rego

package
v0.53.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 1, 2024 License: Apache-2.0 Imports: 32 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildSchemaSetFromPolicies 

func BuildSchemaSetFromPolicies(policies map[string]*ast.Module, paths []string, fsys fs.FS) (*ast.SchemaSet, bool, error)

func BuiltinNamespaces added in v0.51.0 

func BuiltinNamespaces() []string

func GetInputsContents 

func GetInputsContents(inputs []Input) []any

func IsBuiltinNamespace added in v0.51.0 

func IsBuiltinNamespace(namespace string) bool

func IsDotFile 

func IsDotFile(name string) bool

func IsJSONFile 

func IsJSONFile(name string) bool

func IsRegoFile 

func IsRegoFile(name string) bool

func LoadEmbeddedLibraries 

func LoadEmbeddedLibraries() (map[string]*ast.Module, error)

func LoadEmbeddedPolicies 

func LoadEmbeddedPolicies() (map[string]*ast.Module, error)

func LoadPoliciesFromDirs 

func LoadPoliciesFromDirs(target fs.FS, paths ...string) (map[string]*ast.Module, error)

func NewEngineMetadata 

func NewEngineMetadata(schema string, meta map[string]any) (*scan.EngineMetadata, error)

func RegisterRegoRules 

func RegisterRegoRules(modules map[string]*ast.Module)

Types

type DynamicMetadata 

type DynamicMetadata struct {
	Warning   bool
	Filepath  string
	Message   string
	StartLine int
	EndLine   int
}

type Input 

type Input struct {
	Path     string `json:"path"`
	FS       fs.FS  `json:"-"`
	Contents any    `json:"contents"`
}

type InputOptions 

type InputOptions struct {
	Combined  bool
	Selectors []Selector
}

type MetadataRetriever 

type MetadataRetriever struct {
	// contains filtered or unexported fields
}

func NewMetadataRetriever 

func NewMetadataRetriever(compiler *ast.Compiler) *MetadataRetriever

func (*MetadataRetriever) RetrieveMetadata 

func (m *MetadataRetriever) RetrieveMetadata(ctx context.Context, module *ast.Module, contents ...any) (*StaticMetadata, error)

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

func NewScanner 

func NewScanner(source types.Source, opts ...options.ScannerOption) *Scanner

func (*Scanner) LoadPolicies 

func (s *Scanner) LoadPolicies(enableEmbeddedLibraries, enableEmbeddedPolicies bool, srcFS fs.FS, paths []string, readers []io.Reader) error

func (*Scanner) ScanInput 

func (s *Scanner) ScanInput(ctx context.Context, inputs ...Input) (scan.Results, error)

func (*Scanner) SetDataDirs 

func (s *Scanner) SetDataDirs(dirs ...string)

func (*Scanner) SetDataFilesystem 

func (s *Scanner) SetDataFilesystem(fsys fs.FS)

func (*Scanner) SetDebugWriter 

func (s *Scanner) SetDebugWriter(writer io.Writer)

func (*Scanner) SetFrameworks 

func (s *Scanner) SetFrameworks(frameworks []framework.Framework)

func (*Scanner) SetIncludeDeprecatedChecks added in v0.52.0 

func (s *Scanner) SetIncludeDeprecatedChecks(b bool)

func (*Scanner) SetParentDebugLogger 

func (s *Scanner) SetParentDebugLogger(l debug.Logger)

func (*Scanner) SetPerResultTracingEnabled 

func (s *Scanner) SetPerResultTracingEnabled(b bool)

func (*Scanner) SetPolicyDirs 

func (s *Scanner) SetPolicyDirs(_ ...string)

func (*Scanner) SetPolicyFilesystem 

func (s *Scanner) SetPolicyFilesystem(fsys fs.FS)

func (*Scanner) SetPolicyNamespaces 

func (s *Scanner) SetPolicyNamespaces(namespaces ...string)

func (*Scanner) SetPolicyReaders 

func (s *Scanner) SetPolicyReaders(_ []io.Reader)

func (*Scanner) SetRegoErrorLimit 

func (s *Scanner) SetRegoErrorLimit(limit int)

func (*Scanner) SetRegoOnly 

func (s *Scanner) SetRegoOnly(bool)

func (*Scanner) SetSkipRequiredCheck 

func (s *Scanner) SetSkipRequiredCheck(_ bool)

func (*Scanner) SetSpec 

func (s *Scanner) SetSpec(spec string)

func (*Scanner) SetTraceWriter 

func (s *Scanner) SetTraceWriter(writer io.Writer)

func (*Scanner) SetUseEmbeddedLibraries 

func (s *Scanner) SetUseEmbeddedLibraries(b bool)

func (*Scanner) SetUseEmbeddedPolicies 

func (s *Scanner) SetUseEmbeddedPolicies(b bool)

type Selector 

type Selector struct {
	Type     string
	Subtypes []SubType
}

type StaticMetadata 

type StaticMetadata struct {
	Deprecated         bool
	ID                 string
	AVDID              string
	Title              string
	ShortCode          string
	Aliases            []string
	Description        string
	Severity           string
	RecommendedActions string
	PrimaryURL         string
	References         []string
	InputOptions       InputOptions
	Package            string
	Frameworks         map[framework.Framework][]string
	Provider           string
	Service            string
	Library            bool
	CloudFormation     *scan.EngineMetadata
	Terraform          *scan.EngineMetadata
}

func NewStaticMetadata 

func NewStaticMetadata(pkgPath string, inputOpt InputOptions) *StaticMetadata

func (*StaticMetadata) FromAnnotations 

func (sm *StaticMetadata) FromAnnotations(annotations *ast.Annotations) error

func (StaticMetadata) ToRule 

func (m StaticMetadata) ToRule() scan.Rule

func (*StaticMetadata) Update 

func (sm *StaticMetadata) Update(meta map[string]any) error

type SubType 

type SubType struct {
	Group     string
	Version   string
	Kind      string
	Namespace string
	Service   string // only for cloud
	Provider  string // only for cloud
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.