Documentation
¶
Overview ¶
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Package utils contains various utility functions to use in other packages
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. *
This product includes software developed at Datadog (https://www.datadoghq.com) Copyright 2024 Datadog, Inc.
Index ¶
- Constants
- func AdjustNumWorkers(workers int) int
- func ChooseQueryID(queryID, legacyQueryID string) string
- func Contains(target, list interface{}) bool
- func ContainsInString(target string, list []string) bool
- func DecryptAnsibleVault(ctx context.Context, fileContent []byte, secret string) []byte
- func GetExtension(ctx context.Context, path string) (string, error)
- func GetVaultPassword() string
- func HandlePanic(ctx context.Context, r any, errMessage string)
- func IsAnsibleVaultEncrypted(content []byte) bool
- func LineCounter(ctx context.Context, path string) (int, error)
- func MergeMaps(map1, map2 map[string]interface{})
- func NextRandom() string
- func NormalizeAnsibleResourceType(resourceType string) string
- func ReadVaultPassword(filePath string) string
- func SplitLines(content string) *[]string
- func ToID(platform, provider, dir string) string
- func ToSlug(name string) string
Constants ¶
const ( UndetectedVulnerabilityLine = -1 DefaultQueryID = "Undefined" DefaultQueryName = "Anonymous" DefaultExperimental = false DefaultQueryDescription = "Undefined" DefaultQueryDescriptionID = "Undefined" DefaultQueryURI = "https://github.com/DataDog/datadog-iac-scanner/" UnresolvedPlaceholder = "__UNRESOLVED__" // RegoQuery is the OPA query evaluated against every rule module. // It delegates to RegoCompatShim so both legacy (package Cx / CxPolicy) and // current (package datadog / DatadogPolicy) rules are accepted during migration. RegoQuery = `result = data.dd_iac_compat.policy` // RegoCompatShim is injected as an extra OPA module alongside every rule. // The two incremental definitions union CxPolicy and DatadogPolicy results, // so each evaluates to an empty set when the corresponding package is absent. // Once all rules have been migrated to DatadogPolicy, this shim can be removed // and RegoQuery simplified back to `result = data.datadog.DatadogPolicy`. RegoCompatShim = `` /* 131-byte string literal not displayed */ )
Constants with default query values
Variables ¶
This section is empty.
Functions ¶
func AdjustNumWorkers ¶
func ChooseQueryID ¶ added in v1.3.0
func Contains ¶
func Contains(target, list interface{}) bool
Contains if a function to check if list contains target
func ContainsInString ¶
ContainsInString verifies if some string in list contains the specified target
func DecryptAnsibleVault ¶
DecryptAnsibleVault verifies if the fileContent is encrypted by ansible-vault. If yes, the function decrypts it
func GetExtension ¶
GetExtension gets the extension of a file path
func GetVaultPassword ¶ added in v0.0.9
func GetVaultPassword() string
GetVaultPassword returns the vault password read from ANSIBLE_VAULT_PASSWORD_FILE, cached after the first call.
func IsAnsibleVaultEncrypted ¶ added in v0.0.9
IsAnsibleVaultEncrypted reports whether content is Ansible Vault encrypted.
func LineCounter ¶
LineCounter get the number of lines of a given file
func NormalizeAnsibleResourceType ¶ added in v0.0.5
NormalizeAnsibleResourceType returns the Ansible content name (last segment after ".") from a fully qualified collection name (FQCN) or short name. Used so that rego rules can output either "community.aws.ec2_instance" or "ec2_instance" and we consistently expose "ec2_instance". If resourceType has no ".", it is returned unchanged.
func ReadVaultPassword ¶ added in v0.0.9
ReadVaultPassword reads the vault password from the file at filePath.
Types ¶
This section is empty.
Source Files