Documentation
¶
Index ¶
- Constants
- Variables
- func GetInClusterSupportedNamespaces() []string
- func MockPortalDesignator() *identifiers.PortalDesignator
- func ValidateContainerScanID(containerScanID string) bool
- type Alert2Channel
- type AlertLevel
- type ApprovementState
- type ApprovementStatus
- type AssociationStatus
- type AttackChain
- type AttackChainConfig
- type AttackChainNode
- type AttackChainStatus
- type AttackChainUIStatus
- type AuthMethod
- type Banner
- type CAContainerMetrics
- type CAK8SMeta
- type CAMicroserviceOverview
- type CAMicroserviceOverviewMetadata
- type CommonSummaryFields
- type ContainerSummary
- type ContainersStatusData
- type ControlInfo
- type ControlInputs
- type CountFunc
- type Cursor
- type CustomerAccessStatus
- type CustomerConfig
- type CustomerOnboarding
- type CustomerState
- type DataType
- type Duration
- type EnforcmentsRule
- type ExecutionPolicy
- type Filters
- type FixPath
- type GUID
- type GettingStartedChecklist
- type HighlightsByControl
- type InstallationData
- type K8SAncestor
- type K8SNamespace
- type K8SPodObject
- type KPILogin
- type KPIPostureScan
- type LicenseType
- type Limitations
- type MicroserviceExtraDetails
- type MicroserviceInfo
- type MicroserviceMetadataView
- type NodeUsage
- type Notifications
- type PaginationCursorFunc
- type PaginationSearchByScopeFiltersFunc
- type PaginationSearchByScopeFiltersScrollFunc
- type PaginationSearchFunc
- type PolicyType
- type PortalBase
- func (p *PortalBase) GetAttributes() map[string]interface{}
- func (p *PortalBase) GetGUID() string
- func (p *PortalBase) GetName() string
- func (p *PortalBase) GetUpdatedTime() *time.Time
- func (p *PortalBase) SetAttributes(attributes map[string]interface{})
- func (p *PortalBase) SetGUID(guid string)
- func (p *PortalBase) SetName(name string)
- func (p *PortalBase) SetUpdatedTime(updatedTime *time.Time)
- type PortalCache
- type PortalCluster
- type PortalRegistryCronJob
- type PortalRepository
- type PostureAttributesList
- type PostureClusterOverTime
- type PostureClusterSummary
- type PostureContainerSummary
- type PostureControlSummary
- type PostureExceptionPolicy
- type PostureExceptionPolicyActions
- type PostureFrameworkOverTime
- type PostureFrameworkOverTimeCoord
- type PostureFrameworkSubsectionSummary
- type PostureFrameworkSummary
- type PostureFrameworksOverTime
- type PostureJobParams
- type PosturePaths
- type PosturePolicy
- type PostureReportResultRaw
- type PostureResource
- type PostureResourceSummary
- type PostureScanConfig
- type PostureSummary
- type Probe
- type ProcessingStatus
- type QueryScopeParams
- func (qsp *QueryScopeParams) FixOrAddAsInnerFilters(paginationReq *V2ListRequest, ...)
- func (qsp *QueryScopeParams) FixOrAddAsInnerFiltersMap(paginationReq *V2ListRequest, filters Filters)
- func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFilters(reqObj *UniqueValuesRequestV2, ...)
- func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap(reqObj *UniqueValuesRequestV2, filters Filters)
- type RawJSONObject
- type RawResource
- type RecommendationAssociation
- type RecommendationSkeletonV1
- type RecordStatus
- type RegistryInfo
- type RegistryJobParams
- type RelevantImageVulnerabilitiesConfiguration
- type RepoEntityKind
- type RepoEntitySummary
- type Repository
- type RespTotal
- type RespTotal64
- type RetrieveObjectsByRequestPayload
- type ScanFrequency
- type SearchAfterResp
- type SearchResponse
- type Settings
- type SlackChannel
- type SlackNotification
- type SlackSettings
- type Subscription
- type UniqueCardinalityResponseV2
- type UniqueValuesRequestV2
- type UniqueValuesResponseFieldsCount
- type UniqueValuesResponseV2
- type UniqueValuesSearchByScopeFiltersFunc
- type UpdateAuditEntry
- type User
- type V2ListRequest
- type V2ListResponse
- type V2ListResponseGeneric
- type Vulnerabilities
- type VulnerabilityExceptionPolicy
- type VulnerabilityExceptionPolicyActions
- type VulnerabilityJobParams
- type VulnerabilityPolicy
- type VulnerabilityScanConfig
Constants ¶
View Source
const ( ViewedMainScreenField = "viewedMainScreen" ProcessingStatusField = "processingStatus" //AttackChainStatuss StatusActive AttackChainStatus = "active" StatusFixed AttackChainStatus = "fixed" ProcessingStatusProcessing ProcessingStatus = "processing" ProcessingStatusDone ProcessingStatus = "done" ProcessingStatusFailed ProcessingStatus = "failed" )
View Source
const ( // In-cluster namespaces ArmoSystemNamespace = "armo-system" // deprecated, kept for backward compatibility KubescapeNamespace = "kubescape" ArmoKollectorContainerName = "armo-collector" // deprecated, kept for backward compatibility KollectorContainerName = "kollector" // registry scan LowestHelmVersionSupportedRegistryScanAndTest = "v1.9" LowestHelmVersionSupportedRegistryScan = "v1.7.14" RegistryInfoArgKey = "registryInfo-v1" RegistryScanSecretName = "kubescape-registry-scan" //nolint:gosec // vulnerability scan LowestHelmVersionSupportedVulnerabilityScan = "v1.7.17" // cronjob template annotation and labels CronJobTemplateAnnotationArmoJobIDKeyDeprecated = "armo.jobid" // deprecated CronJobTemplateAnnotationArmoCloudJobIDKeyDeprecated = "armo.cloud/jobid" // deprecated CronJobTemplateAnnotationJobIDKey = "app.kubescape/job-id" CronJobTemplateAnnotationUpdateJobIDDeprecated = "armo.updatejobid" // deprecated CronJobTemplateAnnotationUpdateJobID = "app.kubescape/update-job-id" CronJobTemplateAnnotationNamespaceKeyDeprecated = "armo.namespace" // deprecated CronJobTemplateAnnotationNamespaceKey = "app.kubescape/namespace" CronJobTemplateAnnotationRegistryNameKey = "armo.cloud/registryname" CronJobTemplateAnnotationHostScannerKey = "armo.host-scanner" CronJobTemplateAnnotationFrameworkKey = "armo.framework" CronJobTemplateLabelKey = "armo.tier" CronJobTemplateLabelValueKubescape = "kubescape-scan" CronJobTemplateLabelValueVulnScan = "vuln-scan" CronJobTemplateLabelValueRegistryScan = "registry-scan" )
View Source
const ( K8sKindCluster = "Cluster" K8sKindNode = "Node" K8sKindNamespace = "Namespace" K8sApiVersionV1 = "v1" K8sApiVersionRBAC = "rbac.authorization.k8s.io" K8sApiVersionRBACV1 = K8sApiVersionRBAC + "/" + K8sApiVersionV1 K8SApiVersionAppsV1 = "apps/v1" K8SApiVersionBatchV1 = "batch/v1" )
View Source
const ( V2ListExistsOperator string = "exists" V2ListEqualOperator string = "equal" V2ListMissingOperator string = "missing" V2ListMatchOperator string = "match" V2ListGreaterOperator string = "greater" V2ListLowerOperator string = "lower" V2ListRegexOperator string = "regex" V2ListLikeOperator string = "like" V2ListRangeOperator string = "range" V2ListIgnoreCaseOption string = "ignorecase" V2ListAscendingSort string = "asc" V2ListDescendingSort string = "desc" V2ListValueSeparator = "," V2ListOperatorSeparator = "|" V2ListSubQuerySeparator = "&" V2ListSortTypeSeparator = ":" V2ListEscapeChar = "\\" )
View Source
const ( CustomerGuidQuery = "customerGUID" ClusterNameQuery = "cluster" DatacenterNameQuery = "datacenter" NamespaceQuery = "namespace" ProjectQuery = "project" WlidQuery = "wlid" SidQuery = "sid" )
View Source
const ( SubscriptionStatusIncomplete = string(stripe.SubscriptionStatusIncomplete) SubscriptionStatusIncompleteExpired = string(stripe.SubscriptionStatusIncompleteExpired) SubscriptionStatusTrialing = string(stripe.SubscriptionStatusTrialing) SubscriptionStatusActive = string(stripe.SubscriptionStatusActive) SubscriptionStatusPastDue = string(stripe.SubscriptionStatusPastDue) SubscriptionStatusCanceled = string(stripe.SubscriptionStatusCanceled) SubscriptionStatusUnpaid = string(stripe.SubscriptionStatusUnpaid) )
