Documentation ¶
Index ¶
- Variables
- func BuildSchemaSetFromPolicies(policies map[string]*ast.Module, paths []string, srcFS fs.FS) (*ast.SchemaSet, bool, error)
- func RecurseEmbeddedModules(fs embed.FS, dir string) (map[string]*ast.Module, error)
- func RegisterRegoRules(modules map[string]*ast.Module)
- type DynamicMetadata
- type Input
- type InputOptions
- type MetadataRetriever
- type Scanner
- func (s *Scanner) LoadEmbeddedLibraries() error
- func (s *Scanner) LoadPolicies(enableEmbeddedLibraries, enableEmbeddedPolicies bool, srcFS fs.FS, ...) error
- func (s *Scanner) ScanInput(ctx context.Context, inputs ...Input) (scan.Results, error)
- func (s *Scanner) SetDataDirs(dirs ...string)
- func (s *Scanner) SetDataFilesystem(fs fs.FS)
- func (s *Scanner) SetDebugWriter(writer io.Writer)
- func (s *Scanner) SetFrameworks(frameworks []framework.Framework)
- func (s *Scanner) SetParentDebugLogger(l debug.Logger)
- func (s *Scanner) SetPerResultTracingEnabled(b bool)
- func (s *Scanner) SetPolicyDirs(_ ...string)
- func (s *Scanner) SetPolicyFilesystem(fs fs.FS)
- func (s *Scanner) SetPolicyNamespaces(namespaces ...string)
- func (s *Scanner) SetPolicyReaders(_ []io.Reader)
- func (s *Scanner) SetRegoErrorLimit(limit int)
- func (s *Scanner) SetRegoOnly(bool)
- func (s *Scanner) SetSkipRequiredCheck(_ bool)
- func (s *Scanner) SetSpec(spec string)
- func (s *Scanner) SetTraceWriter(writer io.Writer)
- func (s *Scanner) SetUseEmbeddedLibraries(b bool)
- func (s *Scanner) SetUseEmbeddedPolicies(b bool)
- type Selector
- type StaticMetadata
- type SubType
Constants ¶
This section is empty.
Variables ¶
View Source
var SchemaMap = map[types.Source]schemas.Schema{ types.SourceDefsec: schemas.Cloud, types.SourceCloud: schemas.Cloud, types.SourceKubernetes: schemas.Kubernetes, types.SourceRbac: schemas.Kubernetes, types.SourceDockerfile: schemas.Dockerfile, types.SourceTOML: schemas.Anything, types.SourceYAML: schemas.Anything, types.SourceJSON: schemas.Anything, }
Functions ¶
func RecurseEmbeddedModules ¶
func RegisterRegoRules ¶
Types ¶
type DynamicMetadata ¶
type InputOptions ¶
type MetadataRetriever ¶
type MetadataRetriever struct {
// contains filtered or unexported fields
}
func NewMetadataRetriever ¶
func NewMetadataRetriever(compiler *ast.Compiler) *MetadataRetriever
func (*MetadataRetriever) RetrieveMetadata ¶
func (m *MetadataRetriever) RetrieveMetadata(ctx context.Context, module *ast.Module, inputs ...Input) (*StaticMetadata, error)
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
func NewScanner ¶
func NewScanner(source types.Source, options ...options.ScannerOption) *Scanner
func (*Scanner) LoadEmbeddedLibraries ¶
func (*Scanner) LoadPolicies ¶
func (*Scanner) SetDataDirs ¶
func (*Scanner) SetDataFilesystem ¶
func (*Scanner) SetDebugWriter ¶
func (*Scanner) SetFrameworks ¶
func (*Scanner) SetParentDebugLogger ¶
func (*Scanner) SetPerResultTracingEnabled ¶
func (*Scanner) SetPolicyDirs ¶
func (*Scanner) SetPolicyFilesystem ¶
func (*Scanner) SetPolicyNamespaces ¶
func (*Scanner) SetPolicyReaders ¶
func (*Scanner) SetRegoErrorLimit ¶
func (*Scanner) SetRegoOnly ¶
func (*Scanner) SetSkipRequiredCheck ¶
func (*Scanner) SetTraceWriter ¶
func (*Scanner) SetUseEmbeddedLibraries ¶
func (*Scanner) SetUseEmbeddedPolicies ¶
type StaticMetadata ¶
type StaticMetadata struct { ID string AVDID string Title string ShortCode string Description string Severity string RecommendedActions string PrimaryURL string References []string InputOptions InputOptions Package string Frameworks map[framework.Framework][]string Provider string Service string Library bool CloudFormation *scan.EngineMetadata Terraform *scan.EngineMetadata }
func (StaticMetadata) ToRule ¶
func (m StaticMetadata) ToRule() scan.Rule
Source Files ¶
Click to show internal directories.
Click to hide internal directories.