reporthandling

package
v0.0.76 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 22, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	StatusPassed  string = "success"
	StatusWarning string = "warning"
	StatusIgnore  string = "ignore"
	StatusFailed  string = "failed"
)

Variables

View Source 
var (
	AMockCustomerGUID  = "5d817063-096f-4d91-b39b-8665240080af"
	AMockJobID         = "36b6f9e1-3b63-4628-994d-cbe16f81e9c7"
	AMockReportID      = "2c31e4da-c6fe-440d-9b8a-785b80c8576a"
	AMockClusterName   = "clusterA"
	AMockFrameworkName = "testFrameworkA"
	AMockControlName   = "testControlA"
	AMockRuleName      = "testRuleA"
	AMockPortalBase    = *armotypes.MockPortalBase(AMockCustomerGUID, "", nil)
)

Mock A

Functions

func AggregateResourcesByAPIServerPod 

func AggregateResourcesByAPIServerPod(k8sObjects []workloadinterface.IMetadata) workloadinterface.IMetadata

Create custom object of apiserver pod. Has required fields + cmdline

func AggregateResourcesBySubjects 

func AggregateResourcesBySubjects(k8sObjects []workloadinterface.IMetadata) ([]workloadinterface.IMetadata, error)

func DeepCopyMap 

func DeepCopyMap(m map[string]interface{}) (map[string]interface{}, error)

DeepCopyMap performs a deep copy of the given map m.

func GetRuntimePods 

func GetRuntimePods() string

func GetUniqueResources 

func GetUniqueResources(k8sResources []map[string]interface{}) []map[string]interface{}

GetUniqueResources the list of resources can contain duplications, this function removes the resource duplication based on workloadinterface.GetID

func GetUniqueResourcesIDs 

func GetUniqueResourcesIDs(k8sResourcesList []string) []string

GetUniqueResources the list of resources can contain duplications, this function removes the resource duplication based on workloadinterface.GetID

func MockExternalFacingService 

func MockExternalFacingService() string

func MockRegoPrivilegedPods 

func MockRegoPrivilegedPods() string

func MockTemp 

func MockTemp() string

func RegoResourcesAggregator 

func RegoResourcesAggregator(rule *PolicyRule, k8sObjects []workloadinterface.IMetadata) ([]workloadinterface.IMetadata, error)

func SetDefaultScore 

func SetDefaultScore(frameworkReport *FrameworkReport)

SetDefaultScore sets the framework,control default score

func SetUniqueResourcesCounter 

func SetUniqueResourcesCounter(frameworkReport *FrameworkReport)

SetDefaultScore sets the framework,control,rule resource counter

func StringInSlice 

func StringInSlice(strSlice []string, str string) bool

func TrimUniqueIDs 

func TrimUniqueIDs(origin, trimFrom []string) []string

TrimUniqueResources trim the list, this wil trim in case the same resource appears in the warning list and in the failed list

Types

type AlertObject 

type AlertObject struct {
	K8SApiObjects   []map[string]interface{} `json:"k8sApiObjects,omitempty"`
	ExternalObjects map[string]interface{}   `json:"externalObjects,omitempty"`
}

type AlertScore 

type AlertScore float32

type Control 

type Control struct {
	armotypes.PortalBase `json:",inline"`
	Control_ID           string       `json:"id,omitempty"` // to be Deprecated
	ControlID            string       `json:"controlID"`
	CreationTime         string       `json:"creationTime"`
	Description          string       `json:"description"`
	Remediation          string       `json:"remediation"`
	Rules                []PolicyRule `json:"rules"`
	FrameworkNames       []string     `json:"frameworkNames,omitempty"`
	// for new list of  rules in POST/UPADTE requests
	RulesIDs              *[]string `json:"rulesIDs,omitempty"`
	BaseScore             float32   `json:"baseScore,omitempty"`
	ARMOImprovementFactor float32   `json:"ARMOImprovementFactor,omitempty"`
}

Control represents a collection of rules which are combined together to single purpose

type ControlConfigInputs added in v0.0.67 

type ControlConfigInputs struct {
	Path        string `json:"path"`
	Name        string `json:"name"`
	Description string `json:"description"`
}

type ControlReport 

type ControlReport struct {
	armotypes.PortalBase  `json:",inline"`
	Control_ID            string       `json:"id,omitempty"` // to be Deprecated
	ControlID             string       `json:"controlID"`
	Name                  string       `json:"name"`
	RuleReports           []RuleReport `json:"ruleReports"`
	Remediation           string       `json:"remediation"`
	Description           string       `json:"description"`
	Score                 float32      `json:"score"`
	BaseScore             float32      `json:"baseScore,omitempty"`
	ARMOImprovement       float32      `json:"ARMOImprovement,omitempty"`
	ResourceUniqueCounter `json:",inline"`
}

func (*ControlReport) Failed 

func (controlReport *ControlReport) Failed() bool

func (*ControlReport) GetID 

func (controlReport *ControlReport) GetID() string

func (*ControlReport) GetNumberOfFailedResources 

func (controlReport *ControlReport) GetNumberOfFailedResources() int

func (*ControlReport) GetNumberOfResources 

func (controlReport *ControlReport) GetNumberOfResources() int

func (*ControlReport) GetNumberOfWarningResources 

func (controlReport *ControlReport) GetNumberOfWarningResources() int

func (*ControlReport) GetStatus 

func (controlReport *ControlReport) GetStatus() string

func (*ControlReport) ListControlsInputKinds 

func (controlReport *ControlReport) ListControlsInputKinds() []string

func (*ControlReport) ListResourcesIDs added in v0.0.53 

func (controlReport *ControlReport) ListResourcesIDs() *ResourcesIDs

GetResourcesPerControl - return unique lists of resource IDs: all,warning,failed

func (*ControlReport) Passed 

func (controlReport *ControlReport) Passed() bool

func (*ControlReport) RemoveData 

func (controlReport *ControlReport) RemoveData(keepFields, keepMetadataFields []string)

func (*ControlReport) SetDefaultScore 

func (controlReport *ControlReport) SetDefaultScore()

func (*ControlReport) SetNumberOfFailedResources 

func (controlReport *ControlReport) SetNumberOfFailedResources(n int)

func (*ControlReport) SetNumberOfResources 

func (controlReport *ControlReport) SetNumberOfResources(n int)

func (*ControlReport) SetNumberOfWarningResources 

func (controlReport *ControlReport) SetNumberOfWarningResources(n int)

func (*ControlReport) SetResourcesCounters added in v0.0.53 

func (controlReport *ControlReport) SetResourcesCounters()

func (*ControlReport) Warning 

func (controlReport *ControlReport) Warning() bool

type Framework 

type Framework struct {
	armotypes.PortalBase `json:",inline"`
	CreationTime         string    `json:"creationTime"`
	Description          string    `json:"description"`
	Controls             []Control `json:"controls"`
	// for new list of  controls in POST/UPADTE requests
	ControlsIDs *[]string `json:"controlsIDs,omitempty"`
}

Framework represents a collection of controls which are combined together to expose comprehensive behavior

func MockFrameworkA 

func MockFrameworkA() *Framework

type FrameworkReport 

type FrameworkReport struct {
	Name                  string          `json:"name"`
	ControlReports        []ControlReport `json:"controlReports"`
	Score                 float32         `json:"score,omitempty"`
	ARMOImprovement       float32         `json:"ARMOImprovement,omitempty"`
	WCSScore              float32         `json:"wcsScore,omitempty"`
	ResourceUniqueCounter `json:",inline"`
}

func MockFrameworkReportA 

func MockFrameworkReportA() *FrameworkReport

func (*FrameworkReport) Failed 

func (frameworkReport *FrameworkReport) Failed() bool

func (*FrameworkReport) GetNumberOfFailedResources 

func (frameworkReport *FrameworkReport) GetNumberOfFailedResources() int

func (*FrameworkReport) GetNumberOfResources 

func (frameworkReport *FrameworkReport) GetNumberOfResources() int

func (*FrameworkReport) GetNumberOfWarningResources 

func (frameworkReport *FrameworkReport) GetNumberOfWarningResources() int

func (*FrameworkReport) GetStatus 

func (frameworkReport *FrameworkReport) GetStatus() string

func (*FrameworkReport) ListResourcesIDs added in v0.0.53 

func (frameworkReport *FrameworkReport) ListResourcesIDs() *ResourcesIDs

GetResourcesPerControl - return unique lists of resource IDs: all,warning,failed

func (*FrameworkReport) Passed 

func (frameworkReport *FrameworkReport) Passed() bool

func (*FrameworkReport) RemoveData 

func (frameworkReport *FrameworkReport) RemoveData(keepFields, keepMetadataFields []string)

func (*FrameworkReport) SetDefaultScore 

func (frameworkReport *FrameworkReport) SetDefaultScore()

func (*FrameworkReport) SetNumberOfFailedResources 

func (frameworkReport *FrameworkReport) SetNumberOfFailedResources(n int)

func (*FrameworkReport) SetNumberOfResources 

func (frameworkReport *FrameworkReport) SetNumberOfResources(n int)

func (*FrameworkReport) SetNumberOfWarningResources 

func (frameworkReport *FrameworkReport) SetNumberOfWarningResources(n int)

func (*FrameworkReport) SetResourcesCounters added in v0.0.53 

func (frameworkReport *FrameworkReport) SetResourcesCounters()

func (*FrameworkReport) Warning 

func (frameworkReport *FrameworkReport) Warning() bool

type IReportStatus 

type IReportStatus interface {
	GetStatus() string
	Passed() bool
	Warning() bool
	Failed() bool
}

type IReportSummary 

type IReportSummary interface {
	IReportStatus

	// Get
	SetNumberOfResources(n int)
	SetNumberOfWarningResources(n int)
	SetNumberOfFailedResources(n int)

	// Get
	GetNumberOfResources() int
	GetNumberOfWarningResources() int
	GetNumberOfFailedResources() int
}

type NotificationPolicyKind 

type NotificationPolicyKind string
const (
	KindFramework NotificationPolicyKind = "Framework"
	KindControl   NotificationPolicyKind = "Control"
	KindRule      NotificationPolicyKind = "Rule"
)

Supported NotificationKinds

type NotificationPolicyType 

type NotificationPolicyType string
const (
	TypeValidateRules   NotificationPolicyType = "validateRules"
	TypeExecPostureScan NotificationPolicyType = "execPostureScan"
	TypeUpdateRules     NotificationPolicyType = "updateRules"
)

Supported NotificationTypes

type PolicyIdentifier 

type PolicyIdentifier struct {
	Kind NotificationPolicyKind `json:"kind"`
	Name string                 `json:"name"`
}

type PolicyNotification 

type PolicyNotification struct {
	NotificationType NotificationPolicyType     `json:"notificationType"`
	Rules            []PolicyIdentifier         `json:"rules"`
	ReportID         string                     `json:"reportID"`
	JobID            string                     `json:"jobID"`
	Designators      armotypes.PortalDesignator `json:"designators"`
}

func MockPolicyNotificationA 

func MockPolicyNotificationA() *PolicyNotification

func (*PolicyNotification) ToJSONBytesBuffer 

func (pn *PolicyNotification) ToJSONBytesBuffer() (*bytes.Buffer, error)

type PolicyRule 

type PolicyRule struct {
	armotypes.PortalBase `json:",inline"`
	CreationTime         string                `json:"creationTime"`
	Rule                 string                `json:"rule"`               // multiline string!
	ResourceEnumerator   string                `json:"resourceEnumerator"` // multiline string!
	RuleLanguage         RuleLanguages         `json:"ruleLanguage"`
	Match                []RuleMatchObjects    `json:"match"`
	DynamicMatch         []RuleMatchObjects    `json:"dynamicMatch,omitempty"` // DEPRECATED - Added for ks version 136
	RuleDependencies     []RuleDependency      `json:"ruleDependencies"`
	ConfigInputs         []string              `json:"configInputs"`        // DEPRECATED
	ControlConfigInputs  []ControlConfigInputs `json:"controlConfigInputs"` // list of inputs from postureControlInputs in customerConfig for this rule
	Description          string                `json:"description"`
	Remediation          string                `json:"remediation"`
	RuleQuery            string                `json:"ruleQuery"` // default "armo_builtins" - DEPRECATED
}

PolicyRule represents single rule, the fundamental executable block of policy

func MockRuleA 

func MockRuleA() *PolicyRule

func MockRuleB 

func MockRuleB() *PolicyRule

func MockRuleUntrustedRegistries 

func MockRuleUntrustedRegistries() *PolicyRule

type PostureReport 

type PostureReport struct {
	CustomerGUID         string                `json:"customerGUID"`
	ClusterName          string                `json:"clusterName"`
	ClusterAPIServerInfo *version.Info         `json:"clusterAPIServerInfo"`
	ClusterCloudProvider string                `json:"clusterCloudProvider"`
	ReportID             string                `json:"reportID"`
	JobID                string                `json:"jobID"`
	ReportGenerationTime time.Time             `json:"generationTime"`
	FrameworkReports     []FrameworkReport     `json:"frameworks"`            // DEPRECATED
	RBACObjects          rbacutils.RbacObjects `json:"rbacObjects,omitempty"` // all rbac objects in cluster - roles, clusterroles, rolebindings, clusterrolebindings
	Resources            []Resource            `json:"resource,omitempty"`
}

PostureReport

func MockPostureReportA 

func MockPostureReportA() *PostureReport

func (*PostureReport) NKeys 

func (file *PostureReport) NKeys() int

func (*PostureReport) RemoveData 

func (postureReport *PostureReport) RemoveData(keepFields, keepMetadataFields []string)

TODO - receive list full json paths

func (*PostureReport) UnmarshalJSONObject 

func (r *PostureReport) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
responsible on fast unmarshaling of various COMMON containerscan structures and substructures

UnmarshalJSONObject - File inside a pkg

type Resource 

type Resource struct {
	ResourceID string         `json:"resourceID"`
	Object     interface{}    `json:"object"`
	IMetadata  ik8s.IMetadata `json:"-"`
}

func NewResource added in v0.0.55 

func NewResource(obj map[string]interface{}) *Resource

func (*Resource) GetApiVersion 

func (r *Resource) GetApiVersion() string

func (*Resource) GetID 

func (r *Resource) GetID() string

func (*Resource) GetKind 

func (r *Resource) GetKind() string

func (*Resource) GetName 

func (r *Resource) GetName() string

func (*Resource) GetNamespace 

func (r *Resource) GetNamespace() string

func (*Resource) GetObject 

func (r *Resource) GetObject() map[string]interface{}

func (*Resource) GetWorkload 

func (r *Resource) GetWorkload() map[string]interface{}

func (*Resource) SetKind 

func (r *Resource) SetKind(s string)

func (*Resource) SetName 

func (r *Resource) SetName(s string)

func (*Resource) SetNamespace 

func (r *Resource) SetNamespace(s string)

func (*Resource) SetObject 

func (r *Resource) SetObject(m map[string]interface{})

func (*Resource) SetWorkload 

func (r *Resource) SetWorkload(m map[string]interface{})

type ResourceUniqueCounter 

type ResourceUniqueCounter struct {
	TotalResources   int `json:"totalResources"`
	FailedResources  int `json:"failedResources"`
	WarningResources int `json:"warningResources"`
}

type ResourcesIDs added in v0.0.53 

type ResourcesIDs struct {
	// contains filtered or unexported fields
}

func (*ResourcesIDs) GetAllResources added in v0.0.53 

func (r *ResourcesIDs) GetAllResources() []string

func (*ResourcesIDs) GetFailedResources added in v0.0.53 

func (r *ResourcesIDs) GetFailedResources() []string

func (*ResourcesIDs) GetPassedResources added in v0.0.56 

func (r *ResourcesIDs) GetPassedResources() []string

func (*ResourcesIDs) GetWarningResources added in v0.0.53 

func (r *ResourcesIDs) GetWarningResources() []string

type RuleDependency 

type RuleDependency struct {
	PackageName string `json:"packageName"` // package name
}

RuleMatchObjects defines which objects this rule applied on

type RuleLanguages 

type RuleLanguages string
const (
	RegoLanguage  RuleLanguages = "Rego"
	RegoLanguage2 RuleLanguages = "rego"
)

type RuleMatchObjects 

type RuleMatchObjects struct {
	APIGroups   []string `json:"apiGroups"`   // apps
	APIVersions []string `json:"apiVersions"` // v1/ v1beta1 / *
	Resources   []string `json:"resources"`   // dep.., pods,
}

RuleMatchObjects defines which objects this rule applied on

type RuleReport 

type RuleReport struct {
	Name                  string         `json:"name"`
	Remediation           string         `json:"remediation"`
	RuleStatus            RuleStatus     `json:"ruleStatus"` // did we run the rule or not (if there where compile errors, the value will be failed)
	RuleResponses         []RuleResponse `json:"ruleResponses"`
	ListInputKinds        []string       `json:"listInputIDs"`
	ResourceUniqueCounter `json:",inline"`
}

func (*RuleReport) Failed 

func (ruleReport *RuleReport) Failed() bool

func (*RuleReport) GetAllResourcesIDs 

func (ruleReport *RuleReport) GetAllResourcesIDs() []string

func (*RuleReport) GetFailedResources 

func (ruleReport *RuleReport) GetFailedResources() []map[string]interface{}

DO NOT USE! 

func (ruleReport *RuleReport) GetAllResources() []map[string]interface{} {
	return ruleReport.ListInputResources
}

func (*RuleReport) GetNumberOfFailedResources 

func (ruleReport *RuleReport) GetNumberOfFailedResources() int

func (*RuleReport) GetNumberOfResources 

func (ruleReport *RuleReport) GetNumberOfResources() int

func (*RuleReport) GetNumberOfWarningResources 

func (ruleReport *RuleReport) GetNumberOfWarningResources() int

func (*RuleReport) GetStatus 

func (ruleReport *RuleReport) GetStatus() string

func (*RuleReport) GetWarnignResources 

func (ruleReport *RuleReport) GetWarnignResources() []map[string]interface{}

func (*RuleReport) ListResourcesIDs added in v0.0.53 

func (ruleReport *RuleReport) ListResourcesIDs() *ResourcesIDs

func (*RuleReport) Passed 

func (ruleReport *RuleReport) Passed() bool

func (*RuleReport) RemoveData 

func (ruleReport *RuleReport) RemoveData(keepFields, keepMetadataFields []string)

func (*RuleReport) SetNumberOfFailedResources 

func (ruleReport *RuleReport) SetNumberOfFailedResources(n int)

func (*RuleReport) SetNumberOfResources 

func (ruleReport *RuleReport) SetNumberOfResources(n int)

func (*RuleReport) SetNumberOfWarningResources 

func (ruleReport *RuleReport) SetNumberOfWarningResources(n int)

func (*RuleReport) SetResourcesCounters added in v0.0.53 

func (ruleReport *RuleReport) SetResourcesCounters()

func (*RuleReport) Warning 

func (ruleReport *RuleReport) Warning() bool

type RuleResponse 

type RuleResponse struct {
	AlertMessage string                            `json:"alertMessage"`
	FailedPaths  []string                          `json:"failedPaths"`
	RuleStatus   string                            `json:"ruleStatus"`
	PackageName  string                            `json:"packagename"`
	AlertScore   AlertScore                        `json:"alertScore"`
	AlertObject  AlertObject                       `json:"alertObject"`
	Context      []string                          `json:"context,omitempty"`  // TODO - Remove
	Rulename     string                            `json:"rulename,omitempty"` // TODO - Remove
	Exception    *armotypes.PostureExceptionPolicy `json:"exception,omitempty"`
}

RegoResponse the expected response of single run of rego policy

func MockRuleResponseA 

func MockRuleResponseA() *RuleResponse

func ParseRegoResult 

func ParseRegoResult(regoResult *rego.ResultSet) ([]RuleResponse, error)

func RemoveResponse 

func RemoveResponse(slice []RuleResponse, index int) []RuleResponse

func (*RuleResponse) Failed 

func (ruleResponse *RuleResponse) Failed() bool

func (*RuleResponse) GetStatus 

func (ruleResponse *RuleResponse) GetStatus() string

func (*RuleResponse) Passed 

func (ruleResponse *RuleResponse) Passed() bool

func (*RuleResponse) RemoveData 

func (ruleResponse *RuleResponse) RemoveData(keepFields, keepMetadataFields []string)

func (*RuleResponse) Warning 

func (ruleResponse *RuleResponse) Warning() bool

type RuleStatus 

type RuleStatus struct {
	Status  string `json:"status"`
	Message string `json:"message"`
}

type UpdatedControl 

type UpdatedControl struct {
	Control `json:",inline"`
	Rules   []interface{} `json:"rules"`
}

type UpdatedFramework 

type UpdatedFramework struct {
	Framework `json:",inline"`
	Controls  []interface{} `json:"controls"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.