Documentation ¶
Index ¶
- Constants
- Variables
- func CalcHashFNV(id string) string
- func CalcResourceHash(customerGUID string, identifiers map[string]string) string
- func CalcResourceHashFNV(customerGUID, cluster, kind, name, namespace, apiVersion string) string
- func ConvertResourceIDToResourceHashFNV(customerGUID, clusterName, resourceID string) string
- func DigestAttributesDesignator(attributes map[string]string) (string, string, map[string]string)
- func DigestPortalDesignator(designator *PortalDesignator) (string, string, map[string]string)
- func GenerateExceptionUID() (string, error)
- func IsDesignatorsMatchContext(ctxSlice []ArmoContext, designator *PortalDesignator, designatorPrefix string) bool
- type ArmoContext
- type AttributesDesignators
- func (ad *AttributesDesignators) GetCluster() string
- func (ad *AttributesDesignators) GetKind() string
- func (ad *AttributesDesignators) GetLabels() map[string]string
- func (ad *AttributesDesignators) GetName() string
- func (ad *AttributesDesignators) GetNamespace() string
- func (ad *AttributesDesignators) GetPath() string
- func (ad *AttributesDesignators) GetResourceID() string
- type DesignatorType
- type PortalDesignator
- func (designator *PortalDesignator) DigestAttributesDesignator() AttributesDesignators
- func (designator *PortalDesignator) DigestPortalDesignator() AttributesDesignators
- func (designator *PortalDesignator) GetCluster() string
- func (designator *PortalDesignator) GetK8sResourceHash() string
- func (designator *PortalDesignator) GetKind() string
- func (designator *PortalDesignator) GetLabels() map[string]string
- func (designator *PortalDesignator) GetName() string
- func (designator *PortalDesignator) GetNamespace() string
- func (designator *PortalDesignator) GetPath() string
- func (designator *PortalDesignator) GetResourceID() string
- func (designator *PortalDesignator) NKeys() int
- func (designator *PortalDesignator) UnmarshalJSONObject(dec *gojay.Decoder, key string) error
- type S3ObjectPath
- type S3ObjectRange
Constants ¶
const ( DesignatorsToken = "designators" AttributeCustomerGUID = "customerGUID" AttributeRegistryName = "registryName" AttributeRepository = "repository" AttributeTag = "tag" AttributeCluster = "cluster" AttributeClusterShortName = "clusterShortName" AttributeNamespace = "namespace" AttributeKind = "kind" AttributeName = "name" AttribueResourceName = "resourceName" AttributeContainerName = "containerName" AttributeApiVersion = "apiVersion" AttributeApiGroup = "apiGroup" AttributeWorkloadHash = "workloadHash" AttributeIsIncomplete = "isIncomplete" AttributeSensor = "sensor" AttributePath = "path" AttributeResourceID = "resourceID" AttributeContainerScanId = "containerScanId" AttributeSyncKind = "syncKind" AttributeSBOMToolVersion = "sbomToolVersion" AttributeSecurityRiskID = "securityRiskID" AttributeSecurityRiskCategory = "securityRiskCategory" AttributeSecurityRiskName = "securityRiskName" AttributeK8sResourceHash = "k8sResourceHash" AttributeType = "type" AttributeOwner = "owner" AttributeRelated = "relatedObjects" AttributeLayerHash = "layerHash" AttributeImageRepository = "imageRepository" AttributeResourceHash = "resourceHash" AttributeComponentVersion = "componentVersion" AttributeComponent = "component" AttributeSeverityScore = "severityScore" AttributeSeverity = "severity" AttributeStatus = "status" AttributeCVEID = "cveID" AttributeCVEName = "cveName" AttributeControlID = "controlID" AttributeBaseScore = "baseScore" AttributeNodeName = "nodeName" AttributePodName = "podName" AttributeSiteID = "siteId" // Jira site ID AttributeProjectID = "projectId" // Jira project ID AttributeIssueTypeID = "issueTypeId" // Jira issue type ID AttributeWorkflowGUID = "workflowGUID" // workflow GUID )
