validate

package
v0.1.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 21, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	HubRegoPolicy = "ghcr.io/santoshkal/genval-security-policies/rego-policies:v0.0.1"
)

Variables

This section is empty.

Functions

func ApplyPolicyiesFromOCI added in v0.1.6 

func ApplyPolicyiesFromOCI(ociURL, creds, path string) (string, error)

func EvaluateCELPolicies 

func EvaluateCELPolicies(policies []CELPolicy, inputFile string, t table.Writer) error

func FetchRegoMetadata added in v0.1.3 

func FetchRegoMetadata(policyDir, metaExt, regoExt string) ([]string, []string, error)

func LoadRegoMetadata added in v0.1.3 

func LoadRegoMetadata(filePaths []string) ([]*regoMetadata, error)

LoadRegoMetadata loads the contents of the metadata files into a slice of pointers to RegoMeta structs

func MatchPolicyMetadata added in v0.1.3 

func MatchPolicyMetadata(metas []*regoMetadata, key string) (string, *regoMetadata, error)

MatchPolicyMetadata matches the RegoMeta policy names with the Rego evaluation results and returns the matched key

func PrintResults added in v0.1.2 

func PrintResults(result rego.ResultSet, metas []*regoMetadata) error

PrintResults prints the evaluation results along with the metadata

func SaveResults added in v0.1.3 

func SaveResults(filename string, newResults []Results) error

SaveResults saves the results to a file as a JSON array

func ValidateWithOCIPolicies added in v0.1.6 

func ValidateWithOCIPolicies(resource, policy, ociURL, creds string, processor InputProcessor) error

func ValidateWithRego 

func ValidateWithRego(inputContent, regoPolicyPath string, processor InputProcessor) error

Types

type CELPolicy added in v0.1.3 

type CELPolicy struct {
	APIVersion string   `yaml:"apiVersion"`
	Kind       string   `yaml:"kind"`
	Metadata   Metadata `yaml:"metadata"`
	Rule       string   `yaml:"rule"`
}

func ParseYAMLPolicies added in v0.1.3 

func ParseYAMLPolicies(policyFile string) ([]CELPolicy, error)

type CELPolicyFile added in v0.1.3 

type CELPolicyFile struct {
	Policies []CELPolicy `yaml:"policies"`
}

type DockerfileProcessor added in v0.1.6 

type DockerfileProcessor struct{}

DOckefileProcessor processes Dockerrile input

func (DockerfileProcessor) ProcessInput added in v0.1.6 

func (d DockerfileProcessor) ProcessInput(content string) ([]byte, error)

d.ProcessInput processes Dockerfile content and returns a []byte or any error

type GenericProcessor added in v0.1.6 

type GenericProcessor struct{}

GenericProcessor processes generic inputs like (YAML, JSON, etc)

func (GenericProcessor) ProcessInput added in v0.1.6 

func (g GenericProcessor) ProcessInput(content string) ([]byte, error)

g.ProcessInput processes generic input contents and returns a []byte or any error

type InputProcessor added in v0.1.6 

type InputProcessor interface {
	ProcessInput(string) ([]byte, error)
}

type Metadata added in v0.1.3 

type Metadata struct {
	Name        string `yaml:"name"`
	Description string `yaml:"description"`
	Severity    string `yaml:"severity"`
	Benchmark   string `yaml:"benchmark"`
}

type PolicyFile added in v0.1.3 

type PolicyFile struct {
	Policies []CELPolicy `yaml:"policies"`
}

type Results added in v0.1.3 

type Results struct {
	ID          string `json:"id"`
	PolicyName  string `json:"policyName"`
	Status      string `json:"status"`
	Description string `json:"description"`
	Severity    string `json:"severity"`
	Benchmark   string `json:"benchmark"`
	Category    string `json:"category"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.