v1

package
v0.55.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 16, 2024 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Confidence_name = map[int32]string{
		0: "CONFIDENCE_UNSPECIFIED",
		1: "CONFIDENCE_INFO",
		2: "CONFIDENCE_LOW",
		3: "CONFIDENCE_MEDIUM",
		4: "CONFIDENCE_HIGH",
		5: "CONFIDENCE_CRITICAL",
	}
	Confidence_value = map[string]int32{
		"CONFIDENCE_UNSPECIFIED": 0,
		"CONFIDENCE_INFO":        1,
		"CONFIDENCE_LOW":         2,
		"CONFIDENCE_MEDIUM":      3,
		"CONFIDENCE_HIGH":        4,
		"CONFIDENCE_CRITICAL":    5,
	}
)

Enum value maps for Confidence.

View Source 
var (
	Severity_name = map[int32]string{
		0: "SEVERITY_UNSPECIFIED",
		1: "SEVERITY_INFO",
		2: "SEVERITY_LOW",
		3: "SEVERITY_MEDIUM",
		4: "SEVERITY_HIGH",
		5: "SEVERITY_CRITICAL",
	}
	Severity_value = map[string]int32{
		"SEVERITY_UNSPECIFIED": 0,
		"SEVERITY_INFO":        1,
		"SEVERITY_LOW":         2,
		"SEVERITY_MEDIUM":      3,
		"SEVERITY_HIGH":        4,
		"SEVERITY_CRITICAL":    5,
	}
)

Enum value maps for Severity.

View Source 
var File_api_proto_v1_engine_proto protoreflect.FileDescriptor
View Source 
var File_api_proto_v1_issue_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Confidence 

type Confidence int32

Confidence represents the tool's confidence that an issue exists 

const (
	// Represents an empty confidence field from a tool
	Confidence_CONFIDENCE_UNSPECIFIED Confidence = 0
	// Represents Confidence "Informational" or generic Warnings
	Confidence_CONFIDENCE_INFO Confidence = 1
	// Represents Confidence "Low"
	Confidence_CONFIDENCE_LOW Confidence = 2
	// Represents Confidence "Medium"
	Confidence_CONFIDENCE_MEDIUM Confidence = 3
	// Represents Confidence "High"
	Confidence_CONFIDENCE_HIGH Confidence = 4
	// Highest Confidence applicable
	Confidence_CONFIDENCE_CRITICAL Confidence = 5
)

func (Confidence) Descriptor 

func (Confidence) Descriptor() protoreflect.EnumDescriptor

func (Confidence) Enum 

func (x Confidence) Enum() *Confidence

func (Confidence) EnumDescriptor deprecated 

func (Confidence) EnumDescriptor() ([]byte, []int)

Deprecated: Use Confidence.Descriptor instead.

func (Confidence) Number 

func (x Confidence) Number() protoreflect.EnumNumber

func (Confidence) String 

func (x Confidence) String() string

func (Confidence) Type 

func (Confidence) Type() protoreflect.EnumType

type EnrichedIssue 

type EnrichedIssue struct {

	// the original finding
	RawIssue *Issue `protobuf:"bytes,1,opt,name=raw_issue,json=rawIssue,proto3" json:"raw_issue,omitempty"`
	// The first time this issue was seen by the enrichment service
	FirstSeen *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=first_seen,json=firstSeen,proto3" json:"first_seen,omitempty"`
	// The number of times this issue was seen
	Count uint64 `protobuf:"varint,3,opt,name=count,proto3" json:"count,omitempty"`
	// Whether this issue has been previously marked as a false positive
	FalsePositive bool `protobuf:"varint,4,opt,name=false_positive,json=falsePositive,proto3" json:"false_positive,omitempty"`
	// The last time this issue was updated
	UpdatedAt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
	// hash
	Hash string `protobuf:"bytes,6,opt,name=hash,proto3" json:"hash,omitempty"`
	// an arbitrary list of extra annotations, reserved for use by the enrichers
	Annotations map[string]string `` /* 163-byte string literal not displayed */
	// contains filtered or unexported fields
}

Represents an issue that has been enriched with metadata from the enrichment service

func (*EnrichedIssue) Descriptor deprecated 

func (*EnrichedIssue) Descriptor() ([]byte, []int)

Deprecated: Use EnrichedIssue.ProtoReflect.Descriptor instead.

func (*EnrichedIssue) GetAnnotations 

func (x *EnrichedIssue) GetAnnotations() map[string]string

func (*EnrichedIssue) GetCount 

func (x *EnrichedIssue) GetCount() uint64

func (*EnrichedIssue) GetFalsePositive 

func (x *EnrichedIssue) GetFalsePositive() bool

func (*EnrichedIssue) GetFirstSeen 

func (x *EnrichedIssue) GetFirstSeen() *timestamppb.Timestamp

func (*EnrichedIssue) GetHash 

func (x *EnrichedIssue) GetHash() string

func (*EnrichedIssue) GetRawIssue 

func (x *EnrichedIssue) GetRawIssue() *Issue

func (*EnrichedIssue) GetUpdatedAt 

func (x *EnrichedIssue) GetUpdatedAt() *timestamppb.Timestamp

func (*EnrichedIssue) ProtoMessage 

func (*EnrichedIssue) ProtoMessage()

func (*EnrichedIssue) ProtoReflect 

func (x *EnrichedIssue) ProtoReflect() protoreflect.Message

func (*EnrichedIssue) Reset 

func (x *EnrichedIssue) Reset()

func (*EnrichedIssue) String 

func (x *EnrichedIssue) String() string

type EnrichedLaunchToolResponse 

type EnrichedLaunchToolResponse struct {

	// The results of the original scan prior to enrichment
	OriginalResults *LaunchToolResponse `protobuf:"bytes,1,opt,name=original_results,json=originalResults,proto3" json:"original_results,omitempty"`
	// Enriched, deduplicated issues
	Issues []*EnrichedIssue `protobuf:"bytes,2,rep,name=issues,proto3" json:"issues,omitempty"`
	// contains filtered or unexported fields
}

An EnrichedLaunchToolResponse consists of deduplicated vulnerability information, with added metadata for consumers

func (*EnrichedLaunchToolResponse) Descriptor deprecated 

func (*EnrichedLaunchToolResponse) Descriptor() ([]byte, []int)

Deprecated: Use EnrichedLaunchToolResponse.ProtoReflect.Descriptor instead.

func (*EnrichedLaunchToolResponse) GetIssues 

func (x *EnrichedLaunchToolResponse) GetIssues() []*EnrichedIssue

func (*EnrichedLaunchToolResponse) GetOriginalResults 

func (x *EnrichedLaunchToolResponse) GetOriginalResults() *LaunchToolResponse

func (*EnrichedLaunchToolResponse) ProtoMessage 

func (*EnrichedLaunchToolResponse) ProtoMessage()

func (*EnrichedLaunchToolResponse) ProtoReflect 

func (x *EnrichedLaunchToolResponse) ProtoReflect() protoreflect.Message

func (*EnrichedLaunchToolResponse) Reset 

func (x *EnrichedLaunchToolResponse) Reset()

func (*EnrichedLaunchToolResponse) String 

func (x *EnrichedLaunchToolResponse) String() string

type Issue 

type Issue struct {

	// Scan target can be host:port, //vault/foo/bar:34-67 or some URL that is semantically a target
	Target string `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	// The finding ID from the tool if applicable, otherwise a vulnerability ID such as CWE-ID, etc for XSS, CSRF, etc.
	Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"`
	// The finding title from the tool
	Title string `protobuf:"bytes,3,opt,name=title,proto3" json:"title,omitempty"`
	// A severity indication, defaults to unspecified
	Severity Severity `protobuf:"varint,4,opt,name=severity,proto3,enum=ocurity.dracon.v1.Severity" json:"severity,omitempty"`
	// An optional cvss if the tool reports it
	Cvss float64 `protobuf:"fixed64,5,opt,name=cvss,proto3" json:"cvss,omitempty"`
	// Confidence indication, defaults to Unspecified
	Confidence Confidence `protobuf:"varint,6,opt,name=confidence,proto3,enum=ocurity.dracon.v1.Confidence" json:"confidence,omitempty"`
	// human readable description of the issue
	Description string `protobuf:"bytes,7,opt,name=description,proto3" json:"description,omitempty"`
	// Source of the scan e.g. https://github.com/ocurity/dracon.git?ref=<revision>, github.com:tektoncd/pipeline.git?ref=<revision>, local?ref=local
	Source string `protobuf:"bytes,8,opt,name=source,proto3" json:"source,omitempty"`
	// [Optional] the CVE causing this vulnerability
	Cve string `protobuf:"bytes,9,opt,name=cve,proto3" json:"cve,omitempty"`
	// internal field reserved for the enrichment aggregator
	Uuid string `protobuf:"bytes,10,opt,name=uuid,proto3" json:"uuid,omitempty"`
	// optional field that allows us to also encode a bill of materials in an issue
	CycloneDXSBOM *string `protobuf:"bytes,11,opt,name=cyclone_d_x_s_b_o_m,json=cycloneDXSBOM,proto3,oneof" json:"cyclone_d_x_s_b_o_m,omitempty"`
	// optional string that allows producers to communicate relevant code/request segments
	ContextSegment *string `protobuf:"bytes,12,opt,name=context_segment,json=contextSegment,proto3,oneof" json:"context_segment,omitempty"`
	// optionally the related CWEs
	Cwe []int32 `protobuf:"varint,13,rep,packed,name=cwe,proto3" json:"cwe,omitempty"`
	// contains filtered or unexported fields
}

Issue represents a vulnerability to be processed by consumers

func (*Issue) Descriptor deprecated 

func (*Issue) Descriptor() ([]byte, []int)

Deprecated: Use Issue.ProtoReflect.Descriptor instead.

func (*Issue) GetConfidence 

func (x *Issue) GetConfidence() Confidence

func (*Issue) GetContextSegment 

func (x *Issue) GetContextSegment() string

func (*Issue) GetCve 

func (x *Issue) GetCve() string

func (*Issue) GetCvss 

func (x *Issue) GetCvss() float64

func (*Issue) GetCwe 

func (x *Issue) GetCwe() []int32

func (*Issue) GetCycloneDXSBOM 

func (x *Issue) GetCycloneDXSBOM() string

func (*Issue) GetDescription 

func (x *Issue) GetDescription() string

func (*Issue) GetSeverity 

func (x *Issue) GetSeverity() Severity

func (*Issue) GetSource 

func (x *Issue) GetSource() string

func (*Issue) GetTarget 

func (x *Issue) GetTarget() string

func (*Issue) GetTitle 

func (x *Issue) GetTitle() string

func (*Issue) GetType 

func (x *Issue) GetType() string

func (*Issue) GetUuid 

func (x *Issue) GetUuid() string

func (*Issue) ProtoMessage 

func (*Issue) ProtoMessage()

func (*Issue) ProtoReflect 

func (x *Issue) ProtoReflect() protoreflect.Message

func (*Issue) Reset 

func (x *Issue) Reset()

func (*Issue) String 

func (x *Issue) String() string

type LaunchToolResponse 

type LaunchToolResponse struct {

	// The scan information, see above for details
	ScanInfo *ScanInfo `protobuf:"bytes,1,opt,name=scan_info,json=scanInfo,proto3" json:"scan_info,omitempty"`
	// The name of the tool that ran the scan
	ToolName string `protobuf:"bytes,2,opt,name=tool_name,json=toolName,proto3" json:"tool_name,omitempty"`
	// Issues discovered during the scan
	Issues []*Issue `protobuf:"bytes,3,rep,name=issues,proto3" json:"issues,omitempty"`
	// The target of the scan
	ScanTarget string `protobuf:"bytes,4,opt,name=scan_target,json=scanTarget,proto3" json:"scan_target,omitempty"`
	// contains filtered or unexported fields
}

LaunchToolResponse consists of a response built by a producer, to be interpreted by a consumer

func (*LaunchToolResponse) Descriptor deprecated 

func (*LaunchToolResponse) Descriptor() ([]byte, []int)

Deprecated: Use LaunchToolResponse.ProtoReflect.Descriptor instead.

func (*LaunchToolResponse) GetIssues 

func (x *LaunchToolResponse) GetIssues() []*Issue

func (*LaunchToolResponse) GetScanInfo 

func (x *LaunchToolResponse) GetScanInfo() *ScanInfo

func (*LaunchToolResponse) GetScanTarget added in v0.17.0 

func (x *LaunchToolResponse) GetScanTarget() string

func (*LaunchToolResponse) GetToolName 

func (x *LaunchToolResponse) GetToolName() string

func (*LaunchToolResponse) ProtoMessage 

func (*LaunchToolResponse) ProtoMessage()

func (*LaunchToolResponse) ProtoReflect 

func (x *LaunchToolResponse) ProtoReflect() protoreflect.Message

func (*LaunchToolResponse) Reset 

func (x *LaunchToolResponse) Reset()

func (*LaunchToolResponse) String 

func (x *LaunchToolResponse) String() string

type ScanInfo 

type ScanInfo struct {

	// scan unique identifier
	ScanUuid string `protobuf:"bytes,1,opt,name=scan_uuid,json=scanUuid,proto3" json:"scan_uuid,omitempty"`
	// timestamp of when the scan was triggered (passed to LaunchToolResponse)
	ScanStartTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=scan_start_time,json=scanStartTime,proto3" json:"scan_start_time,omitempty"`
	// [Optional] scan tags is a user defined list of tags for this scan
	ScanTags map[string]string `` /* 173-byte string literal not displayed */
	// contains filtered or unexported fields
}

Scan related information, unique and immutable per scan run This message is copied from LaunchToolRequest to LaunchToolResponse by each producer wrapper

func (*ScanInfo) Descriptor deprecated 

func (*ScanInfo) Descriptor() ([]byte, []int)

Deprecated: Use ScanInfo.ProtoReflect.Descriptor instead.

func (*ScanInfo) GetScanStartTime 

func (x *ScanInfo) GetScanStartTime() *timestamppb.Timestamp

func (*ScanInfo) GetScanTags 

func (x *ScanInfo) GetScanTags() map[string]string

func (*ScanInfo) GetScanUuid 

func (x *ScanInfo) GetScanUuid() string

func (*ScanInfo) ProtoMessage 

func (*ScanInfo) ProtoMessage()

func (*ScanInfo) ProtoReflect 

func (x *ScanInfo) ProtoReflect() protoreflect.Message

func (*ScanInfo) Reset 

func (x *ScanInfo) Reset()

func (*ScanInfo) String 

func (x *ScanInfo) String() string

type Severity 

type Severity int32

Severity represents the reported issue severity 

const (
	// Reserved in case a tool does not report severity
	Severity_SEVERITY_UNSPECIFIED Severity = 0
	// Informational priority findings
	Severity_SEVERITY_INFO Severity = 1
	// Low priority findings
	Severity_SEVERITY_LOW Severity = 2
	// Medium priority findings
	Severity_SEVERITY_MEDIUM Severity = 3
	// High priority findings
	Severity_SEVERITY_HIGH Severity = 4
	// Critical priority findings
	Severity_SEVERITY_CRITICAL Severity = 5
)

func (Severity) Descriptor 

func (Severity) Descriptor() protoreflect.EnumDescriptor

func (Severity) Enum 

func (x Severity) Enum() *Severity

func (Severity) EnumDescriptor deprecated 

func (Severity) EnumDescriptor() ([]byte, []int)

Deprecated: Use Severity.Descriptor instead.

func (Severity) Number 

func (x Severity) Number() protoreflect.EnumNumber

func (Severity) String 

func (x Severity) String() string

func (Severity) Type 

func (Severity) Type() protoreflect.EnumType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.