of the Clouditor Orchestrator service

func NewService

func NewService(opts ...service.Option[*Service]) *Service

NewService creates a new Orchestrator service

func (*Service) CreateAuditScope

func (svc *Service) CreateAuditScope(ctx context.Context, req *orchestrator.CreateAuditScopeRequest) (res *orchestrator.AuditScope, err error)

func (*Service) CreateCatalog

CreateCatalog implements a method for creating a new catalog.

func (*Service) CreateCertificate

func (svc *Service) CreateCertificate(ctx context.Context, req *orchestrator.CreateCertificateRequest) (
	res *orchestrator.Certificate, err error)

CreateCertificate implements method for creating a new certificate

func (*Service) CreateDefaultCertificationTarget

func (s *Service) CreateDefaultCertificationTarget() (target *orchestrator.CertificationTarget, err error)

CreateDefaultCertificationTarget creates a new "default" certification target, if no certification target exists in the database.

If a new certification target was created, it will be returned.

func (*Service) CreateMetric

func (svc *Service) CreateMetric(_ context.Context, req *orchestrator.CreateMetricRequest) (metric *assessment.Metric, err error)

CreateMetric creates a new metric in the database.

func (*Service) GetAssessmentResult

func (svc *Service) GetAssessmentResult(ctx context.Context, req *orchestrator.GetAssessmentResultRequest) (res *assessment.AssessmentResult, err error)

GetAssessmentResult gets one assessment result by id

func (*Service) GetAuditScope

func (svc *Service) GetAuditScope(ctx context.Context, req *orchestrator.GetAuditScopeRequest) (response *orchestrator.AuditScope, err error)

GetAuditScope implements method for getting a AuditScope, e.g. to show its state in the UI

func (*Service) GetCatalog

func (svc *Service) GetCatalog(_ context.Context, req *orchestrator.GetCatalogRequest) (response *orchestrator.Catalog, err error)

GetCatalog retrieves a control specified by the catalog ID, the control's category name and the control ID. If present, it also includes a list of sub-controls and any metrics associated to any controls.

func (*Service) GetCategory

func (srv *Service) GetCategory(_ context.Context, req *orchestrator.GetCategoryRequest) (res *orchestrator.Category, err error)

GetCategory retrieves a category of a catalog specified by the catalog ID and the category name. It includes the first level of controls within each category.

func (*Service) GetCertificate

func (svc *Service) GetCertificate(ctx context.Context, req *orchestrator.GetCertificateRequest) (
	res *orchestrator.Certificate, err error)

GetCertificate implements method for getting a certificate, e.g. to show its state in the UI.

func (*Service) GetCertificationTarget

func (s *Service) GetCertificationTarget(ctx context.Context, req *orchestrator.GetCertificationTargetRequest) (response *orchestrator.CertificationTarget, err error)

GetCertificationTarget implements method for OrchestratorServer interface for getting a certification target with provided id

func (*Service) GetCertificationTargetStatistics

GetCertificationTargetStatistics implements method for OrchestratorServer interface for retrieving certification target statistics

func (*Service) GetControl

func (srv *Service) GetControl(_ context.Context, req *orchestrator.GetControlRequest) (res *orchestrator.Control, err error)

GetControl retrieves a control specified by the catalog ID, the control's category name and the control ID. If present, it also includes a list of sub-controls and any metrics associated to the control.

func (*Service) GetMetric

func (svc *Service) GetMetric(_ context.Context, req *orchestrator.GetMetricRequest) (metric *assessment.Metric, err error)

GetMetric retrieves a metric specified by req.MetricId.

func (*Service) GetMetricConfiguration

func (svc *Service) GetMetricConfiguration(ctx context.Context, req *orchestrator.GetMetricConfigurationRequest) (res *assessment.MetricConfiguration, err error)

func (*Service) GetMetricImplementation

func (svc *Service) GetMetricImplementation(_ context.Context, req *orchestrator.GetMetricImplementationRequest) (res *assessment.MetricImplementation, err error)

GetMetricImplementation retrieves a metric implementation specified by req.MetricId.

func (*Service) GetRuntimeInfo

func (*Service) GetRuntimeInfo(_ context.Context, _ *runtime.GetRuntimeInfoRequest) (res *runtime.Runtime, err error)

GetRuntimeInfo implements a method to retrieve runtime information

func (*Service) Init

func (svc *Service) Init()

func (*Service) ListAssessmentResults

ListAssessmentResults is a method implementation of the orchestrator interface

func (*Service) ListAuditScopes

ListAuditScopes implements method for getting a AuditScope

func (*Service) ListCatalogs

ListCatalogs Lists all security controls catalogs. Each catalog includes a list of its categories but no additional sub-resources.

func (*Service) ListCertificates

ListCertificates implements method for getting all certificates, e.g. to show its state in the UI. The response does not indicate whether there are no certificates available or the access is denied.

func (*Service) ListCertificationTargets

ListCertificationTargets implements method for OrchestratorServer interface for listing all certification targets

func (*Service) ListControls

ListControls lists controls. If no additional parameters are specified, this lists all controls. If a catalog ID and a category name is specified, then only controls containing in this category are returned.

func (*Service) ListMetricConfigurations

func (svc *Service) ListMetricConfigurations(ctx context.Context, req *orchestrator.ListMetricConfigurationRequest) (response *orchestrator.ListMetricConfigurationResponse, err error)

ListMetricConfigurations retrieves a list of MetricConfiguration objects for a particular target certification target specified in req.

The list MUST include a configuration for each known metric. If the user did not specify a custom configuration for a particular metric within the service, the default metric configuration is inserted into the list.

func (*Service) ListMetrics

ListMetrics lists all available metrics.

func (*Service) ListPublicCertificates

ListPublicCertificates implements method for getting all certificates without the state history, e.g. to show its state in the UI

func (*Service) RegisterAssessmentResultHook

func (s *Service) RegisterAssessmentResultHook(hook assessment.ResultHookFunc)

func (*Service) RegisterCertificationTarget

func (s *Service) RegisterCertificationTarget(ctx context.Context, req *orchestrator.RegisterCertificationTargetRequest) (res *orchestrator.CertificationTarget, err error)

func (*Service) RegisterCertificationTargetHook

func (s *Service) RegisterCertificationTargetHook(hook orchestrator.CertificationTargetHookFunc)

func (*Service) RegisterToeHook

func (s *Service) RegisterToeHook(hook orchestrator.AuditScopeHookFunc)

RegisterToeHook registers the Audit Scope hook function

func (*Service) RemoveAuditScope

func (svc *Service) RemoveAuditScope(ctx context.Context, req *orchestrator.RemoveAuditScopeRequest) (response *emptypb.Empty, err error)

RemoveAuditScope implements method for removing a AuditScope

func (*Service) RemoveCatalog

func (svc *Service) RemoveCatalog(_ context.Context, req *orchestrator.RemoveCatalogRequest) (response *emptypb.Empty, err error)

RemoveCatalog implements a method for removing a catalog

func (*Service) RemoveCertificate

func (svc *Service) RemoveCertificate(ctx context.Context, req *orchestrator.RemoveCertificateRequest) (response *emptypb.Empty, err error)

RemoveCertificate implements method for removing a certificate. The response does not indicate whether there are no certificates available or the access is denied.

func (*Service) RemoveCertificationTarget

func (s *Service) RemoveCertificationTarget(ctx context.Context, req *orchestrator.RemoveCertificationTargetRequest) (response *emptypb.Empty, err error)

RemoveCertificationTarget implements method for OrchestratorServer interface for removing a certification target

func (*Service) RemoveMetric

func (svc *Service) RemoveMetric(ctx context.Context, req *orchestrator.RemoveMetricRequest) (res *emptypb.Empty, err error)

RemoveMetric removes a metric specified by req.MetricId. The metric is not deleted, but the property deprecated is set to true for backward compatibility reasons.

func (*Service) Shutdown

func (svc *Service) Shutdown()

func (*Service) StoreAssessmentResult

StoreAssessmentResult is a method implementation of the orchestrator interface: It receives an assessment result and stores it

func (*Service) StoreAssessmentResults

func (s *Service) StoreAssessmentResults(stream orchestrator.Orchestrator_StoreAssessmentResultsServer) (err error)

func (*Service) SubscribeMetricChangeEvents

SubscribeMetricChangeEvents implements a stream of metric events to the subscribed client.

func (*Service) UpdateAuditScope

func (svc *Service) UpdateAuditScope(ctx context.Context, req *orchestrator.UpdateAuditScopeRequest) (res *orchestrator.AuditScope, err error)

UpdateAuditScope implements method for updating an existing AuditScope

func (*Service) UpdateCatalog

func (svc *Service) UpdateCatalog(_ context.Context, req *orchestrator.UpdateCatalogRequest) (res *orchestrator.Catalog, err error)

UpdateCatalog implements a method for updating an existing catalog

func (*Service) UpdateCertificate

func (svc *Service) UpdateCertificate(ctx context.Context, req *orchestrator.UpdateCertificateRequest) (response *orchestrator.Certificate, err error)

UpdateCertificate implements method for updating an existing certificate

func (*Service) UpdateCertificationTarget

func (s *Service) UpdateCertificationTarget(ctx context.Context, req *orchestrator.UpdateCertificationTargetRequest) (res *orchestrator.CertificationTarget, err error)

UpdateCertificationTarget implements method for OrchestratorServer interface for updating a certification target

func (*Service) UpdateMetric

func (svc *Service) UpdateMetric(_ context.Context, req *orchestrator.UpdateMetricRequest) (metric *assessment.Metric, err error)

UpdateMetric updates an existing metric, specified by the identifier in req.MetricId.

func (*Service) UpdateMetricConfiguration

func (svc *Service) UpdateMetricConfiguration(ctx context.Context, req *orchestrator.UpdateMetricConfigurationRequest) (res *assessment.MetricConfiguration, err error)

UpdateMetricConfiguration updates the configuration for a metric, specified by the identifier in req.MetricId.

func (*Service) UpdateMetricImplementation

func (svc *Service) UpdateMetricImplementation(_ context.Context, req *orchestrator.UpdateMetricImplementationRequest) (impl *assessment.MetricImplementation, err error)

UpdateMetricImplementation updates an existing metric implementation, specified by the identifier in req.MetricId.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL