Documentation
¶
Index ¶
- Constants
- func CreateCustomCompliance(c api.Client, compliance CustomCompliance) error
- func DeleteCustomCompliance(c api.Client, name string) error
- func GenerateCustomComplianceId(c api.Client) (int, error)
- func SetRuntimeContainerRule(c api.Client, policy RuntimeContainerPolicy) error
- func UpdateAdmission(c api.Client, policy AdmissionPolicy) error
- func UpdateComplianceCiCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
- func UpdateComplianceCiImage(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceCiServerless(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
- func UpdateComplianceContainer(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceHost(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceServerless(c api.Client, policy CompliancePolicy) error
- func UpdateCustomCompliance(c api.Client, compliance CustomCompliance) error
- func UpdateRuntimeContainer(c api.Client, policy RuntimeContainerPolicy) error
- func UpdateRuntimeHost(c api.Client, policy RuntimeHostPolicy) error
- func UpdateVulnerabilityCiCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
- func UpdateVulnerabilityCiImage(c api.Client, policy VulnerabilityImagePolicy) error
- func UpdateVulnerabilityCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
- func UpdateVulnerabilityHost(c api.Client, policy VulnerabilityHostPolicy) error
- func UpdateVulnerabilityImage(c api.Client, policy VulnerabilityImagePolicy) error
- type AdmissionPolicy
- type AdmissionRule
- type ComplianceCheck
- type ComplianceCoderepoGraceDaysPolicy
- type ComplianceCoderepoLicense
- type ComplianceCoderepoPolicy
- type ComplianceCoderepoRule
- type ComplianceCoderepoThreshold
- type ComplianceConditions
- type CompliancePolicy
- func GetComplianceCiImage(c api.Client) (CompliancePolicy, error)
- func GetComplianceCiServerless(c api.Client) (CompliancePolicy, error)
- func GetComplianceContainer(c api.Client) (CompliancePolicy, error)
- func GetComplianceHost(c api.Client) (CompliancePolicy, error)
- func GetComplianceServerless(c api.Client) (CompliancePolicy, error)
- type ComplianceRule
- type CustomCompliance
- type RuntimeContainerCustomRule
- type RuntimeContainerDeniedList
- type RuntimeContainerDns
- type RuntimeContainerDnsDomainList
- type RuntimeContainerFilesystem
- type RuntimeContainerNetwork
- type RuntimeContainerNetworkPorts
- type RuntimeContainerPolicy
- type RuntimeContainerPort
- type RuntimeContainerProcesses
- type RuntimeContainerRule
- type RuntimeHostAntiMalware
- type RuntimeHostCustomRule
- type RuntimeHostDeniedProcesses
- type RuntimeHostDns
- type RuntimeHostFileIntegrityRule
- type RuntimeHostForensic
- type RuntimeHostLogInspectionRule
- type RuntimeHostNetwork
- type RuntimeHostPolicy
- type RuntimeHostPort
- type RuntimeHostRule
- type VulnerabilityCoderepoCveRule
- type VulnerabilityCoderepoExpiration
- type VulnerabilityCoderepoGraceDaysPolicy
- type VulnerabilityCoderepoPolicy
- type VulnerabilityCoderepoRule
- type VulnerabilityCoderepoTagRule
- type VulnerabilityCoderepoThreshold
- type VulnerabilityHostCveRule
- type VulnerabilityHostExpiration
- type VulnerabilityHostPolicy
- type VulnerabilityHostRule
- type VulnerabilityHostTagRule
- type VulnerabilityHostThreshold
- type VulnerabilityImageCveRule
- type VulnerabilityImageExpiration
- type VulnerabilityImageGraceDaysPolicy
- type VulnerabilityImagePolicy
- type VulnerabilityImageRule
- type VulnerabilityImageTagRule
- type VulnerabilityImageThreshold
Constants ¶
View Source
const ( ComplianceCiImagesEndpoint = "api/v1/policies/compliance/ci/images" ComplianceCiServerlessEndpoint = "api/v1/policies/compliance/ci/serverless" ComplianceContainerEndpoint = "api/v1/policies/compliance/container" ComplianceHostEndpoint = "api/v1/policies/compliance/host" ComplianceServerlessEndpoint = "api/v1/policies/compliance/serverless" )
View Source
const ( ComplianceCodereposEndpoint = "api/v1/policies/compliance/coderepos" ComplianceCiCodereposEndpoint = "api/v1/policies/compliance/ci/coderepos" )
View Source
const ( VulnerabilityCodereposEndpoint = "api/v1/policies/vulnerability/coderepos" VulnerabilityCiCodereposEndpoint = "api/v1/policies/vulnerability/ci/coderepos" )
View Source
const ( VulnerabilityImagesEndpoint = "api/v1/policies/vulnerability/images" VulnerabilityCiImagesEndpoint = "api/v1/policies/vulnerability/ci/images" )
View Source
const AdmissionEndpoint = "api/v1/policies/admission"
View Source
const CustomCompliancesEndpoint = "api/v1/custom-compliance"
View Source
const RuntimeContainerEndpoint = "api/v1/policies/runtime/container"
View Source
const RuntimeHostEndpoint = "api/v1/policies/runtime/host"
View Source
const VulnerabilityHostEndpoint = "api/v1/policies/vulnerability/host"
Variables ¶
This section is empty.
Functions ¶
func CreateCustomCompliance ¶ added in v0.7.0
func CreateCustomCompliance(c api.Client, compliance CustomCompliance) error
Create a new custom compliance. func CreateCustomCompliance(c api.Client, compliance CustomCompliance) (int, error) {
func DeleteCustomCompliance ¶ added in v0.7.0
Delete an existing custom Compliance.
func GenerateCustomComplianceId ¶ added in v0.7.0
Helper method to generate an ID for new custom Compliance. Finds the maximum custom Compliance ID and increments it by 1.
func SetRuntimeContainerRule ¶ added in v0.8.0
func SetRuntimeContainerRule(c api.Client, policy RuntimeContainerPolicy) error
Add new container runtime policy rule
func UpdateAdmission ¶
func UpdateAdmission(c api.Client, policy AdmissionPolicy) error
Update the current admission policy.
func UpdateComplianceCiCoderepo ¶ added in v0.6.0
func UpdateComplianceCiCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
Update the current CI coderepo compliance policy.
func UpdateComplianceCiImage ¶
func UpdateComplianceCiImage(c api.Client, policy CompliancePolicy) error
Update the current CI image compliance policy.
func UpdateComplianceCiServerless ¶
func UpdateComplianceCiServerless(c api.Client, policy CompliancePolicy) error
Update the current CI serverless compliance policy.
func UpdateComplianceCoderepo ¶ added in v0.6.0
func UpdateComplianceCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
Update the current coderepo compliance policy.
func UpdateComplianceContainer ¶
func UpdateComplianceContainer(c api.Client, policy CompliancePolicy) error
Update the current container compliance policy.
func UpdateComplianceHost ¶
func UpdateComplianceHost(c api.Client, policy CompliancePolicy) error
Update the current host compliance policy.
func UpdateComplianceServerless ¶
func UpdateComplianceServerless(c api.Client, policy CompliancePolicy) error
Update the current serverless compliance policy.
func UpdateCustomCompliance ¶ added in v0.7.0
func UpdateCustomCompliance(c api.Client, compliance CustomCompliance) error
Update an existing custom Compliance.
func UpdateRuntimeContainer ¶
func UpdateRuntimeContainer(c api.Client, policy RuntimeContainerPolicy) error
Update the current container runtime policy.
func UpdateRuntimeHost ¶
func UpdateRuntimeHost(c api.Client, policy RuntimeHostPolicy) error
Update the current host runtime policy.
func UpdateVulnerabilityCiCoderepo ¶
func UpdateVulnerabilityCiCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
Update the current CI coderepo vulnerability policy.
func UpdateVulnerabilityCiImage ¶
func UpdateVulnerabilityCiImage(c api.Client, policy VulnerabilityImagePolicy) error
Update the current CI image vulnerability policy.
func UpdateVulnerabilityCoderepo ¶
func UpdateVulnerabilityCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
Update the current coderepo vulnerability policy.
func UpdateVulnerabilityHost ¶
func UpdateVulnerabilityHost(c api.Client, policy VulnerabilityHostPolicy) error
Update the current host vulnerability policy.
func UpdateVulnerabilityImage ¶
func UpdateVulnerabilityImage(c api.Client, policy VulnerabilityImagePolicy) error
Update the current image vulnerability policy.
Types ¶
type AdmissionPolicy ¶
type AdmissionPolicy struct {
Id string `json:"_id,omitempty"`
Rules []AdmissionRule `json:"rules,omitempty"`
}
func GetAdmission ¶
func GetAdmission(c api.Client) (AdmissionPolicy, error)
Get the current admission policy.
type AdmissionRule ¶
type ComplianceCheck ¶
type ComplianceCoderepoGraceDaysPolicy ¶ added in v0.6.0
type ComplianceCoderepoLicense ¶ added in v0.6.0
type ComplianceCoderepoLicense struct {
AlertThreshold ComplianceCoderepoThreshold `json:"alertThreshold,omitempty"`
BlockThreshold ComplianceCoderepoThreshold `json:"blockThreshold,omitempty"`
Critical []string `json:"critical,omitempty"`
High []string `json:"high,omitempty"`
Medium []string `json:"medium,omitempty"`
Low []string `json:"low,omitempty"`
}
type ComplianceCoderepoPolicy ¶ added in v0.6.0
type ComplianceCoderepoPolicy struct {
Rules []ComplianceCoderepoRule `json:"rules,omitempty"`
Type string `json:"policyType,omitempty"`
}
func GetComplianceCiCoderepo ¶ added in v0.6.0
func GetComplianceCiCoderepo(c api.Client) (ComplianceCoderepoPolicy, error)
Get the current CI coderepo compliance policy.
func GetComplianceCoderepo ¶ added in v0.6.0
func GetComplianceCoderepo(c api.Client) (ComplianceCoderepoPolicy, error)
Get the current coderepo compliance policy.
type ComplianceCoderepoRule ¶ added in v0.6.0
type ComplianceCoderepoRule struct {
Collections []collection.Collection `json:"collections,omitempty"`
Disabled bool `json:"disabled"`
Effect string `json:"effect,omitempty"`
GraceDays int `json:"graceDays,omitempty"`
GraceDaysPolicy ComplianceCoderepoGraceDaysPolicy `json:"graceDaysPolicy,omitempty"`
Name string `json:"name,omitempty"`
Notes string `json:"notes,omitempty"`
License ComplianceCoderepoLicense `json:"license,omitempty"`
}
type ComplianceCoderepoThreshold ¶ added in v0.6.0
type ComplianceConditions ¶
type ComplianceConditions struct {
Checks []ComplianceCheck `json:"vulnerabilities,omitempty"`
}
type CompliancePolicy ¶
type CompliancePolicy struct {
Rules []ComplianceRule `json:"rules,omitempty"`
Type string `json:"policyType,omitempty"`
}
func GetComplianceCiImage ¶
func GetComplianceCiImage(c api.Client) (CompliancePolicy, error)
Get the current CI image compliance policy.
func GetComplianceCiServerless ¶
func GetComplianceCiServerless(c api.Client) (CompliancePolicy, error)
Get the current CI serverless compliance policy.
func GetComplianceContainer ¶
func GetComplianceContainer(c api.Client) (CompliancePolicy, error)
Get the current container compliance policy.
func GetComplianceHost ¶
func GetComplianceHost(c api.Client) (CompliancePolicy, error)
Get the current host compliance policy.
func GetComplianceServerless ¶
func GetComplianceServerless(c api.Client) (CompliancePolicy, error)
Get the current serverless compliance policy.
type ComplianceRule ¶
type ComplianceRule struct {
BlockMessage string `json:"blockMsg,omitempty"`
Collections []collection.Collection `json:"collections,omitempty"`
Conditions ComplianceConditions `json:"condition,omitempty"`
Disabled bool `json:"disabled"`
Effect string `json:"effect,omitempty"`
Name string `json:"name,omitempty"`
Notes string `json:"notes,omitempty"`
ShowPassedChecks bool `json:"allCompliance"`
Verbose bool `json:"verbose"`
}
type CustomCompliance ¶ added in v0.7.0
type CustomCompliance struct {
Id int `json:"_id,omitempty"`
Name string `json:"name,omitempty"`
Title string `json:"title,omitempty"`
Severity string `json:"severity,omitempty"`
Script string `json:"script,omitempty"`
}
func GetCustomComplianceById ¶ added in v0.7.0
func GetCustomComplianceById(c api.Client, id int) (*CustomCompliance, error)
Get a specific custom Compliance by ID.
func GetCustomComplianceByName ¶ added in v0.7.0
func GetCustomComplianceByName(c api.Client, name string) (*CustomCompliance, error)
Get a specific custom Compliance by name.
func ListCustomCompliance ¶ added in v0.7.0
func ListCustomCompliance(c api.Client) ([]CustomCompliance, error)
Get all custom Compliances.
type RuntimeContainerDeniedList ¶ added in v0.8.0
type RuntimeContainerDns ¶
type RuntimeContainerDns struct {
DefaultEffect string `json:"defaultEffect,omitempty"`
Disabled bool `json:"disabled,omitempty"`
DomainList RuntimeContainerDnsDomainList `json:"domainList,omitempty"`
}
type RuntimeContainerDnsDomainList ¶ added in v0.8.0
type RuntimeContainerFilesystem ¶
type RuntimeContainerFilesystem struct {
AllowedList []string `json:"allowedList,omitempty"`
BackdoorFilesEffect string `json:"backdoorFilesEffect,omitempty"`
DefaultEffect string `json:"defaultEffect,omitempty"`
DeniedList RuntimeContainerDeniedList `json:"deniedList,omitempty"`
Disabled bool `json:"disabled,omitempty"`
EncryptedBinariesEffect string `json:"encryptedBinariesEffect,omitempty"`
NewFilesEffect string `json:"newFilesEffect,omitempty"`
SuspiciousElfHeadersEffect string `json:"suspiciousElfHeadersEffect,omitempty"`
}
type RuntimeContainerNetwork ¶
type RuntimeContainerNetwork struct {
AllowedIps []string `json:"allowedIPs,omitempty"`
DefaultEffect string `json:"defaultEffect,omitempty"`
DeniedIps []string `json:"deniedIPs,omitempty"`
DeniedIpsEffect string `json:"deniedIPsEffect,omitempty"`
Disabled bool `json:"disabled,omitempty"`
ListeningPorts RuntimeContainerNetworkPorts `json:"listeningPorts,omitempty"`
ModifiedProcEffect string `json:"modifiedProcEffect,omitempty"`
OutboundPorts RuntimeContainerNetworkPorts `json:"outboundPorts,omitempty"`
PortScanEffect string `json:"portScanEffect,omitempty"`
RawSocketsEffect string `json:"rawSocketsEffect,omitempty"`
}
type RuntimeContainerNetworkPorts ¶ added in v0.8.0
type RuntimeContainerNetworkPorts struct {
Allowed []RuntimeContainerPort `json:"allowed,omitempty"`
Denied []RuntimeContainerPort `json:"denied,omitempty"`
Effect string `json:"effect,omitempty"`
}
type RuntimeContainerPolicy ¶
type RuntimeContainerPolicy struct {
LearningDisabled bool `json:"learningDisabled,omitempty"`
Rules []RuntimeContainerRule `json:"rules,omitempty"`
}
func GetRuntimeContainer ¶
func GetRuntimeContainer(c api.Client) (RuntimeContainerPolicy, error)
Get the current container runtime policy.
type RuntimeContainerPort ¶
type RuntimeContainerProcesses ¶
type RuntimeContainerProcesses struct {
ModifiedProcessEffect string `json:"modifiedProcessEffect,omitempty"`
CryptoMinersEffect string `json:"cryptoMinersEffect,omitempty"`
LateralMovementEffect string `json:"lateralMovementEffect,omitempty"`
ReverseShellEffect string `json:"reverseShellEffect,omitempty"`
SuidBinariesEffect string `json:"suidBinariesEffect,omitempty"`
DefaultEffect string `json:"defaultEffect,omitempty"`
CheckParentChild bool `json:"checkParentChild"`
AllowedList []string `json:"allowedList,omitempty"`
Disabled bool `json:"disabled"`
DeniedList RuntimeContainerDeniedList `json:"deniedList"`
}
type RuntimeContainerRule ¶
type RuntimeContainerRule struct {
AdvancedProtectionEffect string `json:"advancedProtectionEffect"`
CloudMetadataEnforcementEffect string `json:"cloudMetadataEnforcementEffect"`
Collections []collection.Collection `json:"collections,omitempty"`
CustomRules []RuntimeContainerCustomRule `json:"customRules,omitempty"`
Disabled bool `json:"disabled"`
Dns RuntimeContainerDns `json:"dns,omitempty"`
Filesystem RuntimeContainerFilesystem `json:"filesystem,omitempty"`
KubernetesEnforcementEffect string `json:"kubernetesEnforcementEffect"`
Name string `json:"name,omitempty"`
PreviousName string `json:"previousName,omitempty"`
SkipExecSessions bool `json:"skipExecSessions,omitempty"`
Network RuntimeContainerNetwork `json:"network,omitempty"`
Notes string `json:"notes,omitempty"`
Processes RuntimeContainerProcesses `json:"processes,omitempty"`
WildFireAnalysis string `json:"wildFireAnalysis,omitempty"`
}
type RuntimeHostAntiMalware ¶
type RuntimeHostAntiMalware struct {
AllowedProcesses []string `json:"allowedProcesses,omitempty"`
CryptoMiner string `json:"cryptoMiner,omitempty"`
CustomFeed string `json:"customFeed,omitempty"`
DeniedProcesses RuntimeHostDeniedProcesses `json:"deniedProcesses,omitempty"`
DetectCompilerGeneratedBinary bool `json:"detectCompilerGeneratedBinary"`
EncryptedBinaries string `json:"encryptedBinaries,omitempty"`
ExecutionFlowHijack string `json:"executionFlowHijack,omitempty"`
IntelligenceFeed string `json:"intelligenceFeed,omitempty"`
ReverseShell string `json:"reverseShell,omitempty"`
ServiceUnknownOriginBinary string `json:"serviceUnknownOriginBinary,omitempty"`
SkipSshTracking bool `json:"skipSSHTracking,omitempty"`
SuspiciousElfHeaders string `json:"suspiciousELFHeaders,omitempty"`
TempFsProcesses string `json:"tempFSProc,omitempty"`
UserUnknownOriginBinary string `json:"userUnknownOriginBinary,omitempty"`
WebShell string `json:"webShell,omitempty"`
WildFireAnalysis string `json:"wildFireAnalysis,omitempty"`
}
type RuntimeHostCustomRule ¶
type RuntimeHostDns ¶
type RuntimeHostFileIntegrityRule ¶
type RuntimeHostFileIntegrityRule struct {
AllowedProcesses []string `json:"procWhitelist,omitempty"`
ExcludedFiles []string `json:"exclusions,omitempty"`
Metadata bool `json:"metadata"`
Path string `json:"path,omitempty"`
Read bool `json:"read"`
Recursive bool `json:"recursive"`
Write bool `json:"write"`
}
type RuntimeHostForensic ¶
type RuntimeHostForensic struct {
ActivitiesDisabled bool `json:"activitiesDisabled"`
DockerEnabled bool `json:"dockerEnabled"`
ReadonlyDockerEnabled bool `json:"readonlyDockerEnabled"`
ServiceActivitiesEnabled bool `json:"serviceActivitiesEnabled"`
SshdEnabled bool `json:"sshdEnabled"`
SudoEnabled bool `json:"sudoEnabled"`
}
type RuntimeHostNetwork ¶
type RuntimeHostNetwork struct {
AllowedOutboundIps []string `json:"allowedOutboundIPs,omitempty"`
CustomFeed string `json:"customFeed,omitempty"`
DeniedListeningPorts []RuntimeHostPort `json:"deniedListeningPorts,omitempty"`
DeniedOutboundIps []string `json:"deniedOutboundIPs,omitempty"`
DeniedOutboundPorts []RuntimeHostPort `json:"deniedOutboundPorts,omitempty"`
DenyEffect string `json:"denyListEffect,omitempty"`
IntelligenceFeed string `json:"intelligenceFeed,omitempty"`
}
type RuntimeHostPolicy ¶
type RuntimeHostPolicy struct {
Rules []RuntimeHostRule `json:"rules,omitempty"`
}
func GetRuntimeHost ¶
func GetRuntimeHost(c api.Client) (RuntimeHostPolicy, error)
Get the current host runtime policy.
type RuntimeHostPort ¶
type RuntimeHostRule ¶
type RuntimeHostRule struct {
AntiMalware RuntimeHostAntiMalware `json:"antiMalware,omitempty"`
Collections []collection.Collection `json:"collections,omitempty"`
CustomRules []RuntimeHostCustomRule `json:"customRules,omitempty"`
Disabled bool `json:"disabled"`
Dns RuntimeHostDns `json:"dns,omitempty"`
FileIntegrityRules []RuntimeHostFileIntegrityRule `json:"fileIntegrityRules,omitempty"`
Forensic RuntimeHostForensic `json:"forensic,omitempty"`
LogInspectionRules []RuntimeHostLogInspectionRule `json:"logInspectionRules,omitempty"`
Name string `json:"name,omitempty"`
Network RuntimeHostNetwork `json:"network,omitempty"`
Notes string `json:"notes,omitempty"`
}
type VulnerabilityCoderepoCveRule ¶
type VulnerabilityCoderepoCveRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityCoderepoExpiration `json:"expiration,omitempty"`
Id string `json:"id,omitempty"`
}
type VulnerabilityCoderepoPolicy ¶
type VulnerabilityCoderepoPolicy struct {
Rules []VulnerabilityCoderepoRule `json:"rules,omitempty"`
Type string `json:"policyType,omitempty"`
}
func GetVulnerabilityCiCoderepo ¶
func GetVulnerabilityCiCoderepo(c api.Client) (VulnerabilityCoderepoPolicy, error)
Get the current CI coderepo vulnerability policy.
func GetVulnerabilityCoderepo ¶
func GetVulnerabilityCoderepo(c api.Client) (VulnerabilityCoderepoPolicy, error)
Get the current coderepo vulnerability policy.
type VulnerabilityCoderepoRule ¶
type VulnerabilityCoderepoRule struct {
AlertThreshold VulnerabilityCoderepoThreshold `json:"alertThreshold,omitempty"`
BlockMessage string `json:"blockMsg,omitempty"`
BlockThreshold VulnerabilityCoderepoThreshold `json:"blockThreshold,omitempty"`
Collections []collection.Collection `json:"collections,omitempty"`
CreatePR bool `json:"createPR,omitempty"`
CveRules []VulnerabilityCoderepoCveRule `json:"cveRules,omitempty"`
Disabled bool `json:"disabled"`
Effect string `json:"effect,omitempty"`
GraceDays int `json:"graceDays,omitempty"`
GraceDaysPolicy VulnerabilityCoderepoGraceDaysPolicy `json:"graceDaysPolicy,omitempty"`
Name string `json:"name,omitempty"`
Notes string `json:"notes,omitempty"`
OnlyFixed bool `json:"onlyFixed"`
TagRules []VulnerabilityCoderepoTagRule `json:"tags,omitempty"`
Verbose bool `json:"verbose"`
}
type VulnerabilityCoderepoTagRule ¶
type VulnerabilityCoderepoTagRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityCoderepoExpiration `json:"expiration,omitempty"`
Name string `json:"name,omitempty"`
}
type VulnerabilityHostCveRule ¶
type VulnerabilityHostCveRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityHostExpiration `json:"expiration,omitempty"`
Id string `json:"id,omitempty"`
}
type VulnerabilityHostPolicy ¶
type VulnerabilityHostPolicy struct {
Rules []VulnerabilityHostRule `json:"rules,omitempty"`
Type string `json:"policyType,omitempty"`
}
func GetVulnerabilityHost ¶
func GetVulnerabilityHost(c api.Client) (VulnerabilityHostPolicy, error)
Get the current host vulnerability policy.
type VulnerabilityHostRule ¶
type VulnerabilityHostRule struct {
AlertThreshold VulnerabilityHostThreshold `json:"alertThreshold,omitempty"`
Collections []collection.Collection `json:"collections,omitempty"`
CveRules []VulnerabilityHostCveRule `json:"cveRules,omitempty"`
Disabled bool `json:"disabled"`
Effect string `json:"effect,omitempty"`
GraceDays int `json:"graceDays,omitempty"`
Name string `json:"name,omitempty"`
Notes string `json:"notes,omitempty"`
OnlyFixed bool `json:"onlyFixed"`
TagRules []VulnerabilityHostTagRule `json:"tags,omitempty"`
Verbose bool `json:"verbose"`
}
type VulnerabilityHostTagRule ¶
type VulnerabilityHostTagRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityHostExpiration `json:"expiration,omitempty"`
Name string `json:"name,omitempty"`
}
type VulnerabilityImageCveRule ¶
type VulnerabilityImageCveRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityImageExpiration `json:"expiration,omitempty"`
Id string `json:"id,omitempty"`
}
type VulnerabilityImagePolicy ¶
type VulnerabilityImagePolicy struct {
Rules []VulnerabilityImageRule `json:"rules,omitempty"`
Type string `json:"policyType,omitempty"`
}
func GetVulnerabilityCiImage ¶
func GetVulnerabilityCiImage(c api.Client) (VulnerabilityImagePolicy, error)
Get the current CI image vulnerability policy.
func GetVulnerabilityImage ¶
func GetVulnerabilityImage(c api.Client) (VulnerabilityImagePolicy, error)
Get the current image vulnerability policy.
type VulnerabilityImageRule ¶
type VulnerabilityImageRule struct {
AlertThreshold VulnerabilityImageThreshold `json:"alertThreshold,omitempty"`
BlockMessage string `json:"blockMsg,omitempty"`
BlockThreshold VulnerabilityImageThreshold `json:"blockThreshold,omitempty"`
Collections []collection.Collection `json:"collections,omitempty"`
CveRules []VulnerabilityImageCveRule `json:"cveRules,omitempty"`
Disabled bool `json:"disabled"`
Effect string `json:"effect,omitempty"`
GraceDays int `json:"graceDays,omitempty"`
GraceDaysPolicy VulnerabilityImageGraceDaysPolicy `json:"graceDaysPolicy,omitempty"`
Name string `json:"name,omitempty"`
Notes string `json:"notes,omitempty"`
OnlyFixed bool `json:"onlyFixed"`
TagRules []VulnerabilityImageTagRule `json:"tags,omitempty"`
Verbose bool `json:"verbose"`
}
type VulnerabilityImageTagRule ¶
type VulnerabilityImageTagRule struct {
Description string `json:"description,omitempty"`
Effect string `json:"effect,omitempty"`
Expiration VulnerabilityImageExpiration `json:"expiration,omitempty"`
Name string `json:"name,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.