armotypes

package
v0.0.337 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 6, 2024 License: Apache-2.0 Imports: 12 Imported by: 59

Documentation

Index

Constants

View Source
const (
	ViewedMainScreenField = "viewedMainScreen"
	ProcessingStatusField = "processingStatus"
	//AttackChainStatuss
	StatusActive AttackChainStatus = "active"
	StatusFixed  AttackChainStatus = "fixed"

	ProcessingStatusProcessing ProcessingStatus = "processing"
	ProcessingStatusDone       ProcessingStatus = "done"
	ProcessingStatusFailed     ProcessingStatus = "failed"
	ProcessingStatusTimeout    ProcessingStatus = "timeout"
)
View Source
const (
	//risk factors
	RiskFactorExternalFacing RiskFactor = "External facing"
	RiskFactorPrivileged     RiskFactor = "Privileged"
	RiskFactorSecretAccess   RiskFactor = "Secret access"
	RiskFactorDataAccess     RiskFactor = "Data access"
	RiskFactorHostAccess     RiskFactor = "Host access"

	//scan types
	ClusterPosture           ScanType = "cluster"
	RepositoryPosture        ScanType = "repository"
	ContainerVulnerabilities ScanType = "container"
	RegistryVulnerabilities  ScanType = "registry"
)
View Source
const (
	// In-cluster namespaces
	ArmoSystemNamespace = "armo-system" // deprecated, kept for backward compatibility
	KubescapeNamespace  = "kubescape"

	ArmoKollectorContainerName = "armo-collector" // deprecated, kept for backward compatibility
	KollectorContainerName     = "kollector"

	// registry scan
	LowestHelmVersionSupportedRegistryScanAndTest = "v1.9"
	LowestHelmVersionSupportedRegistryScan        = "v1.7.14"
	RegistryInfoArgKey                            = "registryInfo-v1"
	RegistryScanSecretName                        = "kubescape-registry-scan" //nolint:gosec

	// vulnerability scan
	LowestHelmVersionSupportedVulnerabilityScan = "v1.7.17"

	// cronjob template annotation and labels
	CronJobTemplateAnnotationArmoJobIDKeyDeprecated      = "armo.jobid"       // deprecated
	CronJobTemplateAnnotationArmoCloudJobIDKeyDeprecated = "armo.cloud/jobid" // deprecated
	CronJobTemplateAnnotationJobIDKey                    = "app.kubescape/job-id"

	CronJobTemplateAnnotationUpdateJobIDDeprecated = "armo.updatejobid" // deprecated
	CronJobTemplateAnnotationUpdateJobID           = "app.kubescape/update-job-id"

	CronJobTemplateAnnotationNamespaceKeyDeprecated = "armo.namespace" // deprecated
	CronJobTemplateAnnotationNamespaceKey           = "app.kubescape/namespace"

	CronJobTemplateAnnotationRegistryNameKey = "armo.cloud/registryname"
	CronJobTemplateAnnotationHostScannerKey  = "armo.host-scanner"
	CronJobTemplateAnnotationFrameworkKey    = "armo.framework"

	CronJobTemplateLabelKey               = "armo.tier"
	CronJobTemplateLabelValueKubescape    = "kubescape-scan"
	CronJobTemplateLabelValueVulnScan     = "vuln-scan"
	CronJobTemplateLabelValueRegistryScan = "registry-scan"
)
View Source
const (
	K8sKindCluster   = "Cluster"
	K8sKindNode      = "Node"
	K8sKindNamespace = "Namespace"

	K8sApiVersionV1      = "v1"
	K8sApiVersionRBAC    = "rbac.authorization.k8s.io"
	K8sApiVersionRBACV1  = K8sApiVersionRBAC + "/" + K8sApiVersionV1
	K8SApiVersionAppsV1  = "apps/v1"
	K8SApiVersionBatchV1 = "batch/v1"
)
View Source
const (
	V2ListExistsOperator   string = "exists"
	V2ListEqualOperator    string = "equal"
	V2ListMissingOperator  string = "missing"
	V2ListEmptyOperator    string = "empty"
	V2ListMatchOperator    string = "match"
	V2ListGreaterOperator  string = "greater"
	V2ListLowerOperator    string = "lower"
	V2ListRegexOperator    string = "regex"
	V2ListLikeOperator     string = "like"
	V2ListRangeOperator    string = "range"
	V2ListIgnoreCaseOption string = "ignorecase"
	V2ListArrayOperator    string = "arraymatch"

	V2ListAscendingSort  string = "asc"
	V2ListDescendingSort string = "desc"

	V2ListValueSeparator    = ","
	V2ListOperatorSeparator = "|"
	V2ListSubQuerySeparator = "&"
	V2ListSortTypeSeparator = ":"
	V2ListEscapeChar        = "\\"
)
View Source
const (
	CustomerGuidQuery   = "customerGUID"
	ClusterNameQuery    = "cluster"
	DatacenterNameQuery = "datacenter"
	NamespaceQuery      = "namespace"
	ProjectQuery        = "project"
	WlidQuery           = "wlid"
	SidQuery            = "sid"
)
View Source
const (
	SubscriptionStatusIncomplete        = string(stripe.SubscriptionStatusIncomplete)
	SubscriptionStatusIncompleteExpired = string(stripe.SubscriptionStatusIncompleteExpired)
	SubscriptionStatusTrialing          = string(stripe.SubscriptionStatusTrialing)
	SubscriptionStatusActive            = string(stripe.SubscriptionStatusActive)
	SubscriptionStatusPastDue           = string(stripe.SubscriptionStatusPastDue)
	SubscriptionStatusCanceled          = string(stripe.SubscriptionStatusCanceled)
	SubscriptionStatusUnpaid            = string(stripe.SubscriptionStatusUnpaid)
	SubscriptionStatusTrialExpired      = "trial expired"
)
View Source
const (
	PostureControlStatusUnknown    = 0
	PostureControlStatusPassed     = 1
	PostureControlStatusWarning    = 2 // deprecated
	PostureControlStatusFailed     = 3
	PostureControlStatusSkipped    = 4
	PostureControlStatusIrrelevant = 5 // deprecated
	PostureControlStatusError      = 6

	PostureResourceMaxCtrls = 6
)
View Source
const (
	SecurityIssueStatusDetected SecurityIssueStatus = "Detected"
	SecurityIssueStatusResolved SecurityIssueStatus = "Resolved"

	RiskTypeControl    RiskType = "Control"
	RiskTypeAttackPath RiskType = "AttackPath"

	SecurityIssueSeverityCritical SecurityIssueSeverity = "Critical"
	SecurityIssueSeverityHigh     SecurityIssueSeverity = "High"
	SecurityIssueSeverityMedium   SecurityIssueSeverity = "Medium"
	SecurityIssueSeverityLow      SecurityIssueSeverity = "Low"

	SecurityRiskExceptionPolicyType PolicyType = "securityRiskExceptionPolicy"
)
View Source
const (
	ExploitableCisaKev        = "Known Exploited"
	ExploitableHighLikelihood = "High Likelihood"
	ExploitableNo             = "No"
	EpssThreshold             = 0.10 // 10%
	CisaKevKnown              = "Known"
	CisaKevUnknown            = "Unknown"
)

Variables

View Source
var RiskFactorMapping = map[string]RiskFactor{
	"C-0256": RiskFactorExternalFacing,
	"C-0046": RiskFactorPrivileged,
	"C-0057": RiskFactorPrivileged,
	"C-0255": RiskFactorSecretAccess,
	"C-0257": RiskFactorDataAccess,
	"C-0038": RiskFactorHostAccess,
	"C-0041": RiskFactorHostAccess,
	"C-0044": RiskFactorHostAccess,
	"C-0048": RiskFactorHostAccess,
}

Functions

func GetControlIDsByRiskFactors added in v0.0.284

func GetControlIDsByRiskFactors(riskFactorsStr string) []string

func GetInClusterSupportedNamespaces added in v0.0.114

func GetInClusterSupportedNamespaces() []string

func MockPortalDesignator

func MockPortalDesignator() *identifiers.PortalDesignator

func ValidateContainerScanID added in v0.0.193

func ValidateContainerScanID(containerScanID string) bool

Types

type Alert2Channel

type Alert2Channel struct {
	Critical []SlackChannel `json:"criticalChannels,omitempty" bson:"criticalChannels,omitempty"`
	Error    []SlackChannel `json:"errorChannels,omitempty" bson:"errorChannels,omitempty"`
	Info     []SlackChannel `json:"infoChannels,omitempty" bson:"infoChannels,omitempty"`
}

type ApprovementState

type ApprovementState struct {
	UpdateAuditEntry `json:",inline"`
	Status           ApprovementStatus `json:"status"`
}

type ApprovementStatus

type ApprovementStatus int
const (
	ApprovementStatusApprove ApprovementStatus = iota + 1
	ApprovementStatusDecline
	ApprovementStatusPending
)

type AssociationStatus

type AssociationStatus int
const (
	AssociationStatusAssigned AssociationStatus = iota + 1
	AssociationStatusShown
	AssociationStatusDeclineByUser
	AssociationStatusHandled // the user took this recommendation into account
	AssociationStatusFixed   // the user fixed the issue in some another way
)

type AttackChain added in v0.0.203

type AttackChain struct {
	AttackChainNodes AttackChainNode `json:"attackChainNodes,omitempty" bson:"attackChainNodes,omitempty"`
	AttackChainConfig
}

type AttackChainConfig added in v0.0.210

type AttackChainConfig struct {
	PortalBase       `json:",inline" bson:",inline"`
	Resource         identifiers.PortalDesignator `json:"resource,omitempty" bson:"resource,omitempty"`
	Description      string                       `json:"description,omitempty" bson:"description,omitempty"`
	CreationTime     string                       `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	AttackChainID    string                       `json:"attackChainID,omitempty" bson:"attackChainID,omitempty"` // name/cluster/resourceID
	ClusterName      string                       `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	CustomerGUID     string                       `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"`
	LatestReportGUID string                       `json:"latestReportGUID,omitempty" bson:"latestReportGUID,omitempty"` // latest reportGUID in which this attack chain was identified
	UIStatus         *AttackChainUIStatus         `json:"uiStatus,omitempty" bson:"uiStatus,omitempty"`
	Status           AttackChainStatus            `json:"status,omitempty" bson:"status,omitempty"` // "active"/ "fixed"
}

type AttackChainNode added in v0.0.203

type AttackChainNode struct {
	Name             string                         `json:"name" bson:"name,omitempty"`
	Description      string                         `json:"description" bson:"description,omitempty"`
	ControlIDs       []string                       `json:"controlIDs,omitempty" bson:"controlIDs,omitempty"` // failed/ignored controls that are associated to this attack chain node
	Vulnerabilities  []Vulnerabilities              `json:"vulnerabilities,omitempty" bson:"vulnerabilities,omitempty"`
	RelatedResources []identifiers.PortalDesignator `json:"relatedResources" bson:"relatedResources,omitempty"`
	NextNodes        []AttackChainNode              `json:"nextNodes,omitempty" bson:"nextNodes,omitempty"`
}

func (*AttackChainNode) Equals added in v0.0.248

func (a *AttackChainNode) Equals(b *AttackChainNode) bool

func (*AttackChainNode) GetControlIDsFromAllNodes added in v0.0.241

func (attackChainNode *AttackChainNode) GetControlIDsFromAllNodes(controlIDs []string) []string

GetControlIDsFromAllNodes is a recursive func that returns a list of controlIDs from all nodes in the attack chain

type AttackChainStatus added in v0.0.203

type AttackChainStatus string

type AttackChainUIStatus added in v0.0.203

type AttackChainUIStatus struct {
	// fields updated by the BE
	FirstSeen string `json:"firstSeen,omitempty" bson:"firstSeen,omitempty"` // timestamp of first scan in which the attack chain was identified
	// fields updated by the UI
	ViewedMainScreen string `json:"viewedMainScreen,omitempty" bson:"viewedMainScreen,omitempty"` // if the attack chain was viewed by the user// New badge
	ProcessingStatus string `json:"processingStatus,omitempty" bson:"processingStatus,omitempty"` // "processing"/ "done"
}

struct for UI support. All strings are timestamps

type AuthMethod added in v0.0.125

type AuthMethod struct {
	Username string `json:"username,omitempty" bson:"username"`
	Password string `json:"password,omitempty" bson:"password"`
	Type     string `json:"type,omitempty" bson:"type"`
}
type Banner struct {
	CustomerGUID string `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"` // customerGUID of the account which clicked the banner
	ScanID       string `json:"scanID,omitempty" bson:"scanID,omitempty"`             // for detailed view, unique key for banner is combination of scanID and bannerID
}

type BaseExceptionPolicy added in v0.0.334

type BaseExceptionPolicy struct {
	PortalBase `json:",inline" bson:"inline"`
	PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`

	// IDs of the policies (SecurityRiskID, ControlID, etc.)
	PolicyIDs      []string                       `json:"policyIDs,omitempty" bson:"policyIDs,omitempty"`
	CreationTime   string                         `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	Reason         string                         `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationTime *time.Time                     `json:"expirationTime,omitempty" bson:"expirationTime,omitempty"`
	CreatedBy      string                         `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
	Resources      []identifiers.PortalDesignator `json:"resources" bson:"resources,omitempty"`
}

type CAContainerMetrics added in v0.0.249

type CAContainerMetrics struct {
	core.Container    `json:",inline"`
	CAIntegrityStatus int `json:"caIntegrityStatus"`
}

CAContainerMetrics holds data of single container which runs in multiple pods

type CAK8SMeta added in v0.0.249

type CAK8SMeta struct {
	CustomerGUID   string    `json:"customerGUID"`
	CAClusterName  string    `json:"caClusterName,omitempty"`
	LastUpdateTime time.Time `json:"caLastUpdate"`
	IsActive       bool      `json:"isActive"`
}

CAK8SMeta holds common metadata about k8s objects

type CAMicroserviceOverview added in v0.0.249

type CAMicroserviceOverview struct {
	CAMicroserviceOverviewMetadata `json:",inline"`
}

CAMicroserviceOverview represnets it's name

type CAMicroserviceOverviewMetadata added in v0.0.249

type CAMicroserviceOverviewMetadata struct {
	CAK8SMeta     `json:",inline"`
	WLID          string   `json:"wlid"`
	Datacenter    string   `json:"datacenter,omitempty"`
	OVNamespace   string   `json:"namespace,omitempty"`
	Project       string   `json:"project,omitempty"`
	Orchestrator  string   `json:"orchestrator"`
	Kind          string   `json:"kind"`
	OperationType string   `json:"operationType"`
	OVName        string   `json:"name"`
	Categories    []string `json:"categories"`
	DisplayName   string   `json:"displayName,omitempty"`
	CloudProvider string   `json:"cloudProvider"`
}

CAMicroserviceOverviewMetadata represnets it's name

type CisaKevInfo added in v0.0.281

type CisaKevInfo struct {
	DateAdded                  string `json:"dateAdded"`
	DueDate                    string `json:"dueDate"`
	KnownRansomwareCampaignUse string `json:"knownRansomwareCampaignUse"`
	Notes                      string `json:"notes"`
}

type ClusterAttackChainState added in v0.0.251

type ClusterAttackChainState struct {
	PortalBase               `json:",inline" bson:"inline"`
	CreationTime             string `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	ClusterName              string `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	LastPostureScanTriggered string `json:"lastPostureScanTriggered,omitempty" bson:"lastPostureScanTriggered,omitempty"`
	LastTimeEngineCompleted  string `json:"lastTimeEngineCompleted,omitempty" bson:"lastTimeEngineCompleted,omitempty"`
}

type CommonSummaryFields

type CommonSummaryFields struct {
	// The unique id of the report this summary belongs to
	ReportID GUID `json:"reportGUID"`

	// The designators of this summary
	Designators *identifiers.PortalDesignator `json:"designators"`

	// Time of the scan that produced this summary
	Timestamp time.Time `json:"timestamp"`

	// swagger:ignore
	// Indication if this summary is marked for deletetion
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

swagger:model

type ComponentPathInfo added in v0.0.283

type ComponentPathInfo struct {
	ContainerPathInfo
	ImageTag   string   `json:"imageTag"`
	ImageHash  string   `json:"imageHash"`
	IsRelevant string   `json:"isRelevant"`
	Paths      []string `json:"paths"`
}

type ComponentSummary added in v0.0.293

type ComponentSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Name            string              `json:"name"`
	Version         string              `json:"version"`
	PackageType     string              `json:"packageType"`
	FixVersions     []string            `json:"fixVersions"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ImagesCount     int                 `json:"imagesCount"`
	SeverityStats   map[string][]string `json:"severityStats"`
}

type ConnectedStatus added in v0.0.270

type ConnectedStatus string
const (
	Connected    ConnectedStatus = "connected"
	Disconnected ConnectedStatus = "disconnected"
)

type ContainerPathInfo added in v0.0.283

type ContainerPathInfo struct {
	NameSpace        string `json:"namespace"`
	WorkloadName     string `json:"workloadName"`
	ContainerName    string `json:"containerName"`
	WorkloadKind     string `json:"workloadKind"`
	WorkloadHash     string `json:"workloadHash"`
	WLID             string `json:"wlid"`
	ClusterName      string `json:"clusterName"`
	ClusterShortName string `json:"clusterShortName"`
}

type ContainerSummary added in v0.0.249

type ContainerSummary struct {
	Name         string  `json:"name"`
	Image        string  `json:"image"`
	IsPrivileged bool    `json:"root"`
	Probes       []Probe `json:"probes,omitempty"`
	Limitations  `json:"limitations,omitempty"`
}

ContainerSummary - a must have summarized info of containers

type ContainersStatusData added in v0.0.249

type ContainersStatusData map[string]map[string]string

ContainersStatusData holds the status of containers in runtime. This including the docker image tag + image hash

func (*ContainersStatusData) GetContainerImageDetails added in v0.0.249

func (contsImages *ContainersStatusData) GetContainerImageDetails(contName string) (string, string, error)

GetContainerImageDetails extract the docker image details of specific container in list

type ControlInfo

type ControlInfo struct {

	// ID of the control
	// Example: C-0034
	ID string `json:"id"`

	// How much this control is critical
	// Example: 6
	BaseScore float32 `json:"baseScore"`

	// How many failed resources for this control
	// Example: 3
	FailedResources int `json:"failedResources"`
}

ControlInfo Basic information about a control

type ControlInputs

type ControlInputs struct {
	Rulename string
	Inputs   []PostureAttributesList // Attribute = input list name, Values = list values
}

type CountFunc added in v0.0.216

type CountFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (uint64, error)

type Cursor added in v0.0.207

type Cursor struct {
	Id        string    `json:"id,omitempty"`
	KeepAlive *Duration `json:"keepAlive,omitempty"`
}

type CustomerAccessStatus added in v0.0.170

type CustomerAccessStatus string
const (
	PayingCustomer  CustomerAccessStatus = "paying"
	FreeCustomer    CustomerAccessStatus = "free"
	TrialCustomer   CustomerAccessStatus = "trial"
	BlockedCustomer CustomerAccessStatus = "blocked"
	LimitedCustomer CustomerAccessStatus = "limited"
)

type CustomerConfig

type CustomerConfig struct {
	Name       string                       `json:"name" bson:"name"`
	Attributes map[string]interface{}       `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	Scope      identifiers.PortalDesignator `json:"scope" bson:"scope"`
	Settings   Settings                     `json:"settings" bson:"settings"`
}

func MockCustomerConfig

func MockCustomerConfig() *CustomerConfig

type CustomerOnboarding added in v0.0.143

type CustomerOnboarding struct {
	Completed   *bool    `json:"completed,omitempty" bson:"completed,omitempty"`     // user completed the onboarding
	CompanySize *string  `json:"companySize,omitempty" bson:"companySize,omitempty"` // user company size
	Role        *string  `json:"role,omitempty" bson:"role,omitempty"`               // user role
	OrgName     *string  `json:"orgName,omitempty" bson:"orgName,omitempty"`         // user organization name
	Interests   []string `json:"interests,omitempty" bson:"interests,omitempty"`     // user interests
}

type CustomerState added in v0.0.143

type CustomerState struct {
	Onboarding           *CustomerOnboarding      `json:"onboarding,omitempty" bson:"onboarding,omitempty"`
	GettingStarted       *GettingStartedChecklist `json:"gettingStarted,omitempty" bson:"gettingStarted,omitempty"`
	NodeUsage            *NodeUsage               `json:"nodeUsage,omitempty" bson:"nodeUsage,omitempty"`
	AttackChainsLastScan string                   `json:"attackChainsLastScan,omitempty" bson:"attackChainsLastScan,omitempty"`
}

