armotypes

package
v0.0.469 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 5, 2024 License: Apache-2.0 Imports: 17 Imported by: 59

Documentation

Index

Constants

View Source
const (
	ViewedMainScreenField = "viewedMainScreen"
	ProcessingStatusField = "processingStatus"
	//AttackChainStatuss
	StatusActive AttackChainStatus = "active"
	StatusFixed  AttackChainStatus = "fixed"

	ProcessingStatusProcessing ProcessingStatus = "processing"
	ProcessingStatusDone       ProcessingStatus = "done"
	ProcessingStatusFailed     ProcessingStatus = "failed"
	ProcessingStatusTimeout    ProcessingStatus = "timeout"
)
View Source
const (
	UnknownScore  = 0
	InfoScore     = 100
	LowScore      = 200
	MediumScore   = 300
	HighScore     = 400
	CriticalScore = 500
)
View Source
const (
	CloudCheckStatusEmpty   = "EMPTY"
	CloudCheckStatusFail    = "FAIL"
	CloudCheckStatusManual  = "MANUAL"
	CloudCheckStatusPass    = "PASS"
	CloudCheckStatusSkipped = "SKIPPED"

	CloudAutomatedCheckType = "AUTOMATED"
	CloudManualCheckType    = CloudCheckStatusManual
	CloudManualAndAutomated = CloudAutomatedCheckType + "/" + CloudManualCheckType
)

cloud check statuses

View Source
const (
	ScanFailed     = "FAILED"
	ScanInProgress = "INPROGRESS"
	ScanSuccess    = "SUCCESS"
)
View Source
const (
	ScanFailedScore     = 1
	ScanInProgressScore = 2
	ScanSuccessScore    = 3
)
View Source
const (
	//risk factors
	RiskFactorExternalFacing RiskFactor = "External facing"
	RiskFactorPrivileged     RiskFactor = "Privileged"
	RiskFactorSecretAccess   RiskFactor = "Secret access"
	RiskFactorDataAccess     RiskFactor = "Data access"
	RiskFactorHostAccess     RiskFactor = "Host access"

	//scan types
	ClusterPosture           ScanType = "cluster"
	RepositoryPosture        ScanType = "repository"
	ContainerVulnerabilities ScanType = "container"
	RegistryVulnerabilities  ScanType = "registry"
)
View Source
const (
	// In-cluster namespaces
	ArmoSystemNamespace = "armo-system" // deprecated, kept for backward compatibility
	KubescapeNamespace  = "kubescape"

	ArmoKollectorContainerName = "armo-collector" // deprecated, kept for backward compatibility
	KollectorContainerName     = "kollector"

	// registry scan
	LowestHelmVersionSupportedRegistryScanAndTest = "v1.9"
	LowestHelmVersionSupportedRegistryScan        = "v1.7.14"
	RegistryInfoArgKey                            = "registryInfo-v1"
	RegistryScanSecretName                        = "kubescape-registry-scan" //nolint:gosec
	RegistrySecretNameArgKey                      = "registry-secret"

	// vulnerability scan
	LowestHelmVersionSupportedVulnerabilityScan = "v1.7.17"

	// cronjob template annotation and labels
	CronJobTemplateAnnotationArmoJobIDKeyDeprecated      = "armo.jobid"       // deprecated
	CronJobTemplateAnnotationArmoCloudJobIDKeyDeprecated = "armo.cloud/jobid" // deprecated
	CronJobTemplateAnnotationJobIDKey                    = "app.kubescape/job-id"

	CronJobTemplateAnnotationUpdateJobIDDeprecated = "armo.updatejobid" // deprecated
	CronJobTemplateAnnotationUpdateJobID           = "app.kubescape/update-job-id"

	CronJobTemplateAnnotationNamespaceKeyDeprecated = "armo.namespace" // deprecated
	CronJobTemplateAnnotationNamespaceKey           = "app.kubescape/namespace"

	CronJobTemplateAnnotationRegistryNameKey = "armo.cloud/registryname"
	CronJobTemplateAnnotationHostScannerKey  = "armo.host-scanner"
	CronJobTemplateAnnotationFrameworkKey    = "armo.framework"

	CronJobTemplateLabelKey               = "armo.tier"
	CronJobTemplateLabelValueKubescape    = "kubescape-scan"
	CronJobTemplateLabelValueVulnScan     = "vuln-scan"
	CronJobTemplateLabelValueRegistryScan = "registry-scan"
)
View Source
const (
	K8sKindCluster   = "Cluster"
	K8sKindNode      = "Node"
	K8sKindNamespace = "Namespace"
	K8sKindSecret    = "Secret"
	K8sKindCronJob   = "CronJob"
	K8sKindJob       = "Job"
	K8sKindConfigMap = "ConfigMap"

	K8sApiVersionV1      = "v1"
	K8sApiVersionRBAC    = "rbac.authorization.k8s.io"
	K8sApiVersionRBACV1  = K8sApiVersionRBAC + "/" + K8sApiVersionV1
	K8SApiVersionAppsV1  = "apps/v1"
	K8SApiVersionBatchV1 = "batch/v1"
)
View Source
const (
	V2ListExistsOperator       string = "exists"
	V2ListEqualOperator        string = "equal"
	V2ListNotEqualOperator     string = "notequal"
	V2ListMissingOperator      string = "missing"
	V2ListEmptyOperator        string = "empty"
	V2ListMatchOperator        string = "match"
	V2ListGreaterOperator      string = "greater"
	V2ListLowerOperator        string = "lower"
	V2ListRegexOperator        string = "regex"
	V2ListLikeOperator         string = "like"
	V2ListRangeOperator        string = "range"
	V2ListIgnoreCaseOption     string = "ignorecase"
	V2ListArrayOperator        string = "arraymatch"
	V2ListElementMatchOperator string = "elemMatch" // for matching elements in array e.g. {"users.name|elemMatch": "users.age|elemMatch" : "30|greater"}

	V2ListAscendingSort  string = "asc"
	V2ListDescendingSort string = "desc"

	V2ListValueSeparator    = ","
	V2ListOperatorSeparator = "|"
	V2ListSubQuerySeparator = "&"
	V2ListSortTypeSeparator = ":"
	V2ListEscapeChar        = "\\"
)
View Source
const (
	CustomerGuidQuery   = "customerGUID"
	ClusterNameQuery    = "cluster"
	DatacenterNameQuery = "datacenter"
	NamespaceQuery      = "namespace"
	ProjectQuery        = "project"
	WlidQuery           = "wlid"
	SidQuery            = "sid"
)
View Source
const (
	SubscriptionStatusIncomplete        = string(stripe.SubscriptionStatusIncomplete)
	SubscriptionStatusIncompleteExpired = string(stripe.SubscriptionStatusIncompleteExpired)
	SubscriptionStatusTrialing          = string(stripe.SubscriptionStatusTrialing)
	SubscriptionStatusActive            = string(stripe.SubscriptionStatusActive)
	SubscriptionStatusPastDue           = string(stripe.SubscriptionStatusPastDue)
	SubscriptionStatusCanceled          = string(stripe.SubscriptionStatusCanceled)
	SubscriptionStatusUnpaid            = string(stripe.SubscriptionStatusUnpaid)
	SubscriptionStatusTrialExpired      = "trial expired"
)
View Source
const (
	PostureControlStatusUnknown    = 0
	PostureControlStatusPassed     = 1
	PostureControlStatusWarning    = 2 // deprecated
	PostureControlStatusFailed     = 3
	PostureControlStatusSkipped    = 4
	PostureControlStatusIrrelevant = 5 // deprecated
	PostureControlStatusError      = 6

	PostureResourceMaxCtrls = 6
)
View Source
const (
	RegistryResourcePrefix      = "kubescape-registry-scan"
	RegistryAuthFieldInSecret   = "registriesAuth"
	RegistryCommandBody         = "request-body.json"
	RegistryCronjobTemplateName = "cronjobTemplate"
	RegistryRequestVolumeName   = "request-body-volume"
)
View Source
const (
	SecurityIssueStatusDetected  SecurityIssueStatus = "Detected"
	SecurityIssueStatusResolved  SecurityIssueStatus = "Resolved"
	SecurityIssueStatusException SecurityIssueStatus = "Exception"

	RiskTypeControl                  RiskType = "Control"
	RiskTypeControlWithNetworkPolicy RiskType = "ControlWithNetworkPolicy"
	RiskTypeAttackPath               RiskType = "AttackPath"
	RiskTypeVulnerability            RiskType = "Vulnerability"

	SecurityIssueSeverityCritical SecurityIssueSeverity = "Critical"
	SecurityIssueSeverityHigh     SecurityIssueSeverity = "High"
	SecurityIssueSeverityMedium   SecurityIssueSeverity = "Medium"
	SecurityIssueSeverityLow      SecurityIssueSeverity = "Low"

	ResolvedReasonResourceDeleted ResolvedReason = "ResourceDeleted"
	ResolvedReasonClusterDeleted  ResolvedReason = "ClusterDeleted"
	ResolvedReasonRiskResolved    ResolvedReason = "RiskResolved"
)
View Source
const (
	ExploitableCisaKev        = "Known Exploited"
	ExploitableHighLikelihood = "High Likelihood"
	ExploitableNo             = "No"
	EpssThreshold             = 0.10 // 10%
	CisaKevKnown              = "Known"
	CisaKevUnknown            = "Unknown"
)
View Source
const GlobalRegex = "*/*"

Variables

View Source
var CloudIntToSeverity = map[int]string{
	UnknownScore:  "none",
	InfoScore:     "info",
	LowScore:      "low",
	MediumScore:   "medium",
	HighScore:     "high",
	CriticalScore: "critical",
}
View Source
var CloudPostureScanIntToStatus = map[int]string{
	ScanFailedScore:     ScanFailed,
	ScanInProgressScore: ScanInProgress,
	ScanSuccessScore:    ScanSuccess,
}
View Source
var CloudPostureScanStatusToInt = map[string]int{
	ScanFailed:     1,
	ScanInProgress: 2,
	ScanSuccess:    3,
}

cloud posture scans statuses

View Source
var CloudSeverityToInt = map[string]int{
	"critical": 500,
	"high":     400,
	"medium":   300,
	"low":      200,
	"info":     100,
	"none":     0,
}

cloud severities

View Source
var MandatorySeccompSyscalls = []string{"epoll_wait", "tgkill", "sched_yield"}
View Source
var RiskFactorMapping = map[string]RiskFactor{
	"C-0256": RiskFactorExternalFacing,
	"C-0046": RiskFactorPrivileged,
	"C-0057": RiskFactorPrivileged,
	"C-0255": RiskFactorSecretAccess,
	"C-0257": RiskFactorDataAccess,
	"C-0038": RiskFactorHostAccess,
	"C-0041": RiskFactorHostAccess,
	"C-0044": RiskFactorHostAccess,
	"C-0048": RiskFactorHostAccess,
}

Functions

func GetControlIDsByRiskFactors added in v0.0.284

func GetControlIDsByRiskFactors(riskFactorsStr string) []string

func GetInClusterSupportedNamespaces added in v0.0.114

func GetInClusterSupportedNamespaces() []string

func MockPortalDesignator

func MockPortalDesignator() *identifiers.PortalDesignator

func ValidateContainerScanID added in v0.0.193

func ValidateContainerScanID(containerScanID string) bool

Types

type AWSImageRegistry added in v0.0.459

type AWSImageRegistry struct {
	BaseContainerImageRegistry `json:",inline"`
	Registry                   string `json:"registry"`
	RegistryRegion             string `json:"registryRegion"`
	AccessKeyID                string `json:"accessKeyID,omitempty"`
	SecretAccessKey            string `json:"secretAccessKey,omitempty"`
	RoleARN                    string `json:"roleARN,omitempty"`
}

func (*AWSImageRegistry) ExtractSecret added in v0.0.459

func (aws *AWSImageRegistry) ExtractSecret() interface{}

func (*AWSImageRegistry) FillSecret added in v0.0.459

func (aws *AWSImageRegistry) FillSecret(value interface{}) error

func (*AWSImageRegistry) GetBase added in v0.0.459

func (*AWSImageRegistry) MaskSecret added in v0.0.459

func (aws *AWSImageRegistry) MaskSecret()

func (*AWSImageRegistry) SetBase added in v0.0.460

func (aws *AWSImageRegistry) SetBase(base *BaseContainerImageRegistry)

func (*AWSImageRegistry) Validate added in v0.0.459

func (aws *AWSImageRegistry) Validate() error

type AdmissionAlert added in v0.0.423

type AdmissionAlert struct {
	Kind             schema.GroupVersionKind     `json:"kind,omitempty" bson:"kind,omitempty"`
	RequestNamespace string                      `json:"requestNamespace,omitempty" bson:"requestNamespace,omitempty"`
	ObjectName       string                      `json:"objectName,omitempty" bson:"objectName,omitempty"`
	Resource         schema.GroupVersionResource `json:"resource,omitempty" bson:"resource,omitempty"`
	Subresource      string                      `json:"subresource,omitempty" bson:"subresource,omitempty"`
	Operation        admission.Operation         `json:"operation,omitempty" bson:"operation,omitempty"`
	Options          *unstructured.Unstructured  `json:"options,omitempty" bson:"options,omitempty"`
	DryRun           bool                        `json:"dryRun,omitempty" bson:"dryRun,omitempty"`
	Object           *unstructured.Unstructured  `json:"object,omitempty" bson:"object,omitempty"`
	OldObject        *unstructured.Unstructured  `json:"oldObject,omitempty" bson:"oldObject,omitempty"`
	UserInfo         *user.DefaultInfo           `json:"userInfo,omitempty" bson:"userInfo,omitempty"`
}

type Alert2Channel

type Alert2Channel struct {
	Critical []SlackChannel `json:"criticalChannels,omitempty" bson:"criticalChannels,omitempty"`
	Error    []SlackChannel `json:"errorChannels,omitempty" bson:"errorChannels,omitempty"`
	Info     []SlackChannel `json:"infoChannels,omitempty" bson:"infoChannels,omitempty"`
}

type AlertType added in v0.0.367

type AlertType int
const (
	AlertTypeRule AlertType = iota
	AlertTypeMalware
	AlertTypeAdmission
)

type ApprovementState

type ApprovementState struct {
	UpdateAuditEntry `json:",inline"`
	Status           ApprovementStatus `json:"status"`
}

type ApprovementStatus

type ApprovementStatus int
const (
	ApprovementStatusApprove ApprovementStatus = iota + 1
	ApprovementStatusDecline
	ApprovementStatusPending
)

type AssociationStatus

type AssociationStatus int
const (
	AssociationStatusAssigned AssociationStatus = iota + 1
	AssociationStatusShown
	AssociationStatusDeclineByUser
	AssociationStatusHandled // the user took this recommendation into account
	AssociationStatusFixed   // the user fixed the issue in some another way
)

type AttackChain added in v0.0.203

type AttackChain struct {
	AttackChainNodes AttackChainNode `json:"attackChainNodes,omitempty" bson:"attackChainNodes,omitempty"`
	AttackChainConfig
}

type AttackChainConfig added in v0.0.210

type AttackChainConfig struct {
	PortalBase       `json:",inline" bson:",inline"`
	Resource         identifiers.PortalDesignator `json:"resource,omitempty" bson:"resource,omitempty"`
	Description      string                       `json:"description,omitempty" bson:"description,omitempty"`
	CreationTime     string                       `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	AttackChainID    string                       `json:"attackChainID,omitempty" bson:"attackChainID,omitempty"` // name/cluster/resourceID
	ClusterName      string                       `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	CustomerGUID     string                       `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"`
	LatestReportGUID string                       `json:"latestReportGUID,omitempty" bson:"latestReportGUID,omitempty"` // latest reportGUID in which this attack chain was identified
	UIStatus         *AttackChainUIStatus         `json:"uiStatus,omitempty" bson:"uiStatus,omitempty"`
	Status           AttackChainStatus            `json:"status,omitempty" bson:"status,omitempty"` // "active"/ "fixed"
	IsInternetFacing *bool                        `json:"isInternetFacing,omitempty" bson:"isInternetFacing,omitempty"`
}

type AttackChainNode added in v0.0.203

type AttackChainNode struct {
	Name                           string            `json:"name" bson:"name,omitempty"`
	Description                    string            `json:"description" bson:"description,omitempty"`
	ControlIDs                     []string          `json:"controlIDs,omitempty" bson:"controlIDs,omitempty"` // failed/ignored controls that are associated to this attack chain node
	Vulnerabilities                []Vulnerabilities `json:"vulnerabilities,omitempty" bson:"vulnerabilities,omitempty"`
	RelatedResources               []RelatedResource `json:"relatedResources" bson:"relatedResources,omitempty"`
	NextNodes                      []AttackChainNode `json:"nextNodes,omitempty" bson:"nextNodes,omitempty"`
	FlattenRelatedResourcesDisplay bool              `json:"flattenRelatedResourcesDisplay,omitempty" bson:"flattenRelatedResourcesDisplay,omitempty"`
}

func (*AttackChainNode) Equals added in v0.0.248

func (a *AttackChainNode) Equals(b *AttackChainNode) bool

func (*AttackChainNode) GetControlIDsFromAllNodes added in v0.0.241

func (attackChainNode *AttackChainNode) GetControlIDsFromAllNodes(controlIDs []string) []string

