Documentation ¶
Overview ¶
Package model (go:generate go run -mod=mod github.com/mailru/easyjson/easyjson ./$GOFILE)
Index ¶
- Constants
- Variables
- type CodeLine
- type CommentsCommands
- type Counters
- type Document
- type Documents
- type Extensions
- type ExtractedPathObject
- type FileKind
- type FileMetadata
- type FileMetadatas
- type IssueType
- type LineObject
- type PathParameters
- type QueryConfig
- type QueryMetadata
- type ResolvedFile
- type ResolvedFiles
- type Severity
- type SeveritySummary
- type Summary
- type Times
- type Vulnerability
- type VulnerabilityLines
- type VulnerableFile
- type VulnerableQuery
- type VulnerableQuerySlice
Constants ¶
const ( SeverityHigh = "HIGH" SeverityMedium = "MEDIUM" SeverityLow = "LOW" SeverityInfo = "INFO" )
Constants to describe vulnerability's severity
Variables ¶
var ( AllSeverities = []Severity{ SeverityHigh, SeverityMedium, SeverityLow, SeverityInfo, } AllIssueTypesAsString = []string{ string(IssueTypeMissingAttribute), string(IssueTypeRedundantAttribute), string(IssueTypeIncorrectValue), } )
Arrays to group all constants of one type
Functions ¶
This section is empty.
Types ¶
type CodeLine ¶ added in v1.2.2
CodeLine is the lines containing and adjecent to the vulnerability line with their respective positions
type CommentsCommands ¶ added in v1.4.1
CommentsCommands list of commands on a file that will be parsed
type Counters ¶
type Counters struct { ScannedFiles int `json:"files_scanned"` ParsedFiles int `json:"files_parsed"` FailedToScanFiles int `json:"files_failed_to_scan"` TotalQueries int `json:"queries_total"` FailedToExecuteQueries int `json:"queries_failed_to_execute"` FailedSimilarityID int `json:"queries_failed_to_compute_similarity_id"` }
Counters hold information about how many files were scanned, parsed, failed to be scaned, the total of queries and how many queries failed to execute
type Document ¶
type Document map[string]interface{}
Document (easyjson:json)
func (Document) MarshalEasyJSON ¶
MarshalEasyJSON supports easyjson.Marshaler interface
func (Document) MarshalJSON ¶
MarshalJSON supports json.Marshaler interface
func (*Document) UnmarshalEasyJSON ¶
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*Document) UnmarshalJSON ¶
UnmarshalJSON supports json.Unmarshaler interface
func (*Document) UnmarshalYAML ¶ added in v1.4.2
UnmarshalYAML is a custom yaml parser that places line information in the payload
type Documents ¶
type Documents struct {
Documents []Document `json:"document"`
}
Documents (easyjson:json)
func (Documents) MarshalEasyJSON ¶
MarshalEasyJSON supports easyjson.Marshaler interface
func (Documents) MarshalJSON ¶
MarshalJSON supports json.Marshaler interface
func (*Documents) UnmarshalEasyJSON ¶
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*Documents) UnmarshalJSON ¶
UnmarshalJSON supports json.Unmarshaler interface
type Extensions ¶
type Extensions map[string]struct{}
Extensions represents a list of supported extensions
func (Extensions) Include ¶
func (e Extensions) Include(ext string) bool
Include returns true if an extension is included in supported extensions listed otherwise returns false
func (Extensions) MatchedFilesRegex ¶
func (e Extensions) MatchedFilesRegex() string
MatchedFilesRegex returns the regex rule to identify if an extension is supported or not
type ExtractedPathObject ¶ added in v1.3.5
ExtractedPathObject is the struct that contains the path location of extracted source and a boolean to check if it is a local source
type FileMetadata ¶
type FileMetadata struct { ID string `db:"id"` ScanID string `db:"scan_id"` Document Document LineInfoDocument map[string]interface{} OriginalData string `db:"orig_data"` Kind FileKind `db:"kind"` FilePath string `db:"file_path"` Content string HelmID string IDInfo map[int]interface{} Commands CommentsCommands }
FileMetadata is a representation of basic information and content of a file
type FileMetadatas ¶
type FileMetadatas []FileMetadata
FileMetadatas is a slice of FileMetadata
func (FileMetadatas) Combine ¶
func (m FileMetadatas) Combine(lineInfo bool) Documents
Combine merge documents from FileMetadatas using the ID as reference for Document ID and FileName as reference for file
func (FileMetadatas) ToMap ¶
func (m FileMetadatas) ToMap() map[string]FileMetadata
ToMap creates a map of FileMetadatas, which the key is the FileMedata ID and the value is the FileMetadata
type LineObject ¶ added in v1.4.2
type LineObject struct { Line int `json:"_kics_line"` Arr []map[string]LineObject `json:"_kics_arr,omitempty"` }
LineObject is the struct that will hold line information for each key
type PathParameters ¶ added in v1.3.4
type PathParameters struct { ScannedPaths []string PathExtractionMap map[string]ExtractedPathObject }
PathParameters - structure wraps the required fields for temporary path translation
type QueryConfig ¶ added in v1.1.2
QueryConfig is a struct that contains the fileKind and platform of the rego query
type QueryMetadata ¶
type QueryMetadata struct { InputData string Query string Content string Metadata map[string]interface{} Platform string // special field for generic queries // represents how many queries are aggregated into a single rego file Aggregation int }
QueryMetadata is a representation of general information about a query
type ResolvedFile ¶ added in v1.2.1
type ResolvedFile struct { FileName string Content []byte OriginalData []byte SplitID string IDInfo map[int]interface{} }
ResolvedFile keeps the information of a file/template resolved
type ResolvedFiles ¶ added in v1.2.1
type ResolvedFiles struct {
File []ResolvedFile
}
ResolvedFiles keeps the information of all file/template resolved
type SeveritySummary ¶
type SeveritySummary struct { ScanID string `json:"scan_id"` SeverityCounters map[Severity]int `json:"severity_counters"` TotalCounter int `json:"total_counter"` }
SeveritySummary contains scans' result numbers, how many vulnerabilities of each severity was detected
type Summary ¶
type Summary struct { Version string `json:"kics_version,omitempty"` Counters SeveritySummary Times ScannedPaths []string `json:"paths"` Queries VulnerableQuerySlice `json:"queries"` }
Summary is a report of a single scan
func CreateSummary ¶
func CreateSummary(counters Counters, vulnerabilities []Vulnerability, scanID string, pathExtractionMap map[string]ExtractedPathObject) Summary
CreateSummary creates a report for a single scan, based on its scanID
type Times ¶ added in v1.3.2
Times represents an object that contains the start and end time of the scan
type Vulnerability ¶
type Vulnerability struct { ID int `json:"id"` ScanID string `db:"scan_id" json:"-"` SimilarityID string `db:"similarity_id" json:"similarityID"` FileID string `db:"file_id" json:"-"` FileName string `db:"file_name" json:"fileName"` QueryID string `db:"query_id" json:"queryID"` QueryName string `db:"query_name" json:"queryName"` QueryURI string `json:"-"` Category string `json:"category"` Description string `json:"description"` DescriptionID string `json:"descriptionID"` Platform string `db:"platform" json:"platform"` Severity Severity `json:"severity"` Line int `json:"line"` VulnLines []CodeLine `json:"vulnLines"` IssueType IssueType `db:"issue_type" json:"issueType"` SearchKey string `db:"search_key" json:"searchKey"` SearchLine int `db:"search_line" json:"searchLine"` SearchValue string `db:"search_value" json:"searchValue"` KeyExpectedValue string `db:"key_expected_value" json:"expectedValue"` KeyActualValue string `db:"key_actual_value" json:"actualValue"` Value *string `db:"value" json:"value"` Output string `json:"-"` }
Vulnerability is a representation of a detected vulnerability in scanned files after running a query
type VulnerabilityLines ¶ added in v1.2.2
VulnerabilityLines is the representation of the found line for issue
type VulnerableFile ¶
type VulnerableFile struct { FileName string `json:"file_name"` SimilarityID string `json:"similarity_id"` Line int `json:"line"` VulnLines []CodeLine `json:"-"` IssueType IssueType `json:"issue_type"` SearchKey string `json:"search_key"` SearchLine int `json:"search_line"` SearchValue string `json:"search_value"` KeyExpectedValue string `json:"expected_value"` KeyActualValue string `json:"actual_value"` Value *string `json:"value"` }
VulnerableFile contains information of a vulnerable file and where the vulnerability was found
type VulnerableQuery ¶
type VulnerableQuery struct { QueryName string `json:"query_name"` QueryID string `json:"query_id"` QueryURI string `json:"query_url"` Severity Severity `json:"severity"` Platform string `json:"platform"` Category string `json:"category"` Description string `json:"description"` DescriptionID string `json:"description_id"` CISDescriptionIDFormatted string `json:"cis_description_id"` CISDescriptionTitle string `json:"cis_description_title"` CISDescriptionTextFormatted string `json:"cis_description_text"` CISDescriptionID string `json:"cis_description_id_raw,omitempty"` CISDescriptionText string `json:"cis_description_text_raw,omitempty"` CISRationaleText string `json:"cis_description_rationale,omitempty"` CISBenchmarkName string `json:"cis_benchmark_name,omitempty"` CISBenchmarkVersion string `json:"cis_benchmark_version,omitempty"` Files []VulnerableFile `json:"files"` }
VulnerableQuery contains a query that tested positive ID, name, severity and a list of files that tested vulnerable
type VulnerableQuerySlice ¶ added in v1.2.0
type VulnerableQuerySlice []VulnerableQuery
VulnerableQuerySlice is a slice of VulnerableQuery