Documentation
¶
Overview ¶
Package engine provides an implementation of the profile-engine-related objects, interfaces and functionality.
Index ¶
- Constants
- type Executor
- type ExecutorEventHandler
- type ExecutorMetrics
- func (e *ExecutorMetrics) CountAlertStatus(ctx context.Context, status db.AlertStatusTypes)
- func (e *ExecutorMetrics) CountEvalStatus(ctx context.Context, status db.EvalStatusTypes, entityType db.Entities)
- func (e *ExecutorMetrics) CountRemediationStatus(ctx context.Context, status db.RemediationStatusTypes)
- func (e *ExecutorMetrics) TimeEntityEvaluation(ctx context.Context, startTime time.Time)
- func (e *ExecutorMetrics) TimeProfileEvaluation(ctx context.Context, startTime time.Time)
Constants ¶
View Source
const ( // DefaultExecutionTimeout is the timeout for execution of a set // of profiles on an entity. DefaultExecutionTimeout = 5 * time.Minute // ArtifactSignatureWaitPeriod is the waiting period for potential artifact signature to be available // before proceeding with evaluation. ArtifactSignatureWaitPeriod = 10 * time.Second )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Executor ¶
type Executor interface {
EvalEntityEvent(ctx context.Context, inf *entities.EntityInfoWrapper) error
}
Executor is the engine that executes the rules for a given event
func NewExecutor ¶
func NewExecutor( querier db.Store, providerManager manager.ProviderManager, metrics *ExecutorMetrics, historyService history.EvaluationHistoryService, featureFlags openfeature.IClient, profileStore profiles.ProfileStore, selBuilder selectors.SelectionBuilder, propService service.PropertiesService, ) Executor
NewExecutor creates a new executor
type ExecutorEventHandler ¶
type ExecutorEventHandler struct {
// contains filtered or unexported fields
}
ExecutorEventHandler is responsible for consuming entity events, passing entities to the executor, and then publishing the results.
func NewExecutorEventHandler ¶
func NewExecutorEventHandler( ctx context.Context, evt interfaces.Publisher, handlerMiddleware []message.HandlerMiddleware, executor Executor, ) *ExecutorEventHandler
NewExecutorEventHandler creates the event handler for the executor
func (*ExecutorEventHandler) HandleEntityEvent ¶
func (e *ExecutorEventHandler) HandleEntityEvent(msg *message.Message) error
HandleEntityEvent handles events coming from webhooks/signals as well as the init event.
func (*ExecutorEventHandler) Register ¶
func (e *ExecutorEventHandler) Register(r interfaces.Registrar)
Register implements the Consumer interface.
func (*ExecutorEventHandler) Wait ¶
func (e *ExecutorEventHandler) Wait()
Wait waits for all the entity executions to finish.
type ExecutorMetrics ¶
type ExecutorMetrics struct {
// contains filtered or unexported fields
}
ExecutorMetrics encapsulates metrics operations for the executor
func NewExecutorMetrics ¶
func NewExecutorMetrics(meterFactory meters.MeterFactory) (*ExecutorMetrics, error)
NewExecutorMetrics instantiates the ExecutorMetrics struct.
func (*ExecutorMetrics) CountAlertStatus ¶
func (e *ExecutorMetrics) CountAlertStatus( ctx context.Context, status db.AlertStatusTypes, )
CountAlertStatus counts alert events by status.
func (*ExecutorMetrics) CountEvalStatus ¶
func (e *ExecutorMetrics) CountEvalStatus( ctx context.Context, status db.EvalStatusTypes, entityType db.Entities, )
CountEvalStatus counts evaluation events by status.
func (*ExecutorMetrics) CountRemediationStatus ¶
func (e *ExecutorMetrics) CountRemediationStatus( ctx context.Context, status db.RemediationStatusTypes, )
CountRemediationStatus counts remediation events by status.
func (*ExecutorMetrics) TimeEntityEvaluation ¶
func (e *ExecutorMetrics) TimeEntityEvaluation(ctx context.Context, startTime time.Time)
TimeEntityEvaluation records how long it took to evaluate a profile.
func (*ExecutorMetrics) TimeProfileEvaluation ¶
func (e *ExecutorMetrics) TimeProfileEvaluation(ctx context.Context, startTime time.Time)
TimeProfileEvaluation records how long it took to evaluate a profile.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package actions provide necessary interfaces and implementations for processing actions, such as remediation and alerts.
|
Package actions provide necessary interfaces and implementations for processing actions, such as remediation and alerts. |
|
alert
Package alert provides necessary interfaces and implementations for processing alerts.
|
Package alert provides necessary interfaces and implementations for processing alerts. |
|
alert/noop
Package noop provides a fallback alert engine for cases where no alert is set.
|
Package noop provides a fallback alert engine for cases where no alert is set. |
|
alert/security_advisory
Package security_advisory provides necessary interfaces and implementations for creating alerts of type security advisory.
|
Package security_advisory provides necessary interfaces and implementations for creating alerts of type security advisory. |
|
remediate
Package remediate provides necessary interfaces and implementations for remediating rules.
|
Package remediate provides necessary interfaces and implementations for remediating rules. |
|
remediate/gh_branch_protect
Package gh_branch_protect provides the github branch protection remediation engine
|
Package gh_branch_protect provides the github branch protection remediation engine |
|
remediate/noop
Package noop provides a fallback remediation engine for cases where no remediation is set.
|
Package noop provides a fallback remediation engine for cases where no remediation is set. |
|
remediate/pull_request
Package pull_request provides the pull request remediation engine
|
Package pull_request provides the pull request remediation engine |
|
remediate/rest
Package rest provides the REST remediation engine
|
Package rest provides the REST remediation engine |
|
Package engcontext defines the EngineContext type.
|
Package engcontext defines the EngineContext type. |
|
Package entities contains internal helper functions to deal with, validate and print the Entity protobuf enum.
|
Package entities contains internal helper functions to deal with, validate and print the Entity protobuf enum. |
|
Package errors provides errors for the evaluator engine
|
Package errors provides errors for the evaluator engine |
|
Package eval provides necessary interfaces and implementations for evaluating rules.
|
Package eval provides necessary interfaces and implementations for evaluating rules. |
|
homoglyphs/application
Package application contains the application logic for the homoglyphs rule type
|
Package application contains the application logic for the homoglyphs rule type |
|
homoglyphs/communication
Package communication contains the communication logic for the homoglyphs rule type
|
Package communication contains the communication logic for the homoglyphs rule type |
|
homoglyphs/domain
Package domain contains the domain logic for the homoglyphs rule type
|
Package domain contains the domain logic for the homoglyphs rule type |
|
homoglyphs/domain/resources
Package resources contains resources used by the homoglyphs evaluators.
|
Package resources contains resources used by the homoglyphs evaluators. |
|
homoglyphs/util
Package util contains utility functions for the homoglyphs evaluation engine
|
Package util contains utility functions for the homoglyphs evaluation engine |
|
jq
Package jq provides the jq profile evaluator
|
Package jq provides the jq profile evaluator |
|
pr_actions
Package pr_actions contains shared code to take on PRs
|
Package pr_actions contains shared code to take on PRs |
|
rego
Package rego provides the rego rule evaluator
|
Package rego provides the rego rule evaluator |
|
templates
Package templates contains template strings for evaluation details.
|
Package templates contains template strings for evaluation details. |
|
trusty
Package trusty provides an evaluator that uses the trusty API
|
Package trusty provides an evaluator that uses the trusty API |
|
vulncheck
Package vulncheck provides the vulnerability check evaluator
|
Package vulncheck provides the vulnerability check evaluator |
|
Package ingestcache a cache that is used to cache the results of ingesting data.
|
Package ingestcache a cache that is used to cache the results of ingesting data. |
|
Package ingester provides necessary interfaces and implementations for ingesting data for rules.
|
Package ingester provides necessary interfaces and implementations for ingesting data for rules. |
|
artifact
Package artifact provides the artifact ingestion engine
|
Package artifact provides the artifact ingestion engine |
|
builtin
Package builtin provides the builtin ingestion engine
|
Package builtin provides the builtin ingestion engine |
|
diff
Package diff provides the diff rule data ingest engine
|
Package diff provides the diff rule data ingest engine |
|
git
Package git provides the git rule data ingest engine
|
Package git provides the git rule data ingest engine |
|
rest
Package rest provides the REST rule data ingest engine
|
Package rest provides the REST rule data ingest engine |
|
Package interfaces provides necessary interfaces and implementations for implementing engine plugins
|
Package interfaces provides necessary interfaces and implementations for implementing engine plugins |
|
Package mock_engine is a generated GoMock package.
|
Package mock_engine is a generated GoMock package. |
|
Package options provides necessary interfaces and implementations for implementing evaluator configuration options.
|
Package options provides necessary interfaces and implementations for implementing evaluator configuration options. |
|
Package rtengine contains utilities for the rule type engine.
|
Package rtengine contains utilities for the rule type engine. |
Click to show internal directories.
Click to hide internal directories.