GetControlIDsFromAllNodes is a recursive func that returns a list of controlIDs from all nodes in the attack chain

type AttackChainStatus added in v0.0.203

type AttackChainStatus string

type AttackChainUIStatus added in v0.0.203

type AttackChainUIStatus struct {
	// fields updated by the BE
	FirstSeen string `json:"firstSeen,omitempty" bson:"firstSeen,omitempty"` // timestamp of first scan in which the attack chain was identified
	// fields updated by the UI
	ViewedMainScreen string `json:"viewedMainScreen,omitempty" bson:"viewedMainScreen,omitempty"` // if the attack chain was viewed by the user// New badge
	ProcessingStatus string `json:"processingStatus,omitempty" bson:"processingStatus,omitempty"` // "processing"/ "done"
}

struct for UI support. All strings are timestamps

type AuthMethod added in v0.0.125

type AuthMethod struct {
	Username string `json:"username,omitempty" bson:"username"`
	Password string `json:"password,omitempty" bson:"password"`
	Type     string `json:"type,omitempty" bson:"type"`
}

type AzureImageRegistry added in v0.0.459

type AzureImageRegistry struct {
	BaseContainerImageRegistry `json:",inline"`
	LoginServer                string `json:"loginServer"`
	Username                   string `json:"username"`
	AccessToken                string `json:"accessToken,omitempty"`
}

func (*AzureImageRegistry) ExtractSecret added in v0.0.459

func (azure *AzureImageRegistry) ExtractSecret() interface{}

func (*AzureImageRegistry) FillSecret added in v0.0.459

func (azure *AzureImageRegistry) FillSecret(value interface{}) error

func (*AzureImageRegistry) GetBase added in v0.0.459

func (*AzureImageRegistry) MaskSecret added in v0.0.459

func (azure *AzureImageRegistry) MaskSecret()

func (*AzureImageRegistry) SetBase added in v0.0.460

func (azure *AzureImageRegistry) SetBase(base *BaseContainerImageRegistry)

func (*AzureImageRegistry) Validate added in v0.0.459

func (azure *AzureImageRegistry) Validate() error
type Banner struct {
	CustomerGUID string `json:"customerGUID,omitempty" bson:"customerGUID,omitempty"` // customerGUID of the account which clicked the banner
	ScanID       string `json:"scanID,omitempty" bson:"scanID,omitempty"`             // for detailed view, unique key for banner is combination of scanID and bannerID
}

type BaseContainerImageRegistry added in v0.0.449

type BaseContainerImageRegistry struct {
	PortalBase    `json:",inline" bson:"inline"`
	Provider      RegistryProvider `json:"provider" bson:"provider"`
	ClusterName   string           `json:"clusterName" bson:"clusterName"`
	Repositories  []string         `json:"repositories" bson:"repositories"`
	LastScan      *time.Time       `json:"lastScan,omitempty" bson:"lastScan,omitempty"`
	ScanFrequency string           `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
	ResourceName  string           `json:"resourceName,omitempty" bson:"resourceName,omitempty"`
	AuthID        string           `json:"authID,omitempty" bson:"authID"`
	Status        RegistryStatus   `json:"status,omitempty" bson:"status"`
	StatusMessage string           `json:"statusMessage,omitempty" bson:"statusMessage"`
}

func (*BaseContainerImageRegistry) ValidateBase added in v0.0.459

func (base *BaseContainerImageRegistry) ValidateBase() error

type BaseExceptionPolicy added in v0.0.334

type BaseExceptionPolicy struct {
	PortalBase `json:",inline" bson:"inline"`
	PolicyType PolicyType `json:"policyType,omitempty" bson:"policyType,omitempty"`

	// IDs of the policies (SecurityRiskID, ControlID, etc.)
	PolicyIDs      []string                       `json:"policyIDs,omitempty" bson:"policyIDs,omitempty"`
	CreationTime   string                         `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	Reason         string                         `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate *time.Time                     `json:"expirationDate,omitempty" bson:"expirationDate,omitempty"`
	CreatedBy      string                         `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
	Resources      []identifiers.PortalDesignator `json:"resources,omitempty" bson:"resources,omitempty"`
}

type BaseImage added in v0.0.424

type BaseImage struct {
	DisplayName          string       `json:"displayName"`
	Command              string       `json:"command"`
	Size                 uint64       `json:"size"`
	HighestSeverityFound string       `json:"highestSeverityFound,omitempty"`
	Layers               []ImageLayer `json:"layers,omitempty"`
}

type BaseRuntimeAlert added in v0.0.367

type BaseRuntimeAlert struct {
	// AlertName is either RuleName or MalwareName
	AlertName string `json:"alertName,omitempty" bson:"name,omitempty"`
	// Arguments of specific alerts (e.g. for unexpected files: open file flags; for unexpected process: return code)
	Arguments map[string]interface{} `json:"arguments,omitempty" bson:"arguments,omitempty"`
	// Infected process id
	InfectedPID uint32 `json:"infectedPID,omitempty" bson:"infectedPID,omitempty"`
	// Process tree unique id
	ProcessTreeUniqueID uint32 `json:"processTreeUniqueID,omitempty" bson:"processTreeUniqueID,omitempty"`
	// Fix suggestions
	FixSuggestions string `json:"fixSuggestions,omitempty" bson:"fixSuggestions,omitempty"`
	// MD5 hash of the file that was infected
	MD5Hash string `json:"md5Hash,omitempty" bson:"md5Hash,omitempty"`
	// SHA1 hash of the file that was infected
	SHA1Hash string `json:"sha1Hash,omitempty" bson:"sha1Hash,omitempty"`
	// SHA256 hash of the file that was infected
	SHA256Hash string `json:"sha256Hash,omitempty" bson:"sha256Hash,omitempty"`
	// Severity of the alert
	Severity int `json:"severity,omitempty" bson:"severity,omitempty"`
	// Size of the file that was infected
	Size string `json:"size,omitempty" bson:"size,omitempty"`
	// Timestamp of the alert
	Timestamp time.Time `json:"timestamp" bson:"timestamp"`
	// Nanoseconds of the alert
	Nanoseconds uint64 `json:"nanoseconds,omitempty" bson:"nanoseconds,omitempty"`
	// Trace of the alert
	Trace Trace `json:"trace,omitempty" bson:"trace,omitempty"`
}

type CAContainerMetrics added in v0.0.249

type CAContainerMetrics struct {
	core.Container    `json:",inline"`
	CAIntegrityStatus int `json:"caIntegrityStatus"`
}

CAContainerMetrics holds data of single container which runs in multiple pods

type CAK8SMeta added in v0.0.249

type CAK8SMeta struct {
	CustomerGUID   string    `json:"customerGUID"`
	CAClusterName  string    `json:"caClusterName,omitempty"`
	LastUpdateTime time.Time `json:"caLastUpdate"`
	IsActive       bool      `json:"isActive"`
}

CAK8SMeta holds common metadata about k8s objects

type CAMicroserviceOverview added in v0.0.249

type CAMicroserviceOverview struct {
	CAMicroserviceOverviewMetadata `json:",inline"`
}

CAMicroserviceOverview represnets it's name

type CAMicroserviceOverviewMetadata added in v0.0.249

type CAMicroserviceOverviewMetadata struct {
	CAK8SMeta     `json:",inline"`
	WLID          string   `json:"wlid"`
	Datacenter    string   `json:"datacenter,omitempty"`
	OVNamespace   string   `json:"namespace,omitempty"`
	Project       string   `json:"project,omitempty"`
	Orchestrator  string   `json:"orchestrator"`
	Kind          string   `json:"kind"`
	OperationType string   `json:"operationType"`
	OVName        string   `json:"name"`
	Categories    []string `json:"categories"`
	DisplayName   string   `json:"displayName,omitempty"`
	CloudProvider string   `json:"cloudProvider"`
}

CAMicroserviceOverviewMetadata represnets it's name

type CisaKevInfo added in v0.0.281

type CisaKevInfo struct {
	DateAdded                  string `json:"dateAdded" bson:"dateAdded"`
	DueDate                    string `json:"dueDate" bson:"dueDate"`
	KnownRansomwareCampaignUse string `json:"knownRansomwareCampaignUse" bson:"knownRansomwareCampaignUse"`
	Notes                      string `json:"notes" bson:"notes"`
}

type CloudMetadata added in v0.0.469

type CloudMetadata struct {
	Provider     Provider `json:"provider,omitempty" bson:"provider,omitempty"`
	InstanceID   string   `json:"instance_id,omitempty" bson:"instance_id,omitempty"`
	InstanceType string   `json:"instance_type,omitempty" bson:"instance_type,omitempty"`
	Region       string   `json:"region,omitempty" bson:"region,omitempty"`
	Zone         string   `json:"zone,omitempty" bson:"zone,omitempty"`
	PrivateIP    string   `json:"private_ip,omitempty" bson:"private_ip,omitempty"`
	PublicIP     string   `json:"public_ip,omitempty" bson:"public_ip,omitempty"`
	Hostname     string   `json:"hostname,omitempty" bson:"hostname,omitempty"`
	AccountID    string   `json:"account_id,omitempty" bson:"account_id,omitempty"`
}

type ClusterAttackChainState added in v0.0.251

type ClusterAttackChainState struct {
	PortalBase               `json:",inline" bson:"inline"`
	CreationTime             string `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	ClusterName              string `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	LastPostureScanTriggered string `json:"lastPostureScanTriggered,omitempty" bson:"lastPostureScanTriggered,omitempty"`
	LastTimeEngineCompleted  string `json:"lastTimeEngineCompleted,omitempty" bson:"lastTimeEngineCompleted,omitempty"`
}

type CommonSummaryFields

type CommonSummaryFields struct {
	// The unique id of the report this summary belongs to
	ReportID GUID `json:"reportGUID"`

	// The designators of this summary
	Designators *identifiers.PortalDesignator `json:"designators"`

	// Time of the scan that produced this summary
	Timestamp time.Time `json:"timestamp"`

	// swagger:ignore
	// Indication if this summary is marked for deletetion
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

swagger:model

type ComponentPathInfo added in v0.0.283

type ComponentPathInfo struct {
	ContainerPathInfo
	ImageTag   string   `json:"imageTag"`
	ImageHash  string   `json:"imageHash"`
	IsRelevant string   `json:"isRelevant"`
	Paths      []string `json:"paths"`
}

type ComponentSummary added in v0.0.293

type ComponentSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Name            string              `json:"name"`
	Version         string              `json:"version"`
	PackageType     string              `json:"packageType"`
	Paths           []string            `json:"paths"`
	FixVersions     []string            `json:"fixVersions"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ImagesCount     int                 `json:"imagesCount"`
	SeverityStats   map[string][]string `json:"severityStats"`
	Tickets         []Ticket            `json:"tickets,omitempty"`
}

type ConnectedStatus added in v0.0.270

type ConnectedStatus string
const (
	Connected    ConnectedStatus = "connected"
	Disconnected ConnectedStatus = "disconnected"
)

type ContainerImageRegistry added in v0.0.459

type ContainerImageRegistry interface {
	MaskSecret()
	ExtractSecret() interface{}
	FillSecret(interface{}) error
	GetBase() *BaseContainerImageRegistry
	SetBase(*BaseContainerImageRegistry)
	Validate() error
}

func UnmarshalRegistry added in v0.0.459

func UnmarshalRegistry(payload []byte) (ContainerImageRegistry, error)

type ContainerPathInfo added in v0.0.283

type ContainerPathInfo struct {
	NameSpace        string `json:"namespace"`
	WorkloadName     string `json:"workloadName"`
	ContainerName    string `json:"containerName"`
	WorkloadKind     string `json:"workloadKind"`
	WorkloadHash     string `json:"workloadHash"`
	WLID             string `json:"wlid"`
	ClusterName      string `json:"clusterName"`
	ClusterShortName string `json:"clusterShortName"`
}

type ContainerStatus added in v0.0.418

type ContainerStatus struct {
	CustomerGUID string `json:"customerGUID"`
	ClusterName  string `json:"clusterName"`

	ResourceHash  string        `json:"resourceHash"`
	Name          string        `json:"name"`          // container name
	ContainerType ContainerType `json:"containerType"` // initcontainer, container, ephemeralcontainer

	Architectures []string `json:"architectures"` // architectures of the container
	WorkloadName  string   `json:"workloadName"`  // name of the workload
	Kind          string   `json:"kind"`          // kind of the workload
	Namespace     string   `json:"namespace"`     // namespace of the workload

	// seccomp related fields (coming from ApplicationProfile)
	// IsSeccompConfiguredWorkloadLevel  *bool    `json:"isSeccompConfiguredWorkloadLevel"` // if nil, seccomp is not configured
	IsSeccompConfiguredDefaultRuntime *bool    `json:"isSeccompConfiguredDefaultRuntime"` // if nil, seccomp is not configured
	SeccompConfiguredLocalhostProfile string   `json:"seccompConfiguredLocalhostProfile"`
	SeccompConfiguredSyscalls         []string `json:"seccompConfiguredSyscalls"`
	SeccompConfiguredArchitectures    []string `json:"seccompConfiguredArchitectures"`
	SyscallsUsed                      []string `json:"syscallsUsed"`

	ApplicationProfileLastUpdated  *time.Time `json:"applicationProfileLastUpdated"`  // last updated time of applicationProfile
	ApplicationProfileResourceHash string     `json:"applicationProfileResourceHash"` // resource hash of applicationProfile

}

type ContainerSummary added in v0.0.249

type ContainerSummary struct {
	Name         string  `json:"name"`
	Image        string  `json:"image"`
	IsPrivileged bool    `json:"root"`
	Probes       []Probe `json:"probes,omitempty"`
	Limitations  `json:"limitations,omitempty"`
}

ContainerSummary - a must have summarized info of containers

type ContainerType added in v0.0.418

type ContainerType string
const (
	InitContainer      ContainerType = "initcontainer"
	Container          ContainerType = "container"
	EphemeralContainer ContainerType = "ephemeralcontainer"
)

type ContainersStatusData added in v0.0.249

type ContainersStatusData map[string]map[string]string

ContainersStatusData holds the status of containers in runtime. This including the docker image tag + image hash

func (*ContainersStatusData) GetContainerImageDetails added in v0.0.249

func (contsImages *ContainersStatusData) GetContainerImageDetails(contName string) (string, string, error)

GetContainerImageDetails extract the docker image details of specific container in list

type ControlInfo

type ControlInfo struct {

	// ID of the control
	// Example: C-0034
	ID string `json:"id"`

	Name string `json:"name"`

	// How much this control is critical
	// Example: 6
	BaseScore float32 `json:"baseScore"`

	// How many failed resources for this control
	// Example: 3
	FailedResources int `json:"failedResources"`

	// if True, this control supports smart remediation
	// swagger:ignore
	SupportsSmartRemediation bool `json:"supportsSmartRemediation"` // DEPRECATED

	SmartRemediation bool `json:"smartRemediation"`
}

ControlInfo Basic information about a control

type ControlInputs

type ControlInputs struct {
	Rulename string
	Inputs   []PostureAttributesList // Attribute = input list name, Values = list values
}

type CountFunc added in v0.0.216

type CountFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (uint64, error)

type Cursor added in v0.0.207

type Cursor struct {
	Id        string    `json:"id,omitempty"`
	KeepAlive *Duration `json:"keepAlive,omitempty"`
}

type CustomerAccessStatus added in v0.0.170

type CustomerAccessStatus string
const (
	PayingCustomer  CustomerAccessStatus = "paying"
	FreeCustomer    CustomerAccessStatus = "free"
	TrialCustomer   CustomerAccessStatus = "trial"
	BlockedCustomer CustomerAccessStatus = "blocked"
	LimitedCustomer CustomerAccessStatus = "limited"
)

type CustomerConfig

type CustomerConfig struct {
	Name       string                       `json:"name" bson:"name"`
	Attributes map[string]interface{}       `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	Scope      identifiers.PortalDesignator `json:"scope" bson:"scope"`
	Settings   Settings                     `json:"settings" bson:"settings"`
}

func MockCustomerConfig

func MockCustomerConfig() *CustomerConfig

type CustomerOnboarding added in v0.0.143

type CustomerOnboarding struct {
	Completed   *bool    `json:"completed,omitempty" bson:"completed,omitempty"`     // user completed the onboarding
	CompanySize *string  `json:"companySize,omitempty" bson:"companySize,omitempty"` // user company size
	Role        *string  `json:"role,omitempty" bson:"role,omitempty"`               // user role
	OrgName     *string  `json:"orgName,omitempty" bson:"orgName,omitempty"`         // user organization name
	Interests   []string `json:"interests,omitempty" bson:"interests,omitempty"`     // user interests
}

type CustomerState added in v0.0.143

type CustomerState struct {
	Onboarding           *CustomerOnboarding      `json:"onboarding,omitempty" bson:"onboarding,omitempty"`
	GettingStarted       *GettingStartedChecklist `json:"gettingStarted,omitempty" bson:"gettingStarted,omitempty"`
	NodeUsage            *NodeUsage               `json:"nodeUsage,omitempty" bson:"nodeUsage,omitempty"`
	AttackChainsLastScan string                   `json:"attackChainsLastScan,omitempty" bson:"attackChainsLastScan,omitempty"`
}

CustomerState holds the state of the customer, used for UI purposes

type Cvss added in v0.0.290

type Cvss struct {
	Vector              string                 `json:"vector"`
	Version             string                 `json:"version"`
	Source              string                 `json:"source"`
	BaseScore           float64                `json:"baseScore"`
	ExploitabiltiyScore float64                `json:"exploitabilityScore"`
	ImpactScore         float64                `json:"impactScore"`
	ExploitabilityInfo  CvssExploitabilityInfo `json:"exploitabilityInfo"`
	ImpactInfo          CvssImpactInfo         `json:"impactInfo"`
}

type CvssExploitabilityInfo added in v0.0.283

type CvssExploitabilityInfo struct {
	AttackVector       string `json:"attackVector,omitempty"`
	AccessVector       string `json:"accessVector,omitempty"`
	AttackComplexity   string `json:"attackComplexity,omitempty"`
	AccessComplexity   string `json:"accessComplexity,omitempty"`
	Authentication     string `json:"authentication,omitempty"`
	PrivilegesRequired string `json:"privilegesRequired,omitempty"`
	UserInteraction    string `json:"userInteraction,omitempty"`
	Scope              string `json:"scope,omitempty"`
}

type CvssImpactInfo added in v0.0.283

type CvssImpactInfo struct {
	Confidentiality string `json:"confidentiality,omitempty"`
	Integrity       string `json:"integrity,omitempty"`
	Availability    string `json:"availability,omitempty"`
}

type CvssInfo added in v0.0.283

type CvssInfo struct {
	BaseScore    float64 `json:"baseScore" bson:"baseScore"`
	ScoreVersion string  `json:"scoreVersion" bson:"scoreVersion"`
	Severity     string  `json:"severity" bson:"severity"`
	CVSS         []Cvss  `json:"cvss" bson:"cvss"`
}

type DataType added in v0.0.201

type DataType string

type DeleteCountResponse added in v0.0.272

type DeleteCountResponse struct {
	DeletedCount int64 `json:"deletedCount"`
}

type Duration added in v0.0.207

type Duration time.Duration

func (Duration) IsValid added in v0.0.207

func (d Duration) IsValid() bool

func (Duration) MarshalJSON added in v0.0.207

func (d Duration) MarshalJSON() ([]byte, error)

func (*Duration) SetDuration added in v0.0.207

func (d *Duration) SetDuration(duration time.Duration)

func (Duration) String added in v0.0.207

func (d Duration) String() string

func (*Duration) UnmarshalJSON added in v0.0.207

func (d *Duration) UnmarshalJSON(b []byte) error

type EnforcmentsRule

type EnforcmentsRule struct {
	MonitoredObject          []string `json:"monitoredObject"`
	MonitoredObjectExistence []string `json:"objectExistence"`
	MonitoredObjectEvent     []string `json:"event"`
	Action                   []string `json:"action"`
}

type EpssInfo added in v0.0.281

type EpssInfo struct {
	Epss       float64 `json:"epss" bson:"epss"`
	Percentile float64 `json:"percentile" bson:"percentile"`
	Date       string  `json:"date" bson:"date"`
}

type ExecutionPolicy

type ExecutionPolicy struct {
	PortalBase                `json:",inline"`
	Designators               []identifiers.PortalDesignator `json:"designators"`
	PolicyType                string                         `json:"policyType"`
	CreationTime              string                         `json:"creation_time"`
	ExecutionEnforcmentsRules []EnforcmentsRule              `json:"enforcementRules"`
}

type Filters added in v0.0.207

type Filters struct {
	InstanceIDField  string
	ClusterNameField string
	NamespaceField   string
	WlidField        string
	KindField        string
	NameField        string
	RegistryField    string
	RepositoryField  string
	TagField         string
}

type FixPath

type FixPath struct {
	Path  string `json:"path"`
	Value string `json:"value"`
}

type GUID

type GUID string

swagger:strfmt uuid4 Example: 0f42fbe3-d81e-444d-8cc7-bc892c7623e9

type GenericCRD added in v0.0.399

type GenericCRD[T any] struct {
	Kind       string   `json:"kind"`
	ApiVersion string   `json:"apiVersion"`
	Metadata   Metadata `json:"metadata"`
	Spec       T        `json:"spec"`
}

type GettingStartedChecklist added in v0.0.143

type GettingStartedChecklist struct {
	// indicates if the user has dismissed the checklist
	GettingStartedDismissed *bool `json:"gettingStartedDismissed,omitempty" bson:"gettingStartedDismissed,omitempty"`
	// checklist items
	EverConnectedCluster   *bool `json:"everConnectedCluster,omitempty" bson:"everConnectedCluster,omitempty"`
	EverScannedRepository  *bool `json:"everScannedRepository,omitempty" bson:"everScannedRepository,omitempty"`
	EverScannedRegistry    *bool `json:"everScannedRegistry,omitempty" bson:"everScannedRegistry,omitempty"`
	EverCollaborated       *bool `json:"everCollaborated,omitempty" bson:"everCollaborated,omitempty"` // TODO - deprecated, replaced by EverConnectedTicketing + EverConnectedAlerting
	EverInvitedTeammate    *bool `json:"everInvitedTeammate,omitempty" bson:"everInvitedTeammate,omitempty"`
	EverUsedRbacVisualizer *bool `json:"everUsedRbacVisualizer,omitempty" bson:"everUsedRbacVisualizer,omitempty"`
	EverConnectedTicketing *bool `json:"everConnectedTicketing,omitempty" bson:"everConnectedTicketing,omitempty"`
	EverConnectedAlerting  *bool `json:"everConnectedAlerting,omitempty" bson:"everConnectedAlerting,omitempty"`
}

type GoogleImageRegistry added in v0.0.459

type GoogleImageRegistry struct {
	BaseContainerImageRegistry `json:",inline"`
	RegistryURI                string `json:"registryURI"`
}

func (*GoogleImageRegistry) ExtractSecret added in v0.0.459

func (google *GoogleImageRegistry) ExtractSecret() interface{}

func (*GoogleImageRegistry) FillSecret added in v0.0.459

func (google *GoogleImageRegistry) FillSecret(value interface{}) error

func (*GoogleImageRegistry) GetBase added in v0.0.459

func (*GoogleImageRegistry) MaskSecret added in v0.0.459

func (google *GoogleImageRegistry) MaskSecret()

func (*GoogleImageRegistry) SetBase added in v0.0.460

func (google *GoogleImageRegistry) SetBase(base *BaseContainerImageRegistry)

func (*GoogleImageRegistry) Validate added in v0.0.459

func (google *GoogleImageRegistry) Validate() error

type HarborImageRegistry added in v0.0.449

type HarborImageRegistry struct {
	BaseContainerImageRegistry `json:",inline"`
	InstanceURL                string `json:"instanceURL"`
	Username                   string `json:"username"`
	Password                   string `json:"password,omitempty"`
}

func (*HarborImageRegistry) ExtractSecret added in v0.0.459

func (harbor *HarborImageRegistry) ExtractSecret() interface{}

func (*HarborImageRegistry) FillSecret added in v0.0.459

func (harbor *HarborImageRegistry) FillSecret(value interface{}) error

func (*HarborImageRegistry) GetBase added in v0.0.459

func (*HarborImageRegistry) MaskSecret added in v0.0.459

func (harbor *HarborImageRegistry) MaskSecret()

func (*HarborImageRegistry) SetBase added in v0.0.460

func (harbor *HarborImageRegistry) SetBase(base *BaseContainerImageRegistry)

func (*HarborImageRegistry) Validate added in v0.0.459

func (harbor *HarborImageRegistry) Validate() error

type HighlightsByControl

type HighlightsByControl struct {
	ControlID   string    `json:"controlID"`
	Highlights  []string  `json:"highlights"` // TODO: deprecate (failedPath)
	ReviewPaths []string  `json:"reviewPaths"`
	DeletePaths []string  `json:"deletePaths"`
	FixPaths    []FixPath `json:"fixPaths"`
	FixCommand  string    `json:"fixCommand"`
}

type ISecurityIssue added in v0.0.325

type ISecurityIssue interface {
	GetClusterName() string
	GetShortClusterName() string
	SetClusterName(string)
	SetShortClusterName(string)
	GetK8sResourceHash() string
	SetTickets([]Ticket)
}

type IgnoreRuleSummary added in v0.0.304

type IgnoreRuleSummary struct {
	NumberOfSystemRules int      `json:"numberOfSystemRules"`
	IgnoreRulesIDs      []string `json:"ignoreRulesIDs"`
}

type IgnoreRuleUserInputMessage added in v0.0.435

type IgnoreRuleUserInputMessage struct {
	PolicyType PolicyType      `json:"policyType"`
	NewData    json.RawMessage `json:"newData"`
	OldData    json.RawMessage `json:"oldData"`
}

type ImageLayer added in v0.0.420

type ImageLayer struct {
	Order                int    `json:"order"`
	Hash                 string `json:"hash,omitempty"`
	Command              string `json:"command"`
	Size                 uint64 `json:"size"`
	HighestSeverityFound string `json:"highestSeverityFound,omitempty"`
}

type ImageSummary added in v0.0.298

type ImageSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Tag             string              `json:"tag"`
	Digest          string              `json:"digest"`
	Registry        string              `json:"registry"`
	Repository      string              `json:"repository"`
	Architecture    string              `json:"architecture"`
	OS              string              `json:"os"`
	Size            uint64              `json:"size"`
	BaseImage       string              `json:"baseImage"`
	LastScanTime    time.Time           `json:"lastScanTime"`
	Clusters        []string            `json:"clusters"`
	Namespaces      []string            `json:"namespaces"`
	Workloads       []string            `json:"workloads"`
	Kinds           []string            `json:"kinds"`
	Containers      []string            `json:"containers"`
	SeverityStats   map[string][]string `json:"severityStats"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ContainersCount int                 `json:"containersCount"`
	Tickets         []Ticket            `json:"tickets,omitempty"`
}

type InstallationData added in v0.0.191

type InstallationData struct {
	ClusterName                               string                                    `json:"clusterName,omitempty" bson:"clusterName,omitempty"`                                                             // cluster name defined manually or from the cluster context
	ClusterShortName                          string                                    `json:"clusterShortName,omitempty" bson:"clusterShortName,omitempty"`                                                   // cluster short name enriched from the cluster name by BE
	StorageEnabled                            *bool                                     `json:"storage,omitempty" bson:"storage,omitempty"`                                                                     // storage configuration (enabled/disabled)
	RelevantImageVulnerabilitiesEnabled       *bool                                     `json:"relevantImageVulnerabilitiesEnabled,omitempty" bson:"relevantImageVulnerabilitiesEnabled,omitempty"`             // relevancy actual state (enabled/disabled)
	RelevantImageVulnerabilitiesConfiguration RelevantImageVulnerabilitiesConfiguration `json:"relevantImageVulnerabilitiesConfiguration,omitempty" bson:"relevantImageVulnerabilitiesConfiguration,omitempty"` // relevancy configuration defined user
	Namespace                                 string                                    `json:"namespace,omitempty" bson:"namespace,omitempty"`                                                                 // namespace to deploy the components
	ImageVulnerabilitiesScanningEnabled       *bool                                     `json:"imageVulnerabilitiesScanningEnabled,omitempty" bson:"imageVulnerabilitiesScanningEnabled,omitempty"`             // image scanning configuration (enabled/disabled)
	PostureScanEnabled                        *bool                                     `json:"postureScanEnabled,omitempty" bson:"postureScanEnabled,omitempty"`                                               // posture configuration (enabled/disabled)
	OtelCollectorEnabled                      *bool                                     `json:"otelCollector,omitempty" bson:"otelCollector,omitempty"`                                                         // otel collector configuration (enabled/disabled)
	ClusterProvider                           string                                    `json:"clusterProvider,omitempty" bson:"clusterProvider,omitempty"`                                                     // cluster provider (aws/azure/gcp)
	IncludeNamespaces                         []string                                  `json:"includeNamespaces,omitempty" bson:"includeNamespaces,omitempty"`                                                 // perform scanning only on specific namespaces
	ExcludeNamespaces                         []string                                  `json:"excludeNamespaces,omitempty" bson:"excludeNamespaces,omitempty"`                                                 // fully ignore namespaces
}

type K8SAncestor added in v0.0.249

type K8SAncestor struct {
	Name           string      `json:"name"`
	Kind           string      `json:"kind"`
	FullDeclaraion interface{} `json:"ownerData,omitempty"`
}

K8SAncestor represents the kind of the microservice inside the k8s cluster

type K8SNamespace added in v0.0.249

type K8SNamespace struct {
	CAK8SMeta      `json:",inline"`
	Name           string `json:"name"`
	core.Namespace `json:",inline"`
}

K8SNamespace represents single k8s namespace in cluster

type K8SPodObject added in v0.0.249

type K8SPodObject struct {
	CAK8SMeta         `json:",inline"`
	Name              string      `json:"podName"`
	CreatedAt         time.Time   `json:"startedAt,omitempty"`
	TerminatedAt      *time.Time  `json:"terminatedAt,omitempty"`
	PodIP             string      `json:"podIP"`
	NodeName          string      `json:"nodeName"`
	Namespace         string      `json:"namespace"`
	NominatedNodeName string      `json:"nominatedNodeName"`
	Ancestor          K8SAncestor `json:"uptreeOwner,omitempty"`
	PodSpecID         int64       `json:"podSpecId"`
	PodStatus         string      `json:"podStatus"`
}

K8SPodObject represents actuall pod which run on particular node of the cluster

type KDRMonitoredEntitiesCounters added in v0.0.400

type KDRMonitoredEntitiesCounters struct {
	ClustersCount   int `json:"clustersCount"`
	NodesCount      int `json:"nodesCount"`
	NamespacesCount int `json:"namespacesCount"`
	PodsCount       int `json:"podsCount"`
	ContainersCount int `json:"containersCount"`
}

type KPILogin

type KPILogin struct {
	CustomerGUID string    `json:"tennantGUID"`
	Timestamp    time.Time `json:"timestamp"`
	Username     string    `json:"username"`
	Email        string    `json:"e-mail"`
	IP           string    `json:"IP,omitempty"`
}

type KPIPostureScan

type KPIPostureScan struct {
	Client           string    `json:"client"`
	ClientVersion    string    `json:"clientVersion"`
	Framework        string    `json:"framework"`
	FrameworkVersion string    `json:"frameworkVersion"`
	Timestamp        time.Time `json:"timestamp"`
	Target           string    `json:"target"` //yaml,helm,running - what we actually scanned
	ClientIP         string    `json:"clientIP"`
}

type KubernetesObject added in v0.0.264

type KubernetesObject struct {
	Designators       identifiers.PortalDesignator `json:"designators"`
	ResourceHash      string                       `json:"resourceHash"`
	ResourceObjectRef string                       `json:"resourceObjectRef"`
	ResourceVersion   string                       `json:"resourceVersion"`
	Checksum          string                       `json:"checksum"`
	CreationTimestamp time.Time                    `json:"creationTimestamp"`