CustomerState holds the state of the customer, used for UI purposes

type Cvss added in v0.0.290

type Cvss struct {
	Vector              string                 `json:"vector"`
	Version             string                 `json:"version"`
	Source              string                 `json:"source"`
	BaseScore           float64                `json:"baseScore"`
	ExploitabiltiyScore float64                `json:"exploitabilityScore"`
	ImpactScore         float64                `json:"impactScore"`
	ExploitabilityInfo  CvssExploitabilityInfo `json:"exploitabilityInfo"`
	ImpactInfo          CvssImpactInfo         `json:"impactInfo"`
}

type CvssExploitabilityInfo added in v0.0.283

type CvssExploitabilityInfo struct {
	AttackVector       string `json:"attackVector,omitempty"`
	AccessVector       string `json:"accessVector,omitempty"`
	AttackComplexity   string `json:"attackComplexity,omitempty"`
	AccessComplexity   string `json:"accessComplexity,omitempty"`
	Authentication     string `json:"authentication,omitempty"`
	PrivilegesRequired string `json:"privilegesRequired,omitempty"`
	UserInteraction    string `json:"userInteraction,omitempty"`
	Scope              string `json:"scope,omitempty"`
}

type CvssImpactInfo added in v0.0.283

type CvssImpactInfo struct {
	Confidentiality string `json:"confidentiality,omitempty"`
	Integrity       string `json:"integrity,omitempty"`
	Availability    string `json:"availability,omitempty"`
}

type CvssInfo added in v0.0.283

type CvssInfo struct {
	BaseScore    float64 `json:"baseScore"`
	ScoreVersion string  `json:"scoreVersion"`
	Severity     string  `json:"severity"`
	CVSS         []Cvss  `json:"cvss"`
}

type DataType added in v0.0.201

type DataType string

type DeleteCountResponse added in v0.0.272

type DeleteCountResponse struct {
	DeletedCount int64 `json:"deletedCount"`
}

type Duration added in v0.0.207

type Duration time.Duration

func (Duration) IsValid added in v0.0.207

func (d Duration) IsValid() bool

func (Duration) MarshalJSON added in v0.0.207

func (d Duration) MarshalJSON() ([]byte, error)

func (*Duration) SetDuration added in v0.0.207

func (d *Duration) SetDuration(duration time.Duration)

func (Duration) String added in v0.0.207

func (d Duration) String() string

func (*Duration) UnmarshalJSON added in v0.0.207

func (d *Duration) UnmarshalJSON(b []byte) error

type EnforcmentsRule

type EnforcmentsRule struct {
	MonitoredObject          []string `json:"monitoredObject"`
	MonitoredObjectExistence []string `json:"objectExistence"`
	MonitoredObjectEvent     []string `json:"event"`
	Action                   []string `json:"action"`
}

type EpssInfo added in v0.0.281

type EpssInfo struct {
	Epss       float64 `json:"epss"`
	Percentile float64 `json:"percentile"`
	Date       string  `json:"date"`
}

type ExecutionPolicy

type ExecutionPolicy struct {
	PortalBase                `json:",inline"`
	Designators               []identifiers.PortalDesignator `json:"designators"`
	PolicyType                string                         `json:"policyType"`
	CreationTime              string                         `json:"creation_time"`
	ExecutionEnforcmentsRules []EnforcmentsRule              `json:"enforcementRules"`
}

type Filters added in v0.0.207

type Filters struct {
	InstanceIDField  string
	ClusterNameField string
	NamespaceField   string
	WlidField        string
	KindField        string
	NameField        string
	RegistryField    string
	RepositoryField  string
	TagField         string
}

type FixPath

type FixPath struct {
	Path  string `json:"path"`
	Value string `json:"value"`
}

type GUID

type GUID string

swagger:strfmt uuid4 Example: 0f42fbe3-d81e-444d-8cc7-bc892c7623e9

type GettingStartedChecklist added in v0.0.143

type GettingStartedChecklist struct {
	// indicates if the user has dismissed the checklist
	GettingStartedDismissed *bool `json:"gettingStartedDismissed,omitempty" bson:"gettingStartedDismissed,omitempty"`
	// checklist items
	EverConnectedCluster   *bool `json:"everConnectedCluster,omitempty" bson:"everConnectedCluster,omitempty"`
	EverScannedRepository  *bool `json:"everScannedRepository,omitempty" bson:"everScannedRepository,omitempty"`
	EverScannedRegistry    *bool `json:"everScannedRegistry,omitempty" bson:"everScannedRegistry,omitempty"`
	EverCollaborated       *bool `json:"everCollaborated,omitempty" bson:"everCollaborated,omitempty"` // TODO - deprecated, replaced by EverConnectedTicketing + EverConnectedAlerting
	EverInvitedTeammate    *bool `json:"everInvitedTeammate,omitempty" bson:"everInvitedTeammate,omitempty"`
	EverUsedRbacVisualizer *bool `json:"everUsedRbacVisualizer,omitempty" bson:"everUsedRbacVisualizer,omitempty"`
	EverConnectedTicketing *bool `json:"everConnectedTicketing,omitempty" bson:"everConnectedTicketing,omitempty"`
	EverConnectedAlerting  *bool `json:"everConnectedAlerting,omitempty" bson:"everConnectedAlerting,omitempty"`
}

type HighlightsByControl

type HighlightsByControl struct {
	ControlID   string    `json:"controlID"`
	Highlights  []string  `json:"highlights"` // TODO: deprecate (failedPath)
	ReviewPaths []string  `json:"reviewPaths"`
	DeletePaths []string  `json:"deletePaths"`
	FixPaths    []FixPath `json:"fixPaths"`
	FixCommand  string    `json:"fixCommand"`
}

type ISecurityIssue added in v0.0.325

type ISecurityIssue interface {
}

type IgnoreRuleSummary added in v0.0.304

type IgnoreRuleSummary struct {
	NumberOfSystemRules int      `json:"numberOfSystemRules"`
	IgnoreRulesIDs      []string `json:"ignoreRulesIDs"`
}

type ImageSummary added in v0.0.298

type ImageSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Tag             string              `json:"tag"`
	Digest          string              `json:"digest"`
	Registry        string              `json:"registry"`
	Repository      string              `json:"repository"`
	Architecture    string              `json:"architecture"`
	OS              string              `json:"os"`
	Size            uint64              `json:"size"`
	LastScanTime    time.Time           `json:"lastScanTime"`
	Containers      []string            `json:"containers"`
	SeverityStats   map[string][]string `json:"severityStats"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ContainersCount int                 `json:"containersCount"`
}

type InstallationData added in v0.0.191

type InstallationData struct {
	ClusterName                               string                                    `json:"clusterName,omitempty" bson:"clusterName,omitempty"`                                                             // cluster name defined manually or from the cluster context
	ClusterShortName                          string                                    `json:"clusterShortName,omitempty" bson:"clusterShortName,omitempty"`                                                   // cluster short name enriched from the cluster name by BE
	StorageEnabled                            *bool                                     `json:"storage,omitempty" bson:"storage,omitempty"`                                                                     // storage configuration (enabled/disabled)
	RelevantImageVulnerabilitiesEnabled       *bool                                     `json:"relevantImageVulnerabilitiesEnabled,omitempty" bson:"relevantImageVulnerabilitiesEnabled,omitempty"`             // relevancy actual state (enabled/disabled)
	RelevantImageVulnerabilitiesConfiguration RelevantImageVulnerabilitiesConfiguration `json:"relevantImageVulnerabilitiesConfiguration,omitempty" bson:"relevantImageVulnerabilitiesConfiguration,omitempty"` // relevancy configuration defined user
	Namespace                                 string                                    `json:"namespace,omitempty" bson:"namespace,omitempty"`                                                                 // namespace to deploy the components
	ImageVulnerabilitiesScanningEnabled       *bool                                     `json:"imageVulnerabilitiesScanningEnabled,omitempty" bson:"imageVulnerabilitiesScanningEnabled,omitempty"`             // image scanning configuration (enabled/disabled)
	PostureScanEnabled                        *bool                                     `json:"postureScanEnabled,omitempty" bson:"postureScanEnabled,omitempty"`                                               // posture configuration (enabled/disabled)
	OtelCollectorEnabled                      *bool                                     `json:"otelCollector,omitempty" bson:"otelCollector,omitempty"`                                                         // otel collector configuration (enabled/disabled)
	ClusterProvider                           string                                    `json:"clusterProvider,omitempty" bson:"clusterProvider,omitempty"`                                                     // cluster provider (aws/azure/gcp)
	IncludeNamespaces                         []string                                  `json:"includeNamespaces,omitempty" bson:"includeNamespaces,omitempty"`                                                 // perform scanning only on specific namespaces
	ExcludeNamespaces                         []string                                  `json:"excludeNamespaces,omitempty" bson:"excludeNamespaces,omitempty"`                                                 // fully ignore namespaces
}

type K8SAncestor added in v0.0.249

type K8SAncestor struct {
	Name           string      `json:"name"`
	Kind           string      `json:"kind"`
	FullDeclaraion interface{} `json:"ownerData,omitempty"`
}

K8SAncestor represents the kind of the microservice inside the k8s cluster

type K8SNamespace added in v0.0.249

type K8SNamespace struct {
	CAK8SMeta      `json:",inline"`
	Name           string `json:"name"`
	core.Namespace `json:",inline"`
}

K8SNamespace represents single k8s namespace in cluster

type K8SPodObject added in v0.0.249

type K8SPodObject struct {
	CAK8SMeta         `json:",inline"`
	Name              string      `json:"podName"`
	CreatedAt         time.Time   `json:"startedAt,omitempty"`
	TerminatedAt      *time.Time  `json:"terminatedAt,omitempty"`
	PodIP             string      `json:"podIP"`
	NodeName          string      `json:"nodeName"`
	Namespace         string      `json:"namespace"`
	NominatedNodeName string      `json:"nominatedNodeName"`
	Ancestor          K8SAncestor `json:"uptreeOwner,omitempty"`
	PodSpecID         int64       `json:"podSpecId"`
	PodStatus         string      `json:"podStatus"`
}

K8SPodObject represents actuall pod which run on particular node of the cluster

type KPILogin

type KPILogin struct {
	CustomerGUID string    `json:"tennantGUID"`
	Timestamp    time.Time `json:"timestamp"`
	Username     string    `json:"username"`
	Email        string    `json:"e-mail"`
	IP           string    `json:"IP,omitempty"`
}

type KPIPostureScan

type KPIPostureScan struct {
	Client           string    `json:"client"`
	ClientVersion    string    `json:"clientVersion"`
	Framework        string    `json:"framework"`
	FrameworkVersion string    `json:"frameworkVersion"`
	Timestamp        time.Time `json:"timestamp"`
	Target           string    `json:"target"` //yaml,helm,running - what we actually scanned
	ClientIP         string    `json:"clientIP"`
}

type KubernetesObject added in v0.0.264

type KubernetesObject struct {
	Designators       identifiers.PortalDesignator `json:"designators"`
	ResourceHash      string                       `json:"resourceHash"`
	ResourceObjectRef string                       `json:"resourceObjectRef"`
	ResourceVersion   string                       `json:"resourceVersion"`
	Checksum          string                       `json:"checksum"`
	CreationTimestamp time.Time                    `json:"creationTimestamp"`

	OwnerReferenceName string `json:"ownerReferenceName"`
	OwnerReferenceKind string `json:"ownerReferenceKind"`

	// related only to kubescape DRDs.
	RelatedName            string `json:"relatedName"`
	RelatedKind            string `json:"relatedKind"`
	RelatedAPIGroup        string `json:"relatedAPIGroup"`
	RelatedNamespace       string `json:"relatedNamespace"`
	RelatedAPIVersion      string `json:"relatedAPIVersion"`
	RelatedResourceVersion string `json:"relatedResourceVersion"`

	NetworkPolicyStatus NetworkPolicyStatus `json:"networkPolicyStatus"`

	Labels map[string]string `json:"labels"`

	// used for network policies
	PodSelectorLabels map[string]string `json:"podSelectorLabels"`
}

KubernetesObject represents a single Kubernetes object, either native or kubescape CRD

type LicenseType added in v0.0.154

type LicenseType string
const (
	LicenseTypeFree       LicenseType = "Free"
	LicenseTypeTeam       LicenseType = "Team"
	LicenseTypeEnterprise LicenseType = "Enterprise"
)

type Limitations added in v0.0.249

type Limitations struct {
	CPU    int64 `json:"cpu,omitempty"`
	Memory int64 `json:"memory,omitempty"`
	Disk   int64 `json:"disk,omitempty"`
}

Limitations - container defined limitations

type MicroserviceExtraDetails added in v0.0.249

type MicroserviceExtraDetails struct {
	CAMicroserviceOverviewMetadata `json:",inline"`
	NumOfContainers                int                `json:"NumOfContainers"`
	Labels                         map[string]string  `json:"labels,omitempty"`
	Annotations                    map[string]string  `json:"annotations,omitempty"`
	ContainersSummary              []ContainerSummary `json:"containers"`
	ExternalFacing                 bool               `json:"isExternalFacingMS"`
}

MicroserviceExtraDetails represent an overview of microservice, services, container data and cloud data

type MicroserviceInfo added in v0.0.249

type MicroserviceInfo struct {
	MicroserviceMetadataView `json:",inline"`
	PodSpecID                int64 `json:"podSpecId"` // will be sent from the cluster-agent to reconize this spec
	core.PodSpec             `json:"spec"`
	core.PodStatus           `json:"status" yaml:"status"`
	Containers               []CAContainerMetrics `json:"containers,omitempty"`
	K8SPodObjects            []K8SPodObject       `json:"k8sPodObjects,omitempty"`
	CAStartTime              time.Time            `json:"caStartTime"`
}

MicroserviceInfo single microservice with CA metrics

func (*MicroserviceInfo) GetShortName added in v0.0.249

func (msi *MicroserviceInfo) GetShortName() string

GetShortName returns the last 2 parts of the microservice

type MicroserviceMetadataView added in v0.0.249

type MicroserviceMetadataView struct {
	CAMicroserviceOverviewMetadata
	metav1.ObjectMeta `json:"metadata"`
	Ancestor          K8SAncestor       `json:"uptreeOwner,omitempty"`
	UsageType         string            `json:"usageType,omitempty"`
	Categories        map[string]bool   `json:"categories"`
	CALabels          map[string]string `json:"caLabels"`
}

MicroserviceMetadataView represent the model to return in metadata request

type NetworkPoliciesWorkload added in v0.0.269

type NetworkPoliciesWorkload struct {
	Name                       string              `json:"name"`
	Kind                       string              `json:"kind"`
	CustomerGUID               string              `json:"customerGUID"`
	Namespace                  string              `json:"namespace"`
	ClusterName                string              `json:"cluster"`
	ClusterShortName           string              `json:"clusterShortName"`
	NetworkPolicyStatus        NetworkPolicyStatus `json:"networkPolicyStatus"`
	NetworkPolicyStatusMessage string              `json:"networkPolicyStatusMessage"`
}

NetworkPoliciesWorkload is used store information about workloads in the customer's clusters related to the NetworkPolicies feature

type NetworkPolicyStatus added in v0.0.282

type NetworkPolicyStatus int
const (
	MissingRuntimeInfo    NetworkPolicyStatus = 1
	NetworkPolicyRequired NetworkPolicyStatus = 2
	NetworkPolicyApplied  NetworkPolicyStatus = 3
)

type NodeUsage added in v0.0.169

type NodeUsage struct {
	// max sum of nodes across all clusters ever scanned on one day
	MaxNodesSumEver int `json:"maxNodesSumEver,omitempty" bson:"maxNodesSumEver,omitempty"`
	// date of MaxNodesSumEver
	MaxNodesSumDate string `json:"maxNodesSumDate,omitempty" bson:"maxNodesSumDate,omitempty"`
}

type Notifications

type Notifications struct {
	PostureScan               []string `json:"postureScan,omitempty" bson:"postureScan,omitempty"` // bad approach kept till i see if can do something with mongo and old data
	PostureScoreAboveLastScan []string `json:"postureScoreAboveLastScan,omitempty" bson:"postureScoreAboveLastScan,omitempty"`

	PostureScanV1              []SlackNotification `json:"postureScanV1" bson:"postureScanV1"`
	PostureScanAboveLastScanV1 []SlackNotification `json:"postureScoreAboveLastScanV1" bson:"postureScoreAboveLastScanV1"`
}

type PaginationCursorFunc added in v0.0.216

type PaginationCursorFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) (*V2ListResponse, error)

PaginationCursorFunc declaring function which returns data ready for pagination by cursor to the next page

type PaginationSearchByScopeFiltersFunc added in v0.0.216

type PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)

type PaginationSearchByScopeFiltersScrollFunc added in v0.0.216

type PaginationSearchByScopeFiltersScrollFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (*SearchResponse, error)

PaginationSearchByScopeFiltersScrollFunc declaring function which returns data ready for paginationtype PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *armotypes.QueryScopeParams, paginationObject *armotypes.V2ListRequest) ([]armotypes.RawJSONObject, *ElasticRespTotal, error)

type PaginationSearchFunc added in v0.0.216

type PaginationSearchFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)

PaginationSearchFunc declaring function which returns data ready for pagination

type PolicyType added in v0.0.172

type PolicyType string
const PostureExceptionPolicyType PolicyType = "postureExceptionPolicy"
const VulnerabilityExceptionPolicyType PolicyType = "vulnerabilityExceptionPolicy"

type PortalBase

type PortalBase struct {
	GUID        string                 `json:"guid" bson:"guid"`
	Name        string                 `json:"name" bson:"name"`
	Attributes  map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	UpdatedTime string                 `json:"updatedTime,omitempty" bson:"updatedTime,omitempty"`
}

PortalBase holds basic items data from portal BE

func MockPortalBase

func MockPortalBase(customerGUID, name string, attributes map[string]interface{}) *PortalBase

func (*PortalBase) GetAttributes added in v0.0.128

func (p *PortalBase) GetAttributes() map[string]interface{}

func (*PortalBase) GetGUID added in v0.0.128

func (p *PortalBase) GetGUID() string

Getters & Setter used by derived types for interfaces implementation

func (*PortalBase) GetName added in v0.0.128

func (p *PortalBase) GetName() string

func (*PortalBase) GetUpdatedTime added in v0.0.141

func (p *PortalBase) GetUpdatedTime() *time.Time

func (*PortalBase) SetAttributes added in v0.0.128

func (p *PortalBase) SetAttributes(attributes map[string]interface{})

func (*PortalBase) SetGUID added in v0.0.128

func (p *PortalBase) SetGUID(guid string)

func (*PortalBase) SetName added in v0.0.128

func (p *PortalBase) SetName(name string)

func (*PortalBase) SetUpdatedTime added in v0.0.135

func (p *PortalBase) SetUpdatedTime(updatedTime *time.Time)

type PortalCache added in v0.0.201

type PortalCache[T any] struct {
	GUID         string    `json:"guid" bson:"guid"`
	Name         string    `json:"name,omitempty" bson:"name,omitempty"`
	DataType     DataType  `json:"dataType,omitempty" bson:"dataType,omitempty"`
	Data         T         `json:"data,omitempty" bson:"data,omitempty"`
	CreationTime string    `json:"creationTime" bson:"creationTime"`
	UpdatedTime  string    `json:"lastUpdated,omitempty" bson:"lastUpdated,omitempty"`
	ExpiryTime   time.Time `json:"expiryTime,omitempty" bson:"expiryTime,omitempty"`
}

PortalCache is an auxiliary structure to store cache data

func (*PortalCache[T]) SetExpiryTime added in v0.0.201

func (c *PortalCache[T]) SetExpiryTime(expiryTime time.Time)

func (*PortalCache[T]) SetTTL added in v0.0.201

func (c *PortalCache[T]) SetTTL(ttl time.Duration)

type PortalCluster added in v0.0.120

type PortalCluster struct {
	PortalBase       `json:",inline" bson:"inline"`
	SubscriptionDate string            `json:"subscription_date,omitempty" bson:"subscription_date,omitempty"`
	LastLoginDate    string            `json:"last_login_date,omitempty" bson:"last_login_date,omitempty"`
	InstallationData *InstallationData `json:"installationData" bson:"installationData,omitempty"`
}

PortalCluster holds cluster data from portal BE

type PortalRegistryCronJob added in v0.0.132

type PortalRegistryCronJob struct {
	PortalBase      `json:",inline" bson:"inline"`
	RegistryInfo    `json:",inline" bson:"inline"`
	CreationDate    string       `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	ID              string       `json:"id,omitempty" bson:"id,omitempty"`
	ClusterName     string       `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	CronTabSchedule string       `json:"cronTabSchedule,omitempty" bson:"cronTabSchedule,omitempty"`
	Repositories    []Repository `json:"repositories,omitempty" bson:"repositories,omitempty"`
}

type PortalRepository added in v0.0.128

type PortalRepository struct {
	PortalBase   `json:",inline" bson:"inline"`
	CreationDate string `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	Provider     string `json:"provider,omitempty" bson:"provider,omitempty"`
	Owner        string `json:"owner,omitempty" bson:"owner,omitempty"`
	RepoName     string `json:"repoName,omitempty" bson:"repoName,omitempty"`
	BranchName   string `json:"branchName,omitempty" bson:"branchName,omitempty"`
}

type PostureAttributesList

type PostureAttributesList struct {
	Attribute string   `json:"attributeName"`
	Values    []string `json:"values"`
}

type PostureClusterOverTime

type PostureClusterOverTime struct {
	Designators  identifiers.PortalDesignator `json:"designators,omitempty"`
	ClusterName  string                       `json:"clusterName"`
	Frameworks   []PostureFrameworkOverTime   `json:"frameworks"`
	DeleteStatus RecordStatus                 `json:"deletionStatus,omitempty"`
}

-------- /api/v1/posture/clustersOvertime response datastructures

type PostureClusterSummary added in v0.0.122

type PostureClusterSummary struct {
	Score           float32                      `json:"score"`
	TotalControls   int                          `json:"totalControls"`
	FailedControls  int                          `json:"failedControls"`
	SkippedControls int                          `json:"skippedControls,omitempty"`
	WarningControls int                          `json:"warningControls,omitempty"` // Deprecated
	ReportID        string                       `json:"reportGUID"`
	Designators     identifiers.PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`

	Frameworks []string `json:"frameworks"`

	// Counters - Failed resources by severity
	CriticalSeverityResources int `json:"criticalSeverityResources"`
	HighSeverityResources     int `json:"highSeverityResources"`
	MediumSeverityResources   int `json:"mediumSeverityResources"`
	LowSeverityResources      int `json:"lowSeverityResources"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int `json:"criticalSeverityControls"`
	HighSeverityControls     int `json:"highSeverityControls"`
	MediumSeverityControls   int `json:"mediumSeverityControls"`
	LowSeverityControls      int `json:"lowSeverityControls"`

	// Counters -  Resources by status
	PassedResources   int `json:"passedResources"`
	FailedResources   int `json:"failedResources"`
	SkippedResources  int `jsons:"skippedResources,omitempty"`
	ExcludedResources int `json:"excludedResources,omitempty"` // Deprecated

	// Metadata
	KubescapeVersion  string `json:"kubescapeVersion"`
	KubernetesVersion string `json:"kubernetesVersion"`
	WorkerNodeCount   int    `json:"workerNodeCount"`
	Location          string `json:"location"`
	CloudProvider     string `json:"cloudProvider"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Names of the cluster
	FullName   string `json:"clusterFullName"`
	ShortName  string `json:"clusterShortName"`
	PrefixName string `json:"clusterPrefixName"`
}

type PostureContainerSummary

type PostureContainerSummary struct {
	ContainerName string `json:"containerName"`
	ImageTag      string `json:"image,omitempty"`
}

type PostureControlSummary

type PostureControlSummary struct {
	Designators                    identifiers.PortalDesignator `json:"designators"`
	ControlID                      string                       `json:"id"` // "C0001"
	ControlGUID                    string                       `json:"guid"`
	Name                           string                       `json:"name"`
	AffectedResourcesCount         int                          `json:"affectedResourcesCount"`
	FailedResourcesCount           int                          `json:"failedResourcesCount"`
	SkippedResourcesCount          int                          `json:"skippedResourcesCount"`
	WarningResourcesCount          int                          `json:"warningResourcesCount"` // Deprecated
	TotalScannedResourcesCount     *int                         `json:"totalScannedResourcesCount"`
	PreviousAffectedResourcesCount int                          `json:"previousAffectedResourcesCount"`
	PreviousFailedResourcesCount   int                          `json:"previousFailedResourcesCount"`
	PreviousSkippedResourcesCount  int                          `json:"previousSkippedResourcesCount"`
	PreviousWarningResourcesCount  int                          `json:"previousWarningResourcesCount"` // Deprecated
	Framework                      string                       `json:"frameworkName"`
	FrameworkSubSectionID          []string                     `json:"frameworkSubsectionID,omitempty"`
	Remediation                    string                       `json:"remediation"`
	Status                         int                          `json:"status"`
	StatusText                     string                       `json:"statusText"`
	SubStatusText                  string                       `json:"subStatusText,omitempty"`
	Description                    string                       `json:"description"`
	Section                        string                       `json:"section"`
	Timestamp                      time.Time                    `json:"timestamp"`
	ReportID                       string                       `json:"reportGUID"`
	DeleteStatus                   RecordStatus                 `json:"deletionStatus,omitempty"`
	Score                          float32                      `json:"score"`
	ComplianceScore                *float32                     `json:"complianceScore"`
	ScoreFactor                    float32                      `json:"baseScore"`
	ScoreWeight                    float32                      `json:"scoreWeight"`
	ARMOImprovement                float32                      `json:"ARMOimprovement"`
	RelevantCloudProvides          []string                     `json:"relevantCloudProvides"`
	ControlInputs                  []ControlInputs              `json:"controlInputs"`
	IsLastScan                     int                          `json:"isLastScan"`
	HighlightPathsCount            int64                        `json:"highlightPathsCount"`
	ClusterShortName               string                       `json:"clusterShortName"`
	SupportsSmartRemediation       bool                         `json:"supportsSmartRemediation"`
}

----/api/v1/posture/controls

type PostureExceptionPolicy

type PostureExceptionPolicy struct {
	PortalBase      `json:",inline" bson:"inline"`
	PolicyType      string                          `json:"policyType,omitempty" bson:"policyType,omitempty"`
	CreationTime    string                          `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	Actions         []PostureExceptionPolicyActions `json:"actions,omitempty" bson:"actions,omitempty"`
	Resources       []identifiers.PortalDesignator  `json:"resources" bson:"resources,omitempty"`
	PosturePolicies []PosturePolicy                 `json:"posturePolicies,omitempty" bson:"posturePolicies,omitempty"`
	Reason          *string                         `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate  *time.Time                      `json:"expirationDate,omitempty" bson:"expirationDate"`
	CreatedBy       string                          `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func (*PostureExceptionPolicy) IsAlertOnly

func (exceptionPolicy *PostureExceptionPolicy) IsAlertOnly() bool

func (*PostureExceptionPolicy) IsDisable

func (exceptionPolicy *PostureExceptionPolicy) IsDisable() bool

type PostureExceptionPolicyActions

type PostureExceptionPolicyActions string
const AlertOnly PostureExceptionPolicyActions = "alertOnly"
const Disable PostureExceptionPolicyActions = "disable"

type PostureFrameworkOverTime

type PostureFrameworkOverTime struct {
	// "frameworkName": "MITRE",
	//                 "riskScore": 54,
	RiskScore       float32                         `json:"riskScore,omitempty"`
	ComplianceScore float32                         `json:"complianceScore,omitempty"`
	Framework       string                          `json:"frameworkName"`
	Coords          []PostureFrameworkOverTimeCoord `json:"cords"`
}

PostureFrameworkOverTime - the response structure

type PostureFrameworkOverTimeCoord

type PostureFrameworkOverTimeCoord struct {
	ScoreValue      float32   `json:"value,omitempty"`
	ComplianceScore float32   `json:"complianceScore,omitempty"`
	ReportID        string    `json:"reportGUID"`
	Timestamp       time.Time `json:"timestamp"`
}

type PostureFrameworkSubsectionSummary

type PostureFrameworkSubsectionSummary struct {
	// The name (title) of the subsection
	// Example: General Policies
	Name string `json:"name"`

	// The name of the framework this subsection belongs to
	// Example: CIS
	Framework string `json:"framework"`

	// Unique id of the subsection inside its framework
	// Example: 5.7
	ID string `json:"id"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]uint `json:"controlsStats"`
}

type PostureFrameworkSummary

type PostureFrameworkSummary struct {
	Name             string                       `json:"name"`
	TypeTags         []string                     `json:"typeTags"`
	Score            float32                      `json:"value"`
	ComplianceScore  float32                      `json:"complianceScorev1"`
	ImprovementScore float32                      `json:"improvementScore"`
	TotalControls    int                          `json:"totalControls"`
	FailedControls   int                          `json:"failedControls"`
	SkippedControls  int                          `json:"skippedControls,omitempty"`
	WarningControls  int                          `json:"warningControls,omitempty"` // Deprecated
	ReportID         string                       `json:"reportGUID"`
	Designators      identifiers.PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

type PostureFrameworksOverTime

type PostureFrameworksOverTime struct {
	ClusterName string `json:"clusterName"`

	ScoreValue float32   `json:"value"`
	ReportID   string    `json:"reportGUID"`
	Timestamp  time.Time `json:"timestamp"`
	Framework  string    `json:"frameworkName"`
}

Used for elastic

type PostureJobParams

type PostureJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	FrameworkName   string `json:"frameworkName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type PosturePaths

type PosturePaths struct {
	ResourceID string `json:"resourceID,omitempty"` // resource on which the remediation needs to be applied
	// must have only one of the following
	FailedPath string  `json:"failedPath,omitempty"` // TODO: deprecate
	ReviewPath string  `json:"reviewPath,omitempty"`
	DeletePath string  `json:"deletePath,omitempty"`
	FixPath    FixPath `json:"fixPath,omitempty"`
	FixCommand string  `json:"fixCommand,omitempty"`
}

type PosturePolicy

type PosturePolicy struct {
	FrameworkName string `json:"frameworkName" bson:"frameworkName"`
	ControlName   string `json:"controlName,omitempty" bson:"controlName,omitempty"`
	ControlID     string `json:"controlID,omitempty" bson:"controlID,omitempty"`
	RuleName      string `json:"ruleName,omitempty" bson:"ruleName,omitempty"`
	SeverityScore int    `json:"severityScore,omitempty" bson:"severityScore,omitempty"`
}

type PostureReportResultRaw

type PostureReportResultRaw struct {
	Designators           identifiers.PortalDesignator `json:"designators"`
	Timestamp             time.Time                    `json:"timestamp"`
	ReportID              string                       `json:"reportGUID"`
	ResourceID            string                       `json:"resourceID"`
	ControlID             string                       `json:"controlID"`
	ControlConfigurations []ControlInputs              `json:"controlConfigurations,omitempty"`
	HighlightsPaths       []PosturePaths               `json:"highlightsPaths"`
	RelatedResourcesIDs   []string                     `json:"relatedResourcesID,omitempty"`
}

type PostureResource

type PostureResource struct {
	UniqueResourceResult string                       `json:"uniqueResourceResult"` // FNV(customerGUID + cluster+resourceID+frameworkName + resource.ReportID) to allow fast search for aggregation
	Designators          identifiers.PortalDesignator `json:"designators"`
	Name                 string                       `json:"name"`       // wlid/sid and etc.
	ResourceID           string                       `json:"resourceID"` //as given by kscape

	ControlName       string                      `json:"controlName"`
	HighlightPaths    []string                    `json:"highlightPaths"` // specifies "failedPath" - where exactly in the raw resources the control failed
	FixPaths          []FixPath                   `json:"fixPaths"`       // specifies "fixPaths" - what in the raw resources needs to be added by user
	ControlID         string                      `json:"controlID"`
	FrameworkName     string                      `json:"frameworkName"`
	ControlStatus     int                         `json:"controlStatus"` // it's rather resource status within the control, control might fail but on this specific resource it might be passed (exception)
	ControlStatusText string                      `json:"controlStatusText"`
	RelatedExceptions []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied  []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	ResourceKind      string                      `json:"kind"`
	ResourceNamespace string                      `json:"namespace"`
	Remediation       string                      `json:"remediation"`
	Images            []PostureContainerSummary   `json:"containers,omitempty"`
	DeleteStatus      RecordStatus                `json:"deletionStatus,omitempty"`
	Recommendations   []RecommendationAssociation `json:"recommendations"`

	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`
}

1 resource per 1 control

type PostureResourceSummary

type PostureResourceSummary struct {
	Designators identifiers.PortalDesignator `json:"designators"`
	Name        string                       `json:"name"`       // wlid/sid and etc.
	ResourceID  string                       `json:"resourceID"` //as given by kscape

	//gives upto PostureResourceMaxCtrls controls as an example
	FailedControl   []string `json:"failedControls"`
	WarningControls []string `json:"warningControls"`
	SkippedControls []string `json:"skippedControls"`
	//maps statusText 2 list of controlIDs
	StatusToControls map[string][]string `json:"statusToControls"`

	HighlightsPerCtrl []HighlightsByControl `json:"highlightsPerControl"`

	//totalcount (including the failed/warning controls slices)
	FailedControlCount     int                         `json:"failedControlsCount"`
	SkippedControlCount    int                         `json:"skippedControlsCount"`
	WarningControlCount    int                         `json:"warningControlsCount"` // Deprecated
	Status                 int                         `json:"status"`
	StatusText             string                      `json:"statusText"`
	SubStatusText          string                      `json:"subStatusText,omitempty"`
	Remediation            []string                    `json:"remediation"`
	ResourceKind           string                      `json:"resourceKind"`
	FrameworkName          string                      `json:"frameworkName"`
	ExceptionRecommendaion string                      `json:"exceptionRecommendaion"`
	RelatedExceptions      []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied       []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	Images                 []PostureContainerSummary   `json:"containers,omitempty"`
	Recommendations        []RecommendationAssociation `json:"recommendations"`

	Timestamp     time.Time    `json:"timestamp"`
	ReportID      string       `json:"reportGUID"`
	DeleteStatus  RecordStatus `json:"deletionStatus,omitempty"`
	ArmoBestScore int64        `json:"armoBestScore"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int    `json:"criticalSeverityControls"`
	HighSeverityControls     int    `json:"highSeverityControls"`
	MediumSeverityControls   int    `json:"mediumSeverityControls"`
	LowSeverityControls      int    `json:"lowSeverityControls"`
	ClusterShortName         string `json:"clusterShortName"`
}

type PostureScanConfig

type PostureScanConfig struct {
	ScanFrequency ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
}

type PostureSummary

type PostureSummary struct {
	RuntimeImprovementPercentage float32                      `json:"runtimeImprovementPercentage"`
	LastRun                      time.Time                    `json:"lastRun"`
	ReportID                     string                       `json:"reportGUID"`
	Designators                  identifiers.PortalDesignator `json:"designators"`
	PostureAttributes            PostureAttributesList        `json:"postureAttributes"`
	ClusterCloudProvider         string                       `json:"clusterCloudProvider"`

	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

--------/api/v1/posture/summary

type Probe added in v0.0.249

type Probe struct {
	Type string `json:"type"` // e,g liveness/readiness/<w.e>
	Data string `json:"data"` // actual probe data/settings
}

Probe - represent the various container probes

type ProcessingStatus added in v0.0.203

type ProcessingStatus string

type ProviderConnectionStatus added in v0.0.270

type ProviderConnectionStatus struct {
	Status ConnectedStatus `json:"status"`
}

type QueryScopeParams added in v0.0.207

type QueryScopeParams struct {
	InstanceID string
	Cluster    []string
	Namespace  []string
	WLIDs      []string
	Kind       []string
	Name       []string
	Repository []string
	Registry   []string
	Tag        []string
	Custom     map[string][]string
}

func (*QueryScopeParams) FixOrAddAsInnerFilters added in v0.0.207

func (qsp *QueryScopeParams) FixOrAddAsInnerFilters(paginationReq *V2ListRequest, instanceIDField, clusterNameField, namespaceField,
	wlidField, kindField, nameField string)

FixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names

func (*QueryScopeParams) FixOrAddAsInnerFiltersMap added in v0.0.207

func (qsp *QueryScopeParams) FixOrAddAsInnerFiltersMap(paginationReq *V2ListRequest, filters Filters)

func (*QueryScopeParams) FixOrAddAsUniqueInnerFilters added in v0.0.216

func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFilters(reqObj *UniqueValuesRequestV2, instanceIDField, clusterNameField, namespaceField,
	wlidField, kindField, nameField string)

fixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names

func (*QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap added in v0.0.216

func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap(reqObj *UniqueValuesRequestV2, filters Filters)

type RawJSONObject added in v0.0.207

type RawJSONObject gojay.EmbeddedJSON

RawJSONObject holds bytes of JSON object

func (*RawJSONObject) MarshalJSON added in v0.0.207

func (rjo *RawJSONObject) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.marshaler interface

type RawResource

type RawResource struct {
	Designators  identifiers.PortalDesignator `json:"designators"`
	Timestamp    time.Time                    `json:"timestamp"`
	DeleteStatus RecordStatus                 `json:"deletionStatus,omitempty"`

	ResourceID          string                    `json:"resourceID"`
	PostureReportID     string                    `json:"postureReportID,omitempty"`
	SPIFFE              string                    `json:"spiffe"`
	Containers          []PostureContainerSummary `json:"containers,omitempty"`
	RelatedResourcesIDs []string                  `json:"relatedResourcesID,omitempty"`
	RAW                 json.RawMessage           `json:"object"`
}

type RecommendationAssociation

type RecommendationAssociation struct {
	PortalBase `json:",inline"`
	// audit for user actions taken for this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the context to show this recommendation to this customer
	Context []identifiers.ArmoContext `json:"context"`
	// designator object as we have in current resources represntaion
	// this is about to be useless
	Designators identifiers.PortalDesignator `json:"designators"`
	// guid of the recommendation in recommendation DB
	RecommendationPrototypeGUID string                   `json:"recommendationPrototypeGUID"`
	RecommendationDetails       RecommendationSkeletonV1 `json:"recommendationDetails"`
	// current status of this recommendation for the given resource
	Status AssociationStatus `json:"status"`
}

this structure is dedicated to connect between recommendation and specific resource and trace the user actions taken due to this recommendation

type RecommendationSkeletonV1

type RecommendationSkeletonV1 struct {
	PortalBase `json:",inline"`
	// audit for manual changes made in this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the action the user should take
	Action      string `json:"action"`
	Description string `json:"description"`
	// link to some well explained description of this recommendation
	DescriptionLink string `json:"descriptionLink"`
	// the context to show this recommendation in
	Context []identifiers.ArmoContext `json:"context"`
	// the approvement status. Do we should show this recommendation to users?
	Approvement ApprovementState `json:"approvement"`
}

type RecordStatus

type RecordStatus int
const (
	RecordAlive        RecordStatus = 0
	RecordShouldDelete RecordStatus = 1
)

type RegistryInfo added in v0.0.125

type RegistryInfo struct {
	RegistryName     string     `json:"registryName,omitempty" bson:"registryName"`
	RegistryProvider string     `json:"registryProvider,omitempty" bson:"registryProvider"`
	RegistryToken    string     `json:"registryToken,omitempty" bson:"registryToken"`
	Depth            *int       `json:"depth,omitempty" bson:"depth"`
	Include          []string   `json:"include,omitempty" bson:"include"`
	Exclude          []string   `json:"exclude,omitempty" bson:"exclude"`
	Kind             string     `json:"kind,omitempty" bson:"kind"`
	IsHTTPS          *bool      `json:"isHTTPS,omitempty" bson:"isHTTPS"`
	SkipTLSVerify    *bool      `json:"skipTLSVerify,omitempty" bson:"skipTLSVerify"`
	AuthMethod       AuthMethod `json:"authMethod,omitempty" bson:"authMethod"`
	SecretName       string     `json:"secretName,omitempty" bson:"secretName"`
}

type RegistryJobParams

type RegistryJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	RegistryName    string `json:"registryName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type RelevantImageVulnerabilitiesConfiguration added in v0.0.198

type RelevantImageVulnerabilitiesConfiguration string
const (
	RelevantImageVulnerabilitiesConfigurationEnable  RelevantImageVulnerabilitiesConfiguration = "enable"
	RelevantImageVulnerabilitiesConfigurationDisable RelevantImageVulnerabilitiesConfiguration = "disable"
	RelevantImageVulnerabilitiesConfigurationDetect  RelevantImageVulnerabilitiesConfiguration = "detect"
)

type RepoEntityKind

type RepoEntityKind string

Kind of an entity. Can only be one of the following: `file` or `repo` Example: repo

const (
	RepoEntityFile RepoEntityKind = "file"
	RepoEntityRepo RepoEntityKind = "repo"
)

type RepoEntitySummary

type RepoEntitySummary struct {
	Designators identifiers.PortalDesignator `json:"designators"`

	// Name of this entity
	// Example: "my-repo"
	Name string `json:"name"`

	Kind RepoEntityKind `json:"kind"`

	// Number of children of the entity. For `file`s entity it would be
	// the amount of the resources inside this file, and for `repo`s -
	// the amount of scanned files
	// Example: 13
	ChildCount uint64 `json:"childCount"`

	// Status of the entity
	// Example: failed
	StatusText string `json:"statusText"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]int `json:"controlsStats"`

	// Frameworks that were run.
	// In multi-frameworks-summary, this property is
	// taking the place of the `framework` property
	// Example: ["ArmoBest", "MITRE"]
	Frameworks []string `json:"frameworks,omitempty"`

	// Single framework this summary is for.
	// Example: ArmoBest
	Framework string `json:"framework,omitempty"`

	// Time of the scan that produced this result
	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`

	// swagger:ignore
	// This record is marked for deletion or not
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

RepoEntitySummary summary of repo scanning entity.

type Repository added in v0.0.133

type Repository struct {
	RepositoryName string `json:"repositoryName"`
}

type Resource added in v0.0.334

type Resource struct {
	K8sResourceHash  string `json:"k8sResourceHash,omitempty" bson:"k8sResourceHash,omitempty"`
	Cluster          string `json:"cluster,omitempty" bson:"cluster,omitempty"`
	ClusterShortName string `json:"clusterShortName"`
	Namespace        string `json:"namespace,omitempty" bson:"namespace,omitempty"`
	Kind             string `json:"kind,omitempty" bson:"kind,omitempty"`
	Name             string `json:"name,omitempty" bson:"name,omitempty"`
}

type RespTotal added in v0.0.201

type RespTotal struct {
	Value    int    `json:"value"`
	Relation string `json:"relation"`
}

func (*RespTotal) NKeys added in v0.0.216

func (ert *RespTotal) NKeys() int

NKeys --

func (*RespTotal) UnmarshalJSONObject added in v0.0.216

func (ert *RespTotal) UnmarshalJSONObject(dec *gojay.Decoder, key string) error

UnmarshalJSONObject --

type RespTotal64 added in v0.0.207

type RespTotal64 struct {
	Value    uint64 `json:"value"`
	Relation string `json:"relation"`
}

type RetrieveObjectsByRequestPayload added in v0.0.207

type RetrieveObjectsByRequestPayload struct {
	MultipleItems map[string][]string
	SingleItems   map[string]string
	Exists        []string
	MustNot       []map[string]interface{}
	ExcludeFields []string
}

payload for querying/filtering a list, key: <fieldname> and value is the string value

type Risk added in v0.0.316

type Risk struct {
	ID   string   `json:"ID"`
	Type RiskType `json:"type"`
}

Risk represents an individual risk with an ID and type

type RiskFactor added in v0.0.283

type RiskFactor string

func GetRiskFactors added in v0.0.284

func GetRiskFactors(controlIDs []string) []RiskFactor

GetRiskFactors returns a list of unique risk factors for given control IDs.

type RiskType added in v0.0.316

type RiskType string

func (*RiskType) UnmarshalJSON added in v0.0.316

func (rt *RiskType) UnmarshalJSON(data []byte) error

UnmarshalJSON is a custom unmarshaler for RiskType that validates its value

type ScanFrequency

type ScanFrequency string

type ScanType added in v0.0.146

type ScanType string

type SearchAfterResp added in v0.0.207

type SearchAfterResp struct {
	Sort interface{} `json:"sort"`
}

type SearchResponse added in v0.0.207

type SearchResponse struct {
	Result []RawJSONObject
	Total  *RespTotal
	Cursor *Cursor
	Sort   *SearchAfterResp
}

type SecurityIssue added in v0.0.316

type SecurityIssue struct {
	ISecurityIssue  `json:",inline,omitempty"`
	Cluster         string   `json:"cluster"`
	Namespace       string   `json:"namespace"`
	ResourceName    string   `json:"resourceName"`
	Kind            string   `json:"kind"`
	ResourceID      string   `json:"resourceID"`
	K8sResourceHash string   `json:"k8sResourceHash"`
	RiskID          string   `json:"riskID"` // controlID/attackTrackID
	RiskType        RiskType `json:"riskType,omitempty"`

	SecurityRiskID string `json:"securityRiskID"`

	Status SecurityIssueStatus `json:"status"`

	IsNew bool `json:"isNew"`

	LastTimeDetected string `json:"lastTimeDetected,omitempty"`
	LastTimeResolved string `json:"lastTimeResolved,omitempty"`

	ExceptionApplied bool `json:"exceptionApplied"`
}

type SecurityIssueAttackPath added in v0.0.325

type SecurityIssueAttackPath struct {
	SecurityIssue `json:",inline"`
	AttackChainID string `json:"attackChainID"`
}

type SecurityIssueControl added in v0.0.325

type SecurityIssueControl struct {
	SecurityIssue `json:",inline"`
	ControlID     string `json:"controlID"`
	ReportGUID    string `json:"reportGUID"`
	FrameworkName string `json:"frameworkName"`
}

type SecurityIssueSeverity added in v0.0.320

type SecurityIssueSeverity string

type SecurityIssueStatus added in v0.0.316

type SecurityIssueStatus string

type SecurityIssuesCategories added in v0.0.320

type SecurityIssuesCategories struct {
	CategoryResourceCounters map[string]int `json:"categoryResourceCounter"`
	TotalResources           int            `json:"totalResources"`
}

func NewSecurityIssuesCategories added in v0.0.320

func NewSecurityIssuesCategories() SecurityIssuesCategories

func (*SecurityIssuesCategories) SetCategoryTotal added in v0.0.320

func (sic *SecurityIssuesCategories) SetCategoryTotal(category string, total int)

type SecurityIssuesSeverities added in v0.0.320

type SecurityIssuesSeverities struct {
	SeverityResourceCounters map[SecurityIssueSeverity]int `json:"severityResourceCounter"`
	TotalResources           int                           `json:"totalResources"`
}

func NewSecurityIssuesSeverities added in v0.0.320

func NewSecurityIssuesSeverities() SecurityIssuesSeverities

func (*SecurityIssuesSeverities) SetSeverityTotal added in v0.0.320

func (sis *SecurityIssuesSeverities) SetSeverityTotal(severity SecurityIssueSeverity, total int)

type SecurityIssuesSummary added in v0.0.316

type SecurityIssuesSummary struct {
	SecurityRiskID                   string     `json:"securityRiskID"`
	SecurityRiskName                 string     `json:"securityRiskName"`
	Category                         string     `json:"category"`
	Severity                         string     `json:"severity"`
	LastUpdated                      string     `json:"lastUpdated"`
	AffectedClustersCount            int        `json:"affectedClustersCount"`
	AffectedNamespacesCount          int        `json:"affectedNamespacesCount"`
	AffectedResourcesCount           int        `json:"affectedResourcesCount"`
	ResourcesDetectedLastUpdateCount int        `json:"resourcesDetectedLastUpdateCount"`
	ResourcesResolvedLastUpdateCount int        `json:"resourcesResolvedLastUpdateCount"`
	ResourcesDetectedLastChangeCount int        `json:"resourcesDetectedLastChangeCount"`
	ResourcesResolvedLastChangeCount int        `json:"resourcesResolvedLastChangeCount"`
	AffectedResourcesChange          int        `json:"affectedResourcesChange"`
	ResourcesDetectedLastChange      []Resource `json:"resourcesDetectedLastChange"`
	ResourcesResolvedLastChange      []Resource `json:"resourcesResolvedLastChange"`
}

type SecurityRisk added in v0.0.316

type SecurityRisk struct {
	ID             string           `json:"ID"`
	Name           string           `json:"name"`
	Description    string           `json:"description"`
	WhatIs         string           `json:"whatIs"`
	Severity       string           `json:"severity"`
	Category       string           `json:"category"`
	Remediation    string           `json:"remediation"`
	Risks          []Risk           `json:"risks"`
	SecurityIssues []ISecurityIssue `json:"securityIssues,omitempty"`
}

SecurityRisk represents the main object with various fields and an array of Risks

func (*SecurityRisk) GetRiskTypes added in v0.0.325

func (sr *SecurityRisk) GetRiskTypes() []RiskType

func (*SecurityRisk) GetRisks added in v0.0.316

func (sr *SecurityRisk) GetRisks() []Risk

func (*SecurityRisk) GetRisksIDsByType added in v0.0.316

func (sr *SecurityRisk) GetRisksIDsByType(riskType RiskType) []string

type SecurityRiskExceptionPolicy added in v0.0.334

type SecurityRiskExceptionPolicy struct {
	BaseExceptionPolicy `json:",inline"`
	Name                string `json:"name"`
	Category            string `json:"category"`
	Severity            string `json:"severity"`
}

type Settings

type Settings struct {
	PostureControlInputs    map[string][]string     `json:"postureControlInputs" bson:"postureControlInputs"`
	PostureScanConfig       PostureScanConfig       `json:"postureScanConfig" bson:"postureScanConfig"`
	VulnerabilityScanConfig VulnerabilityScanConfig `json:"vulnerabilityScanConfig" bson:"vulnerabilityScanConfig"`
	SlackConfigurations     SlackSettings           `json:"slackConfigurations,omitempty" bson:"slackConfigurations,omitempty"`
}

func MockSettings

func MockSettings() *Settings

type SlackChannel

type SlackChannel struct {
	ChannelID   string `json:"id"`
	ChannelName string `json:"name"`
}

type SlackChannels added in v0.0.270

type SlackChannels struct {
	Channels []SlackChannel `json:"channels"`
}

type SlackNotification

type SlackNotification struct {
	IsActive   bool                   `json:"isActive" bson:"isActive"`
	Channels   []SlackChannel         `json:"channels" bson:"channels"`
	Attributes map[string]interface{} `json:"attributes" bson:"attributes"`
}

type SlackSettings

type SlackSettings struct {
	Token         string `json:"token" bson:"token"`
	Alert2Channel `json:",inline,omitempty" bson:"inline,omitempty"`
	Notifications `json:"notifications,omitempty" bson:"notifications,omitempty"`
}

type Subscription added in v0.0.154

type Subscription struct {

	// Stripe internal customer ID, usually generated on subscription creation.
	StripeCustomerID string `json:"stripeCustomerID,omitempty" bson:"stripeCustomerID,omitempty"`

	// Stripe subscription id.
	StripeSubscriptionID string `json:"stripeSubscriptionID,omitempty" bson:"stripeSubscriptionID,omitempty"`

	// Stripe subscription status, optional values: incomplete, incomplete_expired, trialing, active, past_due, canceled, or unpaid.
	SubscriptionStatus string `json:"subscriptionStatus,omitempty" bson:"subscriptionStatus,omitempty"`

	// Date when the subscription was first created. The date might differ from the created date due to backdating
	StartDate int64 `json:"startDate,omitempty" bson:"startDate,omitempty"`

	// Stripe The most recent invoice this subscription has generated.
	LatestInvoice string `json:"latestInvoice,omitempty" bson:"latestInvoice,omitempty"`

	// determine whether a subscription that has a status of active is scheduled to be canceled at the end of the current period.
	CancelAtPeriodEnd *bool `json:"cancelAtPeriodEnd,omitempty" bson:"cancelAtPeriodEnd,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodStart int64 `json:"currentPeriodStart,omitempty" bson:"currentPeriodStart,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodEnd int64 `json:"currentPeriodEnd,omitempty" bson:"currentPeriodEnd,omitempty"`

	// If the subscription has a trial, the end of that trial.
	TrialEnd int64 `json:"trialEnd,omitempty" bson:"trialEnd,omitempty"`

	// monthly average of daily sum of max scanned Worker Nodes per cluster per day
	NumNodes int `json:"numNodes,omitempty" bson:"numNodes,omitempty"`

	// can be "free", "team" or "enterprise"
	LicenseType LicenseType `json:"licenseType,omitempty" bson:"licenseType,omitempty"`
}

hold information of a single subscription.

type SynchronizerClient added in v0.0.333

type SynchronizerClient struct {
	CustomerGUID        string    `json:"customerGUID"`
	Cluster             string    `json:"cluster"`
	Replica             string    `json:"replica"`
	LastKeepAlive       time.Time `json:"lastKeepAlive"`
	ConnectionTime      time.Time `json:"connectionTime"`
	HelmVersion         string    `json:"helmVersion"`
	SynchronizerVersion string    `json:"synchronizerVersion"`
	ConnectionId        string    `json:"connectionId"`
}

SynchronizerClient represents a client which is connected to the synchronizer server

type UniqueCardinalityResponseV2 added in v0.0.207

type UniqueCardinalityResponseV2 struct {
	Fields map[string]uint64 `json:"fields"`
}

UniqueCardinalityResponseV2 holds response data of cardinality request

func (*UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords added in v0.0.216

func (uvr *UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)

ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary

type UniqueValuesRequestV2 added in v0.0.207

type UniqueValuesRequestV2 struct {
	Fields map[string]string `json:"fields"`
	// Which elements of the list to return, each field can hold multiple values separated by comma
	// Example: ": {"severity": "High,Medium",		"type": "61539,30303"}
	// An empty map means "return the complete list"
	InnerFilters []map[string]string `json:"innerFilters"`
	PageSize     int                 `json:"pageSize,omitempty"`
	//for apis that support pagination
	PageNum *int `json:"pageNum,omitempty"`
	//Include hit counts for each field
	CountFields             *bool             `json:"countFields,omitempty"`
	FieldsReverseKeywordMap map[string]string `json:"-"`
	Cursor                  string            `json:"-"`
	// The time window to search (Default: since - beginning of the time, until - now)
	Since          *time.Time `json:"since,omitempty"`
	Until          *time.Time `json:"until,omitempty"`
	TimestampField string     `json:"-"`
}

UniqueValuesRequestV2 holds data to return unique values to

func (*UniqueValuesRequestV2) GetFieldsNames added in v0.0.216

func (uvr *UniqueValuesRequestV2) GetFieldsNames() []string

GetFieldsNames retunrs slice of Fields names

func (*UniqueValuesRequestV2) ReplaceFieldsToKeywords added in v0.0.216

func (uvr *UniqueValuesRequestV2) ReplaceFieldsToKeywords(keywordMap map[string]string)

ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary

func (*UniqueValuesRequestV2) ValidateCountFields added in v0.0.317

func (u *UniqueValuesRequestV2) ValidateCountFields(countDefault bool) bool

func (*UniqueValuesRequestV2) ValidatePageProperties added in v0.0.207

func (u *UniqueValuesRequestV2) ValidatePageProperties(maxPageSize int)

ValidatePageProperties validate page size and page number to be valid

type UniqueValuesResponseFieldsCount added in v0.0.207

type UniqueValuesResponseFieldsCount struct {
	Field string `json:"key"`
	Count int64  `json:"count"`
}

UniqueValuesResponseFieldsCount holds response data of UniqueValuesResponseV2 request

type UniqueValuesResponseV2 added in v0.0.207

type UniqueValuesResponseV2 struct {
	Fields      map[string][]string                          `json:"fields"`
	FieldsCount map[string][]UniqueValuesResponseFieldsCount `json:"fieldsCount"`
}

UniqueValuesResponseV2 holds response data of unique values

func (*UniqueValuesResponseV2) ListFields added in v0.0.216

func (uvr *UniqueValuesResponseV2) ListFields(key string) []string

ListFields list all UniqueValuesResponseV2 fields

func (*UniqueValuesResponseV2) ReplaceFieldsFromKeywords added in v0.0.216

func (uvr *UniqueValuesResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)

ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary

type UniqueValuesSearchByScopeFiltersFunc added in v0.0.216

type UniqueValuesSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, reqObj *UniqueValuesRequestV2) (*UniqueValuesResponseV2, error)

type UpdateAuditEntry

type UpdateAuditEntry struct {
	Timestamp time.Time `json:"timestamp"`
	UserName  string    `json:"userName"`
}

type User added in v0.0.194

type User struct {
	DismissedBanners map[string]Banner `json:"dismissedBanners,omitempty" bson:"dismissedBanners,omitempty"` // map of bannerID to Banner
}

type V2ListRequest added in v0.0.197

type V2ListRequest struct {
	// properties of the requested next page
	// Use ValidatePageProperties to set PageSize field
	PageSize *int `json:"pageSize"`
	// One can leave it empty for 0, then call ValidatePageProperties
	PageNum *int `json:"pageNum"`
	// The time window of the list to return. Default: since - begining og the time, until - now.
	Since *time.Time `json:"since"`
	Until *time.Time `json:"until"`
	// Which elements of the list to return, each field can hold multiple values separated by comma
	// An empty map means "return the complete list"
	// Example: [{"severity": "High,Medium",		"type": "61539,30303"}]
	InnerFilters []map[string]string `json:"innerFilters"`
	// How to order (sort) the list, field name + sort order (asc/desc), like https://www.w3schools.com/sql/sql_orderby.asp
	// When empty, the default sort order is used. To disable the default sort order, set IgnoreDefaultSort to true
	// Example: timestamp:asc,severity:desc
	OrderBy string `json:"orderBy"`
	// When true, the default sort order is ignored
	// TODO: take it off, and use the default sort order when OrderBy is empty
	IgnoreDefaultSort bool `json:"ignoreDefaultOrderBy,omitempty"`
	// Cursor to the next page of former requset.
	// Cursor cannot be used with another parameters of this struct
	Cursor           *Cursor `json:"cursorV1,omitempty"`
	CursorDepracated string  `json:"cursor"`
	// FieldsList allow us to return only subset of the source document fields
	// Don't expose FieldsList outside without well designed decision
	// swagger:ignore
	FieldsList              []string          `json:"includeFields"`
	FieldsReverseKeywordMap map[string]string `json:"-"`
	// TODO: reuse cursor struct (few line above)
	SearchAfter *SearchAfterResp `json:"searchAfter"`
	// For PUT request, can be used to update only specific fields with specific values
	// map of field name to new value
	FieldsToUpdate map[string]string `json:"fieldsToUpdate"`
	//internal flag to indicate if the request is validated (avoid fixing pagination twice in the same request)
	// swagger:ignore
	FixedPageNum bool `json:"_fixedPageNum"`
}

TODO use armotypes.V2ListRequest V2ListRequest descripts what portion of the list the client is requesting swagger:model PaginationRequest

func (*V2ListRequest) GetFieldsNames added in v0.0.207

func (lr *V2ListRequest) GetFieldsNames() []string

GetFieldsNames retunrs slice of Fields names

func (*V2ListRequest) ReplaceFieldsToKeywords added in v0.0.216

func (lr *V2ListRequest) ReplaceFieldsToKeywords(keywordMap map[string]string)

ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary

func (*V2ListRequest) ValidateOrderBy added in v0.0.216

func (lr *V2ListRequest) ValidateOrderBy(defaultDescOrder string)

ValidateOrderBy vlidate that the order-by field is well configured to the desired state

func (*V2ListRequest) ValidatePageProperties added in v0.0.207

func (lr *V2ListRequest) ValidatePageProperties(maxPageSize int)

ValidatePageProperties validate page size and page number to be valid

type V2ListResponse added in v0.0.207

type V2ListResponse V2ListResponseGeneric[interface{}]

type V2ListResponseGeneric added in v0.0.246

type V2ListResponseGeneric[T any] struct {
	Total    RespTotal `json:"total"`
	Response T         `json:"response"`
	// Cursor for quick access to the next page. Not supported yet
	Cursor string `json:"cursor"`
}

V2ListResponse holds the response of some list request with some metadata

type Vulnerabilities added in v0.0.205

type Vulnerabilities struct {
	ContainerName string   `json:"containerName" bson:"containerName,omitempty"`
	ImageScanID   string   `json:"imageScanID" bson:"imageScanID,omitempty"`
	Names         []string `json:"names" bson:"names,omitempty"` // CVE names
}

type VulnerabilitiesComponent added in v0.0.283

type VulnerabilitiesComponent struct {
	CustomerGUID string              `json:"customerGUID"`
	Name         string              `json:"name"`
	Version      string              `json:"version"`
	PackageType  string              `json:"packageType"`
	FirstSeen    time.Time           `json:"firstSeen"` //first found in the user account (not in the world)
	FixVersions  []string            `json:"fixVersions"`
	PathsInfo    []ComponentPathInfo `json:"pathsInfo"`
}

type Vulnerability added in v0.0.142

type Vulnerability struct {
	Name               string                       `json:"name"`
	Severity           string                       `json:"severity"`
	SeverityScore      int                          `json:"severityScore"`
	Links              []string                     `json:"links"`
	Description        string                       `json:"description"`
	Exploitable        string                       `json:"exploitable"`
	IsRelevant         string                       `json:"isRelevant"`
	ComponentInfo      VulnerabilitiesComponent     `json:"componentInfo"`
	CvssInfo           CvssInfo                     `json:"cvssInfo"`
	EpssInfo           EpssInfo                     `json:"epssInfo"`
	CisaKevInfo        CisaKevInfo                  `json:"cisaKevInfo"`
	WorkloadsCount     int                          `json:"workloadsCount"`
	ImagesCount        int                          `json:"imagesCount"`
	IgnoreRulesSummary map[string]IgnoreRuleSummary `json:"ignoreRulesSummary"`
}

type VulnerabilityExceptionPolicy

type VulnerabilityExceptionPolicy struct {
	PortalBase `json:",inline" bson:"inline"`

	// Policy type. Must be 'vulnerabilityExceptionPolicy'
	// required: true
	// Example: vulnerabilityExceptionPolicy
	PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`

	// Creation time of the policy
	// Example: 2022-03-31T08:57:58.048014
	CreationTime string `json:"creationTime" bson:"creationTime"`

	// Actions to apply (currently only 'ignore' is available)
	// required: true
	// min: 1
	// Example: ["ignore"]
	Actions []VulnerabilityExceptionPolicyActions `json:"actions" bson:"actions,omitempty"`

	// Items to apply the actions on
	// required: true
	// min: 1
	Designatores []identifiers.PortalDesignator `json:"designators" bson:"designators,omitempty"`

	// Vulnerabilities to take the actions on
	// required: true
	// min: 1
	VulnerabilityPolicies []VulnerabilityPolicy `json:"vulnerabilities" bson:"vulnerabilities,omitempty"`
	Reason                string                `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate        *time.Time            `json:"expirationDate" bson:"expirationDate,omitempty"`
	ExpiredOnFix          *bool                 `json:"expiredOnFix,omitempty" bson:"expiredOnFix,omitempty"`
	CreatedBy             string                `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func MockVulnerabilityException

func MockVulnerabilityException() *VulnerabilityExceptionPolicy

func (*VulnerabilityExceptionPolicy) IsAlertOnly

func (exceptionPolicy *VulnerabilityExceptionPolicy) IsAlertOnly() bool

type VulnerabilityExceptionPolicyActions

type VulnerabilityExceptionPolicyActions string
const Ignore VulnerabilityExceptionPolicyActions = "ignore"

type VulnerabilityJobParams

type VulnerabilityJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	Namespace       string `json:"namespace"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type VulnerabilityPolicy

type VulnerabilityPolicy struct {
	// The name of the vulnerability
	// Example: CVE-2022-28128
	Name          string `json:"name" bson:"name"`
	SeverityScore int    `json:"severityScore,omitempty" bson:"severityScore,omitempty"`
}

type VulnerabilityScanConfig

type VulnerabilityScanConfig struct {
	ScanFrequency             ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
	CriticalPriorityThreshold int           `json:"criticalPriorityThreshold,omitempty" bson:"criticalPriorityThreshold,omitempty"`
	HighPriorityThreshold     int           `json:"highPriorityThreshold,omitempty" bson:"highPriorityThreshold,omitempty"`
	MediumPriorityThreshold   int           `json:"mediumPriorityThreshold,omitempty" bson:"mediumPriorityThreshold,omitempty"`
	ScanNewDeployment         bool          `json:"scanNewDeployment,omitempty" bson:"scanNewDeployment,omitempty"`
	AllowlistRegistries       []string      `json:"AllowlistRegistries,omitempty" bson:"AllowlistRegistries,omitempty"`
	BlocklistRegistries       []string      `json:"BlocklistRegistries,omitempty" bson:"BlocklistRegistries,omitempty"`
}

type VulnerabilityWorkload added in v0.0.283

type VulnerabilityWorkload struct {
	Wlid             string              `json:"wlid"`
	Name             string              `json:"name"`
	Namespace        string              `json:"namespace"`
	Kind             string              `json:"kind"`
	Cluster          string              `json:"cluster"`
	ClusterShortName string              `json:"clusterShortName"`
	LastScanTime     time.Time           `json:"lastScanTime"`
	CustomerGUID     string              `json:"customerGUID"`
	ImagesCount      int                 `json:"imagesCount"`
	CriticalCount    int                 `json:"criticalCount"`
	HighCount        int                 `json:"highCount"`
	MediumCount      int                 `json:"mediumCount"`
	LowCount         int                 `json:"lowCount"`
	SeverityStats    map[string][]string `json:"severityStats"`
	RiskFactorsCount int                 `json:"riskFactorsCount"`
	RiskFactors      []RiskFactor        `json:"riskFactors"`
	Labels           []string            `json:"labels"`
	HasRelevancyData bool                `json:"hasRelevancyData"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL