source

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

  • Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *

  • This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.

  • Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *

  • This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.

Package source (go:generate go run -mod=mod github.com/golang/mock/mockgen -package mock -source=./$GOFILE -destination=../mock/$GOFILE)

Index

Constants

View Source 
const (
	// QueryFileName The default query file name
	QueryFileName = "query.rego"
	// MetadataFileName The default metadata file name
	MetadataFileName = "metadata.json"
	// LibrariesDefaultBasePath the path to rego libraries
	LibrariesDefaultBasePath = "./assets/libraries"
)

Variables

This section is empty.

Functions

func ConvertRule added in v1.0.1 

func ConvertRule(rule *datadog.Rule) model.QueryMetadata

nolint:gocyclo ConvertRule converts a Datadog api [Rule] to a model.QueryMetadata

func GetPathToCustomLibrary 

func GetPathToCustomLibrary(ctx context.Context, platform, libraryPathFlag string) string

GetPathToCustomLibrary - returns the libraries path for a given platform

func MergeInputData 

func MergeInputData(defaultInputData, customInputData string) (string, error)

MergeInputData merges KICS input data with custom input data user defined

func MergeModulesData 

func MergeModulesData(modules []tfmodules.ParsedModule, inputData string) (string, error)

func ReadEmbeddedQuery added in v1.0.1 

func ReadEmbeddedQuery(ctx context.Context, queryDir string) (model.QueryMetadata, error)

ReadEmbeddedQuery reads embedded query files for a given path and returns a QueryMetadata struct with its content

func ReadQueryFile added in v1.0.1 

func ReadQueryFile(ctx context.Context, queryDir string) (model.QueryMetadata, error)

ReadQueryFile reads query files in the local filesystem for a given path and returns a QueryMetadata struct with its content

Types

type DatadogSource added in v0.0.6 

type DatadogSource struct {
	// contains filtered or unexported fields
}

DatadogSource is a QueriesSource that reads queries from the Datadog API. Libraries are fetched via another QueriesSource.

func (*DatadogSource) GetQueries added in v0.0.6 

func (s *DatadogSource) GetQueries(ctx context.Context, querySelection *QueryInspectorParameters) ([]model.QueryMetadata, error)

func (*DatadogSource) GetQueryLibrary added in v0.0.6 

func (s *DatadogSource) GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)

type DatadogSourceOption added in v0.0.6 

type DatadogSourceOption func(source *DatadogSource)

func WithLibrarySource added in v0.0.6 

func WithLibrarySource(source QueriesSource) DatadogSourceOption

WithLibrarySource lets you specify the QueriesSource instance that library data will be read from. If unspecified, a FilesystemSource with equivalent options will be used.

func WithWantedCloudProviders added in v0.0.6 

func WithWantedCloudProviders(providers []string) DatadogSourceOption

WithWantedCloudProviders specifies a list of providers to read queries for. If unspecified, all providers will be read.

func WithWantedPlatforms added in v0.0.6 

func WithWantedPlatforms(platforms []string) DatadogSourceOption

WithWantedPlatforms specifies a list of platforms to read queries for. If unspecified, all platforms will be read.

type FilesystemSource 

type FilesystemSource struct {
	Source              []string
	Types               []string
	CloudProviders      []string
	Library             string
	ExperimentalQueries bool
}

FilesystemSource this type defines a struct with a path to a filesystem source of queries Source is the path to the queries Types are the types given by the flag --type for query selection mechanism

func NewFilesystemSource 

func NewFilesystemSource(ctx context.Context, source, types, cloudProviders []string,
	libraryPath string, experimentalQueries bool) *FilesystemSource

NewFilesystemSource initializes a NewFilesystemSource with source to queries and types of queries to load

func (*FilesystemSource) CheckCloudProvider 

func (s *FilesystemSource) CheckCloudProvider(cloudProvider any) bool

CheckCloudProvider checks if the queries have the cloud provider passed as an argument in '--cloud-provider' flag to be loaded

func (*FilesystemSource) CheckType 

func (s *FilesystemSource) CheckType(queryPlatform any) bool

CheckType checks if the queries have the type passed as an argument in '--type' flag to be loaded

func (*FilesystemSource) GetQueries 

func (s *FilesystemSource) GetQueries(ctx context.Context, queryParameters *QueryInspectorParameters) ([]model.QueryMetadata, error)

GetQueries walks a given filesource path returns all queries found in an array of QueryMetadata struct

func (*FilesystemSource) GetQueryLibrary 

func (s *FilesystemSource) GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)

GetQueryLibrary returns the library.rego for the platform passed in the argument

type QueriesSource 

type QueriesSource interface {
	GetQueries(ctx context.Context, querySelection *QueryInspectorParameters) ([]model.QueryMetadata, error)
	GetQueryLibrary(ctx context.Context, platform string) (RegoLibraries, error)
}

QueriesSource wraps an interface that contains basic methods: GetQueries and GetQueryLibrary GetQueries gets all queries from a QueryMetadata list GetQueryLibrary gets a library of rego functions given a plataform's name

func NewDatadogSource added in v0.0.6 

func NewDatadogSource(client datadog.Client, options ...DatadogSourceOption) (QueriesSource, error)

NewDatadogSource creates a DatadogSource with the given options.

type QueryFilter added in v1.0.1 

type QueryFilter struct {
	ByIDs        []string
	ByCategories []string
	BySeverities []string
}

QueryFilter is a struct that represents the option to exclude queries by ids or by categories

type QueryInspectorParameters 

type QueryInspectorParameters struct {
	// IncludeQueries specifies the queries that will be used
	IncludeQueries QueryFilter
	// ExcludeQueries specifies the queries that will not be used
	ExcludeQueries      QueryFilter
	ExperimentalQueries bool
	InputDataPath       string
	BomQueries          bool
	FlagEvaluator       featureflags.FlagEvaluator
}

QueryInspectorParameters is a struct that represents the optionn to select queries to be executed

type RegoLibraries 

type RegoLibraries struct {
	LibraryCode      string
	LibraryInputData string
}

RegoLibraries is a struct that contains the library code and its input data

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.