View Source
const ( PostureControlStatusUnknown = 0 PostureControlStatusPassed = 1 PostureControlStatusWarning = 2 // deprecated PostureControlStatusFailed = 3 PostureControlStatusSkipped = 4 PostureControlStatusIrrelevant = 5 // deprecated PostureControlStatusError = 6 PostureResourceMaxCtrls = 6 )
Variables ¶
View Source
var ActiveSubscriptionStatuses = []string{SubscriptionStatusIncomplete, SubscriptionStatusTrialing, SubscriptionStatusActive}
Functions ¶
func GetInClusterSupportedNamespaces ¶ added in v0.0.114
func GetInClusterSupportedNamespaces() []string
func MockPortalDesignator ¶
func MockPortalDesignator() *identifiers.PortalDesignator
func ValidateContainerScanID ¶ added in v0.0.193
Types ¶
type Alert2Channel ¶
type Alert2Channel struct {
Critical []SlackChannel `json:"criticalChannels,omitempty" bson:"criticalChannels,omitempty"`
Error []SlackChannel `json:"errorChannels,omitempty" bson:"errorChannels,omitempty"`
Info []SlackChannel `json:"infoChannels,omitempty" bson:"infoChannels,omitempty"`
}
type AlertLevel ¶
type AlertLevel string
const ( AlertInfo AlertLevel = "info" AlertCritical AlertLevel = "critical" AlertError AlertLevel = "error" )
type ApprovementState ¶
type ApprovementState struct {
UpdateAuditEntry `json:",inline"`
Status ApprovementStatus `json:"status"`
}
type ApprovementStatus ¶
type ApprovementStatus int
const ( ApprovementStatusApprove ApprovementStatus = iota + 1 ApprovementStatusDecline ApprovementStatusPending )
type AssociationStatus ¶
type AssociationStatus int
const ( AssociationStatusAssigned AssociationStatus = iota + 1 AssociationStatusShown AssociationStatusDeclineByUser AssociationStatusHandled // the user took this recommendation into account AssociationStatusFixed // the user fixed the issue in some another way )
type AttackChain ¶ added in v0.0.203
type AttackChain struct {
AttackChainNodes AttackChainNode `json:"attackChainNodes,omitempty" bson:"attackChainNodes,omitempty"`
AttackChainConfig
}
type AttackChainConfig ¶ added in v0.0.210
type AttackChainConfig struct {
PortalBase `json:",inline" bson:",inline"`
Resource identifiers.PortalDesignator `json:"resource,omitempty" bson:"resource,omitempty"`
Description string `json:"description,omitempty" bson:"description,omitempty"`
CreationTime string `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
AttackChainID string `json:"attackChainID,omitempty" bson:"attackChainID,omitempty"` // name/cluster/resourceID
ClusterName string `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
CustomerGUID string `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"`
LatestReportGUID string `json:"latestReportGUID,omitempty" bson:"latestReportGUID,omitempty"` // latest reportGUID in which this attack chain was identified
UIStatus *AttackChainUIStatus `json:"uiStatus,omitempty" bson:"uiStatus,omitempty"`
Status AttackChainStatus `json:"status,omitempty" bson:"status,omitempty"` // "active"/ "fixed"
}
type AttackChainNode ¶ added in v0.0.203
type AttackChainNode struct {
Name string `json:"name" bson:"name,omitempty"`
Description string `json:"description" bson:"description,omitempty"`
ControlIDs []string `json:"controlIDs,omitempty" bson:"controlIDs,omitempty"` // failed/ignored controls that are associated to this attack chain node
Vulnerabilities []Vulnerabilities `json:"vulnerabilities,omitempty" bson:"vulnerabilities,omitempty"`
RelatedResources []identifiers.PortalDesignator `json:"relatedResources" bson:"relatedResources,omitempty"`
NextNodes []AttackChainNode `json:"nextNodes,omitempty" bson:"nextNodes,omitempty"`
}
func (*AttackChainNode) Equals ¶ added in v0.0.248
func (a *AttackChainNode) Equals(b *AttackChainNode) bool
func (*AttackChainNode) GetControlIDsFromAllNodes ¶ added in v0.0.241
func (attackChainNode *AttackChainNode) GetControlIDsFromAllNodes(controlIDs []string) []string
GetControlIDsFromAllNodes is a recursive func that returns a list of controlIDs from all nodes in the attack chain
type AttackChainStatus ¶ added in v0.0.203
type AttackChainStatus string
type AttackChainUIStatus ¶ added in v0.0.203
type AttackChainUIStatus struct {
// fields updated by the BE
FirstSeen string `json:"firstSeen,omitempty" bson:"firstSeen,omitempty"` // timestamp of first scan in which the attack chain was identified
// fields updated by the UI
ViewedMainScreen string `json:"viewedMainScreen,omitempty" bson:"viewedMainScreen,omitempty"` // if the attack chain was viewed by the user// New badge
ProcessingStatus string `json:"processingStatus,omitempty" bson:"processingStatus,omitempty"` // "processing"/ "done"
}
struct for UI support. All strings are timestamps
type AuthMethod ¶ added in v0.0.125
type Banner ¶ added in v0.0.194
type Banner struct {
CustomerGUID string `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"` // customerGUID of the account which clicked the banner
ScanID string `json:"scanID,omitempty" bson:"scanID,omitempty"` // for detailed view, unique key for banner is combination of scanID and bannerID
}
type CAContainerMetrics ¶ added in v0.0.249
type CAContainerMetrics struct {
core.Container `json:",inline"`
CAIntegrityStatus int `json:"caIntegrityStatus"`
}
CAContainerMetrics holds data of single container which runs in multiple pods
type CAK8SMeta ¶ added in v0.0.249
type CAK8SMeta struct {
CustomerGUID string `json:"customerGUID"`
CAClusterName string `json:"caClusterName,omitempty"`
LastUpdateTime time.Time `json:"caLastUpdate"`
IsActive bool `json:"isActive"`
}
CAK8SMeta holds common metadata about k8s objects
type CAMicroserviceOverview ¶ added in v0.0.249
type CAMicroserviceOverview struct {
CAMicroserviceOverviewMetadata `json:",inline"`
}
CAMicroserviceOverview represnets it's name
type CAMicroserviceOverviewMetadata ¶ added in v0.0.249
type CAMicroserviceOverviewMetadata struct {
CAK8SMeta `json:",inline"`
WLID string `json:"wlid"`
Datacenter string `json:"datacenter,omitempty"`
OVNamespace string `json:"namespace,omitempty"`
Project string `json:"project,omitempty"`
Orchestrator string `json:"orchestrator"`
Kind string `json:"kind"`
OperationType string `json:"operationType"`
OVName string `json:"name"`
Categories []string `json:"categories"`
DisplayName string `json:"displayName,omitempty"`
CloudProvider string `json:"cloudProvider"`
}
CAMicroserviceOverviewMetadata represnets it's name
type CommonSummaryFields ¶
type CommonSummaryFields struct {
// The unique id of the report this summary belongs to
ReportID GUID `json:"reportGUID"`
// The designators of this summary
Designators *identifiers.PortalDesignator `json:"designators"`
// Time of the scan that produced this summary
Timestamp time.Time `json:"timestamp"`
// swagger:ignore
// Indication if this summary is marked for deletetion
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}
swagger:model
type ContainerSummary ¶ added in v0.0.249
type ContainerSummary struct {
Name string `json:"name"`
Image string `json:"image"`
IsPrivileged bool `json:"root"`
Probes []Probe `json:"probes,omitempty"`
Limitations `json:"limitations,omitempty"`
}
ContainerSummary - a must have summarized info of containers
type ContainersStatusData ¶ added in v0.0.249
ContainersStatusData holds the status of containers in runtime. This including the docker image tag + image hash
func (*ContainersStatusData) GetContainerImageDetails ¶ added in v0.0.249
func (contsImages *ContainersStatusData) GetContainerImageDetails(contName string) (string, string, error)
GetContainerImageDetails extract the docker image details of specific container in list
type ControlInfo ¶
type ControlInfo struct {
// ID of the control
// Example: C-0034
ID string `json:"id"`
// How much this control is critical
// Example: 6
BaseScore float32 `json:"baseScore"`
// How many failed resources for this control
// Example: 3
FailedResources int `json:"failedResources"`
}
ControlInfo Basic information about a control
type ControlInputs ¶
type ControlInputs struct {
Rulename string
Inputs []PostureAttributesList // Attribute = input list name, Values = list values
}
type CountFunc ¶ added in v0.0.216
type CountFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (uint64, error)
type CustomerAccessStatus ¶ added in v0.0.170
type CustomerAccessStatus string
const ( PayingCustomer CustomerAccessStatus = "paying" FreeCustomer CustomerAccessStatus = "free" TrialCustomer CustomerAccessStatus = "trial" BlockedCustomer CustomerAccessStatus = "blocked" )
type CustomerConfig ¶
type CustomerConfig struct {
Name string `json:"name" bson:"name"`
Attributes map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
Scope identifiers.PortalDesignator `json:"scope" bson:"scope"`
Settings Settings `json:"settings" bson:"settings"`
}
func MockCustomerConfig ¶
func MockCustomerConfig() *CustomerConfig
type CustomerOnboarding ¶ added in v0.0.143
type CustomerOnboarding struct {
Completed *bool `json:"completed,omitempty" bson:"completed,omitempty"` // user completed the onboarding
CompanySize *string `json:"companySize,omitempty" bson:"companySize,omitempty"` // user company size
Role *string `json:"role,omitempty" bson:"role,omitempty"` // user role
OrgName *string `json:"orgName,omitempty" bson:"orgName,omitempty"` // user organization name
Interests []string `json:"interests,omitempty" bson:"interests,omitempty"` // user interests
}
type CustomerState ¶ added in v0.0.143
type CustomerState struct {
Onboarding *CustomerOnboarding `json:"onboarding,omitempty" bson:"onboarding,omitempty"`
GettingStarted *GettingStartedChecklist `json:"gettingStarted,omitempty" bson:"gettingStarted,omitempty"`
NodeUsage *NodeUsage `json:"nodeUsage,omitempty" bson:"nodeUsage,omitempty"`
AttackChainsLastScan string `json:"attackChainsLastScan,omitempty" bson:"attackChainsLastScan,omitempty"`
}
CustomerState holds the state of the customer, used for UI purposes
type Duration ¶ added in v0.0.207
func (Duration) MarshalJSON ¶ added in v0.0.207
func (*Duration) SetDuration ¶ added in v0.0.207
func (*Duration) UnmarshalJSON ¶ added in v0.0.207
type EnforcmentsRule ¶
type ExecutionPolicy ¶
type ExecutionPolicy struct {
PortalBase `json:",inline"`
Designators []identifiers.PortalDesignator `json:"designators"`
PolicyType string `json:"policyType"`
CreationTime string `json:"creation_time"`
ExecutionEnforcmentsRules []EnforcmentsRule `json:"enforcementRules"`
}
type GettingStartedChecklist ¶ added in v0.0.143
type GettingStartedChecklist struct {
// indicates if the user has dismissed the checklist
GettingStartedDismissed *bool `json:"gettingStartedDismissed,omitempty" bson:"gettingStartedDismissed,omitempty"`
// checklist items
EverConnectedCluster *bool `json:"everConnectedCluster,omitempty" bson:"everConnectedCluster,omitempty"`
EverScannedRepository *bool `json:"everScannedRepository,omitempty" bson:"everScannedRepository,omitempty"`
EverScannedRegistry *bool `json:"everScannedRegistry,omitempty" bson:"everScannedRegistry,omitempty"`
EverCollaborated *bool `json:"everCollaborated,omitempty" bson:"everCollaborated,omitempty"`
EverInvitedTeammate *bool `json:"everInvitedTeammate,omitempty" bson:"everInvitedTeammate,omitempty"`
EverUsedRbacVisualizer *bool `json:"everUsedRbacVisualizer,omitempty" bson:"everUsedRbacVisualizer,omitempty"`
}
type HighlightsByControl ¶
type InstallationData ¶ added in v0.0.191
type InstallationData struct {
ClusterName string `json:"clusterName,omitempty" bson:"clusterName,omitempty"` // cluster name defined manually or from the cluster context
ClusterShortName string `json:"clusterShortName,omitempty" bson:"clusterShortName,omitempty"` // cluster short name enriched from the cluster name by BE
StorageEnabled *bool `json:"storage,omitempty" bson:"storage,omitempty"` // storage configuration (enabled/disabled)
RelevantImageVulnerabilitiesEnabled *bool `json:"relevantImageVulnerabilitiesEnabled,omitempty" bson:"relevantImageVulnerabilitiesEnabled,omitempty"` // relevancy actual state (enabled/disabled)
RelevantImageVulnerabilitiesConfiguration RelevantImageVulnerabilitiesConfiguration `json:"relevantImageVulnerabilitiesConfiguration,omitempty" bson:"relevantImageVulnerabilitiesConfiguration,omitempty"` // relevancy configuration defined user
Namespace string `json:"namespace,omitempty" bson:"namespace,omitempty"` // namespace to deploy the components
ImageVulnerabilitiesScanningEnabled *bool `json:"imageVulnerabilitiesScanningEnabled,omitempty" bson:"imageVulnerabilitiesScanningEnabled,omitempty"` // image scanning configuration (enabled/disabled)
PostureScanEnabled *bool `json:"postureScanEnabled,omitempty" bson:"postureScanEnabled,omitempty"` // posture configuration (enabled/disabled)
OtelCollectorEnabled *bool `json:"otelCollector,omitempty" bson:"otelCollector,omitempty"` // otel collector configuration (enabled/disabled)
ClusterProvider string `json:"clusterProvider,omitempty" bson:"clusterProvider,omitempty"` // cluster provider (aws/azure/gcp)
}
type K8SAncestor ¶ added in v0.0.249
type K8SAncestor struct {
Name string `json:"name"`
Kind string `json:"kind"`
FullDeclaraion interface{} `json:"ownerData,omitempty"`
}
K8SAncestor represents the kind of the microservice inside the k8s cluster
type K8SNamespace ¶ added in v0.0.249
type K8SNamespace struct {
CAK8SMeta `json:",inline"`
Name string `json:"name"`
core.Namespace `json:",inline"`
}
K8SNamespace represents single k8s namespace in cluster
type K8SPodObject ¶ added in v0.0.249
type K8SPodObject struct {
CAK8SMeta `json:",inline"`
Name string `json:"podName"`
CreatedAt time.Time `json:"startedAt,omitempty"`
TerminatedAt *time.Time `json:"terminatedAt,omitempty"`
PodIP string `json:"podIP"`
NodeName string `json:"nodeName"`
Namespace string `json:"namespace"`
NominatedNodeName string `json:"nominatedNodeName"`
Ancestor K8SAncestor `json:"uptreeOwner,omitempty"`
PodSpecID int64 `json:"podSpecId"`
PodStatus string `json:"podStatus"`
}
K8SPodObject represents actuall pod which run on particular node of the cluster
type KPIPostureScan ¶
type KPIPostureScan struct {
Client string `json:"client"`
ClientVersion string `json:"clientVersion"`
Framework string `json:"framework"`
FrameworkVersion string `json:"frameworkVersion"`
Timestamp time.Time `json:"timestamp"`
Target string `json:"target"` //yaml,helm,running - what we actually scanned
ClientIP string `json:"clientIP"`
}
type LicenseType ¶ added in v0.0.154
type LicenseType string
const ( LicenseTypeFree LicenseType = "Free" LicenseTypeTeam LicenseType = "Team" LicenseTypeEnterprise LicenseType = "Enterprise" )
type Limitations ¶ added in v0.0.249
type Limitations struct {
CPU int64 `json:"cpu,omitempty"`
Memory int64 `json:"memory,omitempty"`
Disk int64 `json:"disk,omitempty"`
}
Limitations - container defined limitations
type MicroserviceExtraDetails ¶ added in v0.0.249
type MicroserviceExtraDetails struct {
CAMicroserviceOverviewMetadata `json:",inline"`
NumOfContainers int `json:"NumOfContainers"`
Labels map[string]string `json:"labels,omitempty"`
Annotations map[string]string `json:"annotations,omitempty"`
ContainersSummary []ContainerSummary `json:"containers"`
ExternalFacing bool `json:"isExternalFacingMS"`
}
MicroserviceExtraDetails represent an overview of microservice, services, container data and cloud data
type MicroserviceInfo ¶ added in v0.0.249
type MicroserviceInfo struct {
MicroserviceMetadataView `json:",inline"`
PodSpecID int64 `json:"podSpecId"` // will be sent from the cluster-agent to reconize this spec
core.PodSpec `json:"spec"`
core.PodStatus `json:"status" yaml:"status"`
Containers []CAContainerMetrics `json:"containers,omitempty"`
K8SPodObjects []K8SPodObject `json:"k8sPodObjects,omitempty"`
CAStartTime time.Time `json:"caStartTime"`
}
MicroserviceInfo single microservice with CA metrics
func (*MicroserviceInfo) GetShortName ¶ added in v0.0.249
func (msi *MicroserviceInfo) GetShortName() string
GetShortName returns the last 2 parts of the microservice
type MicroserviceMetadataView ¶ added in v0.0.249
type MicroserviceMetadataView struct {
CAMicroserviceOverviewMetadata
metav1.ObjectMeta `json:"metadata"`
Ancestor K8SAncestor `json:"uptreeOwner,omitempty"`
UsageType string `json:"usageType,omitempty"`
Categories map[string]bool `json:"categories"`
CALabels map[string]string `json:"caLabels"`
}
MicroserviceMetadataView represent the model to return in metadata request
type Notifications ¶
type Notifications struct {
PostureScan []string `json:"postureScan,omitempty" bson:"postureScan,omitempty"` // bad approach kept till i see if can do something with mongo and old data
PostureScoreAboveLastScan []string `json:"postureScoreAboveLastScan,omitempty" bson:"postureScoreAboveLastScan,omitempty"`
PostureScanV1 []SlackNotification `json:"postureScanV1" bson:"postureScanV1"`
PostureScanAboveLastScanV1 []SlackNotification `json:"postureScoreAboveLastScanV1" bson:"postureScoreAboveLastScanV1"`
}
type PaginationCursorFunc ¶ added in v0.0.216
type PaginationCursorFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) (*V2ListResponse, error)
PaginationCursorFunc declaring function which returns data ready for pagination by cursor to the next page
type PaginationSearchByScopeFiltersFunc ¶ added in v0.0.216
type PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)
type PaginationSearchByScopeFiltersScrollFunc ¶ added in v0.0.216
type PaginationSearchByScopeFiltersScrollFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (*SearchResponse, error)
PaginationSearchByScopeFiltersScrollFunc declaring function which returns data ready for paginationtype PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *armotypes.QueryScopeParams, paginationObject *armotypes.V2ListRequest) ([]armotypes.RawJSONObject, *ElasticRespTotal, error)
type PaginationSearchFunc ¶ added in v0.0.216
type PaginationSearchFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)
PaginationSearchFunc declaring function which returns data ready for pagination
type PolicyType ¶ added in v0.0.172
type PolicyType string
const PostureExceptionPolicyType PolicyType = "postureExceptionPolicy"
const VulnerabilityExceptionPolicyType PolicyType = "vulnerabilityExceptionPolicy"
type PortalBase ¶
type PortalBase struct {
GUID string `json:"guid" bson:"guid"`
Name string `json:"name" bson:"name"`
Attributes map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
UpdatedTime string `json:"updatedTime,omitempty" bson:"updatedTime,omitempty"`
}
PortalBase holds basic items data from portal BE
func MockPortalBase ¶
func MockPortalBase(customerGUID, name string, attributes map[string]interface{}) *PortalBase
func (*PortalBase) GetAttributes ¶ added in v0.0.128
func (p *PortalBase) GetAttributes() map[string]interface{}
func (*PortalBase) GetGUID ¶ added in v0.0.128
func (p *PortalBase) GetGUID() string
Getters & Setter used by derived types for interfaces implementation
func (*PortalBase) GetName ¶ added in v0.0.128
func (p *PortalBase) GetName() string
func (*PortalBase) GetUpdatedTime ¶ added in v0.0.141
func (p *PortalBase) GetUpdatedTime() *time.Time
func (*PortalBase) SetAttributes ¶ added in v0.0.128
func (p *PortalBase) SetAttributes(attributes map[string]interface{})
func (*PortalBase) SetGUID ¶ added in v0.0.128
func (p *PortalBase) SetGUID(guid string)
func (*PortalBase) SetName ¶ added in v0.0.128
func (p *PortalBase) SetName(name string)
func (*PortalBase) SetUpdatedTime ¶ added in v0.0.135
func (p *PortalBase) SetUpdatedTime(updatedTime *time.Time)
type PortalCache ¶ added in v0.0.201
type PortalCache[T any] struct { GUID string `json:"guid" bson:"guid"` Name string `json:"name,omitempty" bson:"name,omitempty"` DataType DataType `json:"dataType,omitempty" bson:"dataType,omitempty"` Data T `json:"data,omitempty" bson:"data,omitempty"` CreationTime string `json:"creationTime" bson:"creationTime"` UpdatedTime string `json:"lastUpdated,omitempty" bson:"lastUpdated,omitempty"` ExpiryTime time.Time `json:"expiryTime,omitempty" bson:"expiryTime,omitempty"` }
PortalCache is an auxiliary structure to store cache data
func (*PortalCache[T]) SetExpiryTime ¶ added in v0.0.201
func (c *PortalCache[T]) SetExpiryTime(expiryTime time.Time)
func (*PortalCache[T]) SetTTL ¶ added in v0.0.201
func (c *PortalCache[T]) SetTTL(ttl time.Duration)
type PortalCluster ¶ added in v0.0.120
type PortalCluster struct {
PortalBase `json:",inline" bson:"inline"`
SubscriptionDate string `json:"subscription_date,omitempty" bson:"subscription_date,omitempty"`
LastLoginDate string `json:"last_login_date,omitempty" bson:"last_login_date,omitempty"`
InstallationData *InstallationData `json:"installationData" bson:"installationData,omitempty"`
}
PortalCluster holds cluster data from portal BE
type PortalRegistryCronJob ¶ added in v0.0.132
type PortalRegistryCronJob struct {
PortalBase `json:",inline" bson:"inline"`
RegistryInfo `json:",inline" bson:"inline"`
CreationDate string `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
ID string `json:"id,omitempty" bson:"id,omitempty"`
ClusterName string `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
CronTabSchedule string `json:"cronTabSchedule,omitempty" bson:"cronTabSchedule,omitempty"`
Repositories []Repository `json:"repositories,omitempty" bson:"repositories,omitempty"`
}
type PortalRepository ¶ added in v0.0.128
type PortalRepository struct {
PortalBase `json:",inline" bson:"inline"`
CreationDate string `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
Provider string `json:"provider,omitempty" bson:"provider,omitempty"`
Owner string `json:"owner,omitempty" bson:"owner,omitempty"`
RepoName string `json:"repoName,omitempty" bson:"repoName,omitempty"`
BranchName string `json:"branchName,omitempty" bson:"branchName,omitempty"`
}
type PostureAttributesList ¶
type PostureClusterOverTime ¶
type PostureClusterOverTime struct {
Designators identifiers.PortalDesignator `json:"designators,omitempty"`
ClusterName string `json:"clusterName"`
Frameworks []PostureFrameworkOverTime `json:"frameworks"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}
-------- /api/v1/posture/clustersOvertime response datastructures
type PostureClusterSummary ¶ added in v0.0.122
type PostureClusterSummary struct {
Score float32 `json:"score"`
TotalControls int `json:"totalControls"`
FailedControls int `json:"failedControls"`
SkippedControls int `json:"skippedControls,omitempty"`
WarningControls int `json:"warningControls,omitempty"` // Deprecated
ReportID string `json:"reportGUID"`
Designators identifiers.PortalDesignator `json:"designators"`
Timestamp time.Time `json:"timestamp"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
Frameworks []string `json:"frameworks"`
// Counters - Failed resources by severity
CriticalSeverityResources int `json:"criticalSeverityResources"`
HighSeverityResources int `json:"highSeverityResources"`
MediumSeverityResources int `json:"mediumSeverityResources"`
LowSeverityResources int `json:"lowSeverityResources"`
// Counters - Failed controls by severity
CriticalSeverityControls int `json:"criticalSeverityControls"`
HighSeverityControls int `json:"highSeverityControls"`
MediumSeverityControls int `json:"mediumSeverityControls"`
LowSeverityControls int `json:"lowSeverityControls"`
// Counters - Resources by status
PassedResources int `json:"passedResources"`
FailedResources int `json:"failedResources"`
SkippedResources int `jsons:"skippedResources,omitempty"`
ExcludedResources int `json:"excludedResources,omitempty"` // Deprecated
// Metadata
KubescapeVersion string `json:"kubescapeVersion"`
KubernetesVersion string `json:"kubernetesVersion"`
WorkerNodeCount int `json:"workerNodeCount"`
Location string `json:"location"`
CloudProvider string `json:"cloudProvider"`
// Information about the controls that were run on this entity
// The key is the status of the control (`failed`, `passed`, etc)
ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`
// Names of the cluster
FullName string `json:"clusterFullName"`
ShortName string `json:"clusterShortName"`
PrefixName string `json:"clusterPrefixName"`
}
type PostureContainerSummary ¶
type PostureControlSummary ¶
type PostureControlSummary struct {
Designators identifiers.PortalDesignator `json:"designators"`
ControlID string `json:"id"` // "C0001"
ControlGUID string `json:"guid"`
Name string `json:"name"`
AffectedResourcesCount int `json:"affectedResourcesCount"`
FailedResourcesCount int `json:"failedResourcesCount"`
SkippedResourcesCount int `json:"skippedResourcesCount"`
WarningResourcesCount int `json:"warningResourcesCount"` // Deprecated
TotalScannedResourcesCount *int `json:"totalScannedResourcesCount"`
PreviousAffectedResourcesCount int `json:"previousAffectedResourcesCount"`
PreviousFailedResourcesCount int `json:"previousFailedResourcesCount"`
PreviousSkippedResourcesCount int `json:"previousSkippedResourcesCount"`
PreviousWarningResourcesCount int `json:"previousWarningResourcesCount"` // Deprecated
Framework string `json:"frameworkName"`
FrameworkSubSectionID []string `json:"frameworkSubsectionID,omitempty"`
Remediation string `json:"remediation"`
Status int `json:"status"`
StatusText string `json:"statusText"`
SubStatusText string `json:"subStatusText,omitempty"`
Description string `json:"description"`
Section string `json:"section"`
Timestamp time.Time `json:"timestamp"`
ReportID string `json:"reportGUID"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
Score float32 `json:"score"`
ComplianceScore *float32 `json:"complianceScore"`
ScoreFactor float32 `json:"baseScore"`
ScoreWeight float32 `json:"scoreWeight"`
ARMOImprovement float32 `json:"ARMOimprovement"`
RelevantCloudProvides []string `json:"relevantCloudProvides"`
ControlInputs []ControlInputs `json:"controlInputs"`
IsLastScan int `json:"isLastScan"`
HighlightPathsCount int64 `json:"highlightPathsCount"`
ClusterShortName string `json:"clusterShortName"`
}
----/api/v1/posture/controls
type PostureExceptionPolicy ¶
type PostureExceptionPolicy struct {
PortalBase `json:",inline" bson:"inline"`
PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`
CreationTime string `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
Actions []PostureExceptionPolicyActions `json:"actions,omitempty" bson:"actions,omitempty"`
Resources []identifiers.PortalDesignator `json:"resources" bson:"resources,omitempty"`
PosturePolicies []PosturePolicy `json:"posturePolicies,omitempty" bson:"posturePolicies,omitempty"`
Reason *string `json:"reason,omitempty" bson:"reason,omitempty"`
ExpirationDate *time.Time `json:"expirationDate,omitempty" bson:"expirationDate,omitempty"`
CreatedBy string `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}
func (*PostureExceptionPolicy) IsAlertOnly ¶
func (exceptionPolicy *PostureExceptionPolicy) IsAlertOnly() bool
func (*PostureExceptionPolicy) IsDisable ¶
func (exceptionPolicy *PostureExceptionPolicy) IsDisable() bool
type PostureExceptionPolicyActions ¶
type PostureExceptionPolicyActions string
const AlertOnly PostureExceptionPolicyActions = "alertOnly"
const Disable PostureExceptionPolicyActions = "disable"
type PostureFrameworkOverTime ¶
type PostureFrameworkOverTime struct {
// "frameworkName": "MITRE",
// "riskScore": 54,
RiskScore float32 `json:"riskScore,omitempty"`
ComplianceScore float32 `json:"complianceScore,omitempty"`
Framework string `json:"frameworkName"`
Coords []PostureFrameworkOverTimeCoord `json:"cords"`
}
PostureFrameworkOverTime - the response structure
type PostureFrameworkSubsectionSummary ¶
type PostureFrameworkSubsectionSummary struct {
// The name (title) of the subsection
// Example: General Policies
Name string `json:"name"`
// The name of the framework this subsection belongs to
// Example: CIS
Framework string `json:"framework"`
// Unique id of the subsection inside its framework
// Example: 5.7
ID string `json:"id"`
// Statistics about the controls that were run
// The key is the status of the control (`failed`, `passed`, etc).
// The value is the number of controls
// Example: {"failed": 3, "passed": 4}
ControlsStats map[string]uint `json:"controlsStats"`
}
type PostureFrameworkSummary ¶
type PostureFrameworkSummary struct {
Name string `json:"name"`
TypeTags []string `json:"typeTags"`
Score float32 `json:"value"`
ComplianceScore float32 `json:"complianceScorev1"`
ImprovementScore float32 `json:"improvementScore"`
TotalControls int `json:"totalControls"`
FailedControls int `json:"failedControls"`
SkippedControls int `json:"skippedControls,omitempty"`
WarningControls int `json:"warningControls,omitempty"` // Deprecated
ReportID string `json:"reportGUID"`
Designators identifiers.PortalDesignator `json:"designators"`
Timestamp time.Time `json:"timestamp"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}
type PostureFrameworksOverTime ¶
type PostureFrameworksOverTime struct {
ClusterName string `json:"clusterName"`
ScoreValue float32 `json:"value"`
ReportID string `json:"reportGUID"`
Timestamp time.Time `json:"timestamp"`
Framework string `json:"frameworkName"`
}
Used for elastic
type PostureJobParams ¶
type PosturePaths ¶
type PosturePaths struct {
ResourceID string `json:"resourceID,omitempty"` // resource on which the remediation needs to be applied
// must have FailedPath or FixPath, not both
FailedPath string `json:"failedPath,omitempty"`
FixPath FixPath `json:"fixPath,omitempty"`
FixCommand string `json:"fixCommand,omitempty"`
}
type PosturePolicy ¶
type PosturePolicy struct {
FrameworkName string `json:"frameworkName" bson:"frameworkName"`
ControlName string `json:"controlName,omitempty" bson:"controlName,omitempty"`
ControlID string `json:"controlID,omitempty" bson:"controlID,omitempty"`
RuleName string `json:"ruleName,omitempty" bson:"ruleName,omitempty"`
}
type PostureReportResultRaw ¶
type PostureReportResultRaw struct {
Designators identifiers.PortalDesignator `json:"designators"`
Timestamp time.Time `json:"timestamp"`
ReportID string `json:"reportGUID"`
ResourceID string `json:"resourceID"`
ControlID string `json:"controlID"`
ControlConfigurations []ControlInputs `json:"controlConfigurations,omitempty"`
HighlightsPaths []PosturePaths `json:"highlightsPaths"`
RelatedResourcesIDs []string `json:"relatedResourcesID,omitempty"`
}
type PostureResource ¶
type PostureResource struct {
UniqueResourceResult string `json:"uniqueResourceResult"` // FNV(customerGUID + cluster+resourceID+frameworkName + resource.ReportID) to allow fast search for aggregation
Designators identifiers.PortalDesignator `json:"designators"`
Name string `json:"name"` // wlid/sid and etc.
ResourceID string `json:"resourceID"` //as given by kscape
ControlName string `json:"controlName"`
HighlightPaths []string `json:"highlightPaths"` // specifies "failedPath" - where exactly in the raw resources the control failed
FixPaths []FixPath `json:"fixPaths"` // specifies "fixPaths" - what in the raw resources needs to be added by user
ControlID string `json:"controlID"`
FrameworkName string `json:"frameworkName"`
ControlStatus int `json:"controlStatus"` // it's rather resource status within the control, control might fail but on this specific resource it might be passed (exception)
ControlStatusText string `json:"controlStatusText"`
RelatedExceptions []PostureExceptionPolicy `json:"relatedExceptions"` // configured in portal
ExceptionApplied []PostureExceptionPolicy `json:"exceptionApplied"` //actual ruleResponse
ResourceKind string `json:"kind"`
ResourceNamespace string `json:"namespace"`
Remediation string `json:"remediation"`
Images []PostureContainerSummary `json:"containers,omitempty"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
Recommendations []RecommendationAssociation `json:"recommendations"`
Timestamp time.Time `json:"timestamp"`
ReportID string `json:"reportGUID"`
}
1 resource per 1 control
type PostureResourceSummary ¶
type PostureResourceSummary struct {
Designators identifiers.PortalDesignator `json:"designators"`
Name string `json:"name"` // wlid/sid and etc.
ResourceID string `json:"resourceID"` //as given by kscape
//gives upto PostureResourceMaxCtrls controls as an example
FailedControl []string `json:"failedControls"`
WarningControls []string `json:"warningControls"`
SkippedControls []string `json:"skippedControls"`
//maps statusText 2 list of controlIDs
StatusToControls map[string][]string `json:"statusToControls"`
HighlightsPerCtrl []HighlightsByControl `json:"highlightsPerControl"`
//totalcount (including the failed/warning controls slices)
FailedControlCount int `json:"failedControlsCount"`
SkippedControlCount int `json:"skippedControlsCount"`
WarningControlCount int `json:"warningControlsCount"` // Deprecated
Status int `json:"status"`
StatusText string `json:"statusText"`
SubStatusText string `json:"subStatusText,omitempty"`
Remediation []string `json:"remediation"`
ResourceKind string `json:"resourceKind"`
FrameworkName string `json:"frameworkName"`
ExceptionRecommendaion string `json:"exceptionRecommendaion"`
RelatedExceptions []PostureExceptionPolicy `json:"relatedExceptions"` // configured in portal
ExceptionApplied []PostureExceptionPolicy `json:"exceptionApplied"` //actual ruleResponse
Images []PostureContainerSummary `json:"containers,omitempty"`
Recommendations []RecommendationAssociation `json:"recommendations"`
Timestamp time.Time `json:"timestamp"`
ReportID string `json:"reportGUID"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
ArmoBestScore int64 `json:"armoBestScore"`
// Information about the controls that were run on this entity
// The key is the status of the control (`failed`, `passed`, etc)
ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`
// Counters - Failed controls by severity
CriticalSeverityControls int `json:"criticalSeverityControls"`
HighSeverityControls int `json:"highSeverityControls"`
MediumSeverityControls int `json:"mediumSeverityControls"`
LowSeverityControls int `json:"lowSeverityControls"`
ClusterShortName string `json:"clusterShortName"`
}
type PostureScanConfig ¶
type PostureScanConfig struct {
ScanFrequency ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
}
type PostureSummary ¶
type PostureSummary struct {
RuntimeImprovementPercentage float32 `json:"runtimeImprovementPercentage"`
LastRun time.Time `json:"lastRun"`
ReportID string `json:"reportGUID"`
Designators identifiers.PortalDesignator `json:"designators"`
PostureAttributes PostureAttributesList `json:"postureAttributes"`
ClusterCloudProvider string `json:"clusterCloudProvider"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}
--------/api/v1/posture/summary
type Probe ¶ added in v0.0.249
type Probe struct {
Type string `json:"type"` // e,g liveness/readiness/<w.e>
Data string `json:"data"` // actual probe data/settings
}
Probe - represent the various container probes
type ProcessingStatus ¶ added in v0.0.203
type ProcessingStatus string
type QueryScopeParams ¶ added in v0.0.207
type QueryScopeParams struct {
InstanceID string
Cluster []string
Namespace []string
WLIDs []string
Kind []string
Name []string
Repository []string
Registry []string
Tag []string
Custom map[string][]string
}
func (*QueryScopeParams) FixOrAddAsInnerFilters ¶ added in v0.0.207
func (qsp *QueryScopeParams) FixOrAddAsInnerFilters(paginationReq *V2ListRequest, instanceIDField, clusterNameField, namespaceField, wlidField, kindField, nameField string)
FixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names
func (*QueryScopeParams) FixOrAddAsInnerFiltersMap ¶ added in v0.0.207
func (qsp *QueryScopeParams) FixOrAddAsInnerFiltersMap(paginationReq *V2ListRequest, filters Filters)
func (*QueryScopeParams) FixOrAddAsUniqueInnerFilters ¶ added in v0.0.216
func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFilters(reqObj *UniqueValuesRequestV2, instanceIDField, clusterNameField, namespaceField, wlidField, kindField, nameField string)
fixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names
func (*QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap ¶ added in v0.0.216
func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap(reqObj *UniqueValuesRequestV2, filters Filters)
type RawJSONObject ¶ added in v0.0.207
type RawJSONObject gojay.EmbeddedJSON
RawJSONObject holds bytes of JSON object
func (*RawJSONObject) MarshalJSON ¶ added in v0.0.207
func (rjo *RawJSONObject) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.marshaler interface
type RawResource ¶
type RawResource struct {
Designators identifiers.PortalDesignator `json:"designators"`
Timestamp time.Time `json:"timestamp"`
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
ResourceID string `json:"resourceID"`
PostureReportID string `json:"postureReportID,omitempty"`
SPIFFE string `json:"spiffe"`
Containers []PostureContainerSummary `json:"containers,omitempty"`
RelatedResourcesIDs []string `json:"relatedResourcesID,omitempty"`
RAW json.RawMessage `json:"object"`
}
type RecommendationAssociation ¶
type RecommendationAssociation struct {
PortalBase `json:",inline"`
// audit for user actions taken for this recommendation
UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
// the context to show this recommendation to this customer
Context []identifiers.ArmoContext `json:"context"`
// designator object as we have in current resources represntaion
// this is about to be useless
Designators identifiers.PortalDesignator `json:"designators"`
// guid of the recommendation in recommendation DB
RecommendationPrototypeGUID string `json:"recommendationPrototypeGUID"`
RecommendationDetails RecommendationSkeletonV1 `json:"recommendationDetails"`
// current status of this recommendation for the given resource
Status AssociationStatus `json:"status"`
}
this structure is dedicated to connect between recommendation and specific resource and trace the user actions taken due to this recommendation
type RecommendationSkeletonV1 ¶
type RecommendationSkeletonV1 struct {
PortalBase `json:",inline"`
// audit for manual changes made in this recommendation
UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
// the action the user should take
Action string `json:"action"`
Description string `json:"description"`
// link to some well explained description of this recommendation
DescriptionLink string `json:"descriptionLink"`
// the context to show this recommendation in
Context []identifiers.ArmoContext `json:"context"`
// the approvement status. Do we should show this recommendation to users?
Approvement ApprovementState `json:"approvement"`
}
type RecordStatus ¶
type RecordStatus int
const ( RecordAlive RecordStatus = 0 RecordShouldDelete RecordStatus = 1 )
type RegistryInfo ¶ added in v0.0.125
type RegistryInfo struct {
RegistryName string `json:"registryName,omitempty" bson:"registryName"`
RegistryProvider string `json:"registryProvider,omitempty" bson:"registryProvider"`
RegistryToken string `json:"registryToken,omitempty" bson:"registryToken"`
Depth *int `json:"depth,omitempty" bson:"depth"`
Include []string `json:"include,omitempty" bson:"include"`
Exclude []string `json:"exclude,omitempty" bson:"exclude"`
Kind string `json:"kind,omitempty" bson:"kind"`
IsHTTPS *bool `json:"isHTTPS,omitempty" bson:"isHTTPS"`
SkipTLSVerify *bool `json:"skipTLSVerify,omitempty" bson:"skipTLSVerify"`
AuthMethod AuthMethod `json:"authMethod,omitempty" bson:"authMethod"`
SecretName string `json:"secretName,omitempty" bson:"secretName"`
}
type RegistryJobParams ¶
type RelevantImageVulnerabilitiesConfiguration ¶ added in v0.0.198
type RelevantImageVulnerabilitiesConfiguration string
const ( RelevantImageVulnerabilitiesConfigurationEnable RelevantImageVulnerabilitiesConfiguration = "enable" RelevantImageVulnerabilitiesConfigurationDisable RelevantImageVulnerabilitiesConfiguration = "disable" RelevantImageVulnerabilitiesConfigurationDetect RelevantImageVulnerabilitiesConfiguration = "detect" )
type RepoEntityKind ¶
type RepoEntityKind string
Kind of an entity. Can only be one of the following: `file` or `repo` Example: repo
const ( RepoEntityFile RepoEntityKind = "file" RepoEntityRepo RepoEntityKind = "repo" )
type RepoEntitySummary ¶
type RepoEntitySummary struct {
Designators identifiers.PortalDesignator `json:"designators"`
// Name of this entity
// Example: "my-repo"
Name string `json:"name"`
Kind RepoEntityKind `json:"kind"`
// Number of children of the entity. For `file`s entity it would be
// the amount of the resources inside this file, and for `repo`s -
// the amount of scanned files
// Example: 13
ChildCount uint64 `json:"childCount"`
// Status of the entity
// Example: failed
StatusText string `json:"statusText"`
// Information about the controls that were run on this entity
// The key is the status of the control (`failed`, `passed`, etc)
ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`
// Statistics about the controls that were run
// The key is the status of the control (`failed`, `passed`, etc).
// The value is the number of controls
// Example: {"failed": 3, "passed": 4}
ControlsStats map[string]int `json:"controlsStats"`
// Frameworks that were run.
// In multi-frameworks-summary, this property is
// taking the place of the `framework` property
// Example: ["ArmoBest", "MITRE"]
Frameworks []string `json:"frameworks,omitempty"`
// Single framework this summary is for.
// Example: ArmoBest
Framework string `json:"framework,omitempty"`
// Time of the scan that produced this result
Timestamp time.Time `json:"timestamp"`
ReportID string `json:"reportGUID"`
// swagger:ignore
// This record is marked for deletion or not
DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}
RepoEntitySummary summary of repo scanning entity.
type Repository ¶ added in v0.0.133
type Repository struct {
RepositoryName string `json:"repositoryName"`
}
type RespTotal64 ¶ added in v0.0.207
type RetrieveObjectsByRequestPayload ¶ added in v0.0.207
type RetrieveObjectsByRequestPayload struct {
MultipleItems map[string][]string
SingleItems map[string]string
Exists []string
MustNot []map[string]interface{}
ExcludeFields []string
}
payload for querying/filtering a list, key: <fieldname> and value is the string value
type ScanFrequency ¶
type ScanFrequency string
type SearchAfterResp ¶ added in v0.0.207
type SearchAfterResp struct {
Sort interface{} `json:"sort"`
}
type SearchResponse ¶ added in v0.0.207
type SearchResponse struct {
Result []RawJSONObject
Total *RespTotal
Cursor *Cursor
Sort *SearchAfterResp
}
type Settings ¶
type Settings struct {
PostureControlInputs map[string][]string `json:"postureControlInputs" bson:"postureControlInputs"`
PostureScanConfig PostureScanConfig `json:"postureScanConfig" bson:"postureScanConfig"`
VulnerabilityScanConfig VulnerabilityScanConfig `json:"vulnerabilityScanConfig" bson:"vulnerabilityScanConfig"`
SlackConfigurations SlackSettings `json:"slackConfigurations,omitempty" bson:"slackConfigurations,omitempty"`
}
func MockSettings ¶
func MockSettings() *Settings
type SlackChannel ¶
type SlackChannel struct {
ChannelID string `json:"channelID" bson:"channelID"`
ChannelName string `json:"channelName" bson:"channelName"`
AlertLevel AlertLevel `json:"alertLevel" bson:"alertLevel"`
}
type SlackNotification ¶
type SlackNotification struct {
IsActive bool `json:"isActive" bson:"isActive"`
Channels []SlackChannel `json:"channels" bson:"channels"`
Attributes map[string]interface{} `json:"attributes" bson:"attributes"`
}
type SlackSettings ¶
type SlackSettings struct {
Token string `json:"token" bson:"token"`
Alert2Channel `json:",inline,omitempty" bson:"inline,omitempty"`
Notifications `json:"notifications,omitempty" bson:"notifications,omitempty"`
}
type Subscription ¶ added in v0.0.154
type Subscription struct {
// Stripe internal customer ID, usually generated on subscription creation.
StripeCustomerID string `json:"stripeCustomerID,omitempty" bson:"stripeCustomerID,omitempty"`
// Stripe subscription id.
StripeSubscriptionID string `json:"stripeSubscriptionID,omitempty" bson:"stripeSubscriptionID,omitempty"`
// Stripe subscription status, optional values: incomplete, incomplete_expired, trialing, active, past_due, canceled, or unpaid.
SubscriptionStatus string `json:"subscriptionStatus,omitempty" bson:"subscriptionStatus,omitempty"`
// Date when the subscription was first created. The date might differ from the created date due to backdating
StartDate int64 `json:"startDate,omitempty" bson:"startDate,omitempty"`
// Stripe The most recent invoice this subscription has generated.
LatestInvoice string `json:"latestInvoice,omitempty" bson:"latestInvoice,omitempty"`
// determine whether a subscription that has a status of active is scheduled to be canceled at the end of the current period.
CancelAtPeriodEnd *bool `json:"cancelAtPeriodEnd,omitempty" bson:"cancelAtPeriodEnd,omitempty"`
// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
CurrentPeriodStart int64 `json:"currentPeriodStart,omitempty" bson:"currentPeriodStart,omitempty"`
// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
CurrentPeriodEnd int64 `json:"currentPeriodEnd,omitempty" bson:"currentPeriodEnd,omitempty"`
// If the subscription has a trial, the end of that trial.
TrialEnd int64 `json:"trialEnd,omitempty" bson:"trialEnd,omitempty"`
// monthly average of daily sum of max scanned Worker Nodes per cluster per day
NumNodes int `json:"numNodes,omitempty" bson:"numNodes,omitempty"`
// can be "free", "team" or "enterprise"
LicenseType LicenseType `json:"licenseType,omitempty" bson:"licenseType,omitempty"`
}
hold information of a single subscription.
type UniqueCardinalityResponseV2 ¶ added in v0.0.207
UniqueCardinalityResponseV2 holds response data of cardinality request
func (*UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords ¶ added in v0.0.216
func (uvr *UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)
ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary
type UniqueValuesRequestV2 ¶ added in v0.0.207
type UniqueValuesRequestV2 struct {
Fields map[string]string `json:"fields"`
// Which elements of the list to return, each field can hold multiple values separated by comma
// Example: ": {"severity": "High,Medium", "type": "61539,30303"}
// An empty map means "return the complete list"
InnerFilters []map[string]string `json:"innerFilters"`
PageSize int `json:"pageSize,omitempty"`
//for apis that support pagination
PageNum *int `json:"pageNum,omitempty"`
FieldsReverseKeywordMap map[string]string `json:"-"`
Cursor string `json:"-"`
// The time window to search (Default: since - beginning of the time, until - now)
Since *time.Time `json:"since,omitempty"`
Until *time.Time `json:"until,omitempty"`
TimestampField string `json:"-"`
}
UniqueValuesRequestV2 holds data to return unique values to
func (*UniqueValuesRequestV2) GetFieldsNames ¶ added in v0.0.216
func (uvr *UniqueValuesRequestV2) GetFieldsNames() []string
GetFieldsNames retunrs slice of Fields names
func (*UniqueValuesRequestV2) ReplaceFieldsToKeywords ¶ added in v0.0.216
func (uvr *UniqueValuesRequestV2) ReplaceFieldsToKeywords(keywordMap map[string]string)
ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary
func (*UniqueValuesRequestV2) ValidatePageProperties ¶ added in v0.0.207
func (u *UniqueValuesRequestV2) ValidatePageProperties(maxPageSize int)
ValidatePageProperties validate page size and page number to be valid
type UniqueValuesResponseFieldsCount ¶ added in v0.0.207
type UniqueValuesResponseFieldsCount struct {
Field string `json:"key"`
Count int64 `json:"count"`
}
UniqueValuesResponseFieldsCount holds response data of UniqueValuesResponseV2 request
type UniqueValuesResponseV2 ¶ added in v0.0.207
type UniqueValuesResponseV2 struct {
Fields map[string][]string `json:"fields"`
FieldsCount map[string][]UniqueValuesResponseFieldsCount `json:"fieldsCount"`
}
UniqueValuesResponseV2 holds response data of unique values
func (*UniqueValuesResponseV2) ListFields ¶ added in v0.0.216
func (uvr *UniqueValuesResponseV2) ListFields(key string) []string
ListFields list all UniqueValuesResponseV2 fields
func (*UniqueValuesResponseV2) ReplaceFieldsFromKeywords ¶ added in v0.0.216
func (uvr *UniqueValuesResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)
ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary
type UniqueValuesSearchByScopeFiltersFunc ¶ added in v0.0.216
type UniqueValuesSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, reqObj *UniqueValuesRequestV2) (*UniqueValuesResponseV2, error)
type UpdateAuditEntry ¶
type V2ListRequest ¶ added in v0.0.197
type V2ListRequest struct {
// properties of the requested next page
// Use ValidatePageProperties to set PageSize field
PageSize *int `json:"pageSize"`
// One can leave it empty for 0, then call ValidatePageProperties
PageNum *int `json:"pageNum"`
// The time window of the list to return. Default: since - begining og the time, until - now.
Since *time.Time `json:"since"`
Until *time.Time `json:"until"`
// Which elements of the list to return, each field can hold multiple values separated by comma
// An empty map means "return the complete list"
// Example: [{"severity": "High,Medium", "type": "61539,30303"}]
InnerFilters []map[string]string `json:"innerFilters"`
// How to order (sort) the list, field name + sort order (asc/desc), like https://www.w3schools.com/sql/sql_orderby.asp
// When empty, the default sort order is used. To disable the default sort order, set IgnoreDefaultSort to true
// Example: timestamp:asc,severity:desc
OrderBy string `json:"orderBy"`
// When true, the default sort order is ignored
// TODO: take it off, and use the default sort order when OrderBy is empty
IgnoreDefaultSort bool `json:"ignoreDefaultOrderBy,omitempty"`
// Cursor to the next page of former requset.
// Cursor cannot be used with another parameters of this struct
Cursor *Cursor `json:"cursorV1,omitempty"`
CursorDepracated string `json:"cursor"`
// FieldsList allow us to return only subset of the source document fields
// Don't expose FieldsList outside without well designed decision
// swagger:ignore
FieldsList []string `json:"includeFields"`
FieldsReverseKeywordMap map[string]string `json:"-"`
// TODO: reuse cursor struct (few line above)
SearchAfter *SearchAfterResp `json:"searchAfter"`
// For PUT request, can be used to update only specific fields with specific values
// map of field name to new value
FieldsToUpdate map[string]string `json:"fieldsToUpdate"`
}
TODO use armotypes.V2ListRequest V2ListRequest descripts what portion of the list the client is requesting swagger:model PaginationRequest
func (*V2ListRequest) GetFieldsNames ¶ added in v0.0.207
func (lr *V2ListRequest) GetFieldsNames() []string
GetFieldsNames retunrs slice of Fields names
func (*V2ListRequest) ReplaceFieldsToKeywords ¶ added in v0.0.216
func (lr *V2ListRequest) ReplaceFieldsToKeywords(keywordMap map[string]string)
ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary
func (*V2ListRequest) ValidateOrderBy ¶ added in v0.0.216
func (lr *V2ListRequest) ValidateOrderBy(defaultDescOrder string)
ValidateOrderBy vlidate that the order-by field is well configured to the desired state
func (*V2ListRequest) ValidatePageProperties ¶ added in v0.0.207
func (lr *V2ListRequest) ValidatePageProperties(maxPageSize int)
ValidatePageProperties validate page size and page number to be valid
type V2ListResponse ¶ added in v0.0.207
type V2ListResponse V2ListResponseGeneric[interface{}]
type V2ListResponseGeneric ¶ added in v0.0.246
type V2ListResponseGeneric[T any] struct { Total RespTotal `json:"total"` Response T `json:"response"` // Cursor for quick access to the next page. Not supported yet Cursor string `json:"cursor"` }
V2ListResponse holds the response of some list request with some metadata
type Vulnerabilities ¶ added in v0.0.205
type VulnerabilityExceptionPolicy ¶
type VulnerabilityExceptionPolicy struct {
PortalBase `json:",inline" bson:"inline"`
// Policy type. Must be 'vulnerabilityExceptionPolicy'
// required: true
// Example: vulnerabilityExceptionPolicy
PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`
// Creation time of the policy
// Example: 2022-03-31T08:57:58.048014
CreationTime string `json:"creationTime" bson:"creationTime"`
// Actions to apply (currently only 'ignore' is available)
// required: true
// min: 1
// Example: ["ignore"]
Actions []VulnerabilityExceptionPolicyActions `json:"actions" bson:"actions,omitempty"`
// Items to apply the actions on
// required: true
// min: 1
Designatores []identifiers.PortalDesignator `json:"designators" bson:"designators,omitempty"`
// Vulnerabilities to take the actions on
// required: true
// min: 1
VulnerabilityPolicies []VulnerabilityPolicy `json:"vulnerabilities" bson:"vulnerabilities,omitempty"`
Reason string `json:"reason,omitempty" bson:"reason,omitempty"`
ExpirationDate *time.Time `json:"expirationDate,omitempty" bson:"expirationDate,omitempty"`
ExpiredOnFix *bool `json:"expiredOnFix,omitempty" bson:"expiredOnFix,omitempty"`
CreatedBy string `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}
func MockVulnerabilityException ¶
func MockVulnerabilityException() *VulnerabilityExceptionPolicy
func (*VulnerabilityExceptionPolicy) IsAlertOnly ¶
func (exceptionPolicy *VulnerabilityExceptionPolicy) IsAlertOnly() bool
type VulnerabilityExceptionPolicyActions ¶
type VulnerabilityExceptionPolicyActions string
const Ignore VulnerabilityExceptionPolicyActions = "ignore"
type VulnerabilityJobParams ¶
type VulnerabilityPolicy ¶
type VulnerabilityPolicy struct {
// The name of the vulnerability
// Example: CVE-2022-28128
Name string `json:"name" bson:"name"`
}
type VulnerabilityScanConfig ¶
type VulnerabilityScanConfig struct {
ScanFrequency ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
CriticalPriorityThreshold int `json:"criticalPriorityThreshold,omitempty" bson:"criticalPriorityThreshold,omitempty"`
HighPriorityThreshold int `json:"highPriorityThreshold,omitempty" bson:"highPriorityThreshold,omitempty"`
MediumPriorityThreshold int `json:"mediumPriorityThreshold,omitempty" bson:"mediumPriorityThreshold,omitempty"`
ScanNewDeployment bool `json:"scanNewDeployment,omitempty" bson:"scanNewDeployment,omitempty"`
AllowlistRegistries []string `json:"AllowlistRegistries,omitempty" bson:"AllowlistRegistries,omitempty"`
BlocklistRegistries []string `json:"BlocklistRegistries,omitempty" bson:"BlocklistRegistries,omitempty"`
}
Source Files
¶
- attackchainstypes.go
- attackchainstypesutils.go
- cachetypes.go
- common.go
- configtypes.go
- configtypes_mock.go
- customerslackconfigurations.go
- datastructuresmethod.go
- executionpolicytypes.go
- helmconsts.go
- k8stypes.go
- kpitypes.go
- microservice_info.go
- microservice_info_method.go
- pagination_structs.go
- pagination_structs_methods.go
- paginationmethods.go
- portaltypes.go
- portaltypes_mock.go
- portaltypesutils.go
- postureexceptionpolicytypes.go
- postureexceptionpolicytypesutils.go
- posturerecommendations.go
- posturetypes.go
- recordstatus.go
- registrytypes.go
- reposcanning.go
- vulnerabilityexceptionpolicytypes.go
- vulnerabilityexceptionpolicytypes_mock.go
- vulnerabilitytypes.go
Click to show internal directories.
Click to hide internal directories.