	OwnerReferenceName string `json:"ownerReferenceName"`
	OwnerReferenceKind string `json:"ownerReferenceKind"`

	// related only to kubescape DRDs.
	RelatedName            string `json:"relatedName"`
	RelatedKind            string `json:"relatedKind"`
	RelatedAPIGroup        string `json:"relatedAPIGroup"`
	RelatedNamespace       string `json:"relatedNamespace"`
	RelatedAPIVersion      string `json:"relatedAPIVersion"`
	RelatedResourceVersion string `json:"relatedResourceVersion"`
	Status                 string `json:"status"`
	CompletionStatus       string `json:"completionStatus"`

	NetworkPolicyStatus NetworkPolicyStatus `json:"networkPolicyStatus"`

	Labels map[string]string `json:"labels"`

	// used for network policies
	PodSelectorLabels map[string]string `json:"podSelectorLabels"`
}

KubernetesObject represents a single Kubernetes object, either native or kubescape CRD

type LicenseType added in v0.0.154

type LicenseType string
const (
	LicenseTypeFree       LicenseType = "Free"
	LicenseTypeTeam       LicenseType = "Team"
	LicenseTypeEnterprise LicenseType = "Enterprise"
)

type Limitations added in v0.0.249

type Limitations struct {
	CPU    int64 `json:"cpu,omitempty"`
	Memory int64 `json:"memory,omitempty"`
	Disk   int64 `json:"disk,omitempty"`
}

Limitations - container defined limitations

type MalwareAlert added in v0.0.359

type MalwareAlert struct {
	MalwareDescription string `json:"malwareDescription,omitempty" bson:"malwareDescription,omitempty"`
}

type Metadata added in v0.0.410

type Metadata struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

type MicroserviceExtraDetails added in v0.0.249

type MicroserviceExtraDetails struct {
	CAMicroserviceOverviewMetadata `json:",inline"`
	NumOfContainers                int                `json:"NumOfContainers"`
	Labels                         map[string]string  `json:"labels,omitempty"`
	Annotations                    map[string]string  `json:"annotations,omitempty"`
	ContainersSummary              []ContainerSummary `json:"containers"`
	ExternalFacing                 bool               `json:"isExternalFacingMS"`
}

MicroserviceExtraDetails represent an overview of microservice, services, container data and cloud data

type MicroserviceInfo added in v0.0.249

type MicroserviceInfo struct {
	MicroserviceMetadataView `json:",inline"`
	PodSpecID                int64 `json:"podSpecId"` // will be sent from the cluster-agent to reconize this spec
	core.PodSpec             `json:"spec"`
	core.PodStatus           `json:"status" yaml:"status"`
	Containers               []CAContainerMetrics `json:"containers,omitempty"`
	K8SPodObjects            []K8SPodObject       `json:"k8sPodObjects,omitempty"`
	CAStartTime              time.Time            `json:"caStartTime"`
}

MicroserviceInfo single microservice with CA metrics

func (*MicroserviceInfo) GetShortName added in v0.0.249

func (msi *MicroserviceInfo) GetShortName() string

GetShortName returns the last 2 parts of the microservice

type MicroserviceMetadataView added in v0.0.249

type MicroserviceMetadataView struct {
	CAMicroserviceOverviewMetadata
	metav1.ObjectMeta `json:"metadata"`
	Ancestor          K8SAncestor       `json:"uptreeOwner,omitempty"`
	UsageType         string            `json:"usageType,omitempty"`
	Categories        map[string]bool   `json:"categories"`
	CALabels          map[string]string `json:"caLabels"`
}

MicroserviceMetadataView represent the model to return in metadata request

type MissingRuntimeInfoReason added in v0.0.356

type MissingRuntimeInfoReason int
const (
	UnknownReason            MissingRuntimeInfoReason = 0
	RestartRequired          MissingRuntimeInfoReason = 1
	UnscheduledNodeAgentPods MissingRuntimeInfoReason = 2
	IncompatibleKernel       MissingRuntimeInfoReason = 3
	RuncNotFound             MissingRuntimeInfoReason = 4
)

MissingRuntimeInfoReason is used to store the reason why the runtime information is missing

type NetworkPoliciesWorkload added in v0.0.269

type NetworkPoliciesWorkload struct {
	Name                       string                   `json:"name"`
	Kind                       string                   `json:"kind"`
	CustomerGUID               string                   `json:"customerGUID"`
	Namespace                  string                   `json:"namespace"`
	ClusterName                string                   `json:"cluster"`
	ClusterShortName           string                   `json:"clusterShortName"`
	AppliedNetworkPolicyType   string                   `json:"appliedNetworkPolicyType"`
	NetworkPolicyStatus        NetworkPolicyStatus      `json:"networkPolicyStatus"`
	NetworkPolicyStatusMessage string                   `json:"networkPolicyStatusMessage"`
	MissingRuntimeInfoReason   MissingRuntimeInfoReason `json:"missingRuntimeInfoReason"`
}

NetworkPoliciesWorkload is used store information about workloads in the customer's clusters related to the NetworkPolicies feature

type NetworkPolicyStatus added in v0.0.282

type NetworkPolicyStatus int
const (
	MissingRuntimeInfo    NetworkPolicyStatus = 1
	NetworkPolicyRequired NetworkPolicyStatus = 2
	NetworkPolicyApplied  NetworkPolicyStatus = 3
)

type NodeProfile added in v0.0.399

type NodeProfile struct {
	PodStatuses []PodStatus `json:"podStatuses"`

	CurrentState string `json:"currentState"`

	NodeAgentRunning bool `json:"nodeAgentRunning"`

	RuntimeDetectionEnabled bool `json:"runtimeDetectionEnabled"`
}

information of node-agent pod status can be taken from PodStatus table in postgres

type NodeSpec added in v0.0.436

type NodeSpec struct {
	AllocatedCPU *int `json:"allocatedCPU,omitempty"`
}

type NodeStatus added in v0.0.403

type NodeStatus struct {
	CustomerGUID    string `json:"customerGUID"`
	Cluster         string `json:"cluster"`
	Name            string `json:"name"`
	K8sResourceHash string `json:"k8sResourceHash"`
	NodeProfile     `json:",inline"`
	NodeSpec        `json:",inline"`
}

func (*NodeStatus) CountMonitoredContainers added in v0.0.403

func (nc *NodeStatus) CountMonitoredContainers() int

func (*NodeStatus) CountMonitoredNamespaces added in v0.0.403

func (nc *NodeStatus) CountMonitoredNamespaces() int

func (*NodeStatus) CountMonitoredPods added in v0.0.403

func (nc *NodeStatus) CountMonitoredPods() int

func (*NodeStatus) CountRunningPods added in v0.0.403

func (nc *NodeStatus) CountRunningPods() int

func (*NodeStatus) CountRunningPodsContainers added in v0.0.403

func (nc *NodeStatus) CountRunningPodsContainers() int

func (*NodeStatus) GetMonitoredContainers added in v0.0.403

func (nc *NodeStatus) GetMonitoredContainers() map[string][]PodContainer

func (*NodeStatus) GetMonitoredNamespaces added in v0.0.403

func (nc *NodeStatus) GetMonitoredNamespaces() []string

func (*NodeStatus) GetMonitoredPods added in v0.0.403

func (nc *NodeStatus) GetMonitoredPods() []PodStatus

func (*NodeStatus) GetRunningPods added in v0.0.403

func (nc *NodeStatus) GetRunningPods() []PodStatus

func (*NodeStatus) IsKDRMonitored added in v0.0.403

func (nc *NodeStatus) IsKDRMonitored() bool

type NodeUsage added in v0.0.169

type NodeUsage struct {
	// max sum of nodes across all clusters ever scanned on one day
	MaxNodesSumEver int `json:"maxNodesSumEver,omitempty" bson:"maxNodesSumEver,omitempty"`
	// date of MaxNodesSumEver
	MaxNodesSumDate string `json:"maxNodesSumDate,omitempty" bson:"maxNodesSumDate,omitempty"`
}

type Notifications

type Notifications struct {
	PostureScan               []string `json:"postureScan,omitempty" bson:"postureScan,omitempty"` // bad approach kept till i see if can do something with mongo and old data
	PostureScoreAboveLastScan []string `json:"postureScoreAboveLastScan,omitempty" bson:"postureScoreAboveLastScan,omitempty"`

	PostureScanV1              []SlackNotification `json:"postureScanV1" bson:"postureScanV1"`
	PostureScanAboveLastScanV1 []SlackNotification `json:"postureScoreAboveLastScanV1" bson:"postureScoreAboveLastScanV1"`
}

type PaginationCursorFunc added in v0.0.216

type PaginationCursorFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) (*V2ListResponse, error)

PaginationCursorFunc declaring function which returns data ready for pagination by cursor to the next page

type PaginationSearchByScopeFiltersFunc added in v0.0.216

type PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)

type PaginationSearchByScopeFiltersScrollFunc added in v0.0.216

type PaginationSearchByScopeFiltersScrollFunc func(customerGUID string, scopeFilters *QueryScopeParams, paginationObject *V2ListRequest) (*SearchResponse, error)

PaginationSearchByScopeFiltersScrollFunc declaring function which returns data ready for paginationtype PaginationSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *armotypes.QueryScopeParams, paginationObject *armotypes.V2ListRequest) ([]armotypes.RawJSONObject, *ElasticRespTotal, error)

type PaginationSearchFunc added in v0.0.216

type PaginationSearchFunc func(customerGUID, instacnceID string, wlids []string, paginationObject *V2ListRequest) ([]RawJSONObject, *RespTotal, error)

PaginationSearchFunc declaring function which returns data ready for pagination

type PodContainer added in v0.0.399

type PodContainer struct {
	Name                string    `json:"name"`
	Image               string    `json:"image"`
	IsKDRMonitored      bool      `json:"isKDRMonitored"`
	CurrentState        string    `json:"currentState"`
	LastStateExitCode   int       `json:"lastStateExitCode"`
	LastStateFinishedAt time.Time `json:"lastStateFinishedAt"`
	LastStateStartedAt  time.Time `json:"lastStateStartedAt"`
	RestartCount        int       `json:"restartCount"`
}

type PodStatus added in v0.0.352

type PodStatus struct {
	CustomerGUID               string         `json:"customerGUID"`
	Cluster                    string         `json:"cluster"`
	ResourceHash               string         `json:"resourceHash"`
	ResourceVersion            string         `json:"resourceVersion"`
	Name                       string         `json:"name"`
	Namespace                  string         `json:"namespace"`
	NodeName                   string         `json:"nodeName"`
	App                        string         `json:"app"`
	Phase                      string         `json:"phase"`
	CurrentState               string         `json:"currentState"`
	LastStateExitCode          int            `json:"lastStateExitCode"`   // Deprecated, use PodContainer.LastStateExitCode
	LastStateFinishedAt        time.Time      `json:"lastStateFinishedAt"` // Deprecated, use PodContainer.LastStateFinishedAt
	LastStateStartedAt         time.Time      `json:"lastStateStartedAt"`  // Deprecated, use PodContainer.LastStateStartedAt
	LastStateReason            string         `json:"lastStateReason"`
	LastStateMessage           string         `json:"lastStateMessage"`
	LastStateTransitionTime    time.Time      `json:"lastStateTransitionTime"`
	RestartCount               int            `json:"restartCount"` // Deprecated, use PodContainer.RestartCount
	CreationTimestamp          time.Time      `json:"creationTimestamp"`
	Containers                 []PodContainer `json:"containers,omitempty"`
	InitContainers             []PodContainer `json:"initContainers,omitempty"`
	EphemeralContainers        []PodContainer `json:"ephemeralContainers,omitempty"`
	HasFinalApplicationProfile bool           `json:"hasFinalApplicationProfile"`
	HasApplicableRuleBindings  bool           `json:"hasApplicableRuleBindings"`
	HasRelevancyCalculating    bool           `json:"hasRelevancyCalculating"`
	IsKDRMonitored             bool           `json:"isKDRMonitored"`
}

func (*PodStatus) GetMonitoredContainers added in v0.0.399

func (ps *PodStatus) GetMonitoredContainers() []PodContainer

type PolicyType added in v0.0.172

type PolicyType string
const (
	// SecurityRiskPolicy - policy for security risks
	SecurityRiskExceptionPolicyType PolicyType = "securityRiskExceptionPolicy"

	// RuntimeIncidentPolicy - policy for runtime incidents
	RuntimeIncidentExceptionPolicyType PolicyType = "runtimeIncidentExceptionPolicy"
)
const PostureExceptionPolicyType PolicyType = "postureExceptionPolicy"
const VulnerabilityExceptionPolicyType PolicyType = "vulnerabilityExceptionPolicy"

type PortalBase

type PortalBase struct {
	GUID        string                 `json:"guid" bson:"guid"`
	Name        string                 `json:"name" bson:"name"`
	Attributes  map[string]interface{} `json:"attributes,omitempty" bson:"attributes,omitempty"` // could be string
	UpdatedTime string                 `json:"updatedTime,omitempty" bson:"updatedTime,omitempty"`
}

PortalBase holds basic items data from portal BE

func MockPortalBase

func MockPortalBase(customerGUID, name string, attributes map[string]interface{}) *PortalBase

func (*PortalBase) GetAttributes added in v0.0.128

func (p *PortalBase) GetAttributes() map[string]interface{}

func (*PortalBase) GetGUID added in v0.0.128

func (p *PortalBase) GetGUID() string

Getters & Setter used by derived types for interfaces implementation

func (*PortalBase) GetName added in v0.0.128

func (p *PortalBase) GetName() string

func (*PortalBase) GetTimestampFieldName added in v0.0.393

func (p *PortalBase) GetTimestampFieldName() string

func (*PortalBase) GetUpdatedTime added in v0.0.141

func (p *PortalBase) GetUpdatedTime() *time.Time

func (*PortalBase) SetAttributes added in v0.0.128

func (p *PortalBase) SetAttributes(attributes map[string]interface{})

func (*PortalBase) SetGUID added in v0.0.128

func (p *PortalBase) SetGUID(guid string)

func (*PortalBase) SetName added in v0.0.128

func (p *PortalBase) SetName(name string)

func (*PortalBase) SetUpdatedTime added in v0.0.135

func (p *PortalBase) SetUpdatedTime(updatedTime *time.Time)

type PortalCache added in v0.0.201

type PortalCache[T any] struct {
	GUID         string    `json:"guid" bson:"guid"`
	Name         string    `json:"name,omitempty" bson:"name,omitempty"`
	DataType     DataType  `json:"dataType,omitempty" bson:"dataType,omitempty"`
	Data         T         `json:"data,omitempty" bson:"data,omitempty"`
	CreationTime string    `json:"creationTime" bson:"creationTime"`
	UpdatedTime  string    `json:"lastUpdated,omitempty" bson:"lastUpdated,omitempty"`
	ExpiryTime   time.Time `json:"expiryTime,omitempty" bson:"expiryTime,omitempty"`
}

PortalCache is an auxiliary structure to store cache data

func (*PortalCache[T]) GetTimestampFieldName added in v0.0.393

func (c *PortalCache[T]) GetTimestampFieldName() string

func (*PortalCache[T]) SetExpiryTime added in v0.0.201

func (c *PortalCache[T]) SetExpiryTime(expiryTime time.Time)

func (*PortalCache[T]) SetTTL added in v0.0.201

func (c *PortalCache[T]) SetTTL(ttl time.Duration)

type PortalCluster added in v0.0.120

type PortalCluster struct {
	PortalBase       `json:",inline" bson:"inline"`
	SubscriptionDate string            `json:"subscription_date,omitempty" bson:"subscription_date,omitempty"`
	LastLoginDate    string            `json:"last_login_date,omitempty" bson:"last_login_date,omitempty"`
	InstallationData *InstallationData `json:"installationData" bson:"installationData,omitempty"`
}

PortalCluster holds cluster data from portal BE

type PortalRegistryCronJob added in v0.0.132

type PortalRegistryCronJob struct {
	PortalBase      `json:",inline" bson:"inline"`
	RegistryInfo    `json:",inline" bson:"inline"`
	CreationDate    string       `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	ID              string       `json:"id,omitempty" bson:"id,omitempty"`
	ClusterName     string       `json:"clusterName,omitempty" bson:"clusterName,omitempty"`
	CronTabSchedule string       `json:"cronTabSchedule,omitempty" bson:"cronTabSchedule,omitempty"`
	Repositories    []Repository `json:"repositories,omitempty" bson:"repositories,omitempty"`
}

type PortalRepository added in v0.0.128

type PortalRepository struct {
	PortalBase   `json:",inline" bson:"inline"`
	CreationDate string `json:"creationDate,omitempty" bson:"creationDate,omitempty"`
	Provider     string `json:"provider,omitempty" bson:"provider,omitempty"`
	Owner        string `json:"owner,omitempty" bson:"owner,omitempty"`
	RepoName     string `json:"repoName,omitempty" bson:"repoName,omitempty"`
	BranchName   string `json:"branchName,omitempty" bson:"branchName,omitempty"`
}

type PostureAttributesList

type PostureAttributesList struct {
	Attribute string   `json:"attributeName"`
	Values    []string `json:"values"`
}

type PostureClusterOverTime

type PostureClusterOverTime struct {
	Designators  identifiers.PortalDesignator `json:"designators,omitempty"`
	ClusterName  string                       `json:"clusterName"`
	Frameworks   []PostureFrameworkOverTime   `json:"frameworks"`
	DeleteStatus RecordStatus                 `json:"deletionStatus,omitempty"`
}

-------- /api/v1/posture/clustersOvertime response datastructures

type PostureClusterSummary added in v0.0.122

type PostureClusterSummary struct {
	Score           float32                      `json:"score"`
	TotalControls   int                          `json:"totalControls"`
	FailedControls  int                          `json:"failedControls"`
	SkippedControls int                          `json:"skippedControls,omitempty"`
	WarningControls int                          `json:"warningControls,omitempty"` // Deprecated
	ReportID        string                       `json:"reportGUID"`
	Designators     identifiers.PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`

	Frameworks []string `json:"frameworks"`

	// Counters - Failed resources by severity
	CriticalSeverityResources int `json:"criticalSeverityResources"`
	HighSeverityResources     int `json:"highSeverityResources"`
	MediumSeverityResources   int `json:"mediumSeverityResources"`
	LowSeverityResources      int `json:"lowSeverityResources"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int `json:"criticalSeverityControls"`
	HighSeverityControls     int `json:"highSeverityControls"`
	MediumSeverityControls   int `json:"mediumSeverityControls"`
	LowSeverityControls      int `json:"lowSeverityControls"`

	// Counters -  Resources by status
	PassedResources   int `json:"passedResources"`
	FailedResources   int `json:"failedResources"`
	SkippedResources  int `jsons:"skippedResources,omitempty"`
	ExcludedResources int `json:"excludedResources,omitempty"` // Deprecated

	// Metadata
	KubescapeVersion  string `json:"kubescapeVersion"`
	KubernetesVersion string `json:"kubernetesVersion"`
	WorkerNodeCount   int    `json:"workerNodeCount"`
	Location          string `json:"location"`
	CloudProvider     string `json:"cloudProvider"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Names of the cluster
	FullName   string `json:"clusterFullName"`
	ShortName  string `json:"clusterShortName"`
	PrefixName string `json:"clusterPrefixName"`

	//tickets opened for in this cluster
	Tickets []Ticket `json:"tickets,omitempty"`
}

type PostureContainerSummary

type PostureContainerSummary struct {
	ContainerName string `json:"containerName"`
	ImageTag      string `json:"image,omitempty"`
}

type PostureControlSummary

type PostureControlSummary struct {
	Designators                    identifiers.PortalDesignator `json:"designators"`
	ControlID                      string                       `json:"id"` // "C0001"
	ControlGUID                    string                       `json:"guid"`
	Name                           string                       `json:"name"`
	AffectedResourcesCount         int                          `json:"affectedResourcesCount"`
	FailedResourcesCount           int                          `json:"failedResourcesCount"`
	SkippedResourcesCount          int                          `json:"skippedResourcesCount"`
	WarningResourcesCount          int                          `json:"warningResourcesCount"` // Deprecated
	TotalScannedResourcesCount     *int                         `json:"totalScannedResourcesCount"`
	PreviousAffectedResourcesCount int                          `json:"previousAffectedResourcesCount"`
	PreviousFailedResourcesCount   int                          `json:"previousFailedResourcesCount"`
	PreviousSkippedResourcesCount  int                          `json:"previousSkippedResourcesCount"`
	PreviousWarningResourcesCount  int                          `json:"previousWarningResourcesCount"` // Deprecated
	Framework                      string                       `json:"frameworkName"`
	FrameworkSubSectionID          []string                     `json:"frameworkSubsectionID,omitempty"`
	Remediation                    string                       `json:"remediation"`
	Status                         int                          `json:"status"`
	StatusText                     string                       `json:"statusText"`
	SubStatusText                  string                       `json:"subStatusText,omitempty"`
	Description                    string                       `json:"description"`
	Section                        string                       `json:"section"`
	Timestamp                      time.Time                    `json:"timestamp"`
	ReportID                       string                       `json:"reportGUID"`
	DeleteStatus                   RecordStatus                 `json:"deletionStatus,omitempty"`
	Score                          float32                      `json:"score"`
	ComplianceScore                *float32                     `json:"complianceScore"`
	ScoreFactor                    float32                      `json:"baseScore"`
	ScoreWeight                    float32                      `json:"scoreWeight"`
	ARMOImprovement                float32                      `json:"ARMOimprovement"`
	RelevantCloudProvides          []string                     `json:"relevantCloudProvides"`
	ControlInputs                  []ControlInputs              `json:"controlInputs"`
	IsLastScan                     int                          `json:"isLastScan"`
	HighlightPathsCount            int64                        `json:"highlightPathsCount"`
	ClusterShortName               string                       `json:"clusterShortName"`
	// swagger:ignore
	SupportsSmartRemediation bool `json:"supportsSmartRemediation"` // DEPRECATED
	SmartRemediation         bool `json:"smartRemediation"`
	FixByNetworkPolicy       bool `json:"fixByNetworkPolicy"`
	//tickets opened for this control
	Tickets []Ticket `json:"tickets,omitempty"`
}

----/api/v1/posture/controls

type PostureExceptionPolicy

type PostureExceptionPolicy struct {
	PortalBase      `json:",inline" bson:"inline"`
	PolicyType      string                          `json:"policyType,omitempty" bson:"policyType,omitempty"`
	CreationTime    string                          `json:"creationTime,omitempty" bson:"creationTime,omitempty"`
	Actions         []PostureExceptionPolicyActions `json:"actions,omitempty" bson:"actions,omitempty"`
	Resources       []identifiers.PortalDesignator  `json:"resources" bson:"resources,omitempty"`
	PosturePolicies []PosturePolicy                 `json:"posturePolicies,omitempty" bson:"posturePolicies,omitempty"`
	Reason          *string                         `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate  *time.Time                      `json:"expirationDate,omitempty" bson:"expirationDate"`
	CreatedBy       string                          `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func (*PostureExceptionPolicy) IsAlertOnly

func (exceptionPolicy *PostureExceptionPolicy) IsAlertOnly() bool

func (*PostureExceptionPolicy) IsDisable

func (exceptionPolicy *PostureExceptionPolicy) IsDisable() bool

type PostureExceptionPolicyActions

type PostureExceptionPolicyActions string
const AlertOnly PostureExceptionPolicyActions = "alertOnly"
const Disable PostureExceptionPolicyActions = "disable"

type PostureFrameworkOverTime

type PostureFrameworkOverTime struct {
	// "frameworkName": "MITRE",
	//                 "riskScore": 54,
	RiskScore       float32                         `json:"riskScore,omitempty"`
	ComplianceScore float32                         `json:"complianceScore,omitempty"`
	Framework       string                          `json:"frameworkName"`
	Coords          []PostureFrameworkOverTimeCoord `json:"cords"`
}

PostureFrameworkOverTime - the response structure

type PostureFrameworkOverTimeCoord

type PostureFrameworkOverTimeCoord struct {
	ScoreValue      float32   `json:"value,omitempty"`
	ComplianceScore float32   `json:"complianceScore,omitempty"`
	ReportID        string    `json:"reportGUID"`
	Timestamp       time.Time `json:"timestamp"`
}

type PostureFrameworkSubsectionSummary

type PostureFrameworkSubsectionSummary struct {
	// The name (title) of the subsection
	// Example: General Policies
	Name string `json:"name"`

	// The name of the framework this subsection belongs to
	// Example: CIS
	Framework string `json:"framework"`

	// Unique id of the subsection inside its framework
	// Example: 5.7
	ID string `json:"id"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]uint `json:"controlsStats"`
}

type PostureFrameworkSummary

type PostureFrameworkSummary struct {
	Name             string                       `json:"name"`
	TypeTags         []string                     `json:"typeTags"`
	Score            float32                      `json:"value"`
	ComplianceScore  float32                      `json:"complianceScorev1"`
	ImprovementScore float32                      `json:"improvementScore"`
	TotalControls    int                          `json:"totalControls"`
	FailedControls   int                          `json:"failedControls"`
	SkippedControls  int                          `json:"skippedControls,omitempty"`
	WarningControls  int                          `json:"warningControls,omitempty"` // Deprecated
	ReportID         string                       `json:"reportGUID"`
	Designators      identifiers.PortalDesignator `json:"designators"`

	Timestamp    time.Time    `json:"timestamp"`
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

type PostureFrameworksOverTime

type PostureFrameworksOverTime struct {
	ClusterName string `json:"clusterName"`

	ScoreValue float32   `json:"value"`
	ReportID   string    `json:"reportGUID"`
	Timestamp  time.Time `json:"timestamp"`
	Framework  string    `json:"frameworkName"`
}

Used for elastic

type PostureJobParams

type PostureJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	FrameworkName   string `json:"frameworkName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type PosturePaths

type PosturePaths struct {
	ResourceID string `json:"resourceID,omitempty"` // resource on which the remediation needs to be applied
	// must have only one of the following
	FailedPath string  `json:"failedPath,omitempty"` // TODO: deprecate
	ReviewPath string  `json:"reviewPath,omitempty"`
	DeletePath string  `json:"deletePath,omitempty"`
	FixPath    FixPath `json:"fixPath,omitempty"`
	FixCommand string  `json:"fixCommand,omitempty"`
}

type PosturePolicy

type PosturePolicy struct {
	FrameworkName string `json:"frameworkName" bson:"frameworkName"`
	ControlName   string `json:"controlName,omitempty" bson:"controlName,omitempty"`
	ControlID     string `json:"controlID,omitempty" bson:"controlID,omitempty"`
	RuleName      string `json:"ruleName,omitempty" bson:"ruleName,omitempty"`
	SeverityScore int    `json:"severityScore,omitempty" bson:"severityScore,omitempty"`
}

type PostureReportResultRaw

type PostureReportResultRaw struct {
	Designators           identifiers.PortalDesignator `json:"designators"`
	Timestamp             time.Time                    `json:"timestamp"`
	ReportID              string                       `json:"reportGUID"`
	ResourceID            string                       `json:"resourceID"`
	ControlID             string                       `json:"controlID"`
	ControlConfigurations []ControlInputs              `json:"controlConfigurations,omitempty"`
	HighlightsPaths       []PosturePaths               `json:"highlightsPaths"`
	RelatedResourcesIDs   []string                     `json:"relatedResourcesID,omitempty"`
}

type PostureResource

type PostureResource struct {
	UniqueResourceResult string                       `json:"uniqueResourceResult"` // FNV(customerGUID + cluster+resourceID+frameworkName + resource.ReportID) to allow fast search for aggregation
	Designators          identifiers.PortalDesignator `json:"designators"`
	Name                 string                       `json:"name"`       // wlid/sid and etc.
	ResourceID           string                       `json:"resourceID"` //as given by kscape

	ControlName       string                      `json:"controlName"`
	HighlightPaths    []string                    `json:"highlightPaths"` // specifies "failedPath" - where exactly in the raw resources the control failed
	FixPaths          []FixPath                   `json:"fixPaths"`       // specifies "fixPaths" - what in the raw resources needs to be added by user
	ControlID         string                      `json:"controlID"`
	FrameworkName     string                      `json:"frameworkName"`
	ControlStatus     int                         `json:"controlStatus"` // it's rather resource status within the control, control might fail but on this specific resource it might be passed (exception)
	ControlStatusText string                      `json:"controlStatusText"`
	RelatedExceptions []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied  []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	ResourceKind      string                      `json:"kind"`
	ResourceNamespace string                      `json:"namespace"`
	Remediation       string                      `json:"remediation"`
	Images            []PostureContainerSummary   `json:"containers,omitempty"`
	DeleteStatus      RecordStatus                `json:"deletionStatus,omitempty"`
	Recommendations   []RecommendationAssociation `json:"recommendations"`

	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`
}

1 resource per 1 control

type PostureResourceSummary

type PostureResourceSummary struct {
	Designators  identifiers.PortalDesignator `json:"designators"`
	Name         string                       `json:"name"`                   // wlid/sid and etc.
	ResourceID   string                       `json:"resourceID"`             //as given by kscape
	ResourceHash string                       `json:"resourceHash,omitempty"` //common hash of customerGUID, cluster, kind, name, namespace, apiVersion

	//gives upto PostureResourceMaxCtrls controls as an example
	FailedControl   []string `json:"failedControls"`
	WarningControls []string `json:"warningControls"`
	SkippedControls []string `json:"skippedControls"`
	//maps statusText 2 list of controlIDs
	StatusToControls map[string][]string `json:"statusToControls"`

	HighlightsPerCtrl []HighlightsByControl `json:"highlightsPerControl"`

	//totalcount (including the failed/warning controls slices)
	FailedControlCount     int                         `json:"failedControlsCount"`
	SkippedControlCount    int                         `json:"skippedControlsCount"`
	WarningControlCount    int                         `json:"warningControlsCount"` // Deprecated
	Status                 int                         `json:"status"`
	StatusText             string                      `json:"statusText"`
	SubStatusText          string                      `json:"subStatusText,omitempty"`
	Remediation            []string                    `json:"remediation"`
	ResourceKind           string                      `json:"resourceKind"`
	FrameworkName          string                      `json:"frameworkName"`
	ExceptionRecommendaion string                      `json:"exceptionRecommendaion"`
	RelatedExceptions      []PostureExceptionPolicy    `json:"relatedExceptions"` // configured in portal
	ExceptionApplied       []PostureExceptionPolicy    `json:"exceptionApplied"`  //actual ruleResponse
	Images                 []PostureContainerSummary   `json:"containers,omitempty"`
	Recommendations        []RecommendationAssociation `json:"recommendations"`

	Timestamp     time.Time    `json:"timestamp"`
	ReportID      string       `json:"reportGUID"`
	DeleteStatus  RecordStatus `json:"deletionStatus,omitempty"`
	ArmoBestScore int64        `json:"armoBestScore"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Counters - Failed controls by severity
	CriticalSeverityControls int    `json:"criticalSeverityControls"`
	HighSeverityControls     int    `json:"highSeverityControls"`
	MediumSeverityControls   int    `json:"mediumSeverityControls"`
	LowSeverityControls      int    `json:"lowSeverityControls"`
	ClusterShortName         string `json:"clusterShortName"`

	// if True, at least one failed control supports smart remediation
	// swagger:ignore
	SupportsSmartRemediation bool `json:"supportsSmartRemediation"` // DEPRECATED
	SmartRemediation         bool `json:"smartRemediation"`

	//tickets opened for this resource
	Tickets []Ticket `json:"tickets,omitempty"`
}

type PostureScanConfig

type PostureScanConfig struct {
	ScanFrequency ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
}

type PostureSummary

type PostureSummary struct {
	RuntimeImprovementPercentage float32                      `json:"runtimeImprovementPercentage"`
	LastRun                      time.Time                    `json:"lastRun"`
	ReportID                     string                       `json:"reportGUID"`
	Designators                  identifiers.PortalDesignator `json:"designators"`
	PostureAttributes            PostureAttributesList        `json:"postureAttributes"`
	ClusterCloudProvider         string                       `json:"clusterCloudProvider"`

	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`
}

--------/api/v1/posture/summary

type Probe added in v0.0.249

type Probe struct {
	Type string `json:"type"` // e,g liveness/readiness/<w.e>
	Data string `json:"data"` // actual probe data/settings
}

Probe - represent the various container probes

type Process added in v0.0.377

type Process struct {
	PID        uint32    `json:"pid,omitempty" bson:"pid,omitempty"`
	Cmdline    string    `json:"cmdline,omitempty" bson:"cmdline,omitempty"`
	Comm       string    `json:"comm,omitempty" bson:"comm,omitempty"`
	PPID       uint32    `json:"ppid,omitempty" bson:"ppid,omitempty"`
	Pcomm      string    `json:"pcomm,omitempty" bson:"pcomm,omitempty"`
	Hardlink   string    `json:"hardlink,omitempty" bson:"hardlink,omitempty"`
	Uid        *uint32   `json:"uid,omitempty" bson:"uid,omitempty"`
	Gid        *uint32   `json:"gid,omitempty" bson:"gid,omitempty"`
	UserName   string    `json:"userName,omitempty" bson:"userName,omitempty"`
	GroupName  string    `json:"groupName,omitempty" bson:"groupName,omitempty"`
	StartTime  time.Time `json:"startTime,omitempty" bson:"startTime,omitempty"`
	UpperLayer *bool     `json:"upperLayer,omitempty" bson:"upperLayer,omitempty"`
	Cwd        string    `json:"cwd,omitempty" bson:"cwd,omitempty"`
	Path       string    `json:"path,omitempty" bson:"path,omitempty"`
	Children   []Process `json:"children,omitempty" bson:"children,omitempty"`
}

type ProcessTree added in v0.0.377

type ProcessTree struct {
	ProcessTree Process `json:"processTree" bson:"processTree"`
	UniqueID    uint32  `json:"uniqueID" bson:"uniqueID"`
	ContainerID string  `json:"containerID" bson:"containerID"`
}

type ProcessingStatus added in v0.0.203

type ProcessingStatus string

type Provider added in v0.0.469

type Provider string
const (
	AWSProvider          Provider = "aws"
	GCPProvider          Provider = "gcp"
	AzureProvider        Provider = "azure"
	DigitalOceanProvider Provider = "digitalocean"
)

Cloud providers (The Provider suffix is added to avoid conflicts with other Provider types :( ).

type ProviderConnectionStatus added in v0.0.270

type ProviderConnectionStatus struct {
	Status ConnectedStatus `json:"status"`
}

type QuayImageRegistry added in v0.0.449

type QuayImageRegistry struct {
	BaseContainerImageRegistry `json:",inline"`
	ContainerRegistryName      string `json:"containerRegistryName"`
	RobotAccountName           string `json:"robotAccountName"`
	RobotAccountToken          string `json:"robotAccountToken,omitempty"`
}

func (*QuayImageRegistry) ExtractSecret added in v0.0.459

func (quay *QuayImageRegistry) ExtractSecret() interface{}

func (*QuayImageRegistry) FillSecret added in v0.0.459

func (quay *QuayImageRegistry) FillSecret(value interface{}) error

func (*QuayImageRegistry) GetBase added in v0.0.459

func (*QuayImageRegistry) MaskSecret added in v0.0.459

func (quay *QuayImageRegistry) MaskSecret()

func (*QuayImageRegistry) SetBase added in v0.0.460

func (quay *QuayImageRegistry) SetBase(base *BaseContainerImageRegistry)

func (*QuayImageRegistry) Validate added in v0.0.459

func (quay *QuayImageRegistry) Validate() error

type QueryScopeParams added in v0.0.207

type QueryScopeParams struct {
	InstanceID string
	Cluster    []string
	Namespace  []string
	WLIDs      []string
	Kind       []string
	Name       []string
	Repository []string
	Registry   []string
	Tag        []string
	Custom     map[string][]string
}

func (*QueryScopeParams) FixOrAddAsInnerFilters added in v0.0.207

func (qsp *QueryScopeParams) FixOrAddAsInnerFilters(paginationReq *V2ListRequest, instanceIDField, clusterNameField, namespaceField,
	wlidField, kindField, nameField string)

FixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names

func (*QueryScopeParams) FixOrAddAsInnerFiltersMap added in v0.0.207

func (qsp *QueryScopeParams) FixOrAddAsInnerFiltersMap(paginationReq *V2ListRequest, filters Filters)

func (*QueryScopeParams) FixOrAddAsUniqueInnerFilters added in v0.0.216

func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFilters(reqObj *UniqueValuesRequestV2, instanceIDField, clusterNameField, namespaceField,
	wlidField, kindField, nameField string)

fixOrAddAsInnerFilters adds the query scope params as inner filters of the request to adapt the right field names

func (*QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap added in v0.0.216

func (qsp *QueryScopeParams) FixOrAddAsUniqueInnerFiltersMap(reqObj *UniqueValuesRequestV2, filters Filters)

type RawJSONObject added in v0.0.207

type RawJSONObject gojay.EmbeddedJSON

RawJSONObject holds bytes of JSON object

func (*RawJSONObject) MarshalJSON added in v0.0.207

func (rjo *RawJSONObject) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.marshaler interface

type RawResource

type RawResource struct {
	Designators  identifiers.PortalDesignator `json:"designators"`
	Timestamp    time.Time                    `json:"timestamp"`
	DeleteStatus RecordStatus                 `json:"deletionStatus,omitempty"`

	ResourceID          string                    `json:"resourceID"`
	PostureReportID     string                    `json:"postureReportID,omitempty"`
	SPIFFE              string                    `json:"spiffe"`
	Containers          []PostureContainerSummary `json:"containers,omitempty"`
	RelatedResourcesIDs []string                  `json:"relatedResourcesID,omitempty"`
	RAW                 json.RawMessage           `json:"object"`
}

type RecommendationAssociation

type RecommendationAssociation struct {
	PortalBase `json:",inline"`
	// audit for user actions taken for this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the context to show this recommendation to this customer
	Context []identifiers.ArmoContext `json:"context"`
	// designator object as we have in current resources represntaion
	// this is about to be useless
	Designators identifiers.PortalDesignator `json:"designators"`
	// guid of the recommendation in recommendation DB
	RecommendationPrototypeGUID string                   `json:"recommendationPrototypeGUID"`
	RecommendationDetails       RecommendationSkeletonV1 `json:"recommendationDetails"`
	// current status of this recommendation for the given resource
	Status AssociationStatus `json:"status"`
}

this structure is dedicated to connect between recommendation and specific resource and trace the user actions taken due to this recommendation

type RecommendationSkeletonV1

type RecommendationSkeletonV1 struct {
	PortalBase `json:",inline"`
	// audit for manual changes made in this recommendation
	UpdatesAudit []UpdateAuditEntry `json:"updatesAudit"`
	// the action the user should take
	Action      string `json:"action"`
	Description string `json:"description"`
	// link to some well explained description of this recommendation
	DescriptionLink string `json:"descriptionLink"`
	// the context to show this recommendation in
	Context []identifiers.ArmoContext `json:"context"`
	// the approvement status. Do we should show this recommendation to users?
	Approvement ApprovementState `json:"approvement"`
}

type RecordStatus

type RecordStatus int
const (
	RecordAlive        RecordStatus = 0
	RecordShouldDelete RecordStatus = 1
)

type RegistryInfo added in v0.0.125

type RegistryInfo struct {
	RegistryName     string     `json:"registryName,omitempty" bson:"registryName"`
	RegistryProvider string     `json:"registryProvider,omitempty" bson:"registryProvider"`
	RegistryToken    string     `json:"registryToken,omitempty" bson:"registryToken"`
	Depth            *int       `json:"depth,omitempty" bson:"depth"`
	Include          []string   `json:"include,omitempty" bson:"include"`
	Exclude          []string   `json:"exclude,omitempty" bson:"exclude"`
	Kind             string     `json:"kind,omitempty" bson:"kind"`
	IsHTTPS          *bool      `json:"isHTTPS,omitempty" bson:"isHTTPS"`
	SkipTLSVerify    *bool      `json:"skipTLSVerify,omitempty" bson:"skipTLSVerify"`
	AuthMethod       AuthMethod `json:"authMethod,omitempty" bson:"authMethod"`
	SecretName       string     `json:"secretName,omitempty" bson:"secretName"`
}

type RegistryJobParams

type RegistryJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	RegistryName    string `json:"registryName"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type RegistryProvider added in v0.0.449

type RegistryProvider string
const (
	AWS    RegistryProvider = "aws"
	Azure  RegistryProvider = "azure"
	Google RegistryProvider = "google"
	Harbor RegistryProvider = "harbor"
	Quay   RegistryProvider = "quay"
)

type RegistryStatus added in v0.0.467

type RegistryStatus string
const (
	Empty   RegistryStatus = ""
	Created RegistryStatus = "Created"
	Updated RegistryStatus = "Updated"
	Error   RegistryStatus = "Error"

	// Scan statuses
	Failed     RegistryStatus = "Failed"
	InProgress RegistryStatus = "In progress"
	Completed  RegistryStatus = "Completed"
)

type RelatedResource added in v0.0.346

type RelatedResource struct {
	identifiers.PortalDesignator `json:",inline" bson:",inline"`
	Clickable                    bool              `json:"clickable,omitempty" bson:"clickable,omitempty"`
	EdgeText                     []string          `json:"edgeText,omitempty" bson:"edgeText,omitempty"`
	RelatedResources             []RelatedResource `json:"relatedResources,omitempty" bson:"relatedResources,omitempty"`
}

type RelevantImageVulnerabilitiesConfiguration added in v0.0.198

type RelevantImageVulnerabilitiesConfiguration string
const (
	RelevantImageVulnerabilitiesConfigurationEnable  RelevantImageVulnerabilitiesConfiguration = "enable"
	RelevantImageVulnerabilitiesConfigurationDisable RelevantImageVulnerabilitiesConfiguration = "disable"
	RelevantImageVulnerabilitiesConfigurationDetect  RelevantImageVulnerabilitiesConfiguration = "detect"
)

type RepoEntityKind

type RepoEntityKind string

Kind of an entity. Can only be one of the following: `file` or `repo` Example: repo

const (
	RepoEntityFile RepoEntityKind = "file"
	RepoEntityRepo RepoEntityKind = "repo"
)

type RepoEntitySummary

type RepoEntitySummary struct {
	Designators identifiers.PortalDesignator `json:"designators"`

	// Name of this entity
	// Example: "my-repo"
	Name string `json:"name"`

	Kind RepoEntityKind `json:"kind"`

	// Number of children of the entity. For `file`s entity it would be
	// the amount of the resources inside this file, and for `repo`s -
	// the amount of scanned files
	// Example: 13
	ChildCount uint64 `json:"childCount"`

	// Status of the entity
	// Example: failed
	StatusText string `json:"statusText"`

	// Information about the controls that were run on this entity
	// The key is the status of the control (`failed`, `passed`, etc)
	ControlsInfo map[string][]ControlInfo `json:"controlsInfo"`

	// Statistics about the controls that were run
	// The key is the status of the control (`failed`, `passed`, etc).
	// The value is the number of controls
	// Example: {"failed": 3, "passed": 4}
	ControlsStats map[string]int `json:"controlsStats"`

	// Frameworks that were run.
	// In multi-frameworks-summary, this property is
	// taking the place of the `framework` property
	// Example: ["ArmoBest", "MITRE"]
	Frameworks []string `json:"frameworks,omitempty"`

	// Single framework this summary is for.
	// Example: ArmoBest
	Framework string `json:"framework,omitempty"`

	// Time of the scan that produced this result
	Timestamp time.Time `json:"timestamp"`
	ReportID  string    `json:"reportGUID"`

	// swagger:ignore
	// This record is marked for deletion or not
	DeleteStatus RecordStatus `json:"deletionStatus,omitempty"`

	//tickets opened for in this entity (repository or repository file)
	Tickets []Ticket `json:"tickets,omitempty"`
}

RepoEntitySummary summary of repo scanning entity.

type Repository added in v0.0.133

type Repository struct {
	RepositoryName string `json:"repositoryName"`
}

type ResolvedReason added in v0.0.375

type ResolvedReason string

type Resource added in v0.0.334

type Resource struct {
	K8sResourceHash  string `json:"k8sResourceHash,omitempty" bson:"k8sResourceHash,omitempty"`
	Cluster          string `json:"cluster,omitempty" bson:"cluster,omitempty"`
	ClusterShortName string `json:"clusterShortName"`
	Namespace        string `json:"namespace,omitempty" bson:"namespace,omitempty"`
	Kind             string `json:"kind,omitempty" bson:"kind,omitempty"`
	Name             string `json:"name,omitempty" bson:"name,omitempty"`
}

type RespTotal added in v0.0.201

type RespTotal struct {
	Value    int    `json:"value"`
	Relation string `json:"relation"`
}

func (*RespTotal) NKeys added in v0.0.216

func (ert *RespTotal) NKeys() int

NKeys --

func (*RespTotal) UnmarshalJSONObject added in v0.0.216

func (ert *RespTotal) UnmarshalJSONObject(dec *gojay.Decoder, key string) error

UnmarshalJSONObject --

type RespTotal64 added in v0.0.207

type RespTotal64 struct {
	Value    uint64 `json:"value"`
	Relation string `json:"relation"`
}

type RetrieveObjectsByRequestPayload added in v0.0.207

type RetrieveObjectsByRequestPayload struct {
	MultipleItems map[string][]string
	SingleItems   map[string]string
	Exists        []string
	MustNot       []map[string]interface{}
	ExcludeFields []string
}

payload for querying/filtering a list, key: <fieldname> and value is the string value

type Risk added in v0.0.316

type Risk struct {
	ID   string   `json:"ID"`
	Type RiskType `json:"type"`

	// field to be enriched by the backend, relevant only to type Control
	FixByNetworkPolicy bool `json:"fixByNetworkPolicy"`
}

Risk represents an individual risk with an ID and type

type RiskFactor added in v0.0.283

type RiskFactor string

func GetRiskFactors added in v0.0.284

func GetRiskFactors(controlIDs []string) []RiskFactor

GetRiskFactors returns a list of unique risk factors for given control IDs.

type RiskType added in v0.0.316

type RiskType string

func (*RiskType) UnmarshalJSON added in v0.0.316

func (rt *RiskType) UnmarshalJSON(data []byte) error

UnmarshalJSON is a custom unmarshaler for RiskType that validates its value

type RuleAlert added in v0.0.359

type RuleAlert struct {
	// Rule Description
	RuleDescription string `json:"ruleDescription,omitempty" bson:"ruleDescription,omitempty"`
}

type RuntimeAlert added in v0.0.359

type RuntimeAlert struct {
	BaseRuntimeAlert       `json:",inline" bson:"inline"`
	RuleAlert              `json:",inline" bson:"inline"`
	MalwareAlert           `json:",inline" bson:"inline"`
	AdmissionAlert         `json:",inline" bson:"inline"`
	RuntimeAlertK8sDetails `json:",inline" bson:"inline"`
	AlertType              AlertType `json:"alertType" bson:"alertType"`
	// Rule ID
	RuleID string `json:"ruleID,omitempty" bson:"ruleID,omitempty"`
	// Hostname is the name of the node agent pod
	HostName string `json:"hostName" bson:"hostName"`
	Message  string `json:"message" bson:"message"`
}

type RuntimeAlertK8sDetails added in v0.0.367

type RuntimeAlertK8sDetails struct {
	ClusterName       string            `json:"clusterName" bson:"clusterName"`
	ContainerName     string            `json:"containerName,omitempty" bson:"containerName,omitempty"`
	HostNetwork       *bool             `json:"hostNetwork,omitempty" bson:"hostNetwork,omitempty"`
	Image             string            `json:"image,omitempty" bson:"image,omitempty"`
	ImageDigest       string            `json:"imageDigest,omitempty" bson:"imageDigest,omitempty"`
	Namespace         string            `json:"namespace,omitempty" bson:"namespace,omitempty"`
	NodeName          string            `json:"nodeName,omitempty" bson:"nodeName,omitempty"`
	ContainerID       string            `json:"containerID,omitempty" bson:"containerID,omitempty"`
	PodName           string            `json:"podName,omitempty" bson:"podName,omitempty"`
	PodNamespace      string            `json:"podNamespace,omitempty" bson:"podNamespace,omitempty"`
	PodLabels         map[string]string `json:"podLabels,omitempty" bson:"podLabels,omitempty"`
	WorkloadName      string            `json:"workloadName" bson:"workloadName"`
	WorkloadNamespace string            `json:"workloadNamespace,omitempty" bson:"workloadNamespace,omitempty"`
	WorkloadKind      string            `json:"workloadKind" bson:"workloadKind"`
}

type RuntimeIncidentExceptionPolicy added in v0.0.440

type RuntimeIncidentExceptionPolicy struct {
	BaseExceptionPolicy `json:",inline"`
	Name                string `json:"name"`
	IncidentTypeId      string `json:"incidentTypeId"`
	Severity            string `json:"severity"`
	SeverityScore       int    `json:"severityScore"`
}

type ScanFrequency

type ScanFrequency string

type ScanType added in v0.0.146

type ScanType string

type SearchAfterResp added in v0.0.207

type SearchAfterResp struct {
	Sort interface{} `json:"sort"`
}

type SearchResponse added in v0.0.207

type SearchResponse struct {
	Result []RawJSONObject
	Total  *RespTotal
	Cursor *Cursor
	Sort   *SearchAfterResp
}

type SeccompStatus added in v0.0.417

type SeccompStatus int
const (
	SeccompStatusUnknown            SeccompStatus = 0
	SeccompStatusMissingRuntimeInfo SeccompStatus = 1
	SeccompStatusMissing            SeccompStatus = 2
	SeccompStatusOverlyPermissive   SeccompStatus = 3
	SeccompStatusOptimized          SeccompStatus = 4
	SeccompStatusMisconfigured      SeccompStatus = 5
)

type SeccompWorkload added in v0.0.417

type SeccompWorkload struct {
	Name                     string                   `json:"name"`
	Kind                     string                   `json:"kind"`
	Namespace                string                   `json:"namespace"`
	ClusterName              string                   `json:"clusterName"`
	K8sResourceHash          string                   `json:"k8sResourceHash"`
	ProfileStatus            SeccompStatus            `json:"profileStatus"`
	SyscallsUsedCount        int                      `json:"syscallsUsedCount"`
	SyscallsUnusedCount      int                      `json:"syscallsUnusedCount"`
	SyscallsUsed             []string                 `json:"syscallsUsed"`
	SyscallUnused            []string                 `json:"syscallsUnused"`
	MissingRuntimeInfoReason MissingRuntimeInfoReason `json:"missingRuntimeInfoReason"`
}

type SecurityIssue added in v0.0.316

type SecurityIssue struct {
	ISecurityIssue   `json:",inline,omitempty"`
	Cluster          string   `json:"cluster"`
	ClusterShortName string   `json:"clusterShortName"`
	Namespace        string   `json:"namespace"`
	ResourceName     string   `json:"resourceName"`
	Kind             string   `json:"kind"`
	ResourceID       string   `json:"resourceID"`
	K8sResourceHash  string   `json:"k8sResourceHash"`
	RiskID           string   `json:"riskID"` // controlID/attackTrackID
	RiskType         RiskType `json:"riskType,omitempty"`

	SecurityRiskID string `json:"securityRiskID"`

	Status SecurityIssueStatus `json:"status"`

	IsNew bool `json:"isNew"`

	LastTimeDetected    string `json:"lastTimeDetected,omitempty"`
	LastTimeResolved    string `json:"lastTimeResolved,omitempty"`
	ExceptionApplied    bool   `json:"exceptionApplied"`
	ExceptionPolicyGUID string `json:"exceptionPolicyGUID"`

	Tickets []Ticket `json:"tickets,omitempty"`
}

func (*SecurityIssue) GetClusterName added in v0.0.343

func (si *SecurityIssue) GetClusterName() string

func (*SecurityIssue) GetK8sResourceHash added in v0.0.394

func (si *SecurityIssue) GetK8sResourceHash() string

func (*SecurityIssue) GetShortClusterName added in v0.0.343

func (si *SecurityIssue) GetShortClusterName() string

func (*SecurityIssue) SetClusterName added in v0.0.343

func (si *SecurityIssue) SetClusterName(clusterName string)

func (*SecurityIssue) SetShortClusterName added in v0.0.343

func (si *SecurityIssue) SetShortClusterName(clusterShortName string)

func (*SecurityIssue) SetTickets added in v0.0.394

func (si *SecurityIssue) SetTickets(tickets []Ticket)

type SecurityIssueAttackPath added in v0.0.325

type SecurityIssueAttackPath struct {
	SecurityIssue `json:",inline"`
	AttackChainID string `json:"attackChainID"`
	FirstSeen     string `json:"firstSeen"`
}

type SecurityIssueControl added in v0.0.325

type SecurityIssueControl struct {
	SecurityIssue `json:",inline"`
	ControlID     string `json:"controlID"`
	ReportGUID    string `json:"reportGUID"`
	FrameworkName string `json:"frameworkName"`

	// relevant for controls with network policy fix
	AppliedNetworkPolicyType string              `json:"appliedNetworkPolicyType,omitempty"`
	NetworkPolicyStatus      NetworkPolicyStatus `json:"networkPolicyStatus,omitempty"`

	MissingRuntimeInfoReason MissingRuntimeInfoReason `json:"missingRuntimeInfoReason,omitempty"`
}

type SecurityIssueSeverity added in v0.0.320

type SecurityIssueSeverity string

type SecurityIssueStatus added in v0.0.316

type SecurityIssueStatus string

type SecurityIssueVulnerability added in v0.0.431

type SecurityIssueVulnerability struct {
	SecurityIssue    `json:",inline"`
	CriticalCount    int                 `json:"criticalCount"`
	HighCount        int                 `json:"highCount"`
	MediumCount      int                 `json:"mediumCount"`
	LowCount         int                 `json:"lowCount"`
	SeverityStats    map[string][]string `json:"severityStats"`
	RiskFactorsCount int                 `json:"riskFactorsCount"`
	RiskFactors      []RiskFactor        `json:"riskFactors"`
}

type SecurityIssuesCategories added in v0.0.320

type SecurityIssuesCategories struct {
	CategoryResourceCounters map[string]int `json:"categoryResourceCounter"`
	TotalResources           int            `json:"totalResources"`
}

func NewSecurityIssuesCategories added in v0.0.320

func NewSecurityIssuesCategories() SecurityIssuesCategories

func (*SecurityIssuesCategories) SetCategoryTotal added in v0.0.320

func (sic *SecurityIssuesCategories) SetCategoryTotal(category string, total int)

type SecurityIssuesSeverities added in v0.0.320

type SecurityIssuesSeverities struct {
	SeverityResourceCounters map[SecurityIssueSeverity]int `json:"severityResourceCounter"`
	TotalResources           int                           `json:"totalResources"`
}

func NewSecurityIssuesSeverities added in v0.0.320

func NewSecurityIssuesSeverities() SecurityIssuesSeverities

func (*SecurityIssuesSeverities) SetSeverityTotal added in v0.0.320

func (sis *SecurityIssuesSeverities) SetSeverityTotal(severity SecurityIssueSeverity, total int)

type SecurityIssuesSummary added in v0.0.316

type SecurityIssuesSummary struct {
	SecurityRiskID                   string `json:"securityRiskID"`
	SecurityRiskName                 string `json:"securityRiskName"`
	Category                         string `json:"category"`
	Severity                         string `json:"severity"`
	LastUpdated                      string `json:"lastUpdated"`
	AffectedClustersCount            int    `json:"affectedClustersCount"`
	AffectedNamespacesCount          int    `json:"affectedNamespacesCount"`
	AffectedResourcesCount           int    `json:"affectedResourcesCount"`
	ResourcesDetectedLastUpdateCount int    `json:"resourcesDetectedLastUpdateCount"`
	ResourcesResolvedLastUpdateCount int    `json:"resourcesResolvedLastUpdateCount"`

	ResourcesDetectedLastChangeCount int        `json:"resourcesDetectedLastChangeCount"`
	ResourcesDetectedLastChange      []Resource `json:"resourcesDetectedLastChange"`

	// resources that are resolved excluding deleted
	ResourcesResolvedLastChangeCount int        `json:"resourcesResolvedLastChangeCount"`
	ResourcesResolvedLastChange      []Resource `json:"resourcesResolvedLastChange"`

	// resources that are resolved because of a kubernetes resource deletion or cluster deletion
	ResourcesDeletedLastChangeCount int        `json:"resourcesDeletedLastChangeCount"`
	ResourcesDeletedLastChange      []Resource `json:"resourcesDeletedLastChange"`

	AffectedResourcesChange int `json:"affectedResourcesChange"`

	// if True, control supports smart remediation
	// swagger:ignore
	SupportsSmartRemediation bool `json:"supportsSmartRemediation"` // DEPRECATED
	SmartRemediation         bool `json:"smartRemediation"`

	Tickets []Ticket `json:"tickets,omitempty"`
}

type SecurityIssuesTrends added in v0.0.364

type SecurityIssuesTrends struct {

	// date in format yyyy-mm-dd
	Date string `json:"date"`

	// new detected issues within the day
	NewDetected int `json:"newDetected"`

	// new resolved issues within the day
	NewResolved int `json:"newResolved"`

	TotalNewDetectedUpToDate int `json:"totalNewDetectedUpToDate"`

	TotalNewResolvedUpToDate int `json:"totalNewResolvedUpToDate"`

	// new detected issues at the end of the day
	NewDetectedEndOfDay int `json:"newDetectedEndOfDay"`

	// new resolved issues at the end of the day
	NewResolvedEndOfDay int `json:"newResolvedEndOfDay"`

	// total detected from the beginning of the period until current date
	TotalDetectedUpToDate int `json:"totalDetectedUpToDate"`
}

type SecurityIssuesTrendsSummary added in v0.0.364

type SecurityIssuesTrendsSummary struct {
	SecurityIssuesTrends []SecurityIssuesTrends `json:"securityIssuesTrends"`

	// total issues detected for the period
	TotalDetectedForPeriod int `json:"totalDetectedForPeriod"`

	// total issues resolved for the period
	TotalResolvedForPeriod int `json:"totalResolvedForPeriod"`

	// current detected issues
	CurrentDetected int `json:"currentDetected"`

	// CurrentDetected - TotalDetectedUpToDate of first date of period.
	ChangeFromBeginningOfPeriod int `json:"changeFromBeginningOfPeriod"`
}

type SecurityRisk added in v0.0.316

type SecurityRisk struct {
	ID               string           `json:"ID"`
	Name             string           `json:"name"`
	Description      string           `json:"description"`
	WhatIs           string           `json:"whatIs"`
	Severity         string           `json:"severity"`
	Category         string           `json:"category"`
	Remediation      string           `json:"remediation"`
	Risks            []Risk           `json:"risks"`
	SecurityIssues   []ISecurityIssue `json:"securityIssues,omitempty"`
	SmartRemediation bool             `json:"smartRemediation"`
}

SecurityRisk represents the main object with various fields and an array of Risks

func (*SecurityRisk) GetRiskTypes added in v0.0.325

func (sr *SecurityRisk) GetRiskTypes() []RiskType

func (*SecurityRisk) GetRisks added in v0.0.316

func (sr *SecurityRisk) GetRisks() []Risk

func (*SecurityRisk) GetRisksIDsByType added in v0.0.316

func (sr *SecurityRisk) GetRisksIDsByType(riskType RiskType) []string

type SecurityRiskExceptionPolicy added in v0.0.334

type SecurityRiskExceptionPolicy struct {
	BaseExceptionPolicy `json:",inline"`
	Name                string `json:"name"`
	Category            string `json:"category"`
	Severity            string `json:"severity"`
	SecurityRiskID      string `json:"securityRiskID"`
	Risks               []Risk `json:"risks"`
}

type Settings

type Settings struct {
	PostureControlInputs    map[string][]string     `json:"postureControlInputs" bson:"postureControlInputs"`
	PostureScanConfig       PostureScanConfig       `json:"postureScanConfig" bson:"postureScanConfig"`
	VulnerabilityScanConfig VulnerabilityScanConfig `json:"vulnerabilityScanConfig" bson:"vulnerabilityScanConfig"`
	SlackConfigurations     SlackSettings           `json:"slackConfigurations,omitempty" bson:"slackConfigurations,omitempty"`
}

func MockSettings

func MockSettings() *Settings

type SlackChannel

type SlackChannel struct {
	ChannelID   string `json:"id"`
	ChannelName string `json:"name"`
}

type SlackChannels added in v0.0.270

type SlackChannels struct {
	Channels []SlackChannel `json:"channels"`
}

type SlackNotification

type SlackNotification struct {
	IsActive   bool                   `json:"isActive" bson:"isActive"`
	Channels   []SlackChannel         `json:"channels" bson:"channels"`
	Attributes map[string]interface{} `json:"attributes" bson:"attributes"`
}

type SlackSettings

type SlackSettings struct {
	Token         string `json:"token" bson:"token"`
	Alert2Channel `json:",inline,omitempty" bson:"inline,omitempty"`
	Notifications `json:"notifications,omitempty" bson:"notifications,omitempty"`
}

type StackFrame added in v0.0.468

type StackFrame struct {
	// Frame ID
	FrameID string `json:"frameId,omitempty" bson:"frameId,omitempty"`
	// Function name
	Function string `json:"function,omitempty" bson:"function,omitempty"`
	// File name
	File string `json:"file,omitempty" bson:"file,omitempty"`
	// Line number
	Line *int `json:"line,omitempty" bson:"line,omitempty"`
	// Address
	Address string `json:"address,omitempty" bson:"address,omitempty"`
	// Arguments
	Arguments []string `json:"arguments,omitempty" bson:"arguments,omitempty"`
	// User/Kernel space
	UserSpace bool `json:"userSpace,omitempty" bson:"userSpace,omitempty"`
	// Native/Source code
	NativeCode *bool `json:"nativeCode,omitempty" bson:"nativeCode,omitempty"`
}

type Subscription added in v0.0.154

type Subscription struct {

	// Stripe internal customer ID, usually generated on subscription creation.
	StripeCustomerID string `json:"stripeCustomerID,omitempty" bson:"stripeCustomerID,omitempty"`

	// Stripe subscription id.
	StripeSubscriptionID string `json:"stripeSubscriptionID,omitempty" bson:"stripeSubscriptionID,omitempty"`

	// Stripe subscription status, optional values: incomplete, incomplete_expired, trialing, active, past_due, canceled, or unpaid.
	SubscriptionStatus string `json:"subscriptionStatus,omitempty" bson:"subscriptionStatus,omitempty"`

	// Date when the subscription was first created. The date might differ from the created date due to backdating
	StartDate int64 `json:"startDate,omitempty" bson:"startDate,omitempty"`

	// Stripe The most recent invoice this subscription has generated.
	LatestInvoice string `json:"latestInvoice,omitempty" bson:"latestInvoice,omitempty"`

	// determine whether a subscription that has a status of active is scheduled to be canceled at the end of the current period.
	CancelAtPeriodEnd *bool `json:"cancelAtPeriodEnd,omitempty" bson:"cancelAtPeriodEnd,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodStart int64 `json:"currentPeriodStart,omitempty" bson:"currentPeriodStart,omitempty"`

	// End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
	CurrentPeriodEnd int64 `json:"currentPeriodEnd,omitempty" bson:"currentPeriodEnd,omitempty"`

	// If the subscription has a trial, the end of that trial.
	TrialEnd int64 `json:"trialEnd,omitempty" bson:"trialEnd,omitempty"`

	// monthly average of daily sum of max scanned Worker Nodes per cluster per day
	NumNodes int `json:"numNodes,omitempty" bson:"numNodes,omitempty"`

	// can be "free", "team" or "enterprise"
	LicenseType LicenseType `json:"licenseType,omitempty" bson:"licenseType,omitempty"`
}

hold information of a single subscription.

type SynchronizerClient added in v0.0.333

type SynchronizerClient struct {
	CustomerGUID        string    `json:"customerGUID"`
	Cluster             string    `json:"cluster"`
	Replica             string    `json:"replica"`
	LastKeepAlive       time.Time `json:"lastKeepAlive"`
	ConnectionTime      time.Time `json:"connectionTime"`
	HelmVersion         string    `json:"helmVersion"`
	SynchronizerVersion string    `json:"synchronizerVersion"`
	ConnectionId        string    `json:"connectionId"`
	FirstConnected      time.Time `json:"firstConnected"`
	GitVersion          string    `json:"gitVersion"`
	CloudProvider       string    `json:"cloudProvider"`
}

SynchronizerClient represents a client which is connected to the synchronizer server

type Ticket added in v0.0.371

type Ticket struct {
	GUID          string              `json:"guid,omitempty"`         //ticket guid in armo
	TicketManager TicketManager       `json:"ticketManager"`          //ticket service provider
	Owner         map[string]string   `json:"owner,omitempty"`        //armo entity that owns the ticket
	Subjects      []map[string]string `json:"subjects,omitempty"`     //armo entities mentioned in the ticket
	Link          string              `json:"link,omitempty"`         //link to the ticket
	Status        string              `json:"status,omitempty"`       //status of the ticket
	LinkTitle     string              `json:"linkTitle,omitempty"`    //title of the ticket
	Severity      string              `json:"severity,omitempty"`     //severity of the ticket
	Error         string              `json:"error,omitempty"`        //error message if any
	ErrorCode     int                 `json:"errorCode,omitempty"`    //error code if any (e.g. http status code like 401)
	ProviderData  map[string]string   `json:"providerData,omitempty"` //provider specific data
}

type TicketManager added in v0.0.371

type TicketManager string
const (
	TicketManagerJira TicketManager = "jira"
)

type Trace added in v0.0.468

type Trace struct {
	// Trace ID
	TraceID string `json:"traceId,omitempty" bson:"traceId,omitempty"`
	// Stack trace
	Stack []StackFrame `json:"stack,omitempty" bson:"stack,omitempty"`
	// Package name
	Package string `json:"package,omitempty" bson:"package,omitempty"`
	// Language
	Language string `json:"language,omitempty" bson:"language,omitempty"`
}

type UniqueCardinalityResponseV2 added in v0.0.207

type UniqueCardinalityResponseV2 struct {
	Fields map[string]uint64 `json:"fields"`
}

UniqueCardinalityResponseV2 holds response data of cardinality request

func (*UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords added in v0.0.216

func (uvr *UniqueCardinalityResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)

ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary

type UniqueValuesRequestV2 added in v0.0.207

type UniqueValuesRequestV2 struct {
	Fields map[string]string `json:"fields"`
	// Which elements of the list to return, each field can hold multiple values separated by comma
	// Example: ": {"severity": "High,Medium",		"type": "61539,30303"}
	// An empty map means "return the complete list"
	InnerFilters []map[string]string `json:"innerFilters"`
	PageSize     int                 `json:"pageSize,omitempty"`
	//for apis that support pagination
	PageNum *int `json:"pageNum,omitempty"`
	//Include hit counts for each field
	CountFields             *bool             `json:"countFields,omitempty"`
	FieldsReverseKeywordMap map[string]string `json:"-"`
	Cursor                  string            `json:"-"`
	// The time window to search (Default: since - beginning of the time, until - now)
	Since          *time.Time `json:"since,omitempty"`
	Until          *time.Time `json:"until,omitempty"`
	TimestampField string     `json:"-"`
}

UniqueValuesRequestV2 holds data to return unique values to

func (*UniqueValuesRequestV2) GetFieldsNames added in v0.0.216

func (uvr *UniqueValuesRequestV2) GetFieldsNames() []string

GetFieldsNames retunrs slice of Fields names

func (*UniqueValuesRequestV2) ReplaceFieldsToKeywords added in v0.0.216

func (uvr *UniqueValuesRequestV2) ReplaceFieldsToKeywords(keywordMap map[string]string)

ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary

func (*UniqueValuesRequestV2) ValidateCountFields added in v0.0.317

func (u *UniqueValuesRequestV2) ValidateCountFields(countDefault bool) bool

func (*UniqueValuesRequestV2) ValidatePageProperties added in v0.0.207

func (u *UniqueValuesRequestV2) ValidatePageProperties(maxPageSize int)

ValidatePageProperties validate page size and page number to be valid

type UniqueValuesResponseFieldsCount added in v0.0.207

type UniqueValuesResponseFieldsCount struct {
	Field string `json:"key"`
	Count int64  `json:"count"`
}

UniqueValuesResponseFieldsCount holds response data of UniqueValuesResponseV2 request

type UniqueValuesResponseV2 added in v0.0.207

type UniqueValuesResponseV2 struct {
	Fields      map[string][]string                          `json:"fields"`
	FieldsCount map[string][]UniqueValuesResponseFieldsCount `json:"fieldsCount"`
}

UniqueValuesResponseV2 holds response data of unique values

func (*UniqueValuesResponseV2) ListFields added in v0.0.216

func (uvr *UniqueValuesResponseV2) ListFields(key string) []string

ListFields list all UniqueValuesResponseV2 fields

func (*UniqueValuesResponseV2) ReplaceFieldsFromKeywords added in v0.0.216

func (uvr *UniqueValuesResponseV2) ReplaceFieldsFromKeywords(keywordMap map[string]string)

ReplaceFieldsFromKeywords restores the original fields names from the .keyword if necessary

type UniqueValuesSearchByScopeFiltersFunc added in v0.0.216

type UniqueValuesSearchByScopeFiltersFunc func(customerGUID string, scopeFilters *QueryScopeParams, reqObj *UniqueValuesRequestV2) (*UniqueValuesResponseV2, error)

type UpdateAuditEntry

type UpdateAuditEntry struct {
	Timestamp time.Time `json:"timestamp"`
	UserName  string    `json:"userName"`
}

type User added in v0.0.194

type User struct {
	DismissedBanners map[string]Banner `json:"dismissedBanners,omitempty" bson:"dismissedBanners,omitempty"` // map of bannerID to Banner
}

type V2ListRequest added in v0.0.197

type V2ListRequest struct {
	// properties of the requested next page
	// Use ValidatePageProperties to set PageSize field
	PageSize *int `json:"pageSize"`
	// One can leave it empty for 0, then call ValidatePageProperties
	PageNum *int `json:"pageNum"`
	// The time window of the list to return. Default: since - begining og the time, until - now.
	Since *time.Time `json:"since"`
	Until *time.Time `json:"until"`
	// Which elements of the list to return, each field can hold multiple values separated by comma
	// An empty map means "return the complete list"
	// Example: [{"severity": "High,Medium",		"type": "61539,30303"}]
	InnerFilters []map[string]string `json:"innerFilters"`
	// How to order (sort) the list, field name + sort order (asc/desc), like https://www.w3schools.com/sql/sql_orderby.asp
	// When empty, the default sort order is used. To disable the default sort order, set IgnoreDefaultSort to true
	// Example: timestamp:asc,severity:desc
	OrderBy string `json:"orderBy"`
	// When true, the default sort order is ignored
	// TODO: take it off, and use the default sort order when OrderBy is empty
	IgnoreDefaultSort bool `json:"ignoreDefaultOrderBy,omitempty"`
	// Cursor to the next page of former requset.
	// Cursor cannot be used with another parameters of this struct
	Cursor           *Cursor `json:"cursorV1,omitempty"`
	CursorDepracated string  `json:"cursor"`
	// FieldsList allow us to return only subset of the source document fields
	// Don't expose FieldsList outside without well designed decision
	// swagger:ignore
	FieldsList              []string          `json:"includeFields"`
	FieldsReverseKeywordMap map[string]string `json:"-"`
	// TODO: reuse cursor struct (few line above)
	SearchAfter *SearchAfterResp `json:"searchAfter"`
	// For PUT request, can be used to update only specific fields with specific values
	// map of field name to new value
	FieldsToUpdate map[string]string `json:"fieldsToUpdate"`
	//internal flag to indicate if the request is validated (avoid fixing pagination twice in the same request)
	// swagger:ignore
	FixedPageNum bool `json:"_fixedPageNum"`
}

TODO use armotypes.V2ListRequest V2ListRequest descripts what portion of the list the client is requesting swagger:model PaginationRequest

func (*V2ListRequest) GetFieldsNames added in v0.0.207

func (lr *V2ListRequest) GetFieldsNames() []string

GetFieldsNames retunrs slice of Fields names

func (*V2ListRequest) ReplaceFieldsToKeywords added in v0.0.216

func (lr *V2ListRequest) ReplaceFieldsToKeywords(keywordMap map[string]string)

ReplaceFieldsToKeywords replaces the original fields names to the .keyword if necessary

func (*V2ListRequest) ValidateOrderBy added in v0.0.216

func (lr *V2ListRequest) ValidateOrderBy(defaultDescOrder string)

ValidateOrderBy vlidate that the order-by field is well configured to the desired state

func (*V2ListRequest) ValidatePageProperties added in v0.0.207

func (lr *V2ListRequest) ValidatePageProperties(maxPageSize int)

ValidatePageProperties validate page size and page number to be valid

type V2ListResponse added in v0.0.207

type V2ListResponse V2ListResponseGeneric[interface{}]

type V2ListResponseGeneric added in v0.0.246

type V2ListResponseGeneric[T any] struct {
	Total    RespTotal `json:"total"`
	Response T         `json:"response"`
	// Cursor for quick access to the next page. Not supported yet
	Cursor string `json:"cursor"`
}

V2ListResponse holds the response of some list request with some metadata

type Vulnerabilities added in v0.0.205

type Vulnerabilities struct {
	ContainerName string   `json:"containerName" bson:"containerName,omitempty"`
	ImageScanID   string   `json:"imageScanID" bson:"imageScanID,omitempty"`
	Names         []string `json:"names" bson:"names,omitempty"` // CVE names
}

type VulnerabilitiesComponent added in v0.0.283

type VulnerabilitiesComponent struct {
	CustomerGUID string `json:"customerGUID"`
	Name         string `json:"name"`
	Version      string `json:"version"`
	PackageType  string `json:"packageType"`
	// swagger:ignore
	FirstSeen   time.Time           `json:"firstSeen"` //first found in the user account (not in the world)
	FixVersions []string            `json:"fixVersions"`
	PathsInfo   []ComponentPathInfo `json:"pathsInfo"`
}

type Vulnerability added in v0.0.142

type Vulnerability struct {
	Name               string                       `json:"name"`
	ID                 string                       `json:"id"`
	Severity           string                       `json:"severity"`
	SeverityScore      int                          `json:"severityScore"`
	Links              []string                     `json:"links"`
	Description        string                       `json:"description"`
	Exploitable        string                       `json:"exploitable"`
	IsRelevant         string                       `json:"isRelevant"`
	ComponentInfo      VulnerabilitiesComponent     `json:"componentInfo"`
	CvssInfo           CvssInfo                     `json:"cvssInfo"`
	EpssInfo           EpssInfo                     `json:"epssInfo"`
	CisaKevInfo        CisaKevInfo                  `json:"cisaKevInfo"`
	WorkloadsCount     int                          `json:"workloadsCount"`
	ImagesCount        int                          `json:"imagesCount"`
	IgnoreRulesSummary map[string]IgnoreRuleSummary `json:"ignoreRulesSummary"`
	Tickets            []Ticket                     `json:"tickets,omitempty"`
}

type VulnerabilityExceptionPolicy

type VulnerabilityExceptionPolicy struct {
	PortalBase `json:",inline" bson:"inline"`

	// Policy type. Must be 'vulnerabilityExceptionPolicy'
	// required: true
	// Example: vulnerabilityExceptionPolicy
	PolicyType string `json:"policyType,omitempty" bson:"policyType,omitempty"`

	// Creation time of the policy
	// Example: 2022-03-31T08:57:58.048014
	CreationTime string `json:"creationTime" bson:"creationTime"`

	// Actions to apply (currently only 'ignore' is available)
	// required: true
	// min: 1
	// Example: ["ignore"]
	Actions []VulnerabilityExceptionPolicyActions `json:"actions" bson:"actions,omitempty"`

	// Items to apply the actions on
	// required: true
	// min: 1
	Designatores []identifiers.PortalDesignator `json:"designators" bson:"designators,omitempty"`

	// Vulnerabilities to take the actions on
	// required: true
	// min: 1
	VulnerabilityPolicies []VulnerabilityPolicy `json:"vulnerabilities" bson:"vulnerabilities,omitempty"`
	Reason                string                `json:"reason,omitempty" bson:"reason,omitempty"`
	ExpirationDate        *time.Time            `json:"expirationDate" bson:"expirationDate,omitempty"`
	ExpiredOnFix          *bool                 `json:"expiredOnFix,omitempty" bson:"expiredOnFix,omitempty"`
	CreatedBy             string                `json:"createdBy,omitempty" bson:"createdBy,omitempty"`
}

func MockVulnerabilityException

func MockVulnerabilityException() *VulnerabilityExceptionPolicy

func (*VulnerabilityExceptionPolicy) IsAlertOnly

func (exceptionPolicy *VulnerabilityExceptionPolicy) IsAlertOnly() bool

type VulnerabilityExceptionPolicyActions

type VulnerabilityExceptionPolicyActions string
const Ignore VulnerabilityExceptionPolicyActions = "ignore"

type VulnerabilityJobParams

type VulnerabilityJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	Namespace       string `json:"namespace"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type VulnerabilityPolicy

type VulnerabilityPolicy struct {
	// The name of the vulnerability
	// Example: CVE-2022-28128
	Name          string `json:"name" bson:"name"`
	SeverityScore int    `json:"severityScore,omitempty" bson:"severityScore,omitempty"`
}

type VulnerabilityScanConfig

type VulnerabilityScanConfig struct {
	ScanFrequency             ScanFrequency `json:"scanFrequency,omitempty" bson:"scanFrequency,omitempty"`
	CriticalPriorityThreshold int           `json:"criticalPriorityThreshold,omitempty" bson:"criticalPriorityThreshold,omitempty"`
	HighPriorityThreshold     int           `json:"highPriorityThreshold,omitempty" bson:"highPriorityThreshold,omitempty"`
	MediumPriorityThreshold   int           `json:"mediumPriorityThreshold,omitempty" bson:"mediumPriorityThreshold,omitempty"`
	ScanNewDeployment         bool          `json:"scanNewDeployment,omitempty" bson:"scanNewDeployment,omitempty"`
	AllowlistRegistries       []string      `json:"AllowlistRegistries,omitempty" bson:"AllowlistRegistries,omitempty"`
	BlocklistRegistries       []string      `json:"BlocklistRegistries,omitempty" bson:"BlocklistRegistries,omitempty"`
}

type VulnerabilityUniqueComponent added in v0.0.451

type VulnerabilityUniqueComponent struct {
	CustomerGUID     string `json:"customerGUID"`
	ComponentID      uint64 `json:"componentID"`
	Component        string `json:"component"`
	ComponentVersion string `json:"componentVersion"`
	PackageType      string `json:"packageType"`
}

type VulnerabilityUniqueDailyFindings added in v0.0.405

type VulnerabilityUniqueDailyFindings struct {
	Timestamp     time.Time `json:"timestamp"`
	CriticalCount int       `json:"criticalCount"`
	HighCount     int       `json:"highCount"`
	MediumCount   int       `json:"mediumCount"`
	LowCount      int       `json:"lowCount"`
}

type VulnerabilityUniqueFinding added in v0.0.405

type VulnerabilityUniqueFinding struct {
	CustomerGUID     string    `json:"customerGUID"`
	SeverityScore    int64     `json:"severityScore"`
	VulnerabilityID  string    `json:"vulnerabilityID"`
	Component        string    `json:"component"`
	ComponentVersion string    `json:"componentVersion"`
	FixAvailable     *bool     `json:"fixAvailable"`
	ResourceHash     string    `json:"resourceHash"`
	IsRelevant       bool      `json:"isRelevant"`
	ScanDate         time.Time `json:"scanDate"`
}

type VulnerabilityWorkload added in v0.0.283

type VulnerabilityWorkload struct {
	Wlid                     string                   `json:"wlid"`
	ResourceHash             string                   `json:"resourceHash"` //common hash of customerGUID, cluster, kind, name, namespace, apiVersion
	Name                     string                   `json:"name"`
	Namespace                string                   `json:"namespace"`
	Kind                     string                   `json:"kind"`
	Cluster                  string                   `json:"cluster"`
	ClusterShortName         string                   `json:"clusterShortName"`
	LastScanTime             time.Time                `json:"lastScanTime"`
	CustomerGUID             string                   `json:"customerGUID"`
	ImagesCount              int                      `json:"imagesCount"`
	CriticalCount            int                      `json:"criticalCount"`
	HighCount                int                      `json:"highCount"`
	MediumCount              int                      `json:"mediumCount"`
	LowCount                 int                      `json:"lowCount"`
	SeverityStats            map[string][]string      `json:"severityStats"`
	RiskFactorsCount         int                      `json:"riskFactorsCount"`
	RiskFactors              []RiskFactor             `json:"riskFactors"`
	Labels                   []string                 `json:"labels"`
	HasRelevancyData         bool                     `json:"hasRelevancyData"`
	Images                   []string                 `json:"images"`
	Tickets                  []Ticket                 `json:"tickets,omitempty"`
	MissingRuntimeInfoReason MissingRuntimeInfoReason `json:"missingRuntimeInfoReason"`
}

type WorkloadStatus added in v0.0.419

type WorkloadStatus struct {
	ResourceHash     string   `json:"resourceHash"`
	CustomerGUID     string   `json:"customerGUID"`
	ClusterName      string   `json:"clusterName"`
	IsInternetFacing *bool    `json:"isInternetFacing"`
	RiskFactors      []string `json:"riskFactors"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL