Documentation
¶
Index ¶
- Constants
- func ResolvePath(explicit string) (string, error)
- func Save(path string, cfg Config) error
- func Validate(cfg Config) error
- func ValidateTarget(mode TargetMode, value string) error
- type AuthProfile
- type AuthProfiles
- type Config
- type ControlDeclarationControl
- type ControlDeclarationOwner
- type ControlDeclarationTarget
- type ControlDeclarations
- type Target
- type TargetMode
Constants ¶
View Source
const ControlDeclarationsVersion = "v1"
View Source
const CurrentVersion = "v1"
Variables ¶
This section is empty.
Functions ¶
func ResolvePath ¶
ResolvePath computes the config path from explicit path, env, or home default.
func ValidateTarget ¶
func ValidateTarget(mode TargetMode, value string) error
Types ¶
type AuthProfile ¶
type AuthProfile struct {
Token string `json:"token,omitempty"`
}
AuthProfile holds token data for one privilege profile.
type AuthProfiles ¶
type AuthProfiles struct {
Scan AuthProfile `json:"scan"`
Fix AuthProfile `json:"fix"`
}
AuthProfiles stores split privileges for scan and fix paths.
type Config ¶
type Config struct {
Version string `json:"version"`
Auth AuthProfiles `json:"auth"`
DefaultTarget Target `json:"default_target"`
GitHubAPIBase string `json:"github_api_base,omitempty"`
}
Config is the persisted wrkr init configuration.
type ControlDeclarationControl ¶ added in v1.6.0
type ControlDeclarationControl struct {
Repo string `json:"repo,omitempty" yaml:"repo,omitempty"`
Repos []string `json:"repos,omitempty" yaml:"repos,omitempty"`
Path string `json:"path,omitempty" yaml:"path,omitempty"`
Workflow string `json:"workflow,omitempty" yaml:"workflow,omitempty"`
Environment string `json:"environment,omitempty" yaml:"environment,omitempty"`
Branch string `json:"branch,omitempty" yaml:"branch,omitempty"`
ApprovalRequired bool `json:"approval_required,omitempty" yaml:"approval_required,omitempty"`
RequiredChecks []string `json:"required_checks,omitempty" yaml:"required_checks,omitempty"`
SecurityGates []string `json:"security_gates,omitempty" yaml:"security_gates,omitempty"`
FreezeWindows []string `json:"freeze_windows,omitempty" yaml:"freeze_windows,omitempty"`
KillSwitches []string `json:"kill_switches,omitempty" yaml:"kill_switches,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty" yaml:"evidence_refs,omitempty"`
ObservedAt string `json:"observed_at,omitempty" yaml:"observed_at,omitempty"`
ValidUntil string `json:"valid_until,omitempty" yaml:"valid_until,omitempty"`
MaxAge string `json:"max_age,omitempty" yaml:"max_age,omitempty"`
Issuer string `json:"issuer,omitempty" yaml:"issuer,omitempty"`
Confidence string `json:"confidence,omitempty" yaml:"confidence,omitempty"`
RedactionMode string `json:"redaction_mode,omitempty" yaml:"redaction_mode,omitempty"`
}
type ControlDeclarationOwner ¶ added in v1.6.0
type ControlDeclarationOwner struct {
Repo string `json:"repo,omitempty" yaml:"repo,omitempty"`
Repos []string `json:"repos,omitempty" yaml:"repos,omitempty"`
Path string `json:"path,omitempty" yaml:"path,omitempty"`
Pattern string `json:"pattern,omitempty" yaml:"pattern,omitempty"`
Paths []string `json:"paths,omitempty" yaml:"paths,omitempty"`
Owner string `json:"owner" yaml:"owner"`
EvidenceRefs []string `json:"evidence_refs,omitempty" yaml:"evidence_refs,omitempty"`
ObservedAt string `json:"observed_at,omitempty" yaml:"observed_at,omitempty"`
ValidUntil string `json:"valid_until,omitempty" yaml:"valid_until,omitempty"`
MaxAge string `json:"max_age,omitempty" yaml:"max_age,omitempty"`
Issuer string `json:"issuer,omitempty" yaml:"issuer,omitempty"`
Confidence string `json:"confidence,omitempty" yaml:"confidence,omitempty"`
RedactionMode string `json:"redaction_mode,omitempty" yaml:"redaction_mode,omitempty"`
}
type ControlDeclarationTarget ¶ added in v1.6.0
type ControlDeclarationTarget struct {
Repo string `json:"repo,omitempty" yaml:"repo,omitempty"`
Repos []string `json:"repos,omitempty" yaml:"repos,omitempty"`
Path string `json:"path,omitempty" yaml:"path,omitempty"`
Pattern string `json:"pattern,omitempty" yaml:"pattern,omitempty"`
Paths []string `json:"paths,omitempty" yaml:"paths,omitempty"`
TargetClass string `json:"target_class" yaml:"target_class"`
NonProduction bool `json:"non_production,omitempty" yaml:"non_production,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty" yaml:"evidence_refs,omitempty"`
ObservedAt string `json:"observed_at,omitempty" yaml:"observed_at,omitempty"`
ValidUntil string `json:"valid_until,omitempty" yaml:"valid_until,omitempty"`
MaxAge string `json:"max_age,omitempty" yaml:"max_age,omitempty"`
Issuer string `json:"issuer,omitempty" yaml:"issuer,omitempty"`
Confidence string `json:"confidence,omitempty" yaml:"confidence,omitempty"`
RedactionMode string `json:"redaction_mode,omitempty" yaml:"redaction_mode,omitempty"`
}
type ControlDeclarations ¶ added in v1.6.0
type ControlDeclarations struct {
SchemaVersion string `json:"schema_version" yaml:"schema_version"`
GeneratedAt string `json:"generated_at,omitempty" yaml:"generated_at,omitempty"`
Issuer string `json:"issuer,omitempty" yaml:"issuer,omitempty"`
SignatureRef string `json:"signature_ref,omitempty" yaml:"signature_ref,omitempty"`
Owners []ControlDeclarationOwner `json:"owners,omitempty" yaml:"owners,omitempty"`
Targets []ControlDeclarationTarget `json:"targets,omitempty" yaml:"targets,omitempty"`
Controls []ControlDeclarationControl `json:"controls,omitempty" yaml:"controls,omitempty"`
}
func LoadControlDeclarations ¶ added in v1.6.0
func LoadControlDeclarations(root string) (ControlDeclarations, []string, error)
type Target ¶
type Target struct {
Mode TargetMode `json:"mode"`
Value string `json:"value"`
}
Target identifies a scan source target.
type TargetMode ¶
type TargetMode string
TargetMode identifies the default scan target source.
const ( TargetRepo TargetMode = "repo" TargetOrg TargetMode = "org" TargetPath TargetMode = "path" TargetMySetup TargetMode = "my_setup" TargetPublicSurface TargetMode = "public-surface" )
Source Files
Click to show internal directories.
Click to hide internal directories.