Documentation ¶
Index ¶
- Constants
- func CreateCustomCompliance(c api.Client, compliance CustomCompliance) error
- func DeleteCustomCompliance(c api.Client, name string) error
- func GenerateCustomComplianceId(c api.Client) (int, error)
- func SetRuntimeContainerRule(c api.Client, policy RuntimeContainerPolicy) error
- func UpdateAdmission(c api.Client, policy AdmissionPolicy) error
- func UpdateComplianceCiCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
- func UpdateComplianceCiImage(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceCiServerless(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
- func UpdateComplianceContainer(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceHost(c api.Client, policy CompliancePolicy) error
- func UpdateComplianceServerless(c api.Client, policy CompliancePolicy) error
- func UpdateCustomCompliance(c api.Client, compliance CustomCompliance) error
- func UpdateRuntimeContainer(c api.Client, policy RuntimeContainerPolicy) error
- func UpdateRuntimeHost(c api.Client, policy RuntimeHostPolicy) error
- func UpdateVulnerabilityCiCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
- func UpdateVulnerabilityCiImage(c api.Client, policy VulnerabilityImagePolicy) error
- func UpdateVulnerabilityCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
- func UpdateVulnerabilityHost(c api.Client, policy VulnerabilityHostPolicy) error
- func UpdateVulnerabilityImage(c api.Client, policy VulnerabilityImagePolicy) error
- type AdmissionPolicy
- type AdmissionRule
- type ComplianceCheck
- type ComplianceCoderepoGraceDaysPolicy
- type ComplianceCoderepoLicense
- type ComplianceCoderepoPolicy
- type ComplianceCoderepoRule
- type ComplianceCoderepoThreshold
- type ComplianceConditions
- type CompliancePolicy
- func GetComplianceCiImage(c api.Client) (CompliancePolicy, error)
- func GetComplianceCiServerless(c api.Client) (CompliancePolicy, error)
- func GetComplianceContainer(c api.Client) (CompliancePolicy, error)
- func GetComplianceHost(c api.Client) (CompliancePolicy, error)
- func GetComplianceServerless(c api.Client) (CompliancePolicy, error)
- type ComplianceRule
- type CustomCompliance
- type RuntimeContainerCustomRule
- type RuntimeContainerDeniedList
- type RuntimeContainerDns
- type RuntimeContainerDnsDomainList
- type RuntimeContainerFilesystem
- type RuntimeContainerNetwork
- type RuntimeContainerNetworkPorts
- type RuntimeContainerPolicy
- type RuntimeContainerPort
- type RuntimeContainerProcesses
- type RuntimeContainerRule
- type RuntimeHostAntiMalware
- type RuntimeHostCustomRule
- type RuntimeHostDeniedProcesses
- type RuntimeHostDns
- type RuntimeHostFileIntegrityRule
- type RuntimeHostForensic
- type RuntimeHostLogInspectionRule
- type RuntimeHostNetwork
- type RuntimeHostPolicy
- type RuntimeHostPort
- type RuntimeHostRule
- type VulnerabilityCoderepoCveRule
- type VulnerabilityCoderepoExpiration
- type VulnerabilityCoderepoGraceDaysPolicy
- type VulnerabilityCoderepoPolicy
- type VulnerabilityCoderepoRule
- type VulnerabilityCoderepoTagRule
- type VulnerabilityCoderepoThreshold
- type VulnerabilityHostCveRule
- type VulnerabilityHostExpiration
- type VulnerabilityHostPolicy
- type VulnerabilityHostRule
- type VulnerabilityHostTagRule
- type VulnerabilityHostThreshold
- type VulnerabilityImageCveRule
- type VulnerabilityImageExpiration
- type VulnerabilityImageGraceDaysPolicy
- type VulnerabilityImagePolicy
- type VulnerabilityImageRule
- type VulnerabilityImageTagRule
- type VulnerabilityImageThreshold
Constants ¶
