Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ToScanResponse ¶
func ToScanResponse(repoResults []*PerRepoResult) *plugin.ScanResponse
ToScanResponse maps a slice of PerRepoResults to a plugin.ScanResponse. Findings are grouped by requirement ID (derived from TenetID) into AssessmentLog entries. Each repository/branch scan becomes a Step within the assessment.
func WritePerRepoResult ¶
func WritePerRepoResult(result *PerRepoResult, dir string) error
WritePerRepoResult writes a PerRepoResult as JSON to the given directory.
Types ¶
type Finding ¶
type Finding struct {
TenetID string `json:"tenet_id"`
Title string `json:"title"`
Result string `json:"result"`
Reason string `json:"reason"`
}
Finding represents an individual rule evaluation result.
type PerRepoResult ¶
type PerRepoResult struct {
Repository string `json:"repository"`
Branch string `json:"branch"`
ScannedAt time.Time `json:"scanned_at"`
Findings []Finding `json:"findings"`
Status string `json:"status"`
Error string `json:"error,omitempty"`
}
PerRepoResult holds scan findings for a single repository.
func ParseAmpelOutput ¶
func ParseAmpelOutput(raw []byte, repo, branch string) (*PerRepoResult, error)
ParseAmpelOutput parses the in-toto attestation produced by ampel verify (with --attest-results) into a PerRepoResult. The attestation predicate contains the evaluation ResultSet with per-policy and per-tenet results.
Source Files
Click to show internal directories.
Click to hide internal directories.