attributes
const ( AttributeRepoName = "repoName" AttributeRepoOwner = "repoOwner" AttributeRepoHash = "repoHash" AttributeBranchName = "branch" AttributeDefaultBranch = "defaultBranch" AttributeProvider = "provider" AttributeRemoteURL = "remoteURL" AttributeLastCommitHash = "lastCommitHash" AttributeLastCommitterName = "lastCommitterName" AttributeLastCommitterEmail = "lastCommitterEmail" AttributeLastCommitTime = "lastCommitTime" AttributeFilePath = "filePath" AttributeFileType = "fileType" AttributeFileDir = "fileDirectory" AttributeFileUrl = "fileUrl" AttributeFileHelmChartName = "fileHelmChartName" AttributeLastFileCommitHash = "lastFileCommitHash" AttributeLastFileCommitterName = "lastFileCommitterName" AttributeLastFileCommitterEmail = "LastFileCommitterEmail" AttributeLastFileCommitTime = "lastFileCommitTime" AttributeUseHTTP = "useHTTP" AttributeSkipTLSVerify = "skipTLSVerify" )
Repository scan related attributes
const ( AttributeImageScanRelated = "imageScanRelated" AttributeImageRelatedControls = "imageRelatedControls" AttributeHostSensorRule = "hostSensorRule" AttributeHostSensor = "hostSensor" )
rego-library attributes
const ( AttributeWorkerNodes = "workerNodes" WorkerNodesmax = "max" WorkerNodeslastReported = "lastReported" WorkerNodeslastReportDate = "lastReportDate" WorkerNodesmaxPerMonth = "maxPerMonth" WorkerNodesmaxReportGUID = "maxReportGUID" WorkerNodesmaxPerMonthReportGUID = "maxPerMonthReportGUID" WorkerNodeslastReportGUID = "lastReportGUID" LastPostureScanTriggered = "lastPostureScanTriggered" LastTimeACEngineCompleted = "lastTimeACEngineCompleted" LastTimeSecurityRiskScanCompleted = "lastTimeSecurityRiskScanCompleted" )
Worker nodes attribute related consts
const ( AttributeCloudAccountID = "accountID" AttributeCloudAccountName = "accountName" AttributeFramework = "framework" AttributeCloudScanID = "scanID" AttributeCloudTaskID = "taskID" AttributeCloudFindingType = "findingType" )
CSPM related attributes
Variables ¶
var IgnoreLabels = []string{AttributeCluster, AttributeNamespace}
Functions ¶
func CalcHashFNV ¶ added in v0.0.219
CalcHashFNV calculates the hash (FNV) of the string
func CalcResourceHash ¶ added in v0.0.219
func CalcResourceHashFNV ¶ added in v0.0.297
func ConvertResourceIDToResourceHashFNV ¶ added in v0.0.427
ConvertResourceIDToResourceHashFNV expects to get resourceID in the format of `apiVersion/namespace/kind/name` for e.g `apps/v1/default/Deployment/deploymenttest1`
func DigestPortalDesignator ¶
func DigestPortalDesignator(designator *PortalDesignator) (string, string, map[string]string)
DigestPortalDesignator DEPRECATED. use designator.DigestPortalDesignator() - get cluster namespace and labels from designator
func GenerateExceptionUID ¶ added in v0.0.336
func IsDesignatorsMatchContext ¶
func IsDesignatorsMatchContext(ctxSlice []ArmoContext, designator *PortalDesignator, designatorPrefix string) bool
checks if all the context values match in designators
Types ¶
type ArmoContext ¶
type ArmoContext struct { Attribute string `json:"attribute"` Value string `json:"value"` Source string `json:"source"` }
context attributes based structure to get more flexible and searchable options
func DesignatorToArmoContext ¶
func DesignatorToArmoContext(designator *PortalDesignator, designatorPrefix string) []ArmoContext
type AttributesDesignators ¶
type AttributesDesignators struct {
// contains filtered or unexported fields
}
AttributeDesignators describe a kubernetes object, with its labels.
func (*AttributesDesignators) GetCluster ¶
func (ad *AttributesDesignators) GetCluster() string
func (*AttributesDesignators) GetKind ¶
func (ad *AttributesDesignators) GetKind() string
func (*AttributesDesignators) GetLabels ¶
func (ad *AttributesDesignators) GetLabels() map[string]string
func (*AttributesDesignators) GetName ¶
func (ad *AttributesDesignators) GetName() string
func (*AttributesDesignators) GetNamespace ¶
func (ad *AttributesDesignators) GetNamespace() string
func (*AttributesDesignators) GetPath ¶
func (ad *AttributesDesignators) GetPath() string
func (*AttributesDesignators) GetResourceID ¶
func (ad *AttributesDesignators) GetResourceID() string
type DesignatorType ¶
type DesignatorType string
Type of the designator
swagger:enum DesignatorType
const ( DesignatorAttributes DesignatorType = "Attributes" DesignatorAttribute DesignatorType = "Attribute" // Deprecated // WorkloadID format. // // Has two formats: // 1. Kubernetes format: wlid://cluster-<cluster>/namespace-<namespace>/<kind>-<name> // 2. Native format: wlid://datacenter-<datacenter>/project-<project>/native-<name> DesignatorWlid DesignatorType = "Wlid" // A WorkloadID wildcard expression. // // A wildcard expression that includes a cluster: // // wlid://cluster-<cluster>/ // // An expression that includes a cluster and namespace (filters out all other namespaces): // // wlid://cluster-<cluster>/namespace-<namespace>/ DesignatorWildWlid DesignatorType = "WildWlid" DesignatorWlidContainer DesignatorType = "WlidContainer" DesignatorWlidProcess DesignatorType = "WlidProcess" DesignatorSid DesignatorType = "Sid" // secret id )
Supported designators
func (DesignatorType) ToLower ¶
func (dt DesignatorType) ToLower() DesignatorType
type PortalDesignator ¶
type PortalDesignator struct { DesignatorType DesignatorType `json:"designatorType" bson:"designatorType"` // A specific Workload ID WLID string `json:"wlid,omitempty" bson:"wlid,omitempty"` // An expression that describes applicable workload IDs WildWLID string `json:"wildwlid,omitempty" bson:"wildwlid,omitempty"` // A specific Secret ID SID string `json:"sid,omitempty" bson:"sid,omitempty"` // Attributes that describe the targets Attributes map[string]string `json:"attributes" bson:"attributes"` }
PortalDesignator represents a single designation option
func AttributesDesignatorsFromImageTag ¶
func AttributesDesignatorsFromImageTag(imageTag string) *PortalDesignator
func AttributesDesignatorsFromWLID ¶
func AttributesDesignatorsFromWLID(wlid string) *PortalDesignator
func (*PortalDesignator) DigestAttributesDesignator ¶
func (designator *PortalDesignator) DigestAttributesDesignator() AttributesDesignators
func (*PortalDesignator) DigestPortalDesignator ¶
func (designator *PortalDesignator) DigestPortalDesignator() AttributesDesignators
DigestPortalDesignator - get cluster namespace and labels from designator
func (*PortalDesignator) GetCluster ¶
func (designator *PortalDesignator) GetCluster() string
func (*PortalDesignator) GetK8sResourceHash ¶ added in v0.0.336
func (designator *PortalDesignator) GetK8sResourceHash() string
func (*PortalDesignator) GetKind ¶
func (designator *PortalDesignator) GetKind() string
func (*PortalDesignator) GetLabels ¶
func (designator *PortalDesignator) GetLabels() map[string]string
func (*PortalDesignator) GetName ¶
func (designator *PortalDesignator) GetName() string
func (*PortalDesignator) GetNamespace ¶
func (designator *PortalDesignator) GetNamespace() string
func (*PortalDesignator) GetPath ¶
func (designator *PortalDesignator) GetPath() string
func (*PortalDesignator) GetResourceID ¶
func (designator *PortalDesignator) GetResourceID() string
func (*PortalDesignator) NKeys ¶
func (designator *PortalDesignator) NKeys() int
func (*PortalDesignator) UnmarshalJSONObject ¶
func (designator *PortalDesignator) UnmarshalJSONObject(dec *gojay.Decoder, key string) error
type S3ObjectPath ¶ added in v0.0.255
type S3ObjectPath struct { Bucket string `json:"bucket"` Key string `json:"key"` Range *S3ObjectRange `json:"range,omitempty"` }
S3 object path; support in bytes range