Documentation
¶
Index ¶
- Constants
- func LoadGranularPolicies(dir string) (map[string]*AmpelPolicy, error)
- func WritePolicy(bundle *AmpelPolicyBundle, dir string) error
- type AmpelPolicy
- type AmpelPolicyBundle
- type AmpelTenet
- type BundleMeta
- type Framework
- type PolicyControl
- type PolicyMeta
- type PredicateSpec
- type TenetError
- type TenetMessage
Constants ¶
const (
// PolicyFileName is the output filename for the merged AMPEL policy bundle.
PolicyFileName = "complytime-ampel-policy.json"
)
Variables ¶
This section is empty.
Functions ¶
func LoadGranularPolicies ¶
func LoadGranularPolicies(dir string) (map[string]*AmpelPolicy, error)
LoadGranularPolicies reads all .json files from dir (skipping PolicyFileName) and returns a map keyed by each policy's ID field.
func WritePolicy ¶
func WritePolicy(bundle *AmpelPolicyBundle, dir string) error
WritePolicy marshals an AmpelPolicyBundle to JSON and writes it to the given directory. If bundle is nil or has no policies, no file is written and nil is returned.
Types ¶
type AmpelPolicy ¶
type AmpelPolicy struct {
ID string `json:"id"`
Meta PolicyMeta `json:"meta"`
Tenets []AmpelTenet `json:"tenets"`
}
AmpelPolicy represents a single AMPEL policy (one per granular file).
func MatchPolicies ¶
func MatchPolicies(configs []plugin.AssessmentConfiguration, granular map[string]*AmpelPolicy) ([]*AmpelPolicy, []string)
MatchPolicies looks up each requirement ID from the assessment configurations in the granular policy map. It returns the matched policies and warning strings for unmatched requirements.
type AmpelPolicyBundle ¶
type AmpelPolicyBundle struct {
ID string `json:"id"`
Meta BundleMeta `json:"meta"`
Policies []*AmpelPolicy `json:"policies"`
}
AmpelPolicyBundle is the top-level document written to disk for ampel verify.
func MergeToBundle ¶
func MergeToBundle(policies []*AmpelPolicy) *AmpelPolicyBundle
MergeToBundle wraps matched policies into a top-level AmpelPolicyBundle.
type AmpelTenet ¶
type AmpelTenet struct {
ID string `json:"id"`
Code string `json:"code"`
Predicates PredicateSpec `json:"predicates"`
Assessment TenetMessage `json:"assessment"`
Error TenetError `json:"error"`
}
AmpelTenet represents a single verification check within a policy.
type BundleMeta ¶
type BundleMeta struct {
Frameworks []Framework `json:"frameworks"`
}
BundleMeta holds metadata for the policy bundle.
type PolicyControl ¶
type PolicyControl struct {
Framework string `json:"framework"`
Class string `json:"class"`
ID string `json:"id"`
}
PolicyControl references a compliance control associated with the policy.
type PolicyMeta ¶
type PolicyMeta struct {
Description string `json:"description"`
Controls []PolicyControl `json:"controls"`
}
PolicyMeta holds metadata for an individual policy.
type PredicateSpec ¶
type PredicateSpec struct {
Types []string `json:"types"`
}
PredicateSpec defines the attestation predicate types a tenet evaluates.
type TenetError ¶
TenetError holds the error message and remediation guidance for a failing tenet.
type TenetMessage ¶
type TenetMessage struct {
Message string `json:"message"`
}
TenetMessage holds the assessment message for a passing tenet.
Source Files