v1

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 17, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	Confidence_name = map[int32]string{
		0: "CONFIDENCE_UNSPECIFIED",
		1: "CONFIDENCE_INFO",
		2: "CONFIDENCE_LOW",
		3: "CONFIDENCE_MEDIUM",
		4: "CONFIDENCE_HIGH",
		5: "CONFIDENCE_CRITICAL",
	}
	Confidence_value = map[string]int32{
		"CONFIDENCE_UNSPECIFIED": 0,
		"CONFIDENCE_INFO":        1,
		"CONFIDENCE_LOW":         2,
		"CONFIDENCE_MEDIUM":      3,
		"CONFIDENCE_HIGH":        4,
		"CONFIDENCE_CRITICAL":    5,
	}
)

Enum value maps for Confidence.

View Source
var (
	Severity_name = map[int32]string{
		0: "SEVERITY_UNSPECIFIED",
		1: "SEVERITY_INFO",
		2: "SEVERITY_LOW",
		3: "SEVERITY_MEDIUM",
		4: "SEVERITY_HIGH",
		5: "SEVERITY_CRITICAL",
	}
	Severity_value = map[string]int32{
		"SEVERITY_UNSPECIFIED": 0,
		"SEVERITY_INFO":        1,
		"SEVERITY_LOW":         2,
		"SEVERITY_MEDIUM":      3,
		"SEVERITY_HIGH":        4,
		"SEVERITY_CRITICAL":    5,
	}
)

Enum value maps for Severity.

View Source
var File_api_proto_v1_engine_proto protoreflect.FileDescriptor
View Source
var File_api_proto_v1_issue_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Confidence

type Confidence int32

Confidence represents the tool's confidence that an issue exists

const (
	// Represents an empty confidence field from a tool
	Confidence_CONFIDENCE_UNSPECIFIED Confidence = 0
	// Represents Confidence "Informational" or generic Warnings
	Confidence_CONFIDENCE_INFO Confidence = 1
	// Represents Confidence "Low"
	Confidence_CONFIDENCE_LOW Confidence = 2
	// Represents Confidence "Medium"
	Confidence_CONFIDENCE_MEDIUM Confidence = 3
	// Represents Confidence "High"
	Confidence_CONFIDENCE_HIGH Confidence = 4
	// Highest Confidence applicable
	Confidence_CONFIDENCE_CRITICAL Confidence = 5
)

func (Confidence) Descriptor

func (Confidence) Descriptor() protoreflect.EnumDescriptor

func (Confidence) Enum

func (x Confidence) Enum() *Confidence

func (Confidence) EnumDescriptor deprecated

func (Confidence) EnumDescriptor() ([]byte, []int)

Deprecated: Use Confidence.Descriptor instead.

func (Confidence) Number

func (x Confidence) Number() protoreflect.EnumNumber

func (Confidence) String

func (x Confidence) String() string

func (Confidence) Type

type EnrichedIssue

type EnrichedIssue struct {

	// the original finding
	RawIssue *Issue `protobuf:"bytes,1,opt,name=raw_issue,json=rawIssue,proto3" json:"raw_issue,omitempty"`
	// The first time this issue was seen by the enrichment service
	FirstSeen *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=first_seen,json=firstSeen,proto3" json:"first_seen,omitempty"`
	// The number of times this issue was seen
	Count uint64 `protobuf:"varint,3,opt,name=count,proto3" json:"count,omitempty"`
	// Whether this issue has been previously marked as a false positive
	FalsePositive bool `protobuf:"varint,4,opt,name=false_positive,json=falsePositive,proto3" json:"false_positive,omitempty"`
	// The last time this issue was updated
	UpdatedAt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// hash
	Hash string `protobuf:"bytes,6,opt,name=hash,proto3" json:"hash,omitempty"`
	// an arbitrary list of extra annotations, reserved for use by the enrichers
	Annotations map[string]string `` /* 163-byte string literal not displayed */
	// contains filtered or unexported fields
}

Represents an issue that has been enriched with metadata from the enrichment service

func (*EnrichedIssue) Descriptor deprecated

func (*EnrichedIssue) Descriptor() ([]byte, []int)

Deprecated: Use EnrichedIssue.ProtoReflect.Descriptor instead.

func (*EnrichedIssue) GetAnnotations

func (x *EnrichedIssue) GetAnnotations() map[string]string

func (*EnrichedIssue) GetCount

func (x *EnrichedIssue) GetCount() uint64

func (*EnrichedIssue) GetFalsePositive

func (x *EnrichedIssue) GetFalsePositive() bool

func (*EnrichedIssue) GetFirstSeen

func (x *EnrichedIssue) GetFirstSeen() *timestamppb.Timestamp

func (*EnrichedIssue) GetHash

func (x *EnrichedIssue) GetHash() string

func (*EnrichedIssue) GetRawIssue

func (x *EnrichedIssue) GetRawIssue() *Issue

func (*EnrichedIssue) GetUpdatedAt

func (x *EnrichedIssue) GetUpdatedAt() *timestamppb.Timestamp

func (*EnrichedIssue) ProtoMessage

func (*EnrichedIssue) ProtoMessage()

func (*EnrichedIssue) ProtoReflect

func (x *EnrichedIssue) ProtoReflect() protoreflect.Message

func (*EnrichedIssue) Reset

func (x *EnrichedIssue) Reset()

func (*EnrichedIssue) String

func (x *EnrichedIssue) String() string

type EnrichedLaunchToolResponse

type EnrichedLaunchToolResponse struct {

	// The results of the original scan prior to enrichment
	OriginalResults *LaunchToolResponse `protobuf:"bytes,1,opt,name=original_results,json=originalResults,proto3" json:"original_results,omitempty"`
	// Enriched, deduplicated issues
	Issues []*EnrichedIssue `protobuf:"bytes,2,rep,name=issues,proto3" json:"issues,omitempty"`
	// contains filtered or unexported fields
}

An EnrichedLaunchToolResponse consists of deduplicated vulnerability information, with added metadata for consumers

func (*EnrichedLaunchToolResponse) Descriptor deprecated

func (*EnrichedLaunchToolResponse) Descriptor() ([]byte, []int)

Deprecated: Use EnrichedLaunchToolResponse.ProtoReflect.Descriptor instead.

func (*EnrichedLaunchToolResponse) GetIssues

func (x *EnrichedLaunchToolResponse) GetIssues() []*EnrichedIssue

func (*EnrichedLaunchToolResponse) GetOriginalResults

func (x *EnrichedLaunchToolResponse) GetOriginalResults() *LaunchToolResponse

func (*EnrichedLaunchToolResponse) ProtoMessage

func (*EnrichedLaunchToolResponse) ProtoMessage()

func (*EnrichedLaunchToolResponse) ProtoReflect

func (*EnrichedLaunchToolResponse) Reset

func (x *EnrichedLaunchToolResponse) Reset()

func (*EnrichedLaunchToolResponse) String

func (x *EnrichedLaunchToolResponse) String() string

type Issue

type Issue struct {

	// Scan target can be host:port, //vault/foo/bar:34-67 or some URL that is semantically a target
	Target string `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	// The finding ID from the tool if applicable, otherwise a vulnerability ID such as CWE-ID, etc for XSS, CSRF, etc.
	Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"`
	// The finding title from the tool
	Title string `protobuf:"bytes,3,opt,name=title,proto3" json:"title,omitempty"`
	// A severity indication, defaults to unspecified
	Severity Severity `protobuf:"varint,4,opt,name=severity,proto3,enum=ocurity.dracon.v1.Severity" json:"severity,omitempty"`
	// An optional cvss if the tool reports it
	Cvss float64 `protobuf:"fixed64,5,opt,name=cvss,proto3" json:"cvss,omitempty"`
	// Confidence indication, defaults to Unspecified
	Confidence Confidence `protobuf:"varint,6,opt,name=confidence,proto3,enum=ocurity.dracon.v1.Confidence" json:"confidence,omitempty"`
	// human readable description of the issue
	Description string `protobuf:"bytes,7,opt,name=description,proto3" json:"description,omitempty"`
	// Source of the scan e.g. https://github.com/ocurity/dracon.git?ref=<revision>, github.com:tektoncd/pipeline.git?ref=<revision>, local?ref=local
	Source string `protobuf:"bytes,8,opt,name=source,proto3" json:"source,omitempty"`
	// [Optional] the CVE causing this vulnerability
	Cve string `protobuf:"bytes,9,opt,name=cve,proto3" json:"cve,omitempty"`
	// internal field reserved for the enrichment aggregator
	Uuid string `protobuf:"bytes,10,opt,name=uuid,proto3" json:"uuid,omitempty"`
	// optional field that allows us to also encode a bill of materials in an issue
	CycloneDXSBOM *string `protobuf:"bytes,11,opt,name=cyclone_d_x_s_b_o_m,json=cycloneDXSBOM,proto3,oneof" json:"cyclone_d_x_s_b_o_m,omitempty"`
	// optional string that allows producers to communicate relevant code/request segments
	ContextSegment *string `protobuf:"bytes,12,opt,name=context_segment,json=contextSegment,proto3,oneof" json:"context_segment,omitempty"`
	// optionally the related CWEs
	Cwe []int32 `protobuf:"varint,13,rep,packed,name=cwe,proto3" json:"cwe,omitempty"`
	// contains filtered or unexported fields
}

Issue represents a vulnerability to be processed by consumers

func (*Issue) Descriptor deprecated

func (*Issue) Descriptor() ([]byte, []int)

Deprecated: Use Issue.ProtoReflect.Descriptor instead.

func (*Issue) GetConfidence

func (x *Issue) GetConfidence() Confidence

func (*Issue) GetContextSegment

func (x *Issue) GetContextSegment() string

func (*Issue) GetCve

func (x *Issue) GetCve() string

func (*Issue) GetCvss

func (x *Issue) GetCvss() float64

func (*Issue) GetCwe

func (x *Issue) GetCwe() []int32

func (*Issue) GetCycloneDXSBOM

func (x *Issue) GetCycloneDXSBOM() string

func (*Issue) GetDescription

func (x *Issue) GetDescription() string

func (*Issue) GetSeverity

func (x *Issue) GetSeverity() Severity

func (*Issue) GetSource

func (x *Issue) GetSource() string

func (*Issue) GetTarget

func (x *Issue) GetTarget() string

func (*Issue) GetTitle

func (x *Issue) GetTitle() string

func (*Issue) GetType

func (x *Issue) GetType() string

func (*Issue) GetUuid

func (x *Issue) GetUuid() string

func (*Issue) ProtoMessage

func (*Issue) ProtoMessage()

func (*Issue) ProtoReflect

func (x *Issue) ProtoReflect() protoreflect.Message

func (*Issue) Reset

func (x *Issue) Reset()

func (*Issue) String

func (x *Issue) String() string

type LaunchToolResponse

type LaunchToolResponse struct {

	// The scan information, see above for details
	ScanInfo *ScanInfo `protobuf:"bytes,1,opt,name=scan_info,json=scanInfo,proto3" json:"scan_info,omitempty"`
	// The name of the tool that ran the scan
	ToolName string `protobuf:"bytes,2,opt,name=tool_name,json=toolName,proto3" json:"tool_name,omitempty"`
	// Issues discovered during the scan
	Issues []*Issue `protobuf:"bytes,3,rep,name=issues,proto3" json:"issues,omitempty"`
	// The target of the scan
	ScanTarget string `protobuf:"bytes,4,opt,name=scan_target,json=scanTarget,proto3" json:"scan_target,omitempty"`
	// contains filtered or unexported fields
}

LaunchToolReponse consists of a response built by a producer, to be interpreted by a consumer

func (*LaunchToolResponse) Descriptor deprecated

func (*LaunchToolResponse) Descriptor() ([]byte, []int)

Deprecated: Use LaunchToolResponse.ProtoReflect.Descriptor instead.

func (*LaunchToolResponse) GetIssues

func (x *LaunchToolResponse) GetIssues() []*Issue

func (*LaunchToolResponse) GetScanInfo

func (x *LaunchToolResponse) GetScanInfo() *ScanInfo

func (*LaunchToolResponse) GetScanTarget added in v0.17.0

func (x *LaunchToolResponse) GetScanTarget() string

func (*LaunchToolResponse) GetToolName

func (x *LaunchToolResponse) GetToolName() string

func (*LaunchToolResponse) ProtoMessage

func (*LaunchToolResponse) ProtoMessage()

func (*LaunchToolResponse) ProtoReflect

func (x *LaunchToolResponse) ProtoReflect() protoreflect.Message

func (*LaunchToolResponse) Reset

func (x *LaunchToolResponse) Reset()

func (*LaunchToolResponse) String

func (x *LaunchToolResponse) String() string

type ScanInfo

type ScanInfo struct {

	// scan unique identifier
	ScanUuid string `protobuf:"bytes,1,opt,name=scan_uuid,json=scanUuid,proto3" json:"scan_uuid,omitempty"`
	// timestamp of when the scan was triggered (passed to LaunchToolResponse)
	ScanStartTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=scan_start_time,json=scanStartTime,proto3" json:"scan_start_time,omitempty"`
	// [Optional] scan tags is a user defined list of tags for this scan
	ScanTags map[string]string `` /* 173-byte string literal not displayed */
	// contains filtered or unexported fields
}

Scan related information, unique and immutable per scan run This message is copied from LaunchToolRequest to LaunchToolResponse by each producer wrapper

func (*ScanInfo) Descriptor deprecated

func (*ScanInfo) Descriptor() ([]byte, []int)

Deprecated: Use ScanInfo.ProtoReflect.Descriptor instead.

func (*ScanInfo) GetScanStartTime

func (x *ScanInfo) GetScanStartTime() *timestamppb.Timestamp

func (*ScanInfo) GetScanTags

func (x *ScanInfo) GetScanTags() map[string]string

func (*ScanInfo) GetScanUuid

func (x *ScanInfo) GetScanUuid() string

func (*ScanInfo) ProtoMessage

func (*ScanInfo) ProtoMessage()

func (*ScanInfo) ProtoReflect

func (x *ScanInfo) ProtoReflect() protoreflect.Message

func (*ScanInfo) Reset

func (x *ScanInfo) Reset()

func (*ScanInfo) String

func (x *ScanInfo) String() string

type Severity

type Severity int32

Severity represents the reported issue severity

const (
	// Reserved in case a tool does not report severity
	Severity_SEVERITY_UNSPECIFIED Severity = 0
	// Informational priority findings
	Severity_SEVERITY_INFO Severity = 1
	// Low priority findings
	Severity_SEVERITY_LOW Severity = 2
	// Medium priority findings
	Severity_SEVERITY_MEDIUM Severity = 3
	// High priority findings
	Severity_SEVERITY_HIGH Severity = 4
	// Critical priority findings
	Severity_SEVERITY_CRITICAL Severity = 5
)

func (Severity) Descriptor

func (Severity) Descriptor() protoreflect.EnumDescriptor

func (Severity) Enum

func (x Severity) Enum() *Severity

func (Severity) EnumDescriptor deprecated

func (Severity) EnumDescriptor() ([]byte, []int)

Deprecated: Use Severity.Descriptor instead.

func (Severity) Number

func (x Severity) Number() protoreflect.EnumNumber

func (Severity) String

func (x Severity) String() string

func (Severity) Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL