core

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 14, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var LevelStringMap map[string]Level = map[string]Level{
	// contains filtered or unexported fields
}
View Source
var Levels []string = []string{levelInfo, levelWarning, levelError}

Functions

func BaseHttpUrl added in v0.3.0

func BaseHttpUrl(hostname string) string

BaseHttpUrl returns the scheme and net loc for URLs

func CountViolations

func CountViolations(rs rego.ResultSet, platform string, kind string) int

CountViolations returns the count of violations from an OPA result set

func Eval

func Eval(policy RegoModule, input interface{}) rego.ResultSet

Eval ... input requires to be a map !! with only string as keys !!

func HumanizeDuration added in v0.12.0

func HumanizeDuration(duration time.Duration) string

HumanizeDuration returns the duration with more human friendly format https://gist.github.com/harshavardhana/327e0577c4fed9211f65#gistcomment-2366908

func HumanizeDurationShort added in v0.12.0

func HumanizeDurationShort(d time.Duration) string

HumanizeDuration returns the time.Duration with better output format including the number of years, days (rather than very long hours) https://gist.github.com/harshavardhana/327e0577c4fed9211f65#gistcomment-2557682 NB: Small adjusmtents were made to now show optional trailing 0d0s but not in the middle ie 1y0d3h will be kept as is

func PrintViolations

func PrintViolations(rs rego.ResultSet, filename string, platform string, kind string, startLine int)

PrintViolations ... staringLine is needed for files that contains multiple split resources in order to be able to match the location to exact line in original file

func PrintViolationsOnWriter

func PrintViolationsOnWriter(writer *SafeWriter, rs rego.ResultSet, filename string, platform string, kind string, startLine int)

PrintViolationsOnWriter writes violations on the given writer

func RESTPrefix added in v0.3.0

func RESTPrefix(hostname string) string

RESTPrefix returns the Reliably API URL prefix

Types

type Duration added in v0.7.0

type Duration struct {
	time.Duration
}

This has been built to mitigate the poor support in JSON and YAML unmarshalling for the time.Duration type

func (Duration) MarshalJSON added in v0.12.0

func (d Duration) MarshalJSON() ([]byte, error)

func (Duration) MarshalYAML added in v0.7.0

func (d Duration) MarshalYAML() (interface{}, error)

func (*Duration) UnmarshalJSON added in v0.7.0

func (d *Duration) UnmarshalJSON(b []byte) error

func (*Duration) UnmarshalYAML added in v0.7.0

func (d *Duration) UnmarshalYAML(unmarshal func(interface{}) error) error

type File

type File struct {
	Filepath string
}

File represent a file location on file system

type FileResource

type FileResource struct {
	// contains filtered or unexported fields
}

type Iso8601Duration added in v0.12.0

type Iso8601Duration struct {
	iso8601.Duration
}

Another JSON & YAML support for iso8601duration strings

func (Iso8601Duration) MarshalJSON added in v0.12.0

func (d Iso8601Duration) MarshalJSON() ([]byte, error)

func (Iso8601Duration) MarshalYAML added in v0.12.0

func (d Iso8601Duration) MarshalYAML() (interface{}, error)

func (Iso8601Duration) String added in v0.12.0

func (d Iso8601Duration) String() string

func (Iso8601Duration) ToDuration added in v0.12.0

func (d Iso8601Duration) ToDuration() time.Duration

func (*Iso8601Duration) UnmarshalJSON added in v0.12.0

func (d *Iso8601Duration) UnmarshalJSON(b []byte) error

func (*Iso8601Duration) UnmarshalYAML added in v0.12.0

func (d *Iso8601Duration) UnmarshalYAML(unmarshal func(interface{}) error) error

type Level added in v0.4.0

type Level int

Level type indicate the level of a suggestion

const (
	// Information level (starts at 1)
	Info Level = iota + 1
	// Warning level
	Warning
	// Error level
	Error
)

func NewLevel added in v0.4.0

func NewLevel(level string) (l Level, err error)

NewLevel returns a Level value from the matching string representation

func (Level) ColoredSquare added in v0.6.0

func (l Level) ColoredSquare() string

ColoredSquare is a function that will return a string with a colored square ("■"), where the color is determined by the level

func (Level) ColoredString added in v0.6.0

func (l Level) ColoredString() string

func (Level) MarshalJSON added in v0.4.0

func (l Level) MarshalJSON() ([]byte, error)

MarshalJSON is used convert a Level object into a JSON representation

func (Level) MarshalYAML added in v0.4.0

func (l Level) MarshalYAML() (interface{}, error)

MarshalYAML is used convert a Level object into a YAML representation

func (Level) String added in v0.4.0

func (l Level) String() string

type Location

type Location struct {
	Row int
	Col int
}

Location indicates row and column numbers for a specific char in a file

type RegoModule added in v0.6.0

type RegoModule struct {
	Name string
	Raw  string
}

type Resource

type Resource struct {
	File         File
	StartingLine int
	Platform     string
	Kind         string
	Name         string
	URI          string
}

Resource is a resource to analyze from a file. A file can contain multiple resource, indicated by the startingLine The platform indicates the platform on which the resource belongs to The kind indicates the type of the resource

type Result

type Result struct {
	Resource *Resource
	Location Location
	Rule     Rule
	Message  string
	Example  string
}

Result is a result of evaluation for a given resource

type ResultSet

type ResultSet []Result

ResultSet is a list of results after analysis It can contain results for multiple resources for multiple files

func ReportViolations

func ReportViolations(rs rego.ResultSet, filename string, platform string, kind string, startLine int, name string, uri string) ResultSet

ReportViolations iterates over OPA rego ResultSet to return an slice of internal Result structure

type Rule

type Rule struct {
	ID         string
	Definition string
	Level      Level
}

Rule contains the basic informations of a policy

type SafeWriter

type SafeWriter struct {
	// contains filtered or unexported fields
}

SafeWriter allows to safely output to writer until an error occurs

func NewSafeWriter

func NewSafeWriter(w *bufio.Writer) *SafeWriter

NewSafeWriter is a constructor function to return `*SafeWriter`

func (*SafeWriter) Writeln

func (sw *SafeWriter) Writeln(s string)

Writeln safewrite writes a string with the inner io writer If an error occurred on previous write, the next strings will be ignored The string will always be terminated by a line return char, ie. it will be written if the given string does not termiate with a CRLF

type Score

type Score int

Score type used by severity and confidence values

const (
	// Low severity or confidence
	Low Score = iota
	// Medium severity or confidence
	Medium
	// High severity or confidence
	High
)

type Suggestion

type Suggestion struct {
	//Severity   Score  `json:"severity"`   // issue severity (how problematic it is)
	//Confidence Score  `json:"confidence"` // issue confidence (how sure we are we found it)
	RuleID  string `json:"rule_id"`         // Rule identifier
	RuleDef string `json:"rule_definition"` // Rule definition
	Message string `json:"details"`         // Human readable explanation
	Level   Level  `json:"level"`           // level
	File    string `json:"file"`            // File name we found it in
	//Code       string `json:"code"`       // Impacted code line
	Line    int    `json:"line"`       // Line number in file
	Col     int    `json:"column"`     // Column number in line
	Example string `json:"-" yaml:"-"` // Example of valid rule usage

	Platform string `json:"platform"` // Platform handling the resource
	Kind     string `json:"type"`     // Type of resource
	Name     string `json:"name"`     // Name of the resource

	Hash string `json:"-" yaml:"-"` // Unique Hash identifying the suggestion - not exported - used as fingerprint if specified
}

Suggestion is returned by a policy if it discovers a violation with the scanned code.

func ConvertViolationsToSuggestions

func ConvertViolationsToSuggestions(rs ResultSet, live bool) []*Suggestion

ConvertViolationsToSuggestions iterates over internal complex ResultSet to return a slice of Suggestion better suited for output reporting

func NewSuggestion

func NewSuggestion(result Result, live bool) *Suggestion

NewSuggestion creates a new Suggestion It basically converts the inner nested structure into a simple one that holds all information needed for report formatting

func (Suggestion) FileLocation

func (s Suggestion) FileLocation() string

FileLocation point out the file path and line/column numbers in file

func (Suggestion) Fingerprint

func (s Suggestion) Fingerprint() string

Fingerprint generates a unqiue hash for the current suggestion based on unique context values, but not location. As better explained in the SARIF spec: This value shall be the same for results that are logically identical, and distinct for any two suggestions that are logically distinct. It must be resistant to changes that do not affect the logical identity of the result, such as location whithin a source file.

func (*Suggestion) UnmarshalJSON added in v0.4.0

func (s *Suggestion) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshal json string into object by handling custom level string-to-int conversion

Directories

Path Synopsis
Package agent contains code for pushing metric indicators to reliably entity api
Package agent contains code for pushing metric indicators to reliably entity api
cli
package kubernetes is a colletion of funtions for interactng with a live kubernetes cluster
package kubernetes is a colletion of funtions for interactng with a live kubernetes cluster
aws
gcp

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL