config

package

v1.3.3 Latest Latest Go to latest Published: Jun 2, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/DataDog/datadog-iac-scanner

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func UnparseConfig(cfg *IacConfig) ([]byte, error)
type IacConfig
- func ParseConfig(cfgBytes []byte) (*IacConfig, error)
- func ReadConfiguration(ctx context.Context, rootPath string, options ...ReadConfigurationOption) (*IacConfig, []byte, error)
type IacRuleConfig
type InvalidLocalConfigError
- func (e *InvalidLocalConfigError) Error() string
- func (e *InvalidLocalConfigError) Unwrap() error
type ReadConfigurationOption
- func WithDatadog(client datadog.Client, repoUrl string) ReadConfigurationOption

Constants ¶

View Source

const (
	ConfigFileNameBase   = "code-security.datadog"
	LegacyConfigFileName = "dd-iac-scan.config"
)

Variables ¶

This section is empty.

Functions ¶

func UnparseConfig ¶ added in v1.1.1

func UnparseConfig(cfg *IacConfig) ([]byte, error)

UnparseConfig turns a parsed configuration into a YAML file. It ignores the LegacyExcludeResults field, since it's not representable in YAML. You will need to handle it externally if you need to.

Types ¶

type IacConfig ¶

type IacConfig struct {
	IgnoreRules      []string
	OnlyRules        []string
	IgnorePaths      []string
	OnlyPaths        []string
	IgnoreSeverities []string
	OnlySeverities   []string
	IgnoreCategories []string
	OnlyCategories   []string

	LegacyExcludeResults []string

	RuleConfigs     map[string]IacRuleConfig
	IgnorePlatforms []string
	OnlyPlatforms   []string
}

func ParseConfig ¶

func ParseConfig(cfgBytes []byte) (*IacConfig, error)

ParseConfig turns a YAML configuration file into a parsed configuration

func ReadConfiguration ¶

func ReadConfiguration(ctx context.Context, rootPath string, options ...ReadConfigurationOption) (*IacConfig, []byte, error)

ReadConfiguration reads the local config file (if any), applies all options (e.g. WithDatadog), and returns the parsed result. Options are always applied even when no local file exists, so server-side customizations are fetched regardless of local file presence.

type IacRuleConfig ¶ added in v1.3.2

type IacRuleConfig struct {
	IgnorePaths []string
	OnlyPaths   []string
	Severity    *string
}

IacRuleConfig holds per-rule overrides: path scoping and severity override. nil slices mean "no restriction". A nil Severity means "no override".

type InvalidLocalConfigError ¶ added in v1.2.0

type InvalidLocalConfigError struct {
	// contains filtered or unexported fields
}

InvalidLocalConfigError is returned when the local IaC configuration file cannot be read or parsed. It does NOT cover errors from remote config sources such as Datadog API calls via WithDatadog.

func (*InvalidLocalConfigError) Error ¶ added in v1.2.0

func (e *InvalidLocalConfigError) Error() string

func (*InvalidLocalConfigError) Unwrap ¶ added in v1.2.0

func (e *InvalidLocalConfigError) Unwrap() error

type ReadConfigurationOption ¶ added in v1.1.1

type ReadConfigurationOption func(context.Context, []byte) ([]byte, error)

func WithDatadog ¶ added in v1.1.1

func WithDatadog(client datadog.Client, repoUrl string) ReadConfigurationOption

WithDatadog calls the Datadog backend to append server-side customizations to the local repo config.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL