security

package
v0.6.18-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 1, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ScanObjectType_APP   string = "app"
	ScanObjectType_CHART string = "chart"
	ScanObjectType_POD   string = "pod"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type CvePolicy

type CvePolicy struct {
	Id            int          `sql:"id,pk"`
	Global        bool         `sql:"global,notnull"`
	ClusterId     int          `sql:"cluster_id"`
	EnvironmentId int          `sql:"env_id"`
	AppId         int          `sql:"app_id"`
	CVEStoreId    string       `sql:"cve_store_id"`
	Action        PolicyAction `sql:"action, notnull"`
	Severity      *Severity    `sql:"severity, notnull "`
	Deleted       bool         `sql:"deleted, notnull"`
	sql.AuditLog
	CveStore *CveStore
	// contains filtered or unexported fields
}

func (*CvePolicy) PolicyLevel

func (policy *CvePolicy) PolicyLevel() PolicyLevel

type CvePolicyRepository

type CvePolicyRepository interface {
	GetGlobalPolicies() (policies []*CvePolicy, err error)
	GetClusterPolicies(clusterId int) (policies []*CvePolicy, err error)
	GetEnvPolicies(clusterId int, environmentId int) (policies []*CvePolicy, err error)
	GetAppEnvPolicies(clusterId int, environmentId int, appId int) (policies []*CvePolicy, err error)
	SavePolicy(policy *CvePolicy) (*CvePolicy, error)
	UpdatePolicy(policy *CvePolicy) (*CvePolicy, error)
	GetById(id int) (*CvePolicy, error)
	GetBlockedCVEList(cves []*CveStore, clusterId, envId, appId int, isAppstore bool) ([]*CveStore, error)
}

type CvePolicyRepositoryImpl

type CvePolicyRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewPolicyRepositoryImpl

func NewPolicyRepositoryImpl(dbConnection *pg.DB) *CvePolicyRepositoryImpl

func (*CvePolicyRepositoryImpl) GetAppEnvPolicies

func (impl *CvePolicyRepositoryImpl) GetAppEnvPolicies(clusterId int, environmentId int, appId int) (policies []*CvePolicy, err error)

func (*CvePolicyRepositoryImpl) GetBlockedCVEList

func (impl *CvePolicyRepositoryImpl) GetBlockedCVEList(cves []*CveStore, clusterId, envId, appId int, isAppstore bool) ([]*CveStore, error)

func (*CvePolicyRepositoryImpl) GetById

func (impl *CvePolicyRepositoryImpl) GetById(id int) (*CvePolicy, error)

func (*CvePolicyRepositoryImpl) GetClusterPolicies

func (impl *CvePolicyRepositoryImpl) GetClusterPolicies(clusterId int) (policies []*CvePolicy, err error)

func (*CvePolicyRepositoryImpl) GetEnvPolicies

func (impl *CvePolicyRepositoryImpl) GetEnvPolicies(clusterId int, environmentId int) (policies []*CvePolicy, err error)

func (*CvePolicyRepositoryImpl) GetGlobalPolicies

func (impl *CvePolicyRepositoryImpl) GetGlobalPolicies() (policies []*CvePolicy, err error)

func (*CvePolicyRepositoryImpl) SavePolicy

func (impl *CvePolicyRepositoryImpl) SavePolicy(policy *CvePolicy) (*CvePolicy, error)

func (*CvePolicyRepositoryImpl) UpdatePolicy

func (impl *CvePolicyRepositoryImpl) UpdatePolicy(policy *CvePolicy) (*CvePolicy, error)

type CveStore

type CveStore struct {
	Name         string   `sql:"name,pk"`
	Severity     Severity `sql:"severity,notnull"`
	Package      string   `sql:"package,notnull"`
	Version      string   `sql:"version,notnull"`
	FixedVersion string   `sql:"fixed_version,notnull"`
	sql.AuditLog
	// contains filtered or unexported fields
}

type CveStoreRepository

type CveStoreRepository interface {
	Save(model *CveStore) error
	FindAll() ([]*CveStore, error)
	FindByCveNames(names []string) ([]*CveStore, error)
	FindByName(name string) (*CveStore, error)
	Update(model *CveStore) error
	VulnerabilityExposure(request *VulnerabilityRequest) ([]*VulnerabilityExposure, error)
}

type CveStoreRepositoryImpl

type CveStoreRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewCveStoreRepositoryImpl

func NewCveStoreRepositoryImpl(dbConnection *pg.DB, logger *zap.SugaredLogger) *CveStoreRepositoryImpl

func (CveStoreRepositoryImpl) FindAll

func (impl CveStoreRepositoryImpl) FindAll() ([]*CveStore, error)

func (CveStoreRepositoryImpl) FindByCveNames

func (impl CveStoreRepositoryImpl) FindByCveNames(names []string) ([]*CveStore, error)

func (CveStoreRepositoryImpl) FindByName

func (impl CveStoreRepositoryImpl) FindByName(name string) (*CveStore, error)

func (CveStoreRepositoryImpl) Save

func (impl CveStoreRepositoryImpl) Save(model *CveStore) error

func (CveStoreRepositoryImpl) Update

func (impl CveStoreRepositoryImpl) Update(team *CveStore) error

func (CveStoreRepositoryImpl) VulnerabilityExposure

func (impl CveStoreRepositoryImpl) VulnerabilityExposure(request *VulnerabilityRequest) ([]*VulnerabilityExposure, error)

type ImageScanDeployInfo

type ImageScanDeployInfo struct {
	Id                          int    `sql:"id,pk"`
	ImageScanExecutionHistoryId []int  `sql:"image_scan_execution_history_id,notnull" pg:",array"`
	ScanObjectMetaId            int    `sql:"scan_object_meta_id,notnull"`
	ObjectType                  string `sql:"object_type,notnull"`
	EnvId                       int    `sql:"env_id,notnull"`
	ClusterId                   int    `sql:"cluster_id,notnull"`
	sql.AuditLog
	// contains filtered or unexported fields
}

* this table contains scanned images registry for deployed object and apps, images which are deployed on cluster by anyway and has scanned result

type ImageScanDeployInfoRepository

type ImageScanDeployInfoRepository interface {
	Save(model *ImageScanDeployInfo) error
	FindAll() ([]*ImageScanDeployInfo, error)
	FindOne(id int) (*ImageScanDeployInfo, error)
	FindByIds(ids []int) ([]*ImageScanDeployInfo, error)
	Update(model *ImageScanDeployInfo) error
	FetchListingGroupByObject(size int, offset int) ([]*ImageScanDeployInfo, error)
	FetchByAppIdAndEnvId(appId int, envId int, objectType []string) (*ImageScanDeployInfo, error)
	FindByTypeMetaAndTypeId(scanObjectMetaId int, objectType string) (*ImageScanDeployInfo, error)
	ScanListingWithFilter(request *ImageScanFilter, size int, offset int, deployInfoIds []int) ([]*ImageScanListingResponse, error)
}

type ImageScanDeployInfoRepositoryImpl

type ImageScanDeployInfoRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewImageScanDeployInfoRepositoryImpl

func NewImageScanDeployInfoRepositoryImpl(dbConnection *pg.DB, logger *zap.SugaredLogger) *ImageScanDeployInfoRepositoryImpl

func (ImageScanDeployInfoRepositoryImpl) FetchByAppIdAndEnvId

func (impl ImageScanDeployInfoRepositoryImpl) FetchByAppIdAndEnvId(appId int, envId int, objectType []string) (*ImageScanDeployInfo, error)

func (ImageScanDeployInfoRepositoryImpl) FetchListingGroupByObject

func (impl ImageScanDeployInfoRepositoryImpl) FetchListingGroupByObject(size int, offset int) ([]*ImageScanDeployInfo, error)

func (ImageScanDeployInfoRepositoryImpl) FindAll

func (ImageScanDeployInfoRepositoryImpl) FindByIds

func (impl ImageScanDeployInfoRepositoryImpl) FindByIds(ids []int) ([]*ImageScanDeployInfo, error)

func (ImageScanDeployInfoRepositoryImpl) FindByTypeMetaAndTypeId

func (impl ImageScanDeployInfoRepositoryImpl) FindByTypeMetaAndTypeId(scanObjectMetaId int, objectType string) (*ImageScanDeployInfo, error)

func (ImageScanDeployInfoRepositoryImpl) FindOne

func (ImageScanDeployInfoRepositoryImpl) Save

func (ImageScanDeployInfoRepositoryImpl) ScanListingWithFilter

func (impl ImageScanDeployInfoRepositoryImpl) ScanListingWithFilter(request *ImageScanFilter, size int, offset int, deployInfoIds []int) ([]*ImageScanListingResponse, error)

func (ImageScanDeployInfoRepositoryImpl) Update

type ImageScanExecutionHistory

type ImageScanExecutionHistory struct {
	Id            int       `sql:"id,pk"`
	Image         string    `sql:"image,notnull"`
	ImageHash     string    `sql:"image_hash,notnull"`
	ExecutionTime time.Time `sql:"execution_time"`
	ExecutedBy    int       `sql:"executed_by,notnull"`
	// contains filtered or unexported fields
}

type ImageScanExecutionResult

type ImageScanExecutionResult struct {
	Id                          int    `sql:"id,pk"`
	CveStoreName                string `sql:"cve_store_name,notnull"`
	ImageScanExecutionHistoryId int    `sql:"image_scan_execution_history_id"`
	CveStore                    CveStore
	ImageScanExecutionHistory   ImageScanExecutionHistory
	// contains filtered or unexported fields
}

type ImageScanFilter

type ImageScanFilter struct {
	Offset         int    `json:"offset"`
	Size           int    `json:"size"`
	CVEName        string `json:"cveName"`
	AppName        string `json:"appName"`
	ObjectName     string `json:"objectName"`
	EnvironmentIds []int  `json:"envIds"`
	ClusterIds     []int  `json:"clusterIds"`
	Severity       []int  `json:"severity"`
}

type ImageScanHistoryRepository

type ImageScanHistoryRepository interface {
	Save(model *ImageScanExecutionHistory) error
	FindAll() ([]*ImageScanExecutionHistory, error)
	FindOne(id int) (*ImageScanExecutionHistory, error)
	FindByImageDigest(image string) (*ImageScanExecutionHistory, error)
	FindByImageDigests(digest []string) ([]*ImageScanExecutionHistory, error)
	Update(model *ImageScanExecutionHistory) error
	FindByImage(image string) (*ImageScanExecutionHistory, error)
}

type ImageScanHistoryRepositoryImpl

type ImageScanHistoryRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewImageScanHistoryRepositoryImpl

func NewImageScanHistoryRepositoryImpl(dbConnection *pg.DB, logger *zap.SugaredLogger) *ImageScanHistoryRepositoryImpl

func (ImageScanHistoryRepositoryImpl) FindAll

func (ImageScanHistoryRepositoryImpl) FindByImage

func (ImageScanHistoryRepositoryImpl) FindByImageDigest

func (impl ImageScanHistoryRepositoryImpl) FindByImageDigest(image string) (*ImageScanExecutionHistory, error)

func (ImageScanHistoryRepositoryImpl) FindByImageDigests

func (impl ImageScanHistoryRepositoryImpl) FindByImageDigests(digest []string) ([]*ImageScanExecutionHistory, error)

func (ImageScanHistoryRepositoryImpl) FindOne

func (ImageScanHistoryRepositoryImpl) Save

func (ImageScanHistoryRepositoryImpl) Update

type ImageScanListingResponse

type ImageScanListingResponse struct {
	Id               int       `json:"id"`
	ScanObjectMetaId int       `json:"scanObjectMetaId"`
	ObjectName       string    `json:"objectName"`
	ObjectType       string    `json:"objectType"`
	SecurityScan     string    `json:"securityScan"`
	EnvironmentName  string    `json:"environmentName"`
	LastChecked      time.Time `json:"lastChecked"`
}

type ImageScanObjectMeta

type ImageScanObjectMeta struct {
	Id     int    `sql:"id,pk"`
	Name   string `sql:"name,notnull"`
	Image  string `sql:"image,notnull"`
	Active bool   `sql:"active"`
	// contains filtered or unexported fields
}

type ImageScanObjectMetaRepository

type ImageScanObjectMetaRepository interface {
	Save(model *ImageScanObjectMeta) error
	FindAll() ([]*ImageScanObjectMeta, error)
	FindOne(id int) (*ImageScanObjectMeta, error)
	FindByNameAndType(name string, types string) ([]*ImageScanObjectMeta, error)
	Update(model *ImageScanObjectMeta) error
}

type ImageScanObjectMetaRepositoryImpl

type ImageScanObjectMetaRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewImageScanObjectMetaRepositoryImpl

func NewImageScanObjectMetaRepositoryImpl(dbConnection *pg.DB, logger *zap.SugaredLogger) *ImageScanObjectMetaRepositoryImpl

func (ImageScanObjectMetaRepositoryImpl) FindAll

func (ImageScanObjectMetaRepositoryImpl) FindByNameAndType

func (impl ImageScanObjectMetaRepositoryImpl) FindByNameAndType(name string, types string) ([]*ImageScanObjectMeta, error)

