source

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

  • Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *

  • This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.

  • Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *

  • This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.

Package source (go:generate go run -mod=mod github.com/golang/mock/mockgen -package mock -source=./$GOFILE -destination=../mock/$GOFILE)

Index

Constants

View Source 
const (
	// QueryFileName The default query file name
	QueryFileName = "query.rego"
	// MetadataFileName The default metadata file name
	MetadataFileName = "metadata.json"
	// LibrariesDefaultBasePath the path to rego libraries
	LibrariesDefaultBasePath = "./assets/libraries"
)

Variables

This section is empty.

Functions

func ConvertRule added in v1.0.1 

func ConvertRule(rule *Rule) model.QueryMetadata

nolint:gocyclo ConvertRule converts a Datadog api Rule to a model.QueryMetadata

func GetPathToCustomLibrary 

func GetPathToCustomLibrary(ctx context.Context, platform, libraryPathFlag string) string

GetPathToCustomLibrary - returns the libraries path for a given platform

func MergeInputData 

func MergeInputData(defaultInputData, customInputData string) (string, error)

MergeInputData merges KICS input data with custom input data user defined

func MergeModulesData 

func MergeModulesData(modules []tfmodules.ParsedModule, inputData string) (string, error)

func ReadEmbeddedQuery added in v1.0.1 

func ReadEmbeddedQuery(ctx context.Context, queryDir string) (model.QueryMetadata, error)

ReadEmbeddedQuery reads embedded query files for a given path and returns a QueryMetadata struct with its content

func ReadQueryFile added in v1.0.1 

func ReadQueryFile(ctx context.Context, queryDir string) (model.QueryMetadata, error)

ReadQueryFile reads query files in the local filesystem for a given path and returns a QueryMetadata struct with its content

Types

type DatadogSource added in v0.0.6 

type DatadogSource struct {
	// contains filtered or unexported fields
}

DatadogSource is a QueriesSource that reads queries from the Datadog API. Libraries are fetched via another QueriesSource.

func (*DatadogSource) GetQueries added in v0.0.6 

func (s *DatadogSource) GetQueries(ctx context.Context, querySelection *QueryInspectorParameters) ([]model.QueryMetadata, error)

func (*DatadogSource) GetQueryLibrary added in v0.0.6 

func (s *DatadogSource) GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)

type DatadogSourceOption added in v0.0.6 

type DatadogSourceOption func(source *DatadogSource)

func WithApiKey added in v0.0.6 

func WithApiKey(apiKey string) DatadogSourceOption

WithApiKey lets you specify a Datadog API key. If unspecified, the API key will be fetched from the environment using WithApiKeyFromEnv.

func WithApiKeyFromEnv added in v0.0.6 

func WithApiKeyFromEnv() DatadogSourceOption

WithApiKeyFromEnv uses the API key specified in the DD_API_KEY or DATADOG_API_KEY environment variable. If neither variable exists, an empty API key will be used.

func WithAppKey added in v0.0.6 

func WithAppKey(appKey string) DatadogSourceOption

WithAppKey lets you specify a Datadog application key. If unspecified, the application key will be fetched from the environment using WithAppKeyFromEnv.

func WithAppKeyFromEnv added in v0.0.6 

func WithAppKeyFromEnv() DatadogSourceOption

WithAppKeyFromEnv uses the application key specified in the DD_APP_KEY or DATADOG_APP_KEY environment variable. If neither variable exists, an empty application key will be used.

func WithHttpClient added in v0.0.6 

func WithHttpClient(client *http.Client) DatadogSourceOption

WithHttpClient lets you specify an http.Client instance to use. If unspecified, the http.DefaultClient will be used.

func WithLibrarySource added in v0.0.6 

func WithLibrarySource(source QueriesSource) DatadogSourceOption

WithLibrarySource lets you specify the QueriesSource instance that library data will be read from. If unspecified, a FilesystemSource with equivalent options will be used.

func WithSite added in v0.0.6 

func WithSite(site string) DatadogSourceOption

WithSite lets you specify a Datadog site to use. If unspecified, the Datadog site will be fetched from the environment using WithSiteFromEnv.

func WithSiteFromEnv added in v0.0.6 

func WithSiteFromEnv() DatadogSourceOption

WithSiteFromEnv uses the Datadog site specified in the DD_SITE or DATADOG_SITE environment variable. If neither variable exists, "datadoghq.com" will be used.

func WithWantedCloudProviders added in v0.0.6 

func WithWantedCloudProviders(providers []string) DatadogSourceOption

WithWantedCloudProviders specifies a list of providers to read queries for. If unspecified, all providers will be read.

func WithWantedPlatforms added in v0.0.6 

func WithWantedPlatforms(platforms []string) DatadogSourceOption

WithWantedPlatforms specifies a list of platforms to read queries for. If unspecified, all platforms will be read.

type FilesystemSource 

type FilesystemSource struct {
	Source              []string
	Types               []string
	CloudProviders      []string
	Library             string
	ExperimentalQueries bool
}

FilesystemSource this type defines a struct with a path to a filesystem source of queries Source is the path to the queries Types are the types given by the flag --type for query selection mechanism

func NewFilesystemSource 

func NewFilesystemSource(ctx context.Context, source, types, cloudProviders []string,
	libraryPath string, experimentalQueries bool) *FilesystemSource

NewFilesystemSource initializes a NewFilesystemSource with source to queries and types of queries to load

func (*FilesystemSource) CheckCloudProvider 

func (s *FilesystemSource) CheckCloudProvider(cloudProvider any) bool

CheckCloudProvider checks if the queries have the cloud provider passed as an argument in '--cloud-provider' flag to be loaded

func (*FilesystemSource) CheckType 

func (s *FilesystemSource) CheckType(queryPlatform any) bool

CheckType checks if the queries have the type passed as an argument in '--type' flag to be loaded

func (*FilesystemSource) GetQueries 

func (s *FilesystemSource) GetQueries(ctx context.Context, queryParameters *QueryInspectorParameters) ([]model.QueryMetadata, error)

GetQueries walks a given filesource path returns all queries found in an array of QueryMetadata struct

func (*FilesystemSource) GetQueryLibrary 

func (s *FilesystemSource) GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)

GetQueryLibrary returns the library.rego for the platform passed in the argument

type Framework added in v1.0.1 

type Framework struct {
	Framework   string `jsonapi:"attribute" json:"framework"`
	Version     string `jsonapi:"attribute" json:"version"`
	Requirement string `jsonapi:"attribute" json:"requirement"`
	Control     string `jsonapi:"attribute" json:"control"`
}

type QueriesSource 

type QueriesSource interface {
	GetQueries(ctx context.Context, querySelection *QueryInspectorParameters) ([]model.QueryMetadata, error)
	GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)
}

QueriesSource wraps an interface that contains basic methods: GetQueries and GetQueryLibrary GetQueries gets all queries from a QueryMetadata list GetQueryLibrary gets a library of rego functions given a plataform's name

func NewDatadogSource added in v0.0.6 

func NewDatadogSource(options ...DatadogSourceOption) (QueriesSource, error)

NewDatadogSource creates a DatadogSource with the given options.

type QueryFilter added in v1.0.1 

type QueryFilter struct {
	ByIDs        []string
	ByCategories []string
	BySeverities []string
}

QueryFilter is a struct that represents the option to exclude queries by ids or by categories

type QueryInspectorParameters 

type QueryInspectorParameters struct {
	// IncludeQueries specifies the queries that will be used
	IncludeQueries QueryFilter
	// ExcludeQueries specifies the queries that will not be used
	ExcludeQueries      QueryFilter
	ExperimentalQueries bool
	InputDataPath       string
	BomQueries          bool
	FlagEvaluator       featureflags.FlagEvaluator
}

QueryInspectorParameters is a struct that represents the optionn to select queries to be executed

type RegoLibraries 

type RegoLibraries struct {
	LibraryCode      string
	LibraryInputData string
}

RegoLibraries is a struct that contains the library code and its input data

type Rule added in v0.0.6 

type Rule struct {
	ID                string         `jsonapi:"primary,iac_rule" json:"id"`
	Name              string         `jsonapi:"attribute" json:"name"`
	LegacyId          *string        `jsonapi:"attribute" json:"legacy_id,omitempty"`
	ShortDescription  string         `jsonapi:"attribute" json:"short_description"`
	Description       string         `jsonapi:"attribute" json:"description"`
	DescriptionId     *string        `jsonapi:"attribute" json:"description_id,omitempty"`
	Platform          string         `jsonapi:"attribute" json:"platform"`
	Type              string         `jsonapi:"attribute" json:"type"`
	RegoQuery         []byte         `jsonapi:"attribute" json:"rego_query"`
	Severity          string         `jsonapi:"attribute" json:"severity"`
	Category          string         `jsonapi:"attribute" json:"category"`
	Provider          *string        `jsonapi:"attribute" json:"provider,omitempty"`
	Cwe               *string        `jsonapi:"attribute" json:"cwe,omitempty"`
	DocumentationUrl  *string        `jsonapi:"attribute" json:"documentation_url,omitempty"`
	ProviderUrl       *string        `jsonapi:"attribute" json:"provider_url,omitempty"`
	Aggregation       *int           `jsonapi:"attribute" json:"aggregation,omitempty"`
	Overrides         []RuleOverride `jsonapi:"attribute" json:"overrides,omitempty"`
	DefaultFrameworks []Framework    `jsonapi:"attribute" json:"default_frameworks,omitempty"`
	CustomFrameworks  []Framework    `jsonapi:"attribute" json:"custom_frameworks,omitempty"`
	IsTesting         bool           `jsonapi:"attribute" json:"is_testing"`
	IsPublished       bool           `jsonapi:"attribute" json:"is_published"`
}

Rule defines the structure of a rule that's stored in Datadog.

type RuleOverride added in v0.0.6 

type RuleOverride struct {
	Key              string  `jsonapi:"primary,iac_rule_override" json:"key"`
	ID               *string `jsonapi:"attribute" json:"id,omitempty"`
	ShortDescription *string `jsonapi:"attribute" json:"short_description,omitempty"`
	Description      *string `jsonapi:"attribute" json:"description,omitempty"`
	DescriptionId    *string `jsonapi:"attribute" json:"description_id,omitempty"`
	Platform         *string `jsonapi:"attribute" json:"platform,omitempty"`
	Severity         *string `jsonapi:"attribute" json:"severity,omitempty"`
	Category         *string `jsonapi:"attribute" json:"category,omitempty"`
	Provider         *string `jsonapi:"attribute" json:"provider,omitempty"`
	Cwe              *string `jsonapi:"attribute" json:"cwe,omitempty"`
	DocumentationUrl *string `jsonapi:"attribute" json:"documentation_url,omitempty"`
	ProviderUrl      *string `jsonapi:"attribute" json:"provider_url,omitempty"`
}

type Ruleset added in v0.0.6 

type Ruleset struct {
	ID               string  `jsonapi:"primary,iac_ruleset" json:"id"`
	Name             string  `jsonapi:"attribute" json:"name"`
	ShortDescription string  `jsonapi:"attribute" json:"short_description"`
	Description      string  `jsonapi:"attribute" json:"description"`
	Rules            []*Rule `jsonapi:"attribute" json:"rules"`
}

Ruleset defines a collection of rules.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.