Documentation
¶
Index ¶
- type CVSS
- type DirScanErr
- type PassedRule
- type ScanSummary
- type Store
- type Violation
- type ViolationStore
- func (vs ViolationStore) Add(extra ViolationStore) ViolationStore
- func (vs *ViolationStore) AddLoadDirErrors(errs []error)
- func (s *ViolationStore) AddPassedRule(rule *PassedRule)
- func (s *ViolationStore) AddResult(violation *Violation, isSkipped bool)
- func (vs *ViolationStore) AddSummary(iacType, iacResourcePath string)
- func (s *ViolationStore) GetPassedRules() []*PassedRule
- func (s *ViolationStore) GetResults(isSkipped bool) []*Violation
- type Vulnerability
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CVSS ¶
type CVSS struct {
V2Vector string `json:"v2_vector,omitempty" yaml:"v2_vector,omitempty" xml:"v2_vector,attr,omitempty"`
V3Vector string `json:"v3_vector,omitempty" yaml:"v3_vector,omitempty" xml:"v3_vector,attr,omitempty"`
V2Score float64 `json:"v2_score,omitempty" yaml:"v2_score,omitempty" xml:"v2_score,attr,omitempty"`
V3Score float64 `json:"v3_score,omitempty" yaml:"v3_score,omitempty" xml:"v3_score,attr,omitempty"`
}
CVSS will hold cvss score details
type DirScanErr ¶
type DirScanErr struct {
IacType string `json:"iac_type" yaml:"iac_type" xml:"iac_type,attr"`
Directory string `json:"directory" yaml:"directory" xml:"directory"`
ErrMessage string `json:"errMsg" yaml:"errMsg" xml:"errMsg"`
}
DirScanErr holds details for an error that occurred while iac providers scans a directory
func (DirScanErr) Error ¶
func (l DirScanErr) Error() string
type PassedRule ¶
type PassedRule struct {
RuleName string `json:"rule_name" yaml:"rule_name" xml:"rule_name,attr"`
Description string `json:"description" yaml:"description" xml:"description,attr"`
RuleID string `json:"rule_id" yaml:"rule_id" xml:"rule_id,attr"`
Severity string `json:"severity" yaml:"severity" xml:"severity,attr"`
Category string `json:"category" yaml:"category" xml:"category,attr"`
}
PassedRule contains information of a passed rule
type ScanSummary ¶
type ScanSummary struct {
ResourcePath string `json:"file/folder" yaml:"file/folder" xml:"file_folder,attr"`
Branch string `json:"branch,omitempty" yaml:"branch,omitempty" xml:"branch,attr,omitempty"`
IacType string `json:"iac_type" yaml:"iac_type" xml:"iac_type,attr"`
Timestamp string `json:"scanned_at" yaml:"scanned_at" xml:"scanned_at,attr"`
ShowViolationDetails bool `json:"-" yaml:"-" xml:"-"`
TotalPolicies int `json:"policies_validated" yaml:"policies_validated" xml:"policies_validated,attr"`
ViolatedPolicies int `json:"violated_policies" yaml:"violated_policies" xml:"violated_policies,attr"`
Vulnerabilities *int `json:"vulnerabilities,omitempty" yaml:"vulnerabilities,omitempty"`
LowCount int `json:"low" yaml:"low" xml:"low,attr"`
MediumCount int `json:"medium" yaml:"medium" xml:"medium,attr"`
HighCount int `json:"high" yaml:"high" xml:"high,attr"`
// field TotalTime is added for junit-xml output
TotalTime int64 `json:"-" yaml:"-" xml:"-"`
}
ScanSummary will hold the default scan summary data
type Store ¶
type Store interface {
AddResult(violation *Violation, isSkipped bool)
GetResults(isSkipped bool) []*Violation
}
Store manages the storage and export of results information
type Violation ¶
type Violation struct {
RuleName string `json:"rule_name" yaml:"rule_name" xml:"rule_name,attr"`
Description string `json:"description" yaml:"description" xml:"description,attr"`
RuleID string `json:"rule_id" yaml:"rule_id" xml:"rule_id,attr"`
Severity string `json:"severity" yaml:"severity" xml:"severity,attr"`
Category string `json:"category" yaml:"category" xml:"category,attr"`
RuleFile string `json:"-" yaml:"-" xml:"-"`
RuleData interface{} `json:"-" yaml:"-" xml:"-"`
Comment string `json:"skip_comment,omitempty" yaml:"skip_comment,omitempty" xml:"skip_comment,omitempty"`
ResourceName string `json:"resource_name" yaml:"resource_name" xml:"resource_name,attr"`
ResourceType string `json:"resource_type" yaml:"resource_type" xml:"resource_type,attr"`
ResourceData interface{} `json:"-" yaml:"-" xml:"-"`
ModuleName string `json:"module_name,omitempty" yaml:"module_name,omitempty" xml:"module_name,attr,omitempty"`
File string `json:"file,omitempty" yaml:"file,omitempty" xml:"file,attr,omitempty"`
PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" xml:"plan_root,omitempty,attr"`
LineNumber int `json:"line,omitempty" yaml:"line,omitempty" xml:"line,attr,omitempty"`
}
Violation Contains data for each violation
type ViolationStore ¶
type ViolationStore struct {
DirScanErrors []DirScanErr `json:"scan_errors,omitempty" yaml:"scan_errors,omitempty" xml:"scan_errors>scan_error,omitempty"`
PassedRules []*PassedRule `json:"passed_rules,omitempty" yaml:"passed_rules,omitempty" xml:"passed_rules>passed_rule,omitempty"`
Violations []*Violation `json:"violations" yaml:"violations" xml:"violations>violation"`
SkippedViolations []*Violation `json:"skipped_violations" yaml:"skipped_violations" xml:"skipped_violations>violation"`
Vulnerabilities []*Vulnerability `json:"vulnerabilities,omitempty" yaml:"vulnerabilities,omitempty"`
Summary ScanSummary `json:"scan_summary" yaml:"scan_summary" xml:"scan_summary"`
}
ViolationStore Storage area for violation data
func NewViolationStore ¶
func NewViolationStore() *ViolationStore
NewViolationStore returns a new violation store
func (ViolationStore) Add ¶
func (vs ViolationStore) Add(extra ViolationStore) ViolationStore
Add adds two ViolationStores
func (*ViolationStore) AddLoadDirErrors ¶
func (vs *ViolationStore) AddLoadDirErrors(errs []error)
AddLoadDirErrors will update the summary with directory loading errors
func (*ViolationStore) AddPassedRule ¶
func (s *ViolationStore) AddPassedRule(rule *PassedRule)
AddPassedRule Adds individual passed rule into the violation store
func (*ViolationStore) AddResult ¶
func (s *ViolationStore) AddResult(violation *Violation, isSkipped bool)
AddResult Adds individual violations into the violation store when skip is true, violations are added to skipped violations
func (*ViolationStore) AddSummary ¶
func (vs *ViolationStore) AddSummary(iacType, iacResourcePath string)
AddSummary will update the summary with remaining details
func (*ViolationStore) GetPassedRules ¶
func (s *ViolationStore) GetPassedRules() []*PassedRule
GetPassedRules Retrieves all passed rules from the violation store
func (*ViolationStore) GetResults ¶
func (s *ViolationStore) GetResults(isSkipped bool) []*Violation
GetResults Retrieves all violations from the violation store when skip is true, it returns only the skipped violations
type Vulnerability ¶
type Vulnerability struct {
Image string `json:"image" yaml:"image"`
Container string `json:"container,omitempty" yaml:"container,omitempty" xml:"container,attr"`
Package string `json:"package,omitempty" yaml:"package,omitempty" xml:"package,attr"`
Severity string `json:"severity" yaml:"severity" xml:"severity,attr"`
CVSSScore CVSS `json:"cvss_score,omitempty" yaml:"cvss_score,omitempty" xml:"cvss_score>cvss_score,omitempty"`
InstalledVersion string `json:"installed_version,omitempty" yaml:"installed_version,omitempty" xml:"installed_version,attr,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty" xml:"description,attr,omitempty"`
VulnerabilityID string `json:"vulnerability_id" yaml:"vulnerability_id" xml:"vulnerability_id,attr"`
File string `json:"file,omitempty" yaml:"file,omitempty" xml:"file,attr,omitempty"`
LineNumber int `json:"line,omitempty" yaml:"line,omitempty" xml:"line,attr,omitempty"`
PrimaryURL string `json:"primary_url,omitempty" yaml:"primary_url,omitempty" xml:"primary_url,attr,omitempty"`
ResourceName string `json:"resource_name" yaml:"resource_name" xml:"resource_name,attr"`
ResourceType string `json:"resource_type" yaml:"resource_type" xml:"resource_type,attr"`
}
Vulnerability will hold vulnerability details that will be displayed in scan summary
Source Files
Click to show internal directories.
Click to hide internal directories.