const ( ComplianceCiImagesEndpoint = "api/v1/policies/compliance/ci/images" ComplianceCiServerlessEndpoint = "api/v1/policies/compliance/ci/serverless" ComplianceContainerEndpoint = "api/v1/policies/compliance/container" ComplianceHostEndpoint = "api/v1/policies/compliance/host" ComplianceServerlessEndpoint = "api/v1/policies/compliance/serverless" )
const ( ComplianceCodereposEndpoint = "api/v1/policies/compliance/coderepos" ComplianceCiCodereposEndpoint = "api/v1/policies/compliance/ci/coderepos" )
const ( VulnerabilityCodereposEndpoint = "api/v1/policies/vulnerability/coderepos" VulnerabilityCiCodereposEndpoint = "api/v1/policies/vulnerability/ci/coderepos" )
const ( VulnerabilityImagesEndpoint = "api/v1/policies/vulnerability/images" VulnerabilityCiImagesEndpoint = "api/v1/policies/vulnerability/ci/images" )
const AdmissionEndpoint = "api/v1/policies/admission"
const CustomCompliancesEndpoint = "api/v1/custom-compliance"
const RuntimeContainerEndpoint = "api/v1/policies/runtime/container"
const RuntimeHostEndpoint = "api/v1/policies/runtime/host"
const VulnerabilityHostEndpoint = "api/v1/policies/vulnerability/host"
Variables ¶
This section is empty.
Functions ¶
func CreateCustomCompliance ¶ added in v0.7.0
func CreateCustomCompliance(c api.Client, compliance CustomCompliance) error
Create a new custom compliance. func CreateCustomCompliance(c api.Client, compliance CustomCompliance) (int, error) {
func DeleteCustomCompliance ¶ added in v0.7.0
Delete an existing custom Compliance.
func GenerateCustomComplianceId ¶ added in v0.7.0
Helper method to generate an ID for new custom Compliance. Finds the maximum custom Compliance ID and increments it by 1.
func SetRuntimeContainerRule ¶ added in v0.8.0
func SetRuntimeContainerRule(c api.Client, policy RuntimeContainerPolicy) error
Add new container runtime policy rule
func UpdateAdmission ¶
func UpdateAdmission(c api.Client, policy AdmissionPolicy) error
Update the current admission policy.
func UpdateComplianceCiCoderepo ¶ added in v0.6.0
func UpdateComplianceCiCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
Update the current CI coderepo compliance policy.
func UpdateComplianceCiImage ¶
func UpdateComplianceCiImage(c api.Client, policy CompliancePolicy) error
Update the current CI image compliance policy.
func UpdateComplianceCiServerless ¶
func UpdateComplianceCiServerless(c api.Client, policy CompliancePolicy) error
Update the current CI serverless compliance policy.
func UpdateComplianceCoderepo ¶ added in v0.6.0
func UpdateComplianceCoderepo(c api.Client, policy ComplianceCoderepoPolicy) error
Update the current coderepo compliance policy.
func UpdateComplianceContainer ¶
func UpdateComplianceContainer(c api.Client, policy CompliancePolicy) error
Update the current container compliance policy.
func UpdateComplianceHost ¶
func UpdateComplianceHost(c api.Client, policy CompliancePolicy) error
Update the current host compliance policy.
func UpdateComplianceServerless ¶
func UpdateComplianceServerless(c api.Client, policy CompliancePolicy) error
Update the current serverless compliance policy.
func UpdateCustomCompliance ¶ added in v0.7.0
func UpdateCustomCompliance(c api.Client, compliance CustomCompliance) error
Update an existing custom Compliance.
func UpdateRuntimeContainer ¶
func UpdateRuntimeContainer(c api.Client, policy RuntimeContainerPolicy) error
Update the current container runtime policy.
func UpdateRuntimeHost ¶
func UpdateRuntimeHost(c api.Client, policy RuntimeHostPolicy) error
Update the current host runtime policy.
