Documentation ¶
Index ¶
- Constants
- Variables
- type Counters
- type Document
- type Documents
- type Extensions
- type FileKind
- type FileMetadata
- type FileMetadatas
- type IssueType
- type QueryConfig
- type QueryMetadata
- type ResolvedFile
- type ResolvedFiles
- type SarifReport
- type Severity
- type SeveritySummary
- type Summary
- type VulnLines
- type Vulnerability
- type VulnerableFile
- type VulnerableQuery
- type VulnerableQuerySlice
Constants ¶
const ( SeverityHigh = "HIGH" SeverityMedium = "MEDIUM" SeverityLow = "LOW" SeverityInfo = "INFO" )
Constants to describe vulnerability's severity
Variables ¶
var ( AllSeverities = []Severity{ SeverityHigh, SeverityMedium, SeverityLow, SeverityInfo, } AllIssueTypesAsString = []string{ string(IssueTypeMissingAttribute), string(IssueTypeRedundantAttribute), string(IssueTypeIncorrectValue), } )
Arrays to group all constants of one type
Functions ¶
This section is empty.
Types ¶
type Counters ¶
type Counters struct { ScannedFiles int `json:"files_scanned"` ParsedFiles int `json:"files_parsed"` FailedToScanFiles int `json:"files_failed_to_scan"` TotalQueries int `json:"queries_total"` FailedToExecuteQueries int `json:"queries_failed_to_execute"` FailedSimilarityID int `json:"queries_failed_to_compute_similarity_id"` }
Counters hold information about how many files were scanned, parsed, failed to be scaned, the total of queries and how many queries failed to execute
type Document ¶
type Document map[string]interface{}
func (Document) MarshalEasyJSON ¶
MarshalEasyJSON supports easyjson.Marshaler interface
func (Document) MarshalJSON ¶
MarshalJSON supports json.Marshaler interface
func (*Document) UnmarshalEasyJSON ¶
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*Document) UnmarshalJSON ¶
UnmarshalJSON supports json.Unmarshaler interface
type Documents ¶
type Documents struct {
Documents []Document `json:"document"`
}
func (Documents) MarshalEasyJSON ¶
MarshalEasyJSON supports easyjson.Marshaler interface
func (Documents) MarshalJSON ¶
MarshalJSON supports json.Marshaler interface
func (*Documents) UnmarshalEasyJSON ¶
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*Documents) UnmarshalJSON ¶
UnmarshalJSON supports json.Unmarshaler interface
type Extensions ¶
type Extensions map[string]struct{}
Extensions represents a list of supported extensions
func (Extensions) Include ¶
func (e Extensions) Include(ext string) bool
Include returns true if an extension is included in supported extensions listed otherwise returns false
func (Extensions) MatchedFilesRegex ¶
func (e Extensions) MatchedFilesRegex() string
MatchedFilesRegex returns the regex rule to identify if an extension is supported or not
type FileMetadata ¶
type FileMetadata struct { ID string `db:"id"` ScanID string `db:"scan_id"` Document Document OriginalData string `db:"orig_data"` Kind FileKind `db:"kind"` FileName string `db:"file_name"` Content string HelmID string IDInfo map[int]interface{} }
FileMetadata is a representation of basic information and content of a file
type FileMetadatas ¶
type FileMetadatas []FileMetadata
FileMetadatas is a slice of FileMetadata
func (FileMetadatas) Combine ¶
func (m FileMetadatas) Combine() Documents
Combine merge documents from FileMetadatas using the ID as reference for Document ID and FileName as reference for file
func (FileMetadatas) ToMap ¶
func (m FileMetadatas) ToMap() map[string]FileMetadata
ToMap creates a map of FileMetadatas, which the key is the FileMedata ID and the value is the FileMetadata
type QueryConfig ¶ added in v1.1.2
QueryConfig is a struct that contains the fileKind and platform of the rego query
type QueryMetadata ¶
type QueryMetadata struct { Query string Content string Metadata map[string]interface{} Platform string // special field for generic queries // represents how many queries are aggregated into a single rego file Aggregation int }
