app

package
v1.2.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2026 License: AGPL-3.0 Imports: 39 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertificateStatus 

func CertificateStatus(cert *certificate.CertMonitor) string

CertificateStatus derives the status page status for a certificate monitor.

func ContainerStatus 

func ContainerStatus(c *container.Container) string

ContainerStatus derives the status page status for a container.

func EndpointStatus 

func EndpointStatus(ep *endpoint.Endpoint) string

EndpointStatus derives the status page status for an endpoint.

func HeartbeatStatus 

func HeartbeatStatus(hb *heartbeat.Heartbeat) string

HeartbeatStatus derives the status page status for a heartbeat.

func IsStreamingPath 

func IsStreamingPath(path string) bool

IsStreamingPath reports whether path corresponds to an SSE or streaming endpoint.

func MapSecuritySeverity 

func MapSecuritySeverity(s string) string

MapSecuritySeverity maps security insight severity to alert severity.

func SPAHandler 

func SPAHandler(apiHandler http.Handler, logger *slog.Logger) http.Handler

SPAHandler returns an http.Handler that serves the embedded SPA frontend. API and ping routes are delegated to the API handler; everything else is served from the embedded filesystem, with a fallback to index.html for client-side routing.

func ScanContainerSecurity 

func ScanContainerSecurity(ctx context.Context, dr *docker.Runtime, containerSvc *container.Service, secSvc *security.Service, externalID string, logger *slog.Logger)

ScanContainerSecurity inspects a single container and updates its security insights.

func WithRequestTimeout 

func WithRequestTimeout(h http.Handler, timeout time.Duration) http.Handler

WithRequestTimeout wraps non-streaming handlers with http.TimeoutHandler so that ordinary REST requests are bounded even though the server-level WriteTimeout is disabled (required for SSE).

func WorstStatus 

func WorstStatus(a, b string) string

WorstStatus returns the most severe status between two values.

Types

type App 

type App struct {
	// contains filtered or unexported fields
}

App holds all application services and manages their lifecycle.

func New 

func New(cfg Config, logger *slog.Logger) (*App, error)

New creates and wires all application services.

func (*App) RunMCPStdio 

func (a *App) RunMCPStdio(ctx context.Context) error

RunMCPStdio runs the MCP server over stdin/stdout, then returns.

func (*App) Shutdown 

func (a *App) Shutdown() error

Shutdown performs a graceful shutdown of all services.

func (*App) Start 

func (a *App) Start(ctx context.Context) error

Start begins all background services and the HTTP server. It blocks until ctx is canceled, then performs a graceful shutdown.

type CVEPostureAdapter 

type CVEPostureAdapter struct {
	Store update.UpdateStore
}

CVEPostureAdapter adapts the update store for CVE scoring.

func (*CVEPostureAdapter) ListCVEsForContainer 

func (a *CVEPostureAdapter) ListCVEsForContainer(ctx context.Context, containerExternalID string) ([]security.CVEInfo, error)

type CertPostureAdapter 

type CertPostureAdapter struct {
	CertSvc *certificate.Service
}

CertPostureAdapter adapts the certificate service for posture scoring.

func (*CertPostureAdapter) ListCertificatesForContainer 

func (a *CertPostureAdapter) ListCertificatesForContainer(ctx context.Context, containerExternalID string) ([]security.CertificateInfo, error)

type Config 

type Config struct {
	// Server
	Addr    string
	BaseURL string

	// Database
	DBPath string

	// License
	LicenseKey string

	// SMTP
	SMTP SMTPConfig

	// MCP
	MCP MCPConfig

	// HTTP
	CORSOrigins string
	MaxBodySize int64

	// Branding
	OrgName string

	// Kubernetes
	K8sNamespaces string
	K8sExcludeNS  string

	// Security
	SecurityScoreThreshold int

	// Telemetry
	DisableTelemetry bool

	// Dev
	AllowPrivateWebhooks bool

	// Build info (injected via ldflags)
	Version      string
	Commit       string
	BuildDate    string
	PublicKeyB64 string
}

Config holds all application configuration parsed from environment variables.

func ConfigFromEnv 

func ConfigFromEnv() Config

ConfigFromEnv reads configuration from environment variables.

type MCPConfig 

type MCPConfig struct {
	Enabled             bool
	ClientID            string
	ClientSecret        string
	AllowedRedirectURIs string
}

MCPConfig holds Model Context Protocol server configuration.

type SMTPConfig 

type SMTPConfig struct {
	Host     string
	Port     string
	Username string
	Password string
	From     string
}

SMTPConfig holds SMTP mail server configuration.

type UpdatePostureAdapter 

type UpdatePostureAdapter struct {
	Store update.UpdateStore
}

UpdatePostureAdapter adapts the update store for update/image-age scoring.

func (*UpdatePostureAdapter) ListUpdatesForContainer 

func (a *UpdatePostureAdapter) ListUpdatesForContainer(ctx context.Context, containerExternalID string) ([]security.UpdateInfo, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.