func UpdateVulnerabilityCiCoderepo ¶
func UpdateVulnerabilityCiCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
Update the current CI coderepo vulnerability policy.
func UpdateVulnerabilityCiImage ¶
func UpdateVulnerabilityCiImage(c api.Client, policy VulnerabilityImagePolicy) error
Update the current CI image vulnerability policy.
func UpdateVulnerabilityCoderepo ¶
func UpdateVulnerabilityCoderepo(c api.Client, policy VulnerabilityCoderepoPolicy) error
Update the current coderepo vulnerability policy.
func UpdateVulnerabilityHost ¶
func UpdateVulnerabilityHost(c api.Client, policy VulnerabilityHostPolicy) error
Update the current host vulnerability policy.
func UpdateVulnerabilityImage ¶
func UpdateVulnerabilityImage(c api.Client, policy VulnerabilityImagePolicy) error
Update the current image vulnerability policy.
Types ¶
type AdmissionPolicy ¶
type AdmissionPolicy struct { Id string `json:"_id,omitempty"` Rules []AdmissionRule `json:"rules,omitempty"` }
func GetAdmission ¶
func GetAdmission(c api.Client) (AdmissionPolicy, error)
Get the current admission policy.
type AdmissionRule ¶
type ComplianceCheck ¶
type ComplianceCoderepoGraceDaysPolicy ¶ added in v0.6.0
type ComplianceCoderepoLicense ¶ added in v0.6.0
type ComplianceCoderepoLicense struct { AlertThreshold ComplianceCoderepoThreshold `json:"alertThreshold,omitempty"` BlockThreshold ComplianceCoderepoThreshold `json:"blockThreshold,omitempty"` Critical []string `json:"critical,omitempty"` High []string `json:"high,omitempty"` Medium []string `json:"medium,omitempty"` Low []string `json:"low,omitempty"` }
type ComplianceCoderepoPolicy ¶ added in v0.6.0
type ComplianceCoderepoPolicy struct { Rules []ComplianceCoderepoRule `json:"rules,omitempty"` Type string `json:"policyType,omitempty"` }
func GetComplianceCiCoderepo ¶ added in v0.6.0
func GetComplianceCiCoderepo(c api.Client) (ComplianceCoderepoPolicy, error)
Get the current CI coderepo compliance policy.
func GetComplianceCoderepo ¶ added in v0.6.0
func GetComplianceCoderepo(c api.Client) (ComplianceCoderepoPolicy, error)
Get the current coderepo compliance policy.
type ComplianceCoderepoRule ¶ added in v0.6.0
type ComplianceCoderepoRule struct { Collections []collection.Collection `json:"collections,omitempty"` Disabled bool `json:"disabled"` Effect string `json:"effect,omitempty"` GraceDays int `json:"graceDays,omitempty"` GraceDaysPolicy ComplianceCoderepoGraceDaysPolicy `json:"graceDaysPolicy,omitempty"` Name string `json:"name,omitempty"` Notes string `json:"notes,omitempty"` License ComplianceCoderepoLicense `json:"license,omitempty"` }
type ComplianceCoderepoThreshold ¶ added in v0.6.0
type ComplianceConditions ¶
type ComplianceConditions struct {
Checks []ComplianceCheck `json:"vulnerabilities,omitempty"`
}
type CompliancePolicy ¶
type CompliancePolicy struct { Rules []ComplianceRule `json:"rules,omitempty"` Type string `json:"policyType,omitempty"` }
func GetComplianceCiImage ¶
func GetComplianceCiImage(c api.Client) (CompliancePolicy, error)
Get the current CI image compliance policy.
func GetComplianceCiServerless ¶
func GetComplianceCiServerless(c api.Client) (CompliancePolicy, error)
Get the current CI serverless compliance policy.
func GetComplianceContainer ¶
func GetComplianceContainer(c api.Client) (CompliancePolicy, error)
Get the current container compliance policy.
func GetComplianceHost ¶
func GetComplianceHost(c api.Client) (CompliancePolicy, error)
Get the current host compliance policy.
func GetComplianceServerless ¶
func GetComplianceServerless(c api.Client) (CompliancePolicy, error)
Get the current serverless compliance policy.
type ComplianceRule ¶
type ComplianceRule struct { BlockMessage string `json:"blockMsg,omitempty"` Collections []collection.Collection `json:"collections,omitempty"` Conditions ComplianceConditions `json:"condition,omitempty"` Disabled bool `json:"disabled"` Effect string `json:"effect,omitempty"` Name string `json:"name,omitempty"` Notes string `json:"notes,omitempty"` ShowPassedChecks bool `json:"allCompliance"` Verbose bool `json:"verbose"` }
type CustomCompliance ¶ added in v0.7.0
type CustomCompliance struct { Id int `json:"_id,omitempty"` Name string `json:"name,omitempty"` Title string `json:"title,omitempty"` Severity string `json:"severity,omitempty"` Script string `json:"script,omitempty"` }
func GetCustomComplianceById ¶ added in v0.7.0
func GetCustomComplianceById(c api.Client, id int) (*CustomCompliance, error)
Get a specific custom Compliance by ID.
func GetCustomComplianceByName ¶ added in v0.7.0
func GetCustomComplianceByName(c api.Client, name string) (*CustomCompliance, error)
Get a specific custom Compliance by name.
func ListCustomCompliance ¶ added in v0.7.0
func ListCustomCompliance(c api.Client) ([]CustomCompliance, error)
Get all custom Compliances.
type RuntimeContainerDeniedList ¶ added in v0.8.0
type RuntimeContainerDns ¶
type RuntimeContainerDns struct { DefaultEffect string `json:"defaultEffect,omitempty"` Disabled bool `json:"disabled,omitempty"` DomainList RuntimeContainerDnsDomainList `json:"domainList,omitempty"` }
type RuntimeContainerDnsDomainList ¶ added in v0.8.0
type RuntimeContainerFilesystem ¶
type RuntimeContainerFilesystem struct { AllowedList []string `json:"allowedList,omitempty"` BackdoorFilesEffect string `json:"backdoorFilesEffect,omitempty"` DefaultEffect string `json:"defaultEffect,omitempty"` DeniedList RuntimeContainerDeniedList `json:"deniedList,omitempty"` Disabled bool `json:"disabled,omitempty"` EncryptedBinariesEffect string `json:"encryptedBinariesEffect,omitempty"` NewFilesEffect string `json:"newFilesEffect,omitempty"` SuspiciousElfHeadersEffect string `json:"suspiciousElfHeadersEffect,omitempty"` }
type RuntimeContainerNetwork ¶
type RuntimeContainerNetwork struct { AllowedIps []string `json:"allowedIPs,omitempty"` DefaultEffect string `json:"defaultEffect,omitempty"` DeniedIps []string `json:"deniedIPs,omitempty"` DeniedIpsEffect string `json:"deniedIPsEffect,omitempty"` Disabled bool `json:"disabled,omitempty"` ListeningPorts RuntimeContainerNetworkPorts `json:"listeningPorts,omitempty"` ModifiedProcEffect string `json:"modifiedProcEffect,omitempty"` OutboundPorts RuntimeContainerNetworkPorts `json:"outboundPorts,omitempty"` PortScanEffect string `json:"portScanEffect,omitempty"` RawSocketsEffect string `json:"rawSocketsEffect,omitempty"` }
type RuntimeContainerNetworkPorts ¶ added in v0.8.0
type RuntimeContainerNetworkPorts struct { Allowed []RuntimeContainerPort `json:"allowed,omitempty"` Denied []RuntimeContainerPort `json:"denied,omitempty"` Effect string `json:"effect,omitempty"` }
type RuntimeContainerPolicy ¶
type RuntimeContainerPolicy struct { LearningDisabled bool `json:"learningDisabled,omitempty"` Rules []RuntimeContainerRule `json:"rules,omitempty"` }
func GetRuntimeContainer ¶
func GetRuntimeContainer(c api.Client) (RuntimeContainerPolicy, error)
Get the current container runtime policy.
type RuntimeContainerPort ¶
type RuntimeContainerProcesses ¶
type RuntimeContainerProcesses struct { ModifiedProcessEffect string `json:"modifiedProcessEffect,omitempty"` CryptoMinersEffect string `json:"cryptoMinersEffect,omitempty"` LateralMovementEffect string `json:"lateralMovementEffect,omitempty"` ReverseShellEffect string `json:"reverseShellEffect,omitempty"` SuidBinariesEffect string `json:"suidBinariesEffect,omitempty"` DefaultEffect string `json:"defaultEffect,omitempty"` CheckParentChild bool `json:"checkParentChild"` AllowedList []string `json:"allowedList,omitempty"` Disabled bool `json:"disabled"` DeniedList RuntimeContainerDeniedList `json:"deniedList"` }
type RuntimeContainerRule ¶
type RuntimeContainerRule struct { AdvancedProtectionEffect string `json:"advancedProtectionEffect"` CloudMetadataEnforcementEffect string `json:"cloudMetadataEnforcementEffect"` Collections []collection.Collection `json:"collections,omitempty"` CustomRules []RuntimeContainerCustomRule `json:"customRules,omitempty"` Disabled bool `json:"disabled"` Dns RuntimeContainerDns `json:"dns,omitempty"` Filesystem RuntimeContainerFilesystem `json:"filesystem,omitempty"` KubernetesEnforcementEffect string `json:"kubernetesEnforcementEffect"` Name string `json:"name,omitempty"` PreviousName string `json:"previousName,omitempty"` SkipExecSessions bool `json:"skipExecSessions,omitempty"` Network RuntimeContainerNetwork `json:"network,omitempty"` Notes string `json:"notes,omitempty"` Processes RuntimeContainerProcesses `json:"processes,omitempty"` WildFireAnalysis string `json:"wildFireAnalysis,omitempty"` }
type RuntimeHostAntiMalware ¶
type RuntimeHostAntiMalware struct { AllowedProcesses []string `json:"allowedProcesses,omitempty"` CryptoMiner string `json:"cryptoMiner,omitempty"` CustomFeed string `json:"customFeed,omitempty"` DeniedProcesses RuntimeHostDeniedProcesses `json:"deniedProcesses,omitempty"` DetectCompilerGeneratedBinary bool `json:"detectCompilerGeneratedBinary"` EncryptedBinaries string `json:"encryptedBinaries,omitempty"` ExecutionFlowHijack string `json:"executionFlowHijack,omitempty"` IntelligenceFeed string `json:"intelligenceFeed,omitempty"` ReverseShell string `json:"reverseShell,omitempty"` ServiceUnknownOriginBinary string `json:"serviceUnknownOriginBinary,omitempty"` SkipSshTracking bool `json:"skipSSHTracking,omitempty"` SuspiciousElfHeaders string `json:"suspiciousELFHeaders,omitempty"` TempFsProcesses string `json:"tempFSProc,omitempty"` UserUnknownOriginBinary string `json:"userUnknownOriginBinary,omitempty"` WebShell string `json:"webShell,omitempty"` WildFireAnalysis string `json:"wildFireAnalysis,omitempty"` }
type RuntimeHostCustomRule ¶
type RuntimeHostDns ¶
type RuntimeHostFileIntegrityRule ¶
type RuntimeHostFileIntegrityRule struct { AllowedProcesses []string `json:"procWhitelist,omitempty"` ExcludedFiles []string `json:"exclusions,omitempty"` Metadata bool `json:"metadata"` Path string `json:"path,omitempty"` Read bool `json:"read"` Recursive bool `json:"recursive"` Write bool `json:"write"` }
type RuntimeHostForensic ¶
type RuntimeHostForensic struct { ActivitiesDisabled bool `json:"activitiesDisabled"` DockerEnabled bool `json:"dockerEnabled"` ReadonlyDockerEnabled bool `json:"readonlyDockerEnabled"` ServiceActivitiesEnabled bool `json:"serviceActivitiesEnabled"` SshdEnabled bool `json:"sshdEnabled"` SudoEnabled bool `json:"sudoEnabled"` }
type RuntimeHostNetwork ¶
type RuntimeHostNetwork struct { AllowedOutboundIps []string `json:"allowedOutboundIPs,omitempty"` CustomFeed string `json:"customFeed,omitempty"` DeniedListeningPorts []RuntimeHostPort `json:"deniedListeningPorts,omitempty"` DeniedOutboundIps []string `json:"deniedOutboundIPs,omitempty"` DeniedOutboundPorts []RuntimeHostPort `json:"deniedOutboundPorts,omitempty"` DenyEffect string `json:"denyListEffect,omitempty"` IntelligenceFeed string `json:"intelligenceFeed,omitempty"` }
type RuntimeHostPolicy ¶
type RuntimeHostPolicy struct {
Rules []RuntimeHostRule `json:"rules,omitempty"`
}
func GetRuntimeHost ¶
func GetRuntimeHost(c api.Client) (RuntimeHostPolicy, error)
Get the current host runtime policy.
type RuntimeHostPort ¶
type RuntimeHostRule ¶
type RuntimeHostRule struct { AntiMalware RuntimeHostAntiMalware `json:"antiMalware,omitempty"` Collections []collection.Collection `json:"collections,omitempty"` CustomRules []RuntimeHostCustomRule `json:"customRules,omitempty"` Disabled bool `json:"disabled"` Dns RuntimeHostDns `json:"dns,omitempty"` FileIntegrityRules []RuntimeHostFileIntegrityRule `json:"fileIntegrityRules,omitempty"` Forensic RuntimeHostForensic `json:"forensic,omitempty"` LogInspectionRules []RuntimeHostLogInspectionRule `json:"logInspectionRules,omitempty"` Name string `json:"name,omitempty"` Network RuntimeHostNetwork `json:"network,omitempty"` Notes string `json:"notes,omitempty"` }
type VulnerabilityCoderepoCveRule ¶
type VulnerabilityCoderepoCveRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityCoderepoExpiration `json:"expiration,omitempty"` Id string `json:"id,omitempty"` }
type VulnerabilityCoderepoPolicy ¶
type VulnerabilityCoderepoPolicy struct { Rules []VulnerabilityCoderepoRule `json:"rules,omitempty"` Type string `json:"policyType,omitempty"` }
func GetVulnerabilityCiCoderepo ¶
func GetVulnerabilityCiCoderepo(c api.Client) (VulnerabilityCoderepoPolicy, error)
Get the current CI coderepo vulnerability policy.
func GetVulnerabilityCoderepo ¶
func GetVulnerabilityCoderepo(c api.Client) (VulnerabilityCoderepoPolicy, error)
Get the current coderepo vulnerability policy.
type VulnerabilityCoderepoRule ¶
type VulnerabilityCoderepoRule struct { AlertThreshold VulnerabilityCoderepoThreshold `json:"alertThreshold,omitempty"` BlockMessage string `json:"blockMsg,omitempty"` BlockThreshold VulnerabilityCoderepoThreshold `json:"blockThreshold,omitempty"` Collections []collection.Collection `json:"collections,omitempty"` CreatePR bool `json:"createPR,omitempty"` CveRules []VulnerabilityCoderepoCveRule `json:"cveRules,omitempty"` Disabled bool `json:"disabled"` Effect string `json:"effect,omitempty"` GraceDays int `json:"graceDays,omitempty"` GraceDaysPolicy VulnerabilityCoderepoGraceDaysPolicy `json:"graceDaysPolicy,omitempty"` Name string `json:"name,omitempty"` Notes string `json:"notes,omitempty"` OnlyFixed bool `json:"onlyFixed"` TagRules []VulnerabilityCoderepoTagRule `json:"tags,omitempty"` Verbose bool `json:"verbose"` }
type VulnerabilityCoderepoTagRule ¶
type VulnerabilityCoderepoTagRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityCoderepoExpiration `json:"expiration,omitempty"` Name string `json:"name,omitempty"` }
type VulnerabilityHostCveRule ¶
type VulnerabilityHostCveRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityHostExpiration `json:"expiration,omitempty"` Id string `json:"id,omitempty"` }
type VulnerabilityHostPolicy ¶
type VulnerabilityHostPolicy struct { Rules []VulnerabilityHostRule `json:"rules,omitempty"` Type string `json:"policyType,omitempty"` }
func GetVulnerabilityHost ¶
func GetVulnerabilityHost(c api.Client) (VulnerabilityHostPolicy, error)
Get the current host vulnerability policy.
type VulnerabilityHostRule ¶
type VulnerabilityHostRule struct { AlertThreshold VulnerabilityHostThreshold `json:"alertThreshold,omitempty"` Collections []collection.Collection `json:"collections,omitempty"` CveRules []VulnerabilityHostCveRule `json:"cveRules,omitempty"` Disabled bool `json:"disabled"` Effect string `json:"effect,omitempty"` GraceDays int `json:"graceDays,omitempty"` Name string `json:"name,omitempty"` Notes string `json:"notes,omitempty"` OnlyFixed bool `json:"onlyFixed"` TagRules []VulnerabilityHostTagRule `json:"tags,omitempty"` Verbose bool `json:"verbose"` }
type VulnerabilityHostTagRule ¶
type VulnerabilityHostTagRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityHostExpiration `json:"expiration,omitempty"` Name string `json:"name,omitempty"` }
type VulnerabilityImageCveRule ¶
type VulnerabilityImageCveRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityImageExpiration `json:"expiration,omitempty"` Id string `json:"id,omitempty"` }
type VulnerabilityImagePolicy ¶
type VulnerabilityImagePolicy struct { Rules []VulnerabilityImageRule `json:"rules,omitempty"` Type string `json:"policyType,omitempty"` }
func GetVulnerabilityCiImage ¶
func GetVulnerabilityCiImage(c api.Client) (VulnerabilityImagePolicy, error)
Get the current CI image vulnerability policy.
func GetVulnerabilityImage ¶
func GetVulnerabilityImage(c api.Client) (VulnerabilityImagePolicy, error)
Get the current image vulnerability policy.
type VulnerabilityImageRule ¶
type VulnerabilityImageRule struct { AlertThreshold VulnerabilityImageThreshold `json:"alertThreshold,omitempty"` BlockMessage string `json:"blockMsg,omitempty"` BlockThreshold VulnerabilityImageThreshold `json:"blockThreshold,omitempty"` Collections []collection.Collection `json:"collections,omitempty"` CveRules []VulnerabilityImageCveRule `json:"cveRules,omitempty"` Disabled bool `json:"disabled"` Effect string `json:"effect,omitempty"` GraceDays int `json:"graceDays,omitempty"` GraceDaysPolicy VulnerabilityImageGraceDaysPolicy `json:"graceDaysPolicy,omitempty"` Name string `json:"name,omitempty"` Notes string `json:"notes,omitempty"` OnlyFixed bool `json:"onlyFixed"` TagRules []VulnerabilityImageTagRule `json:"tags,omitempty"` Verbose bool `json:"verbose"` }
type VulnerabilityImageTagRule ¶
type VulnerabilityImageTagRule struct { Description string `json:"description,omitempty"` Effect string `json:"effect,omitempty"` Expiration VulnerabilityImageExpiration `json:"expiration,omitempty"` Name string `json:"name,omitempty"` }