QueryMetadata is a representation of general information about a query
type ResolvedFile ¶ added in v1.2.1
type ResolvedFile struct { FileName string Content []byte OriginalData []byte SplitID string IDInfo map[int]interface{} }
ResolvedFile keeps the information of a file/template resolved
type ResolvedFiles ¶ added in v1.2.1
type ResolvedFiles struct {
File []ResolvedFile
}
ResolvedFiles keeps the information of all file/template resolved
type SarifReport ¶ added in v1.2.0
type SarifReport interface {
BuildIssue(issue *VulnerableQuery)
}
SarifReport represents a usable sarif report reference
func NewSarifReport ¶ added in v1.2.0
func NewSarifReport() SarifReport
NewSarifReport creates and start a new sarif report with default values respecting SARIF schema 2.1.0
type SeveritySummary ¶
type SeveritySummary struct { ScanID string `json:"scan_id"` SeverityCounters map[Severity]int `json:"severity_counters"` TotalCounter int `json:"total_counter"` }
SeveritySummary contains scans' result numbers, how many vulnerabilities of each severity was detected
type Summary ¶
type Summary struct { Counters Queries VulnerableQuerySlice `json:"queries"` SeveritySummary }
Summary is a report of a single scan
func CreateSummary ¶
func CreateSummary(counters Counters, vulnerabilities []Vulnerability, scanID string) Summary
CreateSummary creates a report for a single scan, based on its scanID
type VulnLines ¶ added in v1.2.0
VulnLines is the lines containing and adjecent to the vulnerability line with their respective positions
type Vulnerability ¶
type Vulnerability struct { ID int `json:"id"` ScanID string `db:"scan_id" json:"-"` SimilarityID string `db:"similarity_id" json:"similarityID"` FileID string `db:"file_id" json:"-"` FileName string `db:"file_name" json:"fileName"` QueryID string `db:"query_id" json:"queryID"` QueryName string `db:"query_name" json:"queryName"` QueryURI string `json:"-"` Category string `json:"category"` Description string `json:"description"` Platform string `db:"platform" json:"platform"` Severity Severity `json:"severity"` Line int `json:"line"` VulnLines VulnLines `json:"vulnLines"` IssueType IssueType `db:"issue_type" json:"issueType"` SearchKey string `db:"search_key" json:"searchKey"` SearchValue string `db:"search_value" json:"searchValue"` KeyExpectedValue string `db:"key_expected_value" json:"expectedValue"` KeyActualValue string `db:"key_actual_value" json:"actualValue"` Value *string `db:"value" json:"value"` Output string `json:"-"` }
Vulnerability is a representation of a detected vulnerability in scanned files after running a query
type VulnerableFile ¶
type VulnerableFile struct { FileName string `json:"file_name"` SimilarityID string `json:"similarity_id"` Line int `json:"line"` VulnLines VulnLines `json:"-"` IssueType IssueType `json:"issue_type"` SearchKey string `json:"search_key"` SearchValue string `json:"search_value"` KeyExpectedValue string `json:"expected_value"` KeyActualValue string `json:"actual_value"` Value *string `json:"value"` }
VulnerableFile contains information of a vulnerable file and where the vulnerability was found
type VulnerableQuery ¶
type VulnerableQuery struct { QueryName string `json:"query_name"` QueryID string `json:"query_id"` QueryURI string `json:"query_url"` Severity Severity `json:"severity"` Platform string `json:"platform"` Files []VulnerableFile `json:"files"` Category string `json:"category"` Description string `json:"description"` }
VulnerableQuery contains a query that tested positive ID, name, severity and a list of files that tested vulnerable
type VulnerableQuerySlice ¶ added in v1.2.0
type VulnerableQuerySlice []VulnerableQuery
VulnerableQuerySlice is a slice of VulnerableQuery
func (VulnerableQuerySlice) SortBySev ¶ added in v1.2.0
func (v VulnerableQuerySlice) SortBySev() VulnerableQuerySlice
SortBySev will sort queries by severity in an ascending order