Documentation ¶
Index ¶
- Constants
- Variables
- func GetRuntimePods() string
- func MockExternalFacingService() string
- func MockRegoPrivilegedPods() string
- func MockTemp() string
- type AlertObject
- type AlertScore
- type Control
- type ControlReport
- func (controlReport *ControlReport) Failed() bool
- func (controlReport *ControlReport) GetNumberOfFailedResources() int
- func (controlReport *ControlReport) GetNumberOfResources() int
- func (controlReport *ControlReport) GetNumberOfWarningResources() int
- func (controlReport *ControlReport) ListControlsInputKinds() []string
- func (controlReport *ControlReport) Passed() bool
- func (controlReport *ControlReport) Warning() bool
- type Framework
- type FrameworkReport
- type NotificationPolicyKind
- type NotificationPolicyType
- type PolicyIdentifier
- type PolicyNotification
- type PolicyRule
- type PostureReport
- type RuleDependency
- type RuleLanguages
- type RuleMatchObjects
- type RuleReport
- type RuleResponse
- type RuleStatus
- type UpdatedControl
- type UpdatedFramework
Constants ¶
View Source
const ( PostureRestAPIPathV1 = "/v1/posture" PostureRedisPrefix = "_postureReportv1" K8sPostureNotification = "/k8srestapi/v1/newPostureReport" )
Variables ¶
View Source
var ( AMockCustomerGUID = "5d817063-096f-4d91-b39b-8665240080af" AMockJobID = "36b6f9e1-3b63-4628-994d-cbe16f81e9c7" AMockReportID = "2c31e4da-c6fe-440d-9b8a-785b80c8576a" AMockClusterName = "clusterA" AMockFrameworkName = "testFrameworkA" AMockControlName = "testControlA" AMockRuleName = "testRuleA" AMockPortalBase = *armotypes.MockPortalBase(AMockCustomerGUID, "", nil) )
Mock A
Functions ¶
func GetRuntimePods ¶
func GetRuntimePods() string
func MockExternalFacingService ¶
func MockExternalFacingService() string
func MockRegoPrivilegedPods ¶
func MockRegoPrivilegedPods() string
Types ¶
type AlertObject ¶
type AlertScore ¶
type AlertScore float32
type Control ¶
type Control struct { armotypes.PortalBase `json:",inline"` CreationTime string `json:"creationTime"` Description string `json:"description"` Remediation string `json:"remediation"` Rules []PolicyRule `json:"rules"` // for new list of rules in POST/UPADTE requests RulesIDs *[]string `json:"rulesIDs,omitempty"` }
Control represents a collection of rules which are combined together to single purpose
type ControlReport ¶
type ControlReport struct { armotypes.PortalBase `json:",inline"` Name string `json:"name"` RuleReports []RuleReport `json:"ruleReports"` Remediation string `json:"remediation"` Description string `json:"description"` Score float32 `json:"score,omitempty"` BaseScore float32 `json:"baseScore,omitempty"` ARMOImprovement float32 `json:"ARMOImprovement,omitempty"` }
func (*ControlReport) Failed ¶
func (controlReport *ControlReport) Failed() bool
func (*ControlReport) GetNumberOfFailedResources ¶ added in v1.0.37
func (controlReport *ControlReport) GetNumberOfFailedResources() int
func (*ControlReport) GetNumberOfResources ¶
func (controlReport *ControlReport) GetNumberOfResources() int
func (*ControlReport) GetNumberOfWarningResources ¶ added in v1.0.37
func (controlReport *ControlReport) GetNumberOfWarningResources() int
func (*ControlReport) ListControlsInputKinds ¶
func (controlReport *ControlReport) ListControlsInputKinds() []string
func (*ControlReport) Passed ¶
func (controlReport *ControlReport) Passed() bool
func (*ControlReport) Warning ¶ added in v1.0.36
func (controlReport *ControlReport) Warning() bool
type Framework ¶
type Framework struct { armotypes.PortalBase `json:",inline"` CreationTime string `json:"creationTime"` Description string `json:"description"` Controls []Control `json:"controls"` // for new list of controls in POST/UPADTE requests ControlsIDs *[]string `json:"controlsIDs,omitempty"` }
Framework represents a collection of controls which are combined together to expose comprehensive behavior
func MockFrameworkA ¶
func MockFrameworkA() *Framework
type FrameworkReport ¶
type FrameworkReport struct { Name string `json:"name"` ControlReports []ControlReport `json:"controlReports"` Score float32 `json:"score,omitempty"` ARMOImprovement float32 `json:"ARMOImprovement,omitempty"` WCSScore float32 `json:"wcsScore,omitempty"` }
func MockFrameworkReportA ¶
func MockFrameworkReportA() *FrameworkReport
type NotificationPolicyKind ¶
type NotificationPolicyKind string
const ( KindFramework NotificationPolicyKind = "Framework" KindControl NotificationPolicyKind = "Control" KindRule NotificationPolicyKind = "Rule" )
Supported NotificationKinds
type NotificationPolicyType ¶
type NotificationPolicyType string
const ( TypeValidateRules NotificationPolicyType = "validateRules" TypeExecPostureScan NotificationPolicyType = "execPostureScan" TypeUpdateRules NotificationPolicyType = "updateRules" )
Supported NotificationTypes
type PolicyIdentifier ¶
type PolicyIdentifier struct { Kind NotificationPolicyKind `json:"kind"` Name string `json:"name"` }
type PolicyNotification ¶
type PolicyNotification struct { NotificationType NotificationPolicyType `json:"notificationType"` Rules []PolicyIdentifier `json:"rules"` ReportID string `json:"reportID"` JobID string `json:"jobID"` Designators armotypes.PortalDesignator `json:"designators"` }
func MockPolicyNotificationA ¶
func MockPolicyNotificationA() *PolicyNotification
func (*PolicyNotification) ToJSONBytesBuffer ¶
func (pn *PolicyNotification) ToJSONBytesBuffer() (*bytes.Buffer, error)
type PolicyRule ¶
type PolicyRule struct { armotypes.PortalBase `json:",inline"` CreationTime string `json:"creationTime"` Rule string `json:"rule"` // multiline string! RuleLanguage RuleLanguages `json:"ruleLanguage"` Match []RuleMatchObjects `json:"match"` RuleDependencies []RuleDependency `json:"ruleDependencies"` Description string `json:"description"` Remediation string `json:"remediation"` RuleQuery string `json:"ruleQuery"` // default "armo_builtins" - DEPRECATED }
PolicyRule represents single rule, the fundamental executable block of policy
func MockRuleA ¶
func MockRuleA() *PolicyRule
func MockRuleB ¶
func MockRuleB() *PolicyRule
func MockRuleUntrustedRegistries ¶
func MockRuleUntrustedRegistries() *PolicyRule
type PostureReport ¶
type PostureReport struct { CustomerGUID string `json:"customerGUID"` ClusterName string `json:"clusterName"` ReportID string `json:"reportID"` JobID string `json:"jobID"` ReportGenerationTime time.Time `json:"generationTime"` FrameworkReports []FrameworkReport `json:"frameworks"` }
PostureReport
func MockPostureReportA ¶
func MockPostureReportA() *PostureReport
func (*PostureReport) NKeys ¶
func (file *PostureReport) NKeys() int
func (*PostureReport) UnmarshalJSONObject ¶
func (r *PostureReport) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
responsible on fast unmarshaling of various COMMON containerscan structures and substructures
UnmarshalJSONObject - File inside a pkg
type RuleDependency ¶
type RuleDependency struct {
PackageName string `json:"packageName"` // package name
}
RuleMatchObjects defines which objects this rule applied on
type RuleLanguages ¶
type RuleLanguages string
const ( RegoLanguage RuleLanguages = "Rego" RegoLanguage2 RuleLanguages = "rego" )
type RuleMatchObjects ¶
type RuleMatchObjects struct { APIGroups []string `json:"apiGroups"` // apps APIVersions []string `json:"apiVersions"` // v1/ v1beta1 / * Resources []string `json:"resources"` // dep.., pods, }
RuleMatchObjects defines which objects this rule applied on
type RuleReport ¶
type RuleReport struct { Name string `json:"name"` Remediation string `json:"remediation"` RuleStatus RuleStatus `json:"ruleStatus"` // did we run the rule or not (if there where compile errors, the value will be failed) RuleResponses []RuleResponse `json:"ruleResponses"` ListInputResources []map[string]interface{} `json:"-"` ListInputKinds []string `json:"-"` }
func (*RuleReport) GetNumberOfFailedResources ¶ added in v1.0.37
func (ruleReport *RuleReport) GetNumberOfFailedResources() int
func (*RuleReport) GetNumberOfResources ¶ added in v1.0.37
func (ruleReport *RuleReport) GetNumberOfResources() int
func (*RuleReport) GetNumberOfWarningResources ¶ added in v1.0.37
func (ruleReport *RuleReport) GetNumberOfWarningResources() int
func (*RuleReport) GetRuleStatus ¶
func (ruleReport *RuleReport) GetRuleStatus() (string, []RuleResponse, []RuleResponse)
type RuleResponse ¶
type RuleResponse struct { AlertMessage string `json:"alertMessage"` RuleStatus string `json:"ruleStatus"` PackageName string `json:"packagename"` AlertScore AlertScore `json:"alertScore"` AlertObject AlertObject `json:"alertObject"` Context []string `json:"context,omitempty"` // TODO - Remove Rulename string `json:"rulename,omitempty"` // TODO - Remove ExceptionName string `json:"exceptionName,omitempty"` // Not in use Exception *armotypes.PostureExceptionPolicy `json:"exception,omitempty"` }
RegoResponse the expected response of single run of rego policy
func MockRuleResponseA ¶
func MockRuleResponseA() *RuleResponse
func (*RuleResponse) GetSingleResultStatus ¶ added in v1.0.36
func (RuleResponse *RuleResponse) GetSingleResultStatus() string
type RuleStatus ¶
type UpdatedControl ¶
type UpdatedControl struct { Control `json:",inline"` Rules []interface{} `json:"rules"` }
type UpdatedFramework ¶
type UpdatedFramework struct { Framework `json:",inline"` Controls []interface{} `json:"controls"` }
Source Files ¶
Click to show internal directories.
Click to hide internal directories.