func (ImageScanObjectMetaRepositoryImpl) FindOne

func (ImageScanObjectMetaRepositoryImpl) Save

func (ImageScanObjectMetaRepositoryImpl) Update

type ImageScanResultRepository

type ImageScanResultRepository interface {
	Save(model *ImageScanExecutionResult) error
	FindAll() ([]*ImageScanExecutionResult, error)
	FindOne(id int) (*ImageScanExecutionResult, error)
	FindByCveName(name string) ([]*ImageScanExecutionResult, error)
	Update(model *ImageScanExecutionResult) error
	FetchByScanExecutionId(id int) ([]*ImageScanExecutionResult, error)
	FetchByScanExecutionIds(ids []int) ([]*ImageScanExecutionResult, error)
	FindByImageDigest(imageDigest string) ([]*ImageScanExecutionResult, error)
	FindByImageDigests(digest []string) ([]*ImageScanExecutionResult, error)
	FindByImage(image string) ([]*ImageScanExecutionResult, error)
}

type ImageScanResultRepositoryImpl

type ImageScanResultRepositoryImpl struct {
	// contains filtered or unexported fields
}

func NewImageScanResultRepositoryImpl

func NewImageScanResultRepositoryImpl(dbConnection *pg.DB, logger *zap.SugaredLogger) *ImageScanResultRepositoryImpl

func (ImageScanResultRepositoryImpl) FetchByScanExecutionId

func (impl ImageScanResultRepositoryImpl) FetchByScanExecutionId(scanExecutionId int) ([]*ImageScanExecutionResult, error)

func (ImageScanResultRepositoryImpl) FetchByScanExecutionIds

func (impl ImageScanResultRepositoryImpl) FetchByScanExecutionIds(ids []int) ([]*ImageScanExecutionResult, error)

func (ImageScanResultRepositoryImpl) FindAll

func (ImageScanResultRepositoryImpl) FindByCveName

func (impl ImageScanResultRepositoryImpl) FindByCveName(name string) ([]*ImageScanExecutionResult, error)

func (ImageScanResultRepositoryImpl) FindByImage

func (ImageScanResultRepositoryImpl) FindByImageDigest

func (impl ImageScanResultRepositoryImpl) FindByImageDigest(imageDigest string) ([]*ImageScanExecutionResult, error)

func (ImageScanResultRepositoryImpl) FindByImageDigests

func (impl ImageScanResultRepositoryImpl) FindByImageDigests(digest []string) ([]*ImageScanExecutionResult, error)

func (ImageScanResultRepositoryImpl) FindOne

func (ImageScanResultRepositoryImpl) Save

func (ImageScanResultRepositoryImpl) Update

type PolicyAction

type PolicyAction int
const (
	Inherit PolicyAction = iota
	Allow
	Block
)

func (PolicyAction) String

func (d PolicyAction) String() string

type PolicyLevel

type PolicyLevel int

----------------

const (
	Global PolicyLevel = iota
	Cluster
	Environment
	Application
)

func (PolicyLevel) String

func (d PolicyLevel) String() string

type Severity

type Severity int

------------------

const (
	Low Severity = iota
	Moderate
	Critical
)

func (Severity) String

func (d Severity) String() string

func (Severity) ValuesOf

func (d Severity) ValuesOf(severity string) Severity

type SortBy

type SortBy string

type SortOrder

type SortOrder string
const (
	Asc  SortOrder = "ASC"
	Desc SortOrder = "DESC"
)

type VulnerabilityExposure

type VulnerabilityExposure struct {
	AppName string `json:"appName"`
	EnvName string `json:"envName"`
	AppId   int    `json:"appId"`
	EnvId   int    `json:"envId"`
	//ClusterId     int    `json:"clusterId"`
	AppStore      bool `json:"appStore"`
	Blocked       bool `json:"blocked"`
	PipelineEnvId int  `json:"-"`
	ChartEnvId    int  `json:"-"`
}

type VulnerabilityExposureListingResponse

type VulnerabilityExposureListingResponse struct {
	Offset                int                      `json:"offset"`
	Size                  int                      `json:"size"`
	Total                 int                      `json:"total"`
	VulnerabilityExposure []*VulnerabilityExposure `json:"list"`
}

type VulnerabilityRequest

type VulnerabilityRequest struct {
	AppName    string `json:"appName"`
	CveName    string `json:"cveName"`
	EnvIds     []int  `json:"envIds"`
	ClusterIds []int  `json:"clusterIds"`
	Offset     int    `json:"offset"`
	Size       int    `json:"size"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL