armotypes

package
v0.0.175 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 26, 2023 License: Apache-2.0 Imports: 7 Imported by: 59

Documentation

Index

Constants

View Source
const (
	// In-cluster namespaces
	ArmoSystemNamespace = "armo-system" // deprecated, kept for backward compatibility
	KubescapeNamespace  = "kubescape"

	ArmoKollectorContainerName = "armo-collector" // deprecated, kept for backward compatibility
	KollectorContainerName     = "kollector"

	// registry scan
	LowestHelmVersionSupportedRegistryScanAndTest = "v1.9"
	LowestHelmVersionSupportedRegistryScan        = "v1.7.14"
	RegistryInfoArgKey                            = "registryInfo-v1"
	RegistryScanSecretName                        = "kubescape-registry-scan" //nolint:gosec

	// vulnerability scan
	LowestHelmVersionSupportedVulnerabilityScan = "v1.7.17"

	// cronjob template annotation and labels
	CronJobTemplateAnnotationArmoJobIDKeyDeprecated      = "armo.jobid"       // deprecated
	CronJobTemplateAnnotationArmoCloudJobIDKeyDeprecated = "armo.cloud/jobid" // deprecated
	CronJobTemplateAnnotationJobIDKey                    = "app.kubescape/job-id"

	CronJobTemplateAnnotationUpdateJobIDDeprecated = "armo.updatejobid" // deprecated
	CronJobTemplateAnnotationUpdateJobID           = "app.kubescape/update-job-id"

	CronJobTemplateAnnotationNamespaceKeyDeprecated = "armo.namespace" // deprecated
	CronJobTemplateAnnotationNamespaceKey           = "app.kubescape/namespace"

	CronJobTemplateAnnotationRegistryNameKey = "armo.cloud/registryname"
	CronJobTemplateAnnotationHostScannerKey  = "armo.host-scanner"
	CronJobTemplateAnnotationFrameworkKey    = "armo.framework"

	CronJobTemplateLabelKey               = "armo.tier"
	CronJobTemplateLabelValueKubescape    = "kubescape-scan"
	CronJobTemplateLabelValueVulnScan     = "vuln-scan"
	CronJobTemplateLabelValueRegistryScan = "registry-scan"
)
View Source
const (
	K8sKindCluster   = "Cluster"
	K8sKindNode      = "Node"
	K8sKindNamespace = "Namespace"

	K8sApiVersionV1      = "v1"
	K8sApiVersionRBAC    = "rbac.authorization.k8s.io"
	K8sApiVersionRBACV1  = K8sApiVersionRBAC + "/" + K8sApiVersionV1
	K8SApiVersionAppsV1  = "apps/v1"
	K8SApiVersionBatchV1 = "batch/v1"
)
View Source
const (
	CustomerGuidQuery   = "customerGUID"
	ClusterNameQuery    = "cluster"
	DatacenterNameQuery = "datacenter"
	NamespaceQuery      = "namespace"
	ProjectQuery        = "project"
	WlidQuery           = "wlid"
	SidQuery            = "sid"
)
View Source
const (
	SubscriptionStatusIncomplete        = string(stripe.SubscriptionStatusIncomplete)
	SubscriptionStatusIncompleteExpired = string(stripe.SubscriptionStatusIncompleteExpired)
	SubscriptionStatusTrialing          = string(stripe.SubscriptionStatusTrialing)
	SubscriptionStatusActive            = string(stripe.SubscriptionStatusActive)
	SubscriptionStatusPastDue           = string(stripe.SubscriptionStatusPastDue)
	SubscriptionStatusCanceled          = string(stripe.SubscriptionStatusCanceled)
	SubscriptionStatusUnpaid            = string(stripe.SubscriptionStatusUnpaid)
)
View Source
const (
	DesignatorsToken       = "designators"
	AttributeCustomerGUID  = "customerGUID"
	AttributeRegistryName  = "registryName"
	AttributeRepository    = "repository"
	AttributeTag           = "tag"
	AttributeCluster       = "cluster"
	AttributeNamespace     = "namespace"
	AttributeKind          = "kind"
	AttributeName          = "name"
	AttributeContainerName = "containerName"
	AttributeApiVersion    = "apiVersion"
	AttributeWorkloadHash  = "workloadHash"
	AttributeIsIncomplete  = "isIncomplete"
	AttributeSensor        = "sensor"
	AttributePath          = "path"
	AttributeResourceID    = "resourceID"
)

attributes

View Source
const (
	AttributeRepoName      = "repoName"
	AttributeRepoOwner     = "repoOwner"
	AttributeRepoHash      = "repoHash"
	AttributeBranchName    = "branch"
	AttributeDefaultBranch = "defaultBranch"
	AttributeProvider      = "provider"
	AttributeRemoteURL     = "remoteURL"

	AttributeLastCommitHash     = "lastCommitHash"
	AttributeLastCommitterName  = "lastCommitterName"
	AttributeLastCommitterEmail = "lastCommitterEmail"
	AttributeLastCommitTime     = "lastCommitTime"

	AttributeFilePath          = "filePath"
	AttributeFileType          = "fileType"
	AttributeFileDir           = "fileDirectory"
	AttributeFileUrl           = "fileUrl"
	AttributeFileHelmChartName = "fileHelmChartName"

	AttributeLastFileCommitHash     = "lastFileCommitHash"
	AttributeLastFileCommitterName  = "lastFileCommitterName"
	AttributeLastFileCommitterEmail = "LastFileCommitterEmail"
	AttributeLastFileCommitTime     = "lastFileCommitTime"

	AttributeUseHTTP       = "useHTTP"
	AttributeSkipTLSVerify = "skipTLSVerify"
)

Repository scan related attributes

View Source
const (
	AttributeImageScanRelated     = "imageScanRelated"
	AttributeImageRelatedControls = "imageRelatedControls"
	AttributeHostSensorRule       = "hostSensorRule"
	AttributeHostSensor           = "hostSensor"
)

rego-library attributes

View Source
const (
	AttributeWorkerNodes             = "workerNodes"
	WorkerNodesmax                   = "max"
	WorkerNodeslastReported          = "lastReported"
	WorkerNodeslastReportDate        = "lastReportDate"
	WorkerNodesmaxPerMonth           = "maxPerMonth"
	WorkerNodesmaxReportGUID         = "maxReportGUID"
	WorkerNodesmaxPerMonthReportGUID = "maxPerMonthReportGUID"
	WorkerNodeslastReportGUID        = "lastReportGUID"
)

Worker nodes attribute related consts

View Source
const (
	PostureControlStatusUnknown    = 0
	PostureControlStatusPassed     = 1
	PostureControlStatusWarning    = 2 // deprecated
	PostureControlStatusFailed     = 3
	PostureControlStatusSkipped    = 4
	PostureControlStatusIrrelevant = 5 // deprecated
	PostureControlStatusError      = 6

	PostureResourceMaxCtrls = 6
)

Variables

Functions

func DigestAttributesDesignator

func DigestAttributesDesignator(attributes map[string]string) (string, string, map[string]string)

func DigestPortalDesignator

func DigestPortalDesignator(designator *PortalDesignator) (string, string, map[string]string)

DigestPortalDesignator DEPRECATED. use designator.DigestPortalDesignator() - get cluster namespace and labels from designator

func GetInClusterSupportedNamespaces added in v0.0.114

func GetInClusterSupportedNamespaces() []string

func IsDesignatorsMatchContext

func IsDesignatorsMatchContext(ctxSlice []ArmoContext, designator *PortalDesignator, designatorPrefix string) bool

checks if all the context values match in designators

Types

type Alert2Channel

type Alert2Channel struct {
	Critical []SlackChannel `json:"criticalChannels,omitempty" bson:"criticalChannels,omitempty"`
	Error    []SlackChannel `json:"errorChannels,omitempty" bson:"errorChannels,omitempty"`
	Info     []SlackChannel `json:"infoChannels,omitempty" bson:"infoChannels,omitempty"`
}

type AlertLevel

type AlertLevel string
const (
	AlertInfo     AlertLevel = "info"
	AlertCritical AlertLevel = "critical"
	AlertError    AlertLevel = "error"
)

type ApprovementState

type ApprovementState struct {
	UpdateAuditEntry `json:",inline"`
	Status           ApprovementStatus `json:"status"`
}

type ApprovementStatus

type ApprovementStatus int
const (
	ApprovementStatusApprove ApprovementStatus = iota + 1
	ApprovementStatusDecline
	ApprovementStatusPending
)

type ArmoContext

type ArmoContext struct {
	Attribute string `json:"attribute"`
	Value     string `json:"value"`
	Source    string `json:"source"`
}

context attributes based structure to get more flexible and searchable options

func DesignatorToArmoContext

func DesignatorToArmoContext(designator *PortalDesignator, designatorPrefix string) []ArmoContext

type AssociationStatus

type AssociationStatus int
const (
	AssociationStatusAssigned AssociationStatus = iota + 1
	AssociationStatusShown
	AssociationStatusDeclineByUser
	AssociationStatusHandled // the user took this recommendation into account
	AssociationStatusFixed   // the user fixed the issue in some another way
)

type AttributesDesignators added in v0.0.151

type AttributesDesignators struct {
	// contains filtered or unexported fields
}

AttributeDesignators describe a kubernetes object, with its labels.

func (*AttributesDesignators) GetCluster added in v0.0.151

func (ad *AttributesDesignators) GetCluster() string

func (*AttributesDesignators) GetKind added in v0.0.151

func (ad *AttributesDesignators) GetKind() string

func (*AttributesDesignators) GetLabels added in v0.0.151

func (ad *AttributesDesignators) GetLabels() map[string]string

func (*AttributesDesignators) GetName added in v0.0.151

func (ad *AttributesDesignators) GetName() string

func (*AttributesDesignators) GetNamespace added in v0.0.151

func (ad *AttributesDesignators) GetNamespace() string

func (*AttributesDesignators) GetPath added in v0.0.151

func (ad *AttributesDesignators) GetPath() string

func (*AttributesDesignators) GetResourceID added in v0.0.173

func (ad *AttributesDesignators) GetResourceID() string

type AuthMethod added in v0.0.125

type AuthMethod struct {
	Username string `json:"username,omitempty" bson:"username"`
	Password string `json:"password,omitempty" bson:"password"`
	Type     string `json:"type,omitempty" bson:"type"`
}

type ClusterResourceScanned added in v0.0.142

type ClusterResourceScanned struct {
	ShortName       string          `json:"shortName" bson:"shortName"`
	Cluster         ResourceScanned `json:"cluster" bson:"cluster"`
	ReportGUID      string          `json:"reportGUID" bson:"reportGUID"`
	FailedResources uint64          `json:"failedResources" bson:"failedResources"`
}

type CollabAssignee

type CollabAssignee struct {

	//example: can be channelID(slack) "C02HD5MU9G8" and etc.
	AssgineeID string `json:"assigneeID"`

	//example: #abuse(slack)
	AssigneeName string `json:"assigneeName"`

	//put here properties of the assignee, ad
	AdditionalInfo []ArmoContext `json:"additionalInfo"`
}

type CollaborationConfig

type CollaborationConfig struct {
	PortalBase `json:",inline"`

	// Provider name
	// Example: jira
	Provider string `json:"provider"`

	// Host name for private hosting
	// Example: http://example.com
	HostName string `json:"hostName,omitempty"`

	// The context of sharing (for example in jira it will be cloud, project, etc)
	Context map[string]CollaborationConfigOption `json:"context"`

	// Icon url for the option. Optional
	// Example: https://site-admin-avatar-cdn.prod.public.atl-paas.net/avatars/240/triangle.png
	IconURL string `json:"iconURL,omitempty"`

	// Icon for the option encoded in base64. Optional
	IconBase64 string `json:"iconBase64,omitempty"`
}

swagger:model CollaborationConfig

type CollaborationConfigOption

type CollaborationConfigOption struct {
	// Type of the option
	// Example: Project
	Type *CollaborationConfigOptionType `json:"type,omitempty"`

	// Name of the option
	// Example: jira-main-project
	Name string `json:"name"`

	// ID of the option
	// Example: 8313c5a0-bee1-4a3c-8f4f-71ce698259876
	ID string `json:"id"`

	// Icon url for the option. Optional
	// Example: https://site-admin-avatar-cdn.prod.public.atl-paas.net/avatars/240/triangle.png
	IconURL string `json:"iconURL,omitempty"`

	// Icon for the option encoded in base64. Optional
	IconBase64 string `json:"iconBase64,omitempty"`
}

Collaboration provider config option swagger:model CollaborationConfigOption

type CollaborationConfigOptionType

type CollaborationConfigOptionType struct {
	// Name of the type
	// Example: project
	Name string `json:"name"`

	// Indicates if this option is a mandatory for collaboration configuration
	// Example: false
	ConfigRequired bool `json:"required"`

	// Indicates if this option is a mandatory for sharing
	// Example: true
	ShareRequired bool `json:"-"`

	// Custom input available or not
	// Example: false
	CustomInput bool `json:"customInput"`
}

Config option type swagger:model CollaborationConfigOptionType

type CommonContainerScanSummaryResult added in v0.0.142

type CommonContainerScanSummaryResult struct {
	SeverityStats
	Designators     PortalDesignator `json:"designators" bson:"designators"`
	Context         []ArmoContext    `json:"context" bson:"context"`
	JobIDs          []string         `json:"jobIDs" bson:"jobIDs"`
	CustomerGUID    string           `json:"customerGUID" bson:"customerGUID"`
	ContainerScanID string           `json:"containersScanID" bson:"containersScanID"`

	Timestamp     int64    `json:"timestamp" bson:"timestamp"`
	WLID          string   `json:"wlid" bson:"wlid"`
	ImgTag        string   `json:"imageTag" bson:"imageTag"`
	ImgHash       string   `json:"imageHash" bson:"imageHash"`
	Cluster       string   `json:"cluster" bson:"cluster"`
	Namespace     string   `json:"namespace" bson:"namespace"`
	ContainerName string   `json:"containerName" bson:"containerName"`
	PackagesName  []string `json:"packages" bson:"packages"`

	ListOfDangerousArtifcats []string `json:"listOfDangerousArtifcats" bson:"listOfDangerousArtifcats"`

	Status string `json:"status" bson:"status"`

	Registry     string `json:"registry" bson:"registry"`
	VersionImage string `json:"versionImage" bson:"versionImage"`

	SeveritiesStats         []SeverityStats `json:"severitiesStats" bson:"severitiesStats"`
	ExcludedSeveritiesStats []SeverityStats `json:"excludedSeveritiesStats,omitempty" bson:"excludedSeveritiesStats,omitempty"`

	Version string `json:"version" bson:"version"`

	Vulnerabilities []ShortVulnerabilityResult `json:"vulnerabilities" bson:"vulnerabilities"`
}

type CommonSummaryFields

type CommonSummaryFields struct {
	// The unique id of the report this summary belongs to
	ReportID GUID `json:"reportGUID"`

	// The designators of this summary
	Designators *PortalDesignator `json:"designators"`

	// Time of the scan that produced this summary
	Timestamp time.Time `json:"timestamp"`

	// swagger:ignore
	// Indication if this summary is marked for deletetion
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

swagger:model

type ControlInfo

type ControlInfo struct {

	// ID of the control
	// Example: C-0034
	ID string `json:"id"`

	// How much this control is critical
	// Example: 6
	BaseScore float32 `json:"baseScore"`

	// How many failed resources for this control
	// Example: 3
	FailedResources int `json:"failedResources"`
}

ControlInfo Basic information about a control

type ControlInputs

type ControlInputs struct {
	Rulename string
	Inputs   []PostureAttributesList // Attribute = input list name, Values = list values
}

type CustomerAccessStatus added in v0.0.170

type CustomerAccessStatus string
const (
	PayingCustomer  CustomerAccessStatus = "paying"
	FreeCustomer    CustomerAccessStatus = "free"
	TrialCustomer   CustomerAccessStatus = "trial"
	BlockedCustomer CustomerAccessStatus = "blocked"
)

type CustomerConfig

type CustomerConfig struct {
	Name       string                 `json:"name" bson:"name"`
	Attributes map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	Scope      PortalDesignator       `json:"scope" bson:"scope"`
	Settings   Settings               `json:"settings" bson:"settings"`
}

func MockCustomerConfig

func MockCustomerConfig() *CustomerConfig

type CustomerOnboarding added in v0.0.143

type CustomerOnboarding struct {
	Completed   *bool    `json:"completed,omitempty" bson:"completed,omitempty"`     // user completed the onboarding
	CompanySize *string  `json:"companySize,omitempty" bson:"companySize,omitempty"` // user company size
	Role        *string  `json:"role,omitempty" bson:"role,omitempty"`               // user role
	OrgName     *string  `json:"orgName,omitempty" bson:"orgName,omitempty"`         // user organization name
	Interests   []string `json:"interests,omitempty" bson:"interests,omitempty"`     // user interests
}

type CustomerState added in v0.0.143

type CustomerState struct {
	Onboarding     *CustomerOnboarding      `json:"onboarding,omitempty" bson:"onboarding,omitempty"`
	GettingStarted *GettingStartedChecklist `json:"gettingStarted,omitempty" bson:"gettingStarted,omitempty"`
	NodeUsage      *NodeUsage               `json:"nodeUsage,omitempty" bson:"nodeUsage,omitempty"`
}

CustomerState holds the state of the customer, used for UI purposes

type DesignatorType

type DesignatorType string

Type of the designator

swagger:enum DesignatorType

const (
	DesignatorAttributes DesignatorType = "Attributes"
	DesignatorAttribute  DesignatorType = "Attribute" // Deprecated
	// WorkloadID format.
	//
	// Has two formats:
	//  1. Kubernetes format: wlid://cluster-<cluster>/namespace-<namespace>/<kind>-<name>
	//  2. Native format: wlid://datacenter-<datacenter>/project-<project>/native-<name>
	DesignatorWlid DesignatorType = "Wlid"
	// A WorkloadID wildcard expression.
	//
	// A wildcard expression that includes a cluster:
	//
	//  wlid://cluster-<cluster>/
	//
	// An expression that includes a cluster and namespace (filters out all other namespaces):
	//
	//  wlid://cluster-<cluster>/namespace-<namespace>/
	DesignatorWildWlid      DesignatorType = "WildWlid"
	DesignatorWlidContainer DesignatorType = "WlidContainer"
	DesignatorWlidProcess   DesignatorType = "WlidProcess"
	DesignatorSid           DesignatorType = "Sid" // secret id
)

Supported designators

func (DesignatorType) ToLower

func (dt DesignatorType) ToLower() DesignatorType

type EnforcmentsRule

type EnforcmentsRule struct {
	MonitoredObject          []string `json:"monitoredObject"`
	MonitoredObjectExistence []string `json:"objectExistence"`
	MonitoredObjectEvent     []string `json:"event"`
	Action                   []string `json:"action"`
}

type ExecutionPolicy

type ExecutionPolicy struct {
	PortalBase                `json:",inline"`
	Designators               []PortalDesignator `json:"designators"`
	PolicyType                string             `json:"policyType"`
	CreationTime              string             `json:"creation_time"`
	ExecutionEnforcmentsRules []EnforcmentsRule  `json:"enforcementRules"`
}

type FixPath

type FixPath struct {
	Path  string `json:"path"`
	Value string `json:"value"`
}

type FixedIn added in v0.0.142

type FixedIn struct {
	Name    string `json:"name" bson:"name"`
	ImgTag  string `json:"imageTag" bson:"imageTag"`
	Version string `json:"version" bson:"version"`
}

type GUID

type GUID string

swagger:strfmt uuid4 Example: 0f42fbe3-d81e-444d-8cc7-bc892c7623e9

type GettingStartedChecklist added in v0.0.143

type GettingStartedChecklist struct {
	// indicates if the user has dismissed the checklist
	GettingStartedDismissed *bool `json:"gettingStartedDismissed,omitempty" bson:"gettingStartedDismissed,omitempty"`
	// checklist items
	EverConnectedCluster   *bool `json:"everConnectedCluster,omitempty" bson:"everConnectedCluster,omitempty"`
	EverScannedRepository  *bool `json:"everScannedRepository,omitempty" bson:"everScannedRepository,omitempty"`
	EverScannedRegistry    *bool `json:"everScannedRegistry,omitempty" bson:"everScannedRegistry,omitempty"`
	EverCollaborated       *bool `json:"everCollaborated,omitempty" bson:"everCollaborated,omitempty"`
	EverInvitedTeammate    *bool `json:"everInvitedTeammate,omitempty" bson:"everInvitedTeammate,omitempty"`
	EverUsedRbacVisualizer *bool `json:"everUsedRbacVisualizer,omitempty" bson:"everUsedRbacVisualizer,omitempty"`
}

type HighlightsByControl

type HighlightsByControl struct {
	ControlID  string    `json:"controlID"`
	Highlights []string  `json:"highlights"`
	FixPaths   []FixPath `json:"fixPaths"`
	FixCommand string    `json:"fixCommand"`
}

type KPILogin

type KPILogin struct {
	CustomerGUID string    `json:"tennantGUID"`
	Timestamp    time.Time `json:"timestamp"`
	Username     string    `json:"username"`
	Email        string    `json:"e-mail"`
	IP           string    `json:"IP,omitempty"`
}

type KPIPostureScan

type KPIPostureScan struct {
	Client           string    `json:"client"`
	ClientVersion    string    `json:"clientVersion"`
	Framework        string    `json:"framework"`
	FrameworkVersion string    `json:"frameworkVersion"`
	Timestamp        time.Time `json:"timestamp"`
	Target           string    `json:"target"` //yaml,helm,running - what we actually scanned
	ClientIP         string    `json:"clientIP"`
}

type LicenseType added in v0.0.154

type LicenseType string
const (
	LicenseTypeFree       LicenseType = "Free"
	LicenseTypeTeam       LicenseType = "Team"
	LicenseTypeEnterprise LicenseType = "Enterprise"
)

type Misconfiguration added in v0.0.146

type Misconfiguration struct {
	Name               string
	Type               ScanType
	Link               string
	PercentageIncrease uint64
}

type Misconfigurations added in v0.0.158

type Misconfigurations []Misconfiguration

type NewClusterAdmin added in v0.0.158

type NewClusterAdmin struct {
	Resource string
	Link     string
}

type NewClusterAdmins added in v0.0.158

type NewClusterAdmins []NewClusterAdmin

type NodeUsage added in v0.0.169

type NodeUsage struct {
	// max sum of nodes across all clusters ever scanned on one day
	MaxNodesSumEver int `json:"maxNodesSumEver,omitempty" bson:"maxNodesSumEver,omitempty"`
	// date of MaxNodesSumEver
	MaxNodesSumDate string `json:"maxNodesSumDate,omitempty" bson:"maxNodesSumDate,omitempty"`
}

type NotificationConfigIdentifier added in v0.0.141

type NotificationConfigIdentifier struct {
	NotificationType NotificationType `json:"notificationType,omitempty" bson:"notificationType,omitempty"`
}

type NotificationType added in v0.0.141

type NotificationType string
const (
	NotificationTypeAll    NotificationType = "all"
	NotificationTypePush   NotificationType = "push"
	NotificationTypeWeekly NotificationType = "weekly"
)

type Notifications

type Notifications struct {
	PostureScan               []string `json:"postureScan,omitempty" bson:"postureScan,omitempty"` // bad approach kept till i see if can do something with mongo and old data
	PostureScoreAboveLastScan []string `json:"postureScoreAboveLastScan,omitempty" bson:"postureScoreAboveLastScan,omitempty"`

	PostureScanV1              []SlackNotification `json:"postureScanV1" bson:"postureScanV1"`
	PostureScanAboveLastScanV1 []SlackNotification `json:"postureScoreAboveLastScanV1" bson:"postureScoreAboveLastScanV1"`
}

type NotificationsConfig added in v0.0.141

type NotificationsConfig struct {
	//Map of unsubscribed user id to notification config identifier
	UnsubscribedUsers  map[string][]NotificationConfigIdentifier `json:"unsubscribedUsers,omitempty" bson:"unsubscribedUsers,omitempty"`
	LatestWeeklyReport *WeeklyReport                             `json:"latestWeeklyReport,omitempty" bson:"latestWeeklyReport,omitempty"`
	LatestPushReports  map[string]*PushReport                    `json:"latestPushReports,omitempty" bson:"latestPushReports,omitempty"`
}

func (*NotificationsConfig) AddLatestPushReport added in v0.0.146

func (nc *NotificationsConfig) AddLatestPushReport(report *PushReport)

func (*NotificationsConfig) GetLatestPushReport added in v0.0.146

func (nc *NotificationsConfig) GetLatestPushReport(cluster string, scanType ScanType) *PushReport

type PolicyType added in v0.0.172

type PolicyType string
const PostureExceptionPolicyType PolicyType = "postureExceptionPolicy"
const VulnerabilityExceptionPolicyType PolicyType = "vulnerabilityExceptionPolicy"

type PortalBase

type PortalBase struct {
	GUID        string                 `json:"guid" bson:"guid"`
	Name        string                 `json:"name" bson:"name"`
	Attributes  map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	UpdatedTime string                 `json:"updatedTime,omitempty" bson:"updatedTime,omitempty"`
}

PortalBase holds basic items data from portal BE

func MockPortalBase

func MockPortalBase(customerGUID, name string, attributes map[string]interface{}) *PortalBase

func (*PortalBase) GetAttributes added in v0.0.128

func (p *PortalBase) GetAttributes() map[string]interface{}

func (*PortalBase) GetGUID added in v0.0.128

func (p *PortalBase) GetGUID() string

Getters & Setter used by derived types for interfaces implementation

func (*PortalBase) GetName added in v0.0.128

func (p *PortalBase) GetName() string

func (*PortalBase) GetUpdatedTime added in v0.0.141

func (p *PortalBase) GetUpdatedTime() *time.Time

func (*PortalBase) SetAttributes added in v0.0.128

func (p *PortalBase) SetAttributes(attributes map[string]interface{})

func (*PortalBase) SetGUID added in v0.0.128

func (p *PortalBase) SetGUID(guid string)

func (*PortalBase) SetName added in v0.0.128

func (p *PortalBase) SetName(name string)

func (*PortalBase) SetUpdatedTime added in v0.0.135

func (p *PortalBase) SetUpdatedTime(updatedTime *time.Time)

type PortalCluster added in v0.0.120

type PortalCluster struct {
	PortalBase       `json:",inline" bson:"inline"`
	SubscriptionDate string `json:"subscription_date,omitempty" bson:"subscription_date,omitempty"`
	LastLoginDate    string `json:"last_login_date,omitempty" bson:"last_login_date,omitempty"`
}

PortalCluster holds cluster data from portal BE

type PortalCustomer added in v0.0.126

type PortalCustomer struct {
	PortalBase       `json:",inline" bson:"inline"`
	Description      string `json:"description,omitempty" bson:"description,omitempty,omitempty"`
	SubscriptionDate string `json:"subscription_date,omitempty" bson:"subscription_date,omitempty"`
	LastLoginDate    string `json:"last_login_date,omitempty" bson:"last_login_date,omitempty"`
	Email            string `json:"email,omitempty" bson:"email,omitempty"`
	// customizable field that overrides the default max
	MaxFreeNodes int `json:"maxFreeNodes,omitempty" bson:"maxFreeNodes,omitempty"`

	// DEPRECATED - moved to subscription
	LicenseType string `json:"license_type,omitempty" bson:"license_type,omitempty"`

	// DEPRECATED - moved to subscription
	SubscriptionExpiration string `json:"subscription_expiration,omitempty" bson:"subscription_expiration,omitempty"`

	// DEPRECATED
	InitialLicenseType string `json:"initial_license_type,omitempty" bson:"initial_license_type,omitempty"`

	NotificationsConfig *NotificationsConfig `json:"notifications_config,omitempty" bson:"notifications_config,omitempty"`
	State               *CustomerState       `json:"state,omitempty" bson:"state,omitempty"`

	OpenAiRequestCount int `json:"open_ai_request_count,omitempty" bson:"open_ai_request_count,omitempty"`

	// Paid/free subscriptions information
	ActiveSubscription      *Subscription  `json:"activeSubscription,omitempty" bson:"activeSubscription,omitempty"`
	HistoricalSubscriptions []Subscription `json:"historicalSubscriptions,omitempty" bson:"historicalSubscriptions,omitempty"`
}

type PortalDesignator

type PortalDesignator struct {
	DesignatorType DesignatorType `json:"designatorType" bson:"designatorType"`
	// A specific Workload ID
	WLID string `json:"wlid,omitempty" bson:"wlid,omitempty"`
	// An expression that describes applicable workload IDs
	WildWLID string `json:"wildwlid,omitempty" bson:"wildwlid,omitempty"`
	// A specific Secret ID
	SID string `json:"sid,omitempty" bson:"sid,omitempty"`
	// Attributes that describe the targets
	Attributes map[string]string `json:"attributes" bson:"attributes"`
}

PortalDesignator represents a single designation option

func AttributesDesignatorsFromImageTag

func AttributesDesignatorsFromImageTag(imageTag string) *PortalDesignator

func AttributesDesignatorsFromWLID

func AttributesDesignatorsFromWLID(wlid string) *PortalDesignator

func MockPortalDesignator

func MockPortalDesignator() *PortalDesignator

func (*PortalDesignator) DigestAttributesDesignator

func (designator *PortalDesignator) DigestAttributesDesignator() AttributesDesignators

func (*PortalDesignator) DigestPortalDesignator

func (designator *PortalDesignator) DigestPortalDesignator() AttributesDesignators

DigestPortalDesignator - get cluster namespace and labels from designator

func (*PortalDesignator) GetCluster

func (designator *PortalDesignator) GetCluster() string

func (*PortalDesignator) GetKind

func (designator *PortalDesignator) GetKind() string

func (*PortalDesignator) GetLabels

func (designator *PortalDesignator) GetLabels() map[string]string

func (*PortalDesignator) GetName

func (designator *PortalDesignator) GetName() string

func (*PortalDesignator) GetNamespace

func (designator *PortalDesignator) GetNamespace() string

func (*PortalDesignator) GetPath added in v0.0.118

func (designator *PortalDesignator) GetPath() string

func (*PortalDesignator) GetResourceID added in v0.0.173

func (designator *PortalDesignator) GetResourceID() string

func (*PortalDesignator) NKeys

func (designator *PortalDesignator) NKeys() int

func (*PortalDesignator) UnmarshalJSONObject

func (designator *PortalDesignator) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

type PortalRegistryCronJob added in v0.0.132

type PortalRegistryCronJob struct {
	PortalBase      `json:",inline" bson:"inline"`
	RegistryInfo    `json:",inline" bson:"inline"`
	CreationDate    string       `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	ID              string       `json:"id,omitempty" bson:"id,omitempty"`
	ClusterName     string       `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	CronTabSchedule string       `json:"cronTabSchedule,omitempty" bson:"cronTabSchedule,omitempty"`
	Repositories    []Repository `json:"repositories,omitempty" bson:"repositories,omitempty"`
}

type PortalRepository added in v0.0.128

type PortalRepository struct {
	PortalBase   `json:",inline" bson:"inline"`
	CreationDate string `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	Provider     string `json:"provider,omitempty" bson:"provider,omitempty"`
	Owner        string `json:"owner,omitempty" bson:"owner,omitempty"`
	RepoName     string `json:"repoName,omitempty" bson:"repoName,omitempty"`
	BranchName   string `json:"branchName,omitempty" bson:"branchName,omitempty"`
}

type PostureAttributesList

type PostureAttributesList struct {
	Attribute string   `json:"attributeName"`
	Values    []string `json:"values"`
}

type PostureClusterOverTime

type PostureClusterOverTime struct {
	Designators  PortalDesignator           `json:"designators,omitempty"`
	ClusterName  string                     `json:"clusterName"`
	Frameworks   []PostureFrameworkOverTime `json:"frameworks"`
	DeleteStatus RecordStatus               `json:"deletionStatus,omitempty"`
}

-------- /api/v1/posture/clustersOvertime response datastructures

type PostureClusterSummary added in v0.0.122

type PostureClusterSummary struct {
	Score           float32          `json:"score"`
	TotalControls   int              `json:"totalControls"`
	FailedControls  int              `json:"failedControls"`
	SkippedControls int              `json:"skippedControls,omitempty"`
	WarningControls int              `json:"warningControls,omitempty"` // Deprecated
	ReportID        string           `json:"reportGUID"`
	Designators     PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`

	Frameworks []string `json:"frameworks"`

	// Counters - Failed resources by severity
	CriticalSeverityResources int `json:"criticalSeverityResources"`
	HighSeverityResources     int `json:"highSeverityResources"`
	MediumSeverityResources   int `json:"mediumSeverityResources"`
	LowSeverityResources      int `json:"lowSeverityResources"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int `json:"criticalSeverityControls"`
	HighSeverityControls     int `json:"highSeverityControls"`
	MediumSeverityControls   int `json:"mediumSeverityControls"`
	LowSeverityControls      int `json:"lowSeverityControls"`

	// Counters -  Resources by status
	PassedResources   int `json:"passedResources"`
	FailedResources   int `json:"failedResources"`
	SkippedResources  int `jsons:"skippedResources,omitempty"`
	ExcludedResources int `json:"excludedResources,omitempty"` // Deprecated

	// Metadata
	KubescapeVersion  string `json:"kubescapeVersion"`
	KubernetesVersion string `json:"kubernetesVersion"`
	WorkerNodeCount   int    `json:"workerNodeCount"`
	Location          string `json:"location"`
	CloudProvider     string `json:"cloudProvider"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Names of the cluster
	FullName   string `json:"clusterFullName"`
	ShortName  string `json:"clusterShortName"`
	PrefixName string `json:"clusterPrefixName"`
}

type PostureContainerSummary

type PostureContainerSummary struct {
	ContainerName string `json:"containerName"`
	ImageTag      string `json:"image,omitempty"`
}

type PostureControlSummary

type PostureControlSummary struct {
	Designators                    PortalDesignator `json:"designators"`
	ControlID                      string           `json:"id"` // "C0001"
	ControlGUID                    string           `json:"guid"`
	Name                           string           `json:"name"`
	AffectedResourcesCount         int              `json:"affectedResourcesCount"`
	FailedResourcesCount           int              `json:"failedResourcesCount"`
	SkippedResourcesCount          int              `json:"skippedResourcesCount"`
	WarningResourcesCount          int              `json:"warningResourcesCount"` // Deprecated
	PreviousAffectedResourcesCount int              `json:"previousAffectedResourcesCount"`
	PreviousFailedResourcesCount   int              `json:"previousFailedResourcesCount"`
	PreviousSkippedResourcesCount  int              `json:"previousSkippedResourcesCount"`
	PreviousWarningResourcesCount  int              `json:"previousWarningResourcesCount"` // Deprecated
	Framework                      string           `json:"frameworkName"`
	FrameworkSubSectionID          []string         `json:"frameworkSubsectionID,omitempty"`
	Remediation                    string           `json:"remediation"`
	Status                         int              `json:"status"`
	StatusText                     string           `json:"statusText"`
	SubStatusText                  string           `json:"subStatusText,omitempty"`
	Description                    string           `json:"description"`
	Section                        string           `json:"section"`
	Timestamp                      time.Time        `json:"timestamp"`
	ReportID                       string           `json:"reportGUID"`
	DeleteStatus                   RecordStatus     `json:"deletionStatus,omitempty"`
	Score                          float32          `json:"score"`
	ScoreFactor                    float32          `json:"baseScore"`
	ScoreWeight                    float32          `json:"scoreWeight"`
	ARMOImprovement                float32          `json:"ARMOimprovement"`
	RelevantCloudProvides          []string         `json:"relevantCloudProvides"`
	ControlInputs                  []ControlInputs  `json:"controlInputs"`
	IsLastScan                     int              `json:"isLastScan"`
	HighlightPathsCount            int64            `json:"highlightPathsCount"`
	ClusterShortName               string           `json:"clusterShortName"`
}

----/api/v1/posture/controls

type PostureExceptionPolicy

type PostureExceptionPolicy struct {
	PortalBase      `json:",inline" bson:"inline"`
	PolicyType      string                          `json:"policyType,omitempty" bson:"policyType,omitempty"`
	CreationTime    string                          `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	Actions         []PostureExceptionPolicyActions `json:"actions,omitempty" bson:"actions,omitempty"`
	Resources       []PortalDesignator              `json:"resources" bson:"resources"`
	PosturePolicies []PosturePolicy                 `json:"posturePolicies,omitempty" bson:"posturePolicies,omitempty"`
	Reason          *string                         `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate  *time.Time                      `json:"expirationDate,omitempty" bson:"expirationDate,omitempty"`
	CreatedBy       string                          `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func (*PostureExceptionPolicy) IsAlertOnly

func (exceptionPolicy *PostureExceptionPolicy) IsAlertOnly() bool

func (*PostureExceptionPolicy) IsDisable

func (exceptionPolicy *PostureExceptionPolicy) IsDisable() bool

type PostureExceptionPolicyActions

type PostureExceptionPolicyActions string
const AlertOnly PostureExceptionPolicyActions = "alertOnly"
const Disable PostureExceptionPolicyActions = "disable"

type PostureFrameworkOverTime

type PostureFrameworkOverTime struct {
	// "frameworkName": "MITRE",
	//                 "riskScore": 54,
	RiskScore float32                         `json:"riskScore"`
	Framework string                          `json:"frameworkName"`
	Coords    []PostureFrameworkOverTimeCoord `json:"cords"`
}

PostureFrameworkOverTime - the response structure

type PostureFrameworkOverTimeCoord

type PostureFrameworkOverTimeCoord struct {
	ScoreValue float32   `json:"value"`
	ReportID   string    `json:"reportGUID"`
	Timestamp  time.Time `json:"timestamp"`
}

type PostureFrameworkSubsectionSummary

type PostureFrameworkSubsectionSummary struct {
	// The name (title) of the subsection
	// Example: General Policies
	Name string `json:"name"`

	// The name of the framework this subsection belongs to
	// Example: CIS
	Framework string `json:"framework"`

	// Unique id of the subsection inside its framework
	// Example: 5.7
	ID string `json:"id"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]uint `json:"controlsStats"`
}

type PostureFrameworkSummary

type PostureFrameworkSummary struct {
	Name             string           `json:"name"`
	Score            float32          `json:"value"`
	ImprovementScore float32          `json:"improvementScore"`
	TotalControls    int              `json:"totalControls"`
	FailedControls   int              `json:"failedControls"`
	SkippedControls  int              `json:"skippedControls,omitempty"`
	WarningControls  int              `json:"warningControls,omitempty"` // Deprecated
	ReportID         string           `json:"reportGUID"`
	Designators      PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

type PostureFrameworksOverTime

type PostureFrameworksOverTime struct {
	ClusterName string `json:"clusterName"`

	ScoreValue float32   `json:"value"`
	ReportID   string    `json:"reportGUID"`
	Timestamp  time.Time `json:"timestamp"`
	Framework  string    `json:"frameworkName"`
}

Used for elastic

type PostureJobParams

type PostureJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	FrameworkName   string `json:"frameworkName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type PosturePaths

type PosturePaths struct {
	// must have FailedPath or FixPath, not both
	FailedPath string  `json:"failedPath,omitempty"`
	FixPath    FixPath `json:"fixPath,omitempty"`
	FixCommand string  `json:"fixCommand,omitempty"`
}

type PosturePolicy

type PosturePolicy struct {
	FrameworkName string `json:"frameworkName" bson:"frameworkName"`
	ControlName   string `json:"controlName,omitempty" bson:"controlName,omitempty"`
	ControlID     string `json:"controlID,omitempty" bson:"controlID,omitempty"`
	RuleName      string `json:"ruleName,omitempty" bson:"ruleName,omitempty"`
}

type PostureReportResultRaw

type PostureReportResultRaw struct {
	Designators           PortalDesignator `json:"designators"`
	Timestamp             time.Time        `json:"timestamp"`
	ReportID              string           `json:"reportGUID"`
	ResourceID            string           `json:"resourceID"`
	ControlID             string           `json:"controlID"`
	ControlConfigurations []ControlInputs  `json:"controlConfigurations,omitempty"`
	HighlightsPaths       []PosturePaths   `json:"highlightsPaths"`
}

type PostureResource

type PostureResource struct {
	UniqueResourceResult string           `json:"uniqueResourceResult"` // FNV(customerGUID + cluster+resourceID+frameworkName + resource.ReportID) to allow fast search for aggregation
	Designators          PortalDesignator `json:"designators"`
	Name                 string           `json:"name"`       // wlid/sid and etc.
	ResourceID           string           `json:"resourceID"` //as given by kscape

	ControlName       string                      `json:"controlName"`
	HighlightPaths    []string                    `json:"highlightPaths"` // specifies "failedPath" - where exactly in the raw resources the control failed
	FixPaths          []FixPath                   `json:"fixPaths"`       // specifies "fixPaths" - what in the raw resources needs to be added by user
	ControlID         string                      `json:"controlID"`
	FrameworkName     string                      `json:"frameworkName"`
	ControlStatus     int                         `json:"controlStatus"` // it's rather resource status within the control, control might fail but on this specific resource it might be passed (exception)
	ControlStatusText string                      `json:"controlStatusText"`
	RelatedExceptions []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied  []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	ResourceKind      string                      `json:"kind"`
	ResourceNamespace string                      `json:"namespace"`
	Remediation       string                      `json:"remediation"`
	Images            []PostureContainerSummary   `json:"containers,omitempty"`
	DeleteStatus      RecordStatus                `json:"deletionStatus,omitempty"`
	Recommendations   []RecommendationAssociation `json:"recommendations"`

	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`
}

1 resource per 1 control

type PostureResourceSummary

type PostureResourceSummary struct {
	Designators PortalDesignator `json:"designators"`
	Name        string           `json:"name"`       // wlid/sid and etc.
	ResourceID  string           `json:"resourceID"` //as given by kscape

	//gives upto PostureResourceMaxCtrls controls as an example
	FailedControl   []string `json:"failedControls"`
	WarningControls []string `json:"warningControls"` // Deprecated
	SkippedControls []string `json:"skippedControls"`
	//maps statusText 2 list of controlIDs
	StatusToControls map[string][]string `json:"statusToControls"`

	HighlightsPerCtrl []HighlightsByControl `json:"highlightsPerControl"`

	//totalcount (including the failed/warning controls slices)
	FailedControlCount     int                         `json:"failedControlsCount"`
	SkippedControlCount    int                         `json:"skippedControlsCount"`
	WarningControlCount    int                         `json:"warningControlsCount"` // Deprecated
	Status                 int                         `json:"status"`
	StatusText             string                      `json:"statusText"`
	SubStatusText          string                      `json:"subStatusText,omitempty"`
	Remediation            []string                    `json:"remediation"`
	ResourceKind           string                      `json:"resourceKind"`
	FrameworkName          string                      `json:"frameworkName"`
	ExceptionRecommendaion string                      `json:"exceptionRecommendaion"`
	RelatedExceptions      []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied       []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	Images                 []PostureContainerSummary   `json:"containers,omitempty"`
	Recommendations        []RecommendationAssociation `json:"recommendations"`

	Timestamp     time.Time    `json:"timestamp"`
	ReportID      string       `json:"reportGUID"`
	DeleteStatus  RecordStatus `json:"deletionStatus,omitempty"`
	ArmoBestScore int64        `json:"armoBestScore"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int    `json:"criticalSeverityControls"`
	HighSeverityControls     int    `json:"highSeverityControls"`
	MediumSeverityControls   int    `json:"mediumSeverityControls"`
	LowSeverityControls      int    `json:"lowSeverityControls"`
	ClusterShortName         string `json:"clusterShortName"`
}

type PostureScanConfig

type PostureScanConfig struct {
	ScanFrequency ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
}

type PostureSummary

type PostureSummary struct {
	RuntimeImprovementPercentage float32               `json:"runtimeImprovementPercentage"`
	LastRun                      time.Time             `json:"lastRun"`
	ReportID                     string                `json:"reportGUID"`
	Designators                  PortalDesignator      `json:"designators"`
	PostureAttributes            PostureAttributesList `json:"postureAttributes"`
	ClusterCloudProvider         string                `json:"clusterCloudProvider"`

	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

--------/api/v1/posture/summary

type PushNotification added in v0.0.146

type PushNotification struct {
	Misconfigurations Misconfigurations
	NewClusterAdmins  NewClusterAdmins
}

type PushReport added in v0.0.146

type PushReport struct {
	Cluster         string    `json:"custer,omitempty" bson:"custer,omitempty"`
	ReportGUID      string    `json:"reportGUID,omitempty" bson:"reportGUID,omitempty"`
	ScanType        ScanType  `json:"scanType" bson:"scanType"`
	Timestamp       time.Time `json:"timestamp,omitempty" bson:"timestamp,omitempty"`
	FailedResources uint64    `json:"failedResources,omitempty" bson:"failedResources,omitempty"`
}

type RawResource

type RawResource struct {
	Designators  PortalDesignator `json:"designators"`
	Timestamp    time.Time        `json:"timestamp"`
	DeleteStatus RecordStatus     `json:"deletionStatus,omitempty"`

	ResourceID          string                    `json:"resourceID"`
	PostureReportID     string                    `json:"postureReportID,omitempty"`
	SPIFFE              string                    `json:"spiffe"`
	Containers          []PostureContainerSummary `json:"containers,omitempty"`
	RelatedResourcesIDs []string                  `json:"relatedResourcesID,omitempty"`
	RAW                 json.RawMessage           `json:"object"`
}

type RecommendationAssociation

type RecommendationAssociation struct {
	PortalBase `json:",inline"`
	// audit for user actions taken for this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the context to show this recommendation to this customer
	Context []ArmoContext `json:"context"`
	// designator object as we have in current resources represntaion
	// this is about to be useless
	Designators PortalDesignator `json:"designators"`
	// guid of the recommendation in recommendation DB
	RecommendationPrototypeGUID string                   `json:"recommendationPrototypeGUID"`
	RecommendationDetails       RecommendationSkeletonV1 `json:"recommendationDetails"`
	// current status of this recommendation for the given resource
	Status AssociationStatus `json:"status"`
}

this structure is dedicated to connect between recommendation and specific resource and trace the user actions taken due to this recommendation

type RecommendationSkeletonV1

type RecommendationSkeletonV1 struct {
	PortalBase `json:",inline"`
	// audit for manual changes made in this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the action the user should take
	Action      string `json:"action"`
	Description string `json:"description"`
	// link to some well explained description of this recommendation
	DescriptionLink string `json:"descriptionLink"`
	// the context to show this recommendation in
	Context []ArmoContext `json:"context"`
	// the approvement status. Do we should show this recommendation to users?
	Approvement ApprovementState `json:"approvement"`
}

type RecordStatus

type RecordStatus int
const (
	RecordAlive        RecordStatus = 0
	RecordShouldDelete RecordStatus = 1
)

type RegistryInfo added in v0.0.125

type RegistryInfo struct {
	RegistryName     string     `json:"registryName,omitempty" bson:"registryName"`
	RegistryProvider string     `json:"registryProvider,omitempty" bson:"registryProvider"`
	RegistryToken    string     `json:"registryToken,omitempty" bson:"registryToken"`
	Depth            *int       `json:"depth,omitempty" bson:"depth"`
	Include          []string   `json:"include,omitempty" bson:"include"`
	Exclude          []string   `json:"exclude,omitempty" bson:"exclude"`
	Kind             string     `json:"kind,omitempty" bson:"kind"`
	IsHTTPS          *bool      `json:"isHTTPS,omitempty" bson:"isHTTPS"`
	SkipTLSVerify    *bool      `json:"skipTLSVerify,omitempty" bson:"skipTLSVerify"`
	AuthMethod       AuthMethod `json:"authMethod,omitempty" bson:"authMethod"`
	SecretName       string     `json:"secretName,omitempty" bson:"secretName"`
}

type RegistryJobParams

type RegistryJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	RegistryName    string `json:"registryName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type RegistryScanned added in v0.0.142

type RegistryScanned struct {
	Registry ResourceScanned `json:"registry" bson:"registry"`
}

type RepoEntityKind

type RepoEntityKind string

Kind of an entity. Can only be one of the following: `file` or `repo` Example: repo

const (
	RepoEntityFile RepoEntityKind = "file"
	RepoEntityRepo RepoEntityKind = "repo"
)

type RepoEntitySummary

type RepoEntitySummary struct {
	Designators PortalDesignator `json:"designators"`

	// Name of this entity
	// Example: "my-repo"
	Name string `json:"name"`

	Kind RepoEntityKind `json:"kind"`

	// Number of children of the entity. For `file`s entity it would be
	// the amount of the resources inside this file, and for `repo`s -
	// the amount of scanned files
	// Example: 13
	ChildCount uint64 `json:"childCount"`

	// Status of the entity
	// Example: failed
	StatusText string `json:"statusText"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]int `json:"controlsStats"`

	// Frameworks that were run.
	// In multi-frameworks-summary, this property is
	// taking the place of the `framework` property
	// Example: ["ArmoBest", "MITRE"]
	Frameworks []string `json:"frameworks,omitempty"`

	// Single framework this summary is for.
	// Example: ArmoBest
	Framework string `json:"framework,omitempty"`

	// Time of the scan that produced this result
	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`

	// swagger:ignore
	// This record is marked for deletion or not
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

RepoEntitySummary summary of repo scanning entity.

type Repository added in v0.0.133

type Repository struct {
	RepositoryName string `json:"repositoryName"`
}

type RepositoryScanned added in v0.0.142

type RepositoryScanned struct {
	ReportGUID string          `json:"reportGUID" bson:"reportGUID"`
	Repository ResourceScanned `json:"repository" bson:"repository"`
}

type ResourceScanned added in v0.0.142

type ResourceScanned struct {
	Kind                         string                     `json:"kind" bson:"kind"`
	Name                         string                     `json:"name" bson:"name"`
	MapSeverityToSeverityDetails map[string]SeverityDetails `json:"mapSeverityToSeverityDetails" bson:"mapSeverityToSeverityDetails"`
}

type ScanFrequency

type ScanFrequency string

type ScanType added in v0.0.146

type ScanType string
const (
	ScanTypePosture      ScanType = "posture"
	ScanTypeRepositories ScanType = "repository"
)

type Settings

type Settings struct {
	PostureControlInputs    map[string][]string     `json:"postureControlInputs" bson:"postureControlInputs"`
	PostureScanConfig       PostureScanConfig       `json:"postureScanConfig" bson:"postureScanConfig"`
	VulnerabilityScanConfig VulnerabilityScanConfig `json:"vulnerabilityScanConfig" bson:"vulnerabilityScanConfig"`
	SlackConfigurations     SlackSettings           `json:"slackConfigurations,omitempty" bson:"slackConfigurations,omitempty"`
}

func MockSettings

func MockSettings() *Settings

type SeverityDetails added in v0.0.142

type SeverityDetails struct {
	Severity              string `json:"severity" bson:"severity"`
	FailedResourcesNumber int    `json:"failedResourcesNumber" bson:"failedResourcesNumber"`
}

type SeverityStats added in v0.0.142

type SeverityStats struct {
	Severity                     string `json:"severity,omitempty" bson:"severity,omitempty"`
	TotalCount                   int64  `json:"total" bson:"total"`
	RCEFixCount                  int64  `json:"rceFixCount" bson:"rceFixCount"`
	FixAvailableOfTotalCount     int64  `json:"fixedTotal" bson:"fixedTotal"`
	RelevantCount                int64  `json:"totalRelevant" bson:"totalRelevant"`
	FixAvailableForRelevantCount int64  `json:"fixedRelevant" bson:"fixedRelevant"`
	RCECount                     int64  `json:"rceTotal" bson:"rceTotal"`
	UrgentCount                  int64  `json:"urgent" bson:"urgent"`
	NeglectedCount               int64  `json:"neglected" bson:"neglected"`
	HealthStatus                 string `json:"healthStatus" bson:"healthStatus"`
}

type ShortVulnerabilityResult added in v0.0.142

type ShortVulnerabilityResult struct {
	Name string `json:"name" bson:"name"`
}

type SlackChannel

type SlackChannel struct {
	ChannelID   string     `json:"channelID" bson:"channelID"`
	ChannelName string     `json:"channelName" bson:"channelName"`
	AlertLevel  AlertLevel `json:"alertLevel" bson:"alertLevel"`
}

type SlackNotification

type SlackNotification struct {
	IsActive   bool                   `json:"isActive" bson:"isActive"`
	Channels   []SlackChannel         `json:"channels" bson:"channels"`
	Attributes map[string]interface{} `json:"attributes" bson:"attributes"`
}

type SlackSettings

type SlackSettings struct {
	Token         string `json:"token" bson:"token"`
	Alert2Channel `json:",inline,omitempty" bson:"inline,omitempty"`
	Notifications `json:"notifications,omitempty" bson:"notifications,omitempty"`
}

type Subscription added in v0.0.154

type Subscription struct {

	// Stripe internal customer ID, usually generated on subscription creation.
	StripeCustomerID string `json:"stripeCustomerID,omitempty" bson:"stripeCustomerID,omitempty"`

	// Stripe subscription id.
	StripeSubscriptionID string `json:"stripeSubscriptionID,omitempty" bson:"stripeSubscriptionID,omitempty"`

	// Stripe subscription status, optional values: incomplete, incomplete_expired, trialing, active, past_due, canceled, or unpaid.
	SubscriptionStatus string `json:"subscriptionStatus,omitempty" bson:"subscriptionStatus,omitempty"`

	// Stripe The most recent invoice this subscription has generated.
	LatestInvoice string `json:"latestInvoice,omitempty" bson:"latestInvoice,omitempty"`

	// determine whether a subscription that has a status of active is scheduled to be canceled at the end of the current period.
	CancelAtPeriodEnd *bool `json:"cancelAtPeriodEnd,omitempty" bson:"cancelAtPeriodEnd,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodStart int64 `json:"currentPeriodStart,omitempty" bson:"currentPeriodStart,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodEnd int64 `json:"currentPeriodEnd,omitempty" bson:"currentPeriodEnd,omitempty"`

	// If the subscription has a trial, the end of that trial.
	TrialEnd int64 `json:"trialEnd,omitempty" bson:"trialEnd,omitempty"`

	// monthly average of daily sum of max scanned Worker Nodes per cluster per day
	NumNodes int `json:"numNodes,omitempty" bson:"numNodes,omitempty"`

	// can be "free", "team" or "enterprise"
	LicenseType LicenseType `json:"licenseType,omitempty" bson:"licenseType,omitempty"`
}

hold information of a single subscription.

type TopCtrlCluster added in v0.0.142

type TopCtrlCluster struct {
	Name               string `json:"name" bson:"name"`
	ResourcesCount     int64  `json:"resourcesCount" bson:"resourcesCount"`
	ReportGUID         string `json:"reportGUID" bson:"reportGUID"`
	TopFailedFramework string `json:"topFailedFramework" bson:"topFailedFramework"`
}

type TopCtrlItem added in v0.0.142

type TopCtrlItem struct {
	ControlID            string           `json:"id" bson:"id"`
	ControlGUID          string           `json:"guid" bson:"guid"`
	Name                 string           `json:"name" bson:"name"`
	Remediation          string           `json:"remediation" bson:"remediation"`
	Description          string           `json:"description" bson:"description"`
	ClustersCount        int64            `json:"clustersCount" bson:"clustersCount"`
	SeverityOverall      int64            `json:"severityOverall" bson:"severityOverall"`
	BaseScore            int64            `json:"baseScore" bson:"baseScore"`
	Clusters             []TopCtrlCluster `json:"clusters" bson:"clusters"`
	TotalFailedResources int64            `json:"-"`
}

func (*TopCtrlItem) GetTotalFailedResources added in v0.0.156

func (t *TopCtrlItem) GetTotalFailedResources() int64

type TopVulItem added in v0.0.142

type TopVulItem struct {
	Vulnerability   `json:",inline"`
	WorkloadsCount  int64 `json:"workloadsCount" bson:"workloadsCount"`
	SeverityOverall int64 `json:"severityOverall" bson:"severityOverall"`
}

type UpdateAuditEntry

type UpdateAuditEntry struct {
	Timestamp time.Time `json:"timestamp"`
	UserName  string    `json:"userName"`
}

type VulFixes added in v0.0.142

type VulFixes []FixedIn

type Vulnerability added in v0.0.142

type Vulnerability struct {
	Name               string                         `json:"name" bson:"name"`
	ImgHash            string                         `json:"imageHash" bson:"imageHash"`
	ImgTag             string                         `json:"imageTag" bson:"imageTag"`
	RelatedPackageName string                         `json:"packageName" bson:"packageName"`
	PackageVersion     string                         `json:"packageVersion" bson:"packageVersion"`
	Link               string                         `json:"link" bson:"link"`
	Description        string                         `json:"description" bson:"description"`
	Severity           string                         `json:"severity" bson:"severity"`
	SeverityScore      int                            `json:"severityScore" bson:"severityScore"`
	Metadata           interface{}                    `json:"metadata" bson:"metadata"`
	Fixes              VulFixes                       `json:"fixedIn" bson:"fixedIn"`
	Relevancy          string                         `json:"relevant" bson:"relevant"`
	UrgentCount        int                            `json:"urgent" bson:"urgent"`
	NeglectedCount     int                            `json:"neglected" bson:"neglected"`
	HealthStatus       string                         `json:"healthStatus" bson:"healthStatus"`
	Categories         VulnerabilityCategory          `json:"categories" bson:"categories"`
	ExceptionApplied   []VulnerabilityExceptionPolicy `json:"exceptionApplied,omitempty" bson:"exceptionApplied,omitempty"`
}

type VulnerabilityCategory added in v0.0.142

type VulnerabilityCategory struct {
	IsRCE bool `json:"isRce" bson:"isRce"`
}

type VulnerabilityExceptionPolicy

type VulnerabilityExceptionPolicy struct {
	PortalBase `json:",inline" bson:"inline"`

	// Policy type. Must be 'vulnerabilityExceptionPolicy'
	// required: true
	// Example: vulnerabilityExceptionPolicy
	PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`

	// Creation time of the policy
	// Example: 2022-03-31T08:57:58.048014
	CreationTime string `json:"creationTime" bson:"creationTime"`

	// Actions to apply (currently only 'ignore' is available)
	// required: true
	// min: 1
	// Example: ["ignore"]
	Actions []VulnerabilityExceptionPolicyActions `json:"actions" bson:"actions"`

	// Items to apply the actions on
	// required: true
	// min: 1
	Designatores []PortalDesignator `json:"designators" bson:"designators"`

	// Vulnerabilities to take the actions on
	// required: true
	// min: 1
	VulnerabilityPolicies []VulnerabilityPolicy `json:"vulnerabilities" bson:"vulnerabilities"`
	Reason                string                `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate        *time.Time            `json:"expirationDate,omitempty" bson:"expirationDate,omitempty"`
	ExpiredOnFix          *bool                 `json:"expiredOnFix,omitempty" bson:"expiredOnFix,omitempty"`
	CreatedBy             string                `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func MockVulnerabilityException

func MockVulnerabilityException() *VulnerabilityExceptionPolicy

func (*VulnerabilityExceptionPolicy) IsAlertOnly

func (exceptionPolicy *VulnerabilityExceptionPolicy) IsAlertOnly() bool

type VulnerabilityExceptionPolicyActions

type VulnerabilityExceptionPolicyActions string
const Ignore VulnerabilityExceptionPolicyActions = "ignore"

type VulnerabilityJobParams

type VulnerabilityJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	Namespace       string `json:"namespace"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type VulnerabilityPolicy

type VulnerabilityPolicy struct {
	// The name of the vulnerability
	// Example: CVE-2022-28128
	Name string `json:"name" bson:"name"`
}

type VulnerabilityScanConfig

type VulnerabilityScanConfig struct {
	ScanFrequency             ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
	CriticalPriorityThreshold int           `json:"criticalPriorityThreshold,omitempty" bson:"criticalPriorityThreshold,omitempty"`
	HighPriorityThreshold     int           `json:"highPriorityThreshold,omitempty" bson:"highPriorityThreshold,omitempty"`
	MediumPriorityThreshold   int           `json:"mediumPriorityThreshold,omitempty" bson:"mediumPriorityThreshold,omitempty"`
	ScanNewDeployment         bool          `json:"scanNewDeployment,omitempty" bson:"scanNewDeployment,omitempty"`
	AllowlistRegistries       []string      `json:"AllowlistRegistries,omitempty" bson:"AllowlistRegistries,omitempty"`
	BlocklistRegistries       []string      `json:"BlocklistRegistries,omitempty" bson:"BlocklistRegistries,omitempty"`
}

type WeeklyReport added in v0.0.142

type WeeklyReport struct {
	ClustersScannedThisWeek             int                      `json:"clustersScannedThisWeek" bson:"clustersScannedThisWeek"`
	ClustersScannedPrevWeek             int                      `json:"clustersScannedPrevWeek" bson:"clustersScannedPrevWeek"`
	LinkToConfigurationScanningFiltered string                   `json:"linkToConfigurationScanningFiltered" bson:"linkToConfigurationScanningFiltered"`
	RepositoriesScannedThisWeek         int                      `json:"repositoriesScannedThisWeek" bson:"repositoriesScannedThisWeek"`
	RepositoriesScannedPrevWeek         int                      `json:"repositoriesScannedPrevWeek" bson:"repositoriesScannedPrevWeek"`
	LinkToRepositoriesScanningFiltered  string                   `json:"linkToRepositoriesScanningFiltered" bson:"linkToRepositoriesScanningFiltered"`
	RegistriesScannedThisWeek           int                      `json:"registriesScannedThisWeek" bson:"registriesScannedThisWeek"`
	RegistriesScannedPrevWeek           int                      `json:"registriesScannedPrevWeek" bson:"registriesScannedPrevWeek"`
	LinkToRegistriesScanningFiltered    string                   `json:"linkToRegistriesScanningFiltered" bson:"linkToRegistriesScanningFiltered"`
	Top5FailedControls                  []TopCtrlItem            `json:"top5FailedControls" bson:"top5FailedControls"`
	Top5FailedCVEs                      []TopVulItem             `json:"top5FailedCVEs" bson:"top5FailedCVEs"`
	ClustersScanned                     []ClusterResourceScanned `json:"clustersScanned" bson:"clustersScanned"`
	RepositoriesScanned                 []RepositoryScanned      `json:"repositoriesScanned" bson:"repositoriesScanned"`
	RegistriesScanned                   []RegistryScanned        `json:"registriesScanned" bson:"registriesScanned"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL