config

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2025 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SaveConfig 

func SaveConfig(config *Config, filepath string) error

SaveConfig saves configuration to a file

Types

type ActionsIgnores 

type ActionsIgnores struct {
	Actions []string `yaml:"actions" json:"actions"` // Specific actions to ignore
	Orgs    []string `yaml:"orgs" json:"orgs"`       // Trusted organizations
}

ActionsIgnores for action-related rules

type Config 

type Config struct {
	Version string `yaml:"version" json:"version"`
	Rules   Rules  `yaml:"rules" json:"rules"`
	Output  Output `yaml:"output" json:"output"`
}

Config represents the complete Flowlyt configuration

func DefaultConfig 

func DefaultConfig() *Config

DefaultConfig returns a default configuration

func LoadConfig 

func LoadConfig(configPath string) (*Config, error)

LoadConfig loads configuration from file or returns default

func (*Config) IsRuleEnabled 

func (config *Config) IsRuleEnabled(ruleID string) bool

IsRuleEnabled checks if a rule should be enabled

func (*Config) ShouldIgnoreForRule 

func (config *Config) ShouldIgnoreForRule(ruleID, text, filePath string) bool

ShouldIgnoreForRule checks if a finding should be ignored for a specific rule

func (*Config) ShouldIgnoreGlobal 

func (config *Config) ShouldIgnoreGlobal(text string) bool

ShouldIgnoreGlobal checks if a string should be ignored globally

func (*Config) ShouldIgnoreSecret 

func (config *Config) ShouldIgnoreSecret(text, context string) bool

ShouldIgnoreSecret checks if a secret should be ignored

type CustomRule 

type CustomRule struct {
	ID          string                 `yaml:"id" json:"id"`
	Name        string                 `yaml:"name" json:"name"`
	Description string                 `yaml:"description" json:"description"`
	Severity    string                 `yaml:"severity" json:"severity"`
	Category    string                 `yaml:"category" json:"category"`
	Type        string                 `yaml:"type" json:"type"` // "regex", "script", "plugin"
	Pattern     string                 `yaml:"pattern,omitempty" json:"pattern,omitempty"`
	Patterns    []string               `yaml:"patterns,omitempty" json:"patterns,omitempty"`
	Script      string                 `yaml:"script,omitempty" json:"script,omitempty"`
	Config      map[string]interface{} `yaml:"config,omitempty" json:"config,omitempty"`
	Target      RuleTarget             `yaml:"target" json:"target"`
	Remediation string                 `yaml:"remediation" json:"remediation"`
}

CustomRule represents a user-defined rule

type CustomRuleEngine 

type CustomRuleEngine struct {
	// contains filtered or unexported fields
}

CustomRuleEngine handles loading and execution of custom rules

func NewCustomRuleEngine 

func NewCustomRuleEngine(config *Config) *CustomRuleEngine

NewCustomRuleEngine creates a new custom rule engine

func (*CustomRuleEngine) LoadCustomRules 

func (cre *CustomRuleEngine) LoadCustomRules() ([]rules.Rule, error)

LoadCustomRules converts config custom rules to executable rules

type FalsePositives 

type FalsePositives struct {
	Global  GlobalIgnores          `yaml:"global" json:"global"`
	Secrets SecretsIgnores         `yaml:"secrets" json:"secrets"`
	Actions ActionsIgnores         `yaml:"actions" json:"actions"`
	Files   []string               `yaml:"files" json:"files"` // File patterns to ignore
	Rules   map[string]RuleIgnores `yaml:"rules" json:"rules"` // Per-rule ignores
}

FalsePositives configuration for filtering false positives

type GlobalIgnores 

type GlobalIgnores struct {
	Patterns []string `yaml:"patterns" json:"patterns"`
	Strings  []string `yaml:"strings" json:"strings"`
}

GlobalIgnores for all rules

type Output 

type Output struct {
	Format          string          `yaml:"format" json:"format"` // "cli", "json", "sarif", "junit"
	File            string          `yaml:"file,omitempty" json:"file,omitempty"`
	MinSeverity     string          `yaml:"min_severity" json:"min_severity"`
	ShowRemediation bool            `yaml:"show_remediation" json:"show_remediation"`
	Template        string          `yaml:"template,omitempty" json:"template,omitempty"`
	Fields          map[string]bool `yaml:"fields,omitempty" json:"fields,omitempty"`
}

Output configuration

type RuleIgnores 

type RuleIgnores struct {
	Patterns []string `yaml:"patterns" json:"patterns"`
	Strings  []string `yaml:"strings" json:"strings"`
	Files    []string `yaml:"files" json:"files"`
}

RuleIgnores for specific rule overrides

type RuleTarget 

type RuleTarget struct {
	Commands    bool `yaml:"commands" json:"commands"`       // Check run commands
	Actions     bool `yaml:"actions" json:"actions"`         // Check uses actions
	Environment bool `yaml:"environment" json:"environment"` // Check env vars
	Permissions bool `yaml:"permissions" json:"permissions"` // Check permissions
	Events      bool `yaml:"events" json:"events"`           // Check workflow events
}

RuleTarget specifies what the rule should check

type Rules 

type Rules struct {
	Enabled        []string       `yaml:"enabled" json:"enabled"`
	Disabled       []string       `yaml:"disabled" json:"disabled"`
	CustomRules    []CustomRule   `yaml:"custom_rules" json:"custom_rules"`
	FalsePositives FalsePositives `yaml:"false_positives" json:"false_positives"`
}

Rules configuration for rule management

type SecretsIgnores 

type SecretsIgnores struct {
	Patterns []string `yaml:"patterns" json:"patterns"`
	Strings  []string `yaml:"strings" json:"strings"`
	Contexts []string `yaml:"contexts" json:"contexts"` // Context patterns like "uses:", "${{ secrets."
}

SecretsIgnores for secret detection

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.