Documentation
¶
Overview ¶
Copyright (C) 2023 Tim Bastin, l3montree GmbH
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
Index ¶
- Variables
- func BootstrapOrg(rbac AccessControl, userID string, userRole Role) error
- func GetArtifact(ctx Context) models.Artifact
- func GetArtifactName(ctx Context) (string, error)
- func GetAsset(ctx Context) models.Asset
- func GetAssetSlug(ctx Context) (string, error)
- func GetAssetVersion(ctx Context) models.AssetVersion
- func GetAssetVersionSlug(ctx Context) (string, error)
- func GetAttestation(ctx Context) models.Attestation
- func GetBadgeSVG(label string, values []BadgeValues) string
- func GetOrg(c Context) models.Org
- func GetOrgSlug(ctx Context) (string, error)
- func GetOryClient(ctx Context) *client.APIClient
- func GetParam(ctx Context, param string) string
- func GetProject(ctx Context) models.Project
- func GetProjectSlug(ctx Context) (string, error)
- func GetRepositoryID(asset *models.Asset) (string, error)
- func GetURLDecodedParam(ctx Context, param string) (string, error)
- func GetVulnID(ctx Context) (string, models.VulnType, error)
- func HasOrganization(c Context) bool
- func HasProject(c Context) bool
- func InitLogger()
- func IsPublicRequest(ctx Context) bool
- func LoadConfig() error
- func MaybeGetArtifact(ctx Context) (models.Artifact, error)
- func MaybeGetAssetVersion(ctx Context) (models.AssetVersion, error)
- func MaybeGetProject(ctx Context) (models.Project, error)
- func NewAdminClient(client *client.APIClient) adminClientImplementation
- func Ptr[T any](t T) *T
- func SanitizeParam(s string) string
- func SetArtifact(ctx Context, artifact models.Artifact)
- func SetAsset(ctx Context, asset models.Asset)
- func SetAssetSlug(ctx Context, assetSlug string)
- func SetAssetVersion(ctx Context, assetVersion models.AssetVersion)
- func SetAttestation(ctx Context, attestation models.Attestation)
- func SetAuthAdminClient(ctx Context, i AdminClient)
- func SetIsPublicRequest(ctx Context)
- func SetOrg(c Context, org models.Org)
- func SetOrgSlug(ctx Context, orgSlug string)
- func SetProject(ctx Context, project models.Project)
- func SetProjectSlug(ctx Context, projectSlug string)
- func SetRBAC(ctx Context, rbac AccessControl)
- func SetSession(ctx Context, session AuthSession)
- func SetThirdPartyIntegration(ctx Context, i IntegrationAggregate)
- func ValidRole(role Role) bool
- type AccessControl
- type Action
- type AdminClient
- type AffectedComponentRepository
- type ArtifactObject
- type ArtifactRepository
- type ArtifactRiskHistoryRepository
- type ArtifactService
- type AssetObject
- type AssetRepository
- type AssetService
- type AssetVersionObject
- type AssetVersionRepository
- type AssetVersionService
- type AttestationRepository
- type AuthSession
- type BadgeValues
- type ComponentProjectRepository
- type ComponentRepository
- type ComponentService
- type ConfigRepository
- type ConfigService
- type Context
- type CveRepository
- type CweRepository
- type DB
- type DependencyVulnRepository
- type DependencyVulnService
- type DependencyVulnsDetectedEvent
- type Environmental
- type ExploitRepository
- type ExternalEntityProviderService
- type ExternalEntitySlug
- type ExternalUserRepository
- type FilterQuery
- type FireAndForgetSynchronizer
- type FirstPartyVulnRepository
- type FirstPartyVulnService
- type FirstPartyVulnsDetectedEvent
- type GitLabOauth2TokenRepository
- type GithubAppInstallationRepository
- type GitlabClientFacade
- type GitlabClientFactory
- type GitlabIntegrationRepository
- type InTotoLinkRepository
- type InTotoVerifierService
- type IntegrationAggregate
- type IntegrationID
- type InvitationRepository
- type JiraIntegrationRepository
- type LicenseRiskRepository
- type LicenseRiskService
- type ManualMitigateEvent
- type MiddlewareFunc
- type Object
- type OpenSourceInsightService
- type OrgObject
- type OrgService
- type OrganizationRepository
- type PageInfo
- type Paged
- type PersonalAccessTokenRepository
- type PolicyRepository
- type ProjectObject
- type ProjectRepository
- type ProjectRiskHistoryRepository
- type ProjectRole
- type ProjectService
- type RBACMiddleware
- type RBACProvider
- type ReleaseRepository
- type Repository
- type Role
- type SBOMCreatedEvent
- type SBOMScanner
- type Server
- type SortQuery
- type StatisticsRepository
- type StatisticsService
- type SupplyChainRepository
- type ThirdPartyIntegration
- type User
- type Verifier
- type VulnEvent
- type VulnEventRepository
- type VulnRepository
- type WebhookIntegrationRepository
Constants ¶
This section is empty.
Variables ¶
View Source
var V = validator.New()
Functions ¶
func BootstrapOrg ¶ added in v0.17.1
func BootstrapOrg(rbac AccessControl, userID string, userRole Role) error
func GetArtifact ¶ added in v0.17.1
func GetArtifactName ¶ added in v0.17.1
func GetAssetSlug ¶
func GetAssetVersion ¶ added in v0.17.1
func GetAssetVersion(ctx Context) models.AssetVersion
func GetAssetVersionSlug ¶ added in v0.17.1
func GetAttestation ¶ added in v0.17.1
func GetAttestation(ctx Context) models.Attestation
func GetBadgeSVG ¶ added in v0.17.1
func GetBadgeSVG(label string, values []BadgeValues) string
func GetOrgSlug ¶ added in v0.5.1
func GetOryClient ¶
func GetOryClient(ctx Context) *client.APIClient
func GetProject ¶
func GetProjectSlug ¶
func GetURLDecodedParam ¶ added in v0.17.1
func HasOrganization ¶ added in v0.17.1
func HasProject ¶ added in v0.17.1
func InitLogger ¶
func InitLogger()
InitLogger initializes the logger with a tint handler. tint is a simple logging library that allows to add colors to the log output. this is obviously not required, but it makes the logs easier to read.
func IsPublicRequest ¶ added in v0.5.14
func LoadConfig ¶
func LoadConfig() error
func MaybeGetArtifact ¶ added in v0.17.5
func MaybeGetAssetVersion ¶ added in v0.17.1
func MaybeGetAssetVersion(ctx Context) (models.AssetVersion, error)
func NewAdminClient ¶ added in v0.17.1
func NewAdminClient(client *client.APIClient) adminClientImplementation
func SanitizeParam ¶
func SetArtifact ¶ added in v0.17.1
func SetAssetSlug ¶ added in v0.5.14
func SetAssetVersion ¶ added in v0.17.1
func SetAssetVersion(ctx Context, assetVersion models.AssetVersion)
func SetAttestation ¶ added in v0.17.1
func SetAttestation(ctx Context, attestation models.Attestation)
func SetAuthAdminClient ¶ added in v0.4.19
func SetAuthAdminClient(ctx Context, i AdminClient)
func SetIsPublicRequest ¶ added in v0.5.14
func SetIsPublicRequest(ctx Context)
func SetOrgSlug ¶ added in v0.5.14
func SetProject ¶ added in v0.5.15
func SetProjectSlug ¶ added in v0.5.14
func SetRBAC ¶ added in v0.17.1
func SetRBAC(ctx Context, rbac AccessControl)
func SetSession ¶ added in v0.5.14
func SetSession(ctx Context, session AuthSession)
func SetThirdPartyIntegration ¶ added in v0.4.19
func SetThirdPartyIntegration(ctx Context, i IntegrationAggregate)
Types ¶
type AccessControl ¶ added in v0.17.1
type AccessControl interface {
HasAccess(subject string) (bool, error) // return error if couldnt be checked due to unauthorized access or other issues
InheritRole(roleWhichGetsPermissions, roleWhichProvidesPermissions Role) error
GetAllRoles(user string) []string
GrantRole(subject string, role Role) error
RevokeRole(subject string, role Role) error
GrantRoleInProject(subject string, role Role, project string) error
GrantRoleInAsset(subject string, role Role, asset string) error
RevokeRoleInProject(subject string, role Role, project string) error
RevokeRoleInAsset(subject string, role Role, asset string) error
RevokeAllRolesInProjectForUser(user string, project string) error
RevokeAllRolesInAssetForUser(user string, asset string) error
InheritProjectRole(roleWhichGetsPermissions, roleWhichProvidesPermissions Role, project string) error
InheritAssetRole(roleWhichGetsPermissions, roleWhichProvidesPermissions Role, asset string) error
InheritProjectRolesAcrossProjects(roleWhichGetsPermissions, roleWhichProvidesPermissions ProjectRole) error
LinkDomainAndProjectRole(domainRoleWhichGetsPermission, projectRoleWhichProvidesPermissions Role, project string) error
LinkProjectAndAssetRole(projectRoleWhichGetsPermission, assetRoleWhichProvidesPermissions Role, project, asset string) error
AllowRole(role Role, object Object, action []Action) error
IsAllowed(subject string, object Object, action Action) (bool, error)
IsAllowedInProject(project *models.Project, user string, object Object, action Action) (bool, error)
IsAllowedInAsset(asset *models.Asset, user string, object Object, action Action) (bool, error)
AllowRoleInProject(project string, role Role, object Object, action []Action) error
AllowRoleInAsset(asset string, role Role, object Object, action []Action) error
GetAllProjectsForUser(user string) ([]string, error)
GetAllAssetsForUser(user string) ([]string, error)
GetOwnerOfOrganization() (string, error)
GetAllMembersOfOrganization() ([]string, error)
GetAllMembersOfProject(projectID string) ([]string, error)
GetAllMembersOfAsset(projectID string) ([]string, error)
GetDomainRole(user string) (Role, error)
GetProjectRole(user string, project string) (Role, error)
GetAssetRole(user string, asset string) (Role, error)
GetExternalEntityProviderID() *string
}
func GetRBAC ¶
func GetRBAC(ctx Context) AccessControl
type AdminClient ¶ added in v0.17.1
type AdminClient interface {
ListUser(client client.IdentityAPIListIdentitiesRequest) ([]client.Identity, error)
GetIdentityFromCookie(ctx context.Context, cookie string) (client.Identity, error)
GetIdentity(ctx context.Context, userID string) (client.Identity, error)
GetIdentityWithCredentials(ctx context.Context, userID string) (client.Identity, error)
}
func GetAuthAdminClient ¶ added in v0.4.19
func GetAuthAdminClient(ctx Context) AdminClient
type AffectedComponentRepository ¶ added in v0.17.1
type AffectedComponentRepository interface {
common.Repository[string, models.AffectedComponent, DB]
GetAllAffectedComponentsID() ([]string, error)
Save(tx DB, affectedComponent *models.AffectedComponent) error
SaveBatch(tx DB, affectedPkgs []models.AffectedComponent) error
DeleteAll(tx DB, ecosystem string) error
}
type ArtifactObject ¶ added in v0.17.1
type ArtifactObject struct {
ArtifactName string `json:"artifactName"`
}
type ArtifactRepository ¶ added in v0.17.1
type ArtifactRepository interface {
common.Repository[string, models.Artifact, DB]
GetByAssetIDAndAssetVersionName(assetID uuid.UUID, assetVersionName string) ([]models.Artifact, error)
ReadArtifact(name string, assetVersionName string, assetID uuid.UUID) (models.Artifact, error)
DeleteArtifact(assetID uuid.UUID, assetVersionName string, artifactName string) error
}
type ArtifactRiskHistoryRepository ¶ added in v0.17.1
type ArtifactRiskHistoryRepository interface {
// artifactName if non-nil restricts the history to a single artifact (artifactName + assetVersionName + assetID)
GetRiskHistory(artifactName *string, assetVersionName string, assetID uuid.UUID, start, end time.Time) ([]models.ArtifactRiskHistory, error)
// GetRiskHistoryByRelease collects artifact risk histories for all artifacts included in a release tree
GetRiskHistoryByRelease(releaseID uuid.UUID, start, end time.Time) ([]models.ArtifactRiskHistory, error)
UpdateRiskAggregation(assetRisk *models.ArtifactRiskHistory) error
}
type ArtifactService ¶ added in v0.17.1
type AssetObject ¶ added in v0.17.1
type AssetObject struct {
ID uuid.UUID `json:"id"`
Name string `json:"name"`
Slug string `json:"slug"`
Description string `json:"description"`
ProjectID uuid.UUID `json:"projectId"`
AvailabilityRequirement string `json:"availabilityRequirement"`
IntegrityRequirement string `json:"integrityRequirement"`
ConfidentialityRequirement string `json:"confidentialityRequirement"`
ReachableFromInternet bool `json:"reachableFromInternet"`
RepositoryID *string `json:"repositoryId"`
RepositoryName *string `json:"repositoryName"`
LastSecretScan *time.Time `json:"lastSecretScan"`
LastSastScan *time.Time `json:"lastSastScan"`
LastScaScan *time.Time `json:"lastScaScan"`
LastIacScan *time.Time `json:"lastIacScan"`
LastContainerScan *time.Time `json:"lastContainerScan"`
LastDastScan *time.Time `json:"lastDastScan"`
SigningPubKey *string `json:"signingPubKey"`
EnableTicketRange bool `json:"enableTicketRange"`
CVSSAutomaticTicketThreshold *float64 `json:"cvssAutomaticTicketThreshold"`
RiskAutomaticTicketThreshold *float64 `json:"riskAutomaticTicketThreshold"`
ExternalEntityProviderID *string `json:"externalEntityProviderId,omitempty"`
ExternalEntityID *string `json:"externalEntityId,omitempty"`
}
func ToAssetObject ¶ added in v0.17.1
func ToAssetObject(a models.Asset) AssetObject
type AssetRepository ¶ added in v0.17.1
type AssetRepository interface {
common.Repository[uuid.UUID, models.Asset, DB]
GetAllowedAssetsByProjectID(allowedAssetIDs []string, projectID uuid.UUID) ([]models.Asset, error)
GetByProjectID(projectID uuid.UUID) ([]models.Asset, error)
GetByOrgID(organizationID uuid.UUID) ([]models.Asset, error)
FindByName(name string) (models.Asset, error)
FindAssetByExternalProviderID(externalEntityProviderID string, externalEntityID string) (*models.Asset, error)
GetFQNByID(id uuid.UUID) (string, error)
ReadBySlug(projectID uuid.UUID, slug string) (models.Asset, error)
GetAssetIDBySlug(projectID uuid.UUID, slug string) (uuid.UUID, error)
Update(tx DB, asset *models.Asset) error
ReadBySlugUnscoped(projectID uuid.UUID, slug string) (models.Asset, error)
GetAllAssetsFromDB() ([]models.Asset, error)
Delete(tx DB, id uuid.UUID) error
GetAssetIDByBadgeSecret(badgeSecret uuid.UUID) (models.Asset, error)
ReadWithAssetVersions(assetID uuid.UUID) (models.Asset, error)
}
type AssetService ¶ added in v0.17.1
type AssetService interface {
UpdateAssetRequirements(asset models.Asset, responsible string, justification string) error
GetCVSSBadgeSVG(results []models.ArtifactRiskHistory) string
CreateAsset(rbac AccessControl, currentUserID string, asset models.Asset) (*models.Asset, error)
BootstrapAsset(rbac AccessControl, asset *models.Asset) error
}
type AssetVersionObject ¶ added in v0.17.1
type AssetVersionObject struct {
Name string `json:"name"`
AssetID uuid.UUID `json:"assetId"`
Slug string `json:"slug"`
DefaultBranch bool `json:"defaultBranch"`
Type string `json:"type"`
SigningPubKey *string `json:"signingPubKey"`
Metadata map[string]any `json:"metadata"`
}
func ToAssetVersionObject ¶ added in v0.17.1
func ToAssetVersionObject(av models.AssetVersion) AssetVersionObject
type AssetVersionRepository ¶ added in v0.17.1
type AssetVersionRepository interface {
All() ([]models.AssetVersion, error)
Read(assetVersionName string, assetID uuid.UUID) (models.AssetVersion, error)
GetDB(DB) DB
Delete(tx DB, assetVersion *models.AssetVersion) error
Save(tx DB, assetVersion *models.AssetVersion) error
GetAllAssetsVersionFromDBByAssetID(tx DB, assetID uuid.UUID) ([]models.AssetVersion, error)
GetDefaultAssetVersionsByProjectID(projectID uuid.UUID) ([]models.AssetVersion, error)
GetDefaultAssetVersionsByProjectIDs(projectIDs []uuid.UUID) ([]models.AssetVersion, error)
FindOrCreate(assetVersionName string, assetID uuid.UUID, tag bool, defaultBranchName *string) (models.AssetVersion, error)
ReadBySlug(assetID uuid.UUID, slug string) (models.AssetVersion, error)
GetDefaultAssetVersion(assetID uuid.UUID) (models.AssetVersion, error)
}
type AssetVersionService ¶ added in v0.17.1
type AssetVersionService interface {
BuildSBOM(assetVersion models.AssetVersion, artifactName string, version, orgName string, components []models.ComponentDependency) (*cdx.BOM, error)
BuildVeX(asset models.Asset, assetVersion models.AssetVersion, artifactName string, orgName string, dependencyVulns []models.DependencyVuln) *cdx.BOM
GetAssetVersionsByAssetID(assetID uuid.UUID) ([]models.AssetVersion, error)
HandleFirstPartyVulnResult(org models.Org, project models.Project, asset models.Asset, assetVersion *models.AssetVersion, sarifScan common.SarifResult, scannerID string, userID string) ([]models.FirstPartyVuln, []models.FirstPartyVuln, []models.FirstPartyVuln, error)
UpdateSBOM(org models.Org, project models.Project, asset models.Asset, assetVersion models.AssetVersion, artifactName string, sbom normalize.SBOM) error
HandleScanResult(org models.Org, project models.Project, asset models.Asset, assetVersion *models.AssetVersion, vulns []models.VulnInPackage, artifactName string, userID string) (opened []models.DependencyVuln, closed []models.DependencyVuln, newState []models.DependencyVuln, err error)
BuildOpenVeX(asset models.Asset, assetVersion models.AssetVersion, organizationSlug string, dependencyVulns []models.DependencyVuln) vex.VEX
}
type AttestationRepository ¶ added in v0.17.1
type AttestationRepository interface {
common.Repository[string, models.Attestation, DB]
GetByAssetID(assetID uuid.UUID) ([]models.Attestation, error)
GetByAssetVersionAndAssetID(assetID uuid.UUID, assetVersion string) ([]models.Attestation, error)
}
type AuthSession ¶
func GetSession ¶
func GetSession(ctx Context) AuthSession
type BadgeValues ¶ added in v0.17.1
type ComponentProjectRepository ¶ added in v0.17.1
type ComponentProjectRepository interface {
common.Repository[string, models.ComponentProject, DB]
}
type ComponentRepository ¶ added in v0.17.1
type ComponentRepository interface {
common.Repository[string, models.Component, DB]
LoadComponents(tx DB, assetVersionName string, assetID uuid.UUID, artifactName *string) ([]models.ComponentDependency, error)
LoadComponentsWithProject(tx DB, overwrittenLicenses []models.LicenseRisk, assetVersionName string, assetID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.ComponentDependency], error)
LoadPathToComponent(tx DB, assetVersionName string, assetID uuid.UUID, pURL string, artifactName *string) ([]models.ComponentDependency, error)
SaveBatch(tx DB, components []models.Component) error
FindByPurl(tx DB, purl string) (models.Component, error)
HandleStateDiff(tx DB, assetVersionName string, assetID uuid.UUID, oldState []models.ComponentDependency, newState []models.ComponentDependency, artifactName string) (bool, error)
GetLicenseDistribution(tx DB, assetVersionName string, assetID uuid.UUID, artifactName *string) (map[string]int, error)
}
type ComponentService ¶ added in v0.17.1
type ComponentService interface {
GetAndSaveLicenseInformation(assetVersion models.AssetVersion, artifactName *string, forceRefresh bool) ([]models.Component, error)
RefreshComponentProjectInformation(project models.ComponentProject)
GetLicense(component models.Component) (models.Component, error)
}
type ConfigRepository ¶ added in v0.17.1
type ConfigService ¶ added in v0.17.1
type CveRepository ¶ added in v0.17.1
type CveRepository interface {
common.Repository[string, models.CVE, DB]
FindByID(id string) (models.CVE, error)
GetLastModDate() (time.Time, error)
GetAllCVEsID() ([]string, error)
Save(tx DB, cve *models.CVE) error
SaveCveAffectedComponents(tx DB, cveID string, affectedComponentHashes []string) error
FindCVE(tx DB, id string) (models.CVE, error)
FindCVEs(tx DB, ids []string) ([]models.CVE, error)
FindAllListPaged(tx DB, pageInfo PageInfo, filter []FilterQuery, sort []SortQuery) (Paged[models.CVE], error)
}
type CweRepository ¶ added in v0.17.1
type DependencyVulnRepository ¶ added in v0.17.1
type DependencyVulnRepository interface {
common.Repository[string, models.DependencyVuln, DB]
GetAllVulnsByAssetID(tx DB, assetID uuid.UUID) ([]models.DependencyVuln, error)
GetAllOpenVulnsByAssetVersionNameAndAssetID(tx DB, artifactName *string, assetVersionName string, assetID uuid.UUID) ([]models.DependencyVuln, error)
GetDependencyVulnsByAssetVersion(tx DB, assetVersionName string, assetID uuid.UUID, artifactName *string) ([]models.DependencyVuln, error)
GetByAssetVersionPaged(tx DB, assetVersionName string, assetID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.DependencyVuln], map[string]int, error)
GetDefaultDependencyVulnsByOrgIDPaged(tx DB, userAllowedProjectIds []string, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.DependencyVuln], error)
GetDefaultDependencyVulnsByProjectIDPaged(tx DB, projectID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.DependencyVuln], error)
GetDependencyVulnsByAssetVersionPagedAndFlat(tx DB, assetVersionName string, assetVersionID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.DependencyVuln], error)
ListByAssetAndAssetVersion(assetVersionName string, assetID uuid.UUID) ([]models.DependencyVuln, error)
GetDependencyVulnsByPurl(tx DB, purls []string) ([]models.DependencyVuln, error)
ApplyAndSave(tx DB, dependencyVuln *models.DependencyVuln, vulnEvent *models.VulnEvent) error
GetDependencyVulnsByDefaultAssetVersion(tx DB, assetID uuid.UUID, artifactName *string) ([]models.DependencyVuln, error)
ListUnfixedByAssetAndAssetVersion(assetVersionName string, assetID uuid.UUID, artifactName *string) ([]models.DependencyVuln, error)
GetHintsInOrganizationForVuln(tx DB, orgID uuid.UUID, pURL string, cveID string) (common.DependencyVulnHints, error)
GetAllByAssetIDAndState(tx DB, assetID uuid.UUID, state models.VulnState, durationSinceStateChange time.Duration) ([]models.DependencyVuln, error)
GetDependencyVulnsByOtherAssetVersions(tx DB, assetVersionName string, assetID uuid.UUID) ([]models.DependencyVuln, error)
}
type DependencyVulnService ¶ added in v0.17.1
type DependencyVulnService interface {
RecalculateRawRiskAssessment(tx DB, responsible string, dependencyVulns []models.DependencyVuln, justification string, asset models.Asset) error
UserFixedDependencyVulns(tx DB, userID string, dependencyVulns []models.DependencyVuln, assetVersion models.AssetVersion, asset models.Asset) error
UserDetectedDependencyVulns(tx DB, artifactName string, dependencyVulns []models.DependencyVuln, assetVersion models.AssetVersion, asset models.Asset) error
UserDetectedExistingVulnOnDifferentBranch(tx DB, artifactName string, dependencyVulns []models.DependencyVuln, alreadyExistingEvents [][]models.VulnEvent, assetVersion models.AssetVersion, asset models.Asset) error
UserDetectedDependencyVulnInAnotherArtifact(tx DB, vulnerabilities []models.DependencyVuln, artifactName string) error
UserDidNotDetectDependencyVulnInArtifactAnymore(tx DB, vulnerabilities []models.DependencyVuln, artifactName string) error
UpdateDependencyVulnState(tx DB, assetID uuid.UUID, userID string, dependencyVuln *models.DependencyVuln, statusType string, justification string, mechanicalJustification models.MechanicalJustificationType, assetVersionName string) (models.VulnEvent, error)
SyncIssues(org models.Org, project models.Project, asset models.Asset, assetVersion models.AssetVersion, vulnList []models.DependencyVuln) error
SyncAllIssues(org models.Org, project models.Project, asset models.Asset, assetVersion models.AssetVersion) error
}
type DependencyVulnsDetectedEvent ¶ added in v0.17.1
type DependencyVulnsDetectedEvent struct {
Vulns any // []vuln.DependencyVulnDTO
Org OrgObject
Project ProjectObject
Asset AssetObject
Artifact ArtifactObject
AssetVersion AssetVersionObject
}
type Environmental ¶
type Environmental struct {
ConfidentialityRequirements string
IntegrityRequirements string
AvailabilityRequirements string
}
func GetEnvironmental ¶
func GetEnvironmental(ctx Context) Environmental
func GetEnvironmentalFromAsset ¶
func GetEnvironmentalFromAsset(m models.Asset) Environmental
func SanitizeEnv ¶
func SanitizeEnv(env Environmental) Environmental
type ExploitRepository ¶ added in v0.17.1
type ExternalEntityProviderService ¶ added in v0.17.1
type ExternalEntitySlug ¶ added in v0.17.1
type ExternalEntitySlug string
func FromStringToExternalEntitySlug ¶ added in v0.17.1
func FromStringToExternalEntitySlug(s string) (ExternalEntitySlug, error)
func (ExternalEntitySlug) IsValid ¶ added in v0.17.1
func (e ExternalEntitySlug) IsValid() bool
func (ExternalEntitySlug) ProviderID ¶ added in v0.17.1
func (e ExternalEntitySlug) ProviderID() string
func (ExternalEntitySlug) SameAs ¶ added in v0.17.1
func (e ExternalEntitySlug) SameAs(slug string) bool
func (ExternalEntitySlug) Slug ¶ added in v0.17.1
func (e ExternalEntitySlug) Slug() string
func (ExternalEntitySlug) String ¶ added in v0.17.1
func (e ExternalEntitySlug) String() string
type ExternalUserRepository ¶ added in v0.17.1
type FilterQuery ¶
func GetFilterQuery ¶
func GetFilterQuery(ctx Context) []FilterQuery
func (FilterQuery) SQL ¶
func (f FilterQuery) SQL() string
func (FilterQuery) Value ¶
func (f FilterQuery) Value() any
type FireAndForgetSynchronizer ¶ added in v0.17.1
type FireAndForgetSynchronizer interface {
FireAndForget(fn func())
}
useful for integration testing - use in production to just fire and forget a function "go func()" during testing, this can be used to synchronize the execution of multiple goroutines - and wait for them to finish
type FirstPartyVulnRepository ¶ added in v0.17.1
type FirstPartyVulnRepository interface {
common.Repository[string, models.FirstPartyVuln, DB]
SaveBatch(tx DB, vulns []models.FirstPartyVuln) error
Save(tx DB, vuln *models.FirstPartyVuln) error
Transaction(txFunc func(DB) error) error
Begin() DB
GetDefaultFirstPartyVulnsByProjectIDPaged(tx DB, projectID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.FirstPartyVuln], error)
GetDefaultFirstPartyVulnsByOrgIDPaged(tx DB, userAllowedProjectIds []string, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.FirstPartyVuln], error)
GetByAssetID(tx DB, assetID uuid.UUID) ([]models.FirstPartyVuln, error)
GetByAssetVersionPaged(tx DB, assetVersionName string, assetID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.FirstPartyVuln], map[string]int, error)
ListByScanner(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.FirstPartyVuln, error)
ApplyAndSave(tx DB, dependencyVuln *models.FirstPartyVuln, vulnEvent *models.VulnEvent) error
GetByAssetVersion(tx DB, assetVersionName string, assetID uuid.UUID) ([]models.FirstPartyVuln, error)
GetFirstPartyVulnsByOtherAssetVersions(tx DB, assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.FirstPartyVuln, error)
}
type FirstPartyVulnService ¶ added in v0.17.1
type FirstPartyVulnService interface {
UserFixedFirstPartyVulns(tx DB, userID string, firstPartyVulns []models.FirstPartyVuln) error
UserDetectedFirstPartyVulns(tx DB, userID string, scannerID string, firstPartyVulns []models.FirstPartyVuln) error
UserDetectedExistingFirstPartyVulnOnDifferentBranch(tx DB, scannerID string, firstPartyVulns []models.FirstPartyVuln, alreadyExistingEvents [][]models.VulnEvent, assetVersion models.AssetVersion, asset models.Asset) error
UpdateFirstPartyVulnState(tx DB, userID string, firstPartyVuln *models.FirstPartyVuln, statusType string, justification string, mechanicalJustification models.MechanicalJustificationType) (models.VulnEvent, error)
SyncIssues(org models.Org, project models.Project, asset models.Asset, assetVersion models.AssetVersion, vulnList []models.FirstPartyVuln) error
SyncAllIssues(org models.Org, project models.Project, asset models.Asset, assetVersion models.AssetVersion) error
}
type FirstPartyVulnsDetectedEvent ¶ added in v0.17.1
type FirstPartyVulnsDetectedEvent struct {
Vulns any //[]vuln.FirstPartyVulnDTO
Org OrgObject
Project ProjectObject
Asset AssetObject
AssetVersion AssetVersionObject
}
type GitLabOauth2TokenRepository ¶ added in v0.17.1
type GitLabOauth2TokenRepository interface {
Save(tx DB, model ...*models.GitLabOauth2Token) error
FindByUserIDAndProviderID(userID string, providerID string) (*models.GitLabOauth2Token, error)
FindByUserID(userID string) ([]models.GitLabOauth2Token, error)
Delete(tx DB, tokens []models.GitLabOauth2Token) error
DeleteByUserIDAndProviderID(userID string, providerID string) error
CreateIfNotExists(tokens []*models.GitLabOauth2Token) error
}
type GithubAppInstallationRepository ¶ added in v0.17.1
type GitlabClientFacade ¶ added in v0.17.1
type GitlabClientFacade interface {
Whoami(ctx context.Context) (*gitlab.User, *gitlab.Response, error)
GetVersion(ctx context.Context) (*gitlab.Version, *gitlab.Response, error)
FetchGroupAvatarBase64(groupID int) (string, error)
FetchProjectAvatarBase64(projectID int) (string, error)
GetClientID() string
ListProjects(ctx context.Context, opt *gitlab.ListProjectsOptions) ([]*gitlab.Project, *gitlab.Response, error)
ListGroups(ctx context.Context, opt *gitlab.ListGroupsOptions) ([]*gitlab.Group, *gitlab.Response, error)
GetGroup(ctx context.Context, groupID int) (*gitlab.Group, *gitlab.Response, error)
GetMemberInGroup(ctx context.Context, userID int, groupID int) (*gitlab.GroupMember, *gitlab.Response, error)
GetMemberInProject(ctx context.Context, userID int, projectID int) (*gitlab.ProjectMember, *gitlab.Response, error)
ListProjectsInGroup(ctx context.Context, groupID int, opt *gitlab.ListGroupProjectsOptions) ([]*gitlab.Project, *gitlab.Response, error)
GetProjectIssues(projectID int, opt *gitlab.ListProjectIssuesOptions) ([]*gitlab.Issue, *gitlab.Response, error)
CreateIssue(ctx context.Context, pid int, opt *gitlab.CreateIssueOptions) (*gitlab.Issue, *gitlab.Response, error)
CreateIssueComment(ctx context.Context, pid int, issue int, opt *gitlab.CreateIssueNoteOptions) (*gitlab.Note, *gitlab.Response, error)
EditIssue(ctx context.Context, pid int, issue int, opt *gitlab.UpdateIssueOptions) (*gitlab.Issue, *gitlab.Response, error)
EditIssueLabel(ctx context.Context, pid int, issue int, labels []*gitlab.CreateLabelOptions) (*gitlab.Response, error)
CreateNewLabel(ctx context.Context, projectID int, label *gitlab.CreateLabelOptions) (*gitlab.Label, *gitlab.Response, error)
ListLabels(ctx context.Context, projectID int, opt *gitlab.ListLabelsOptions) ([]*gitlab.Label, *gitlab.Response, error)
UpdateLabel(ctx context.Context, projectID int, labelID int, opt *gitlab.UpdateLabelOptions) (*gitlab.Label, *gitlab.Response, error)
ListProjectHooks(ctx context.Context, projectID int, options *gitlab.ListProjectHooksOptions) ([]*gitlab.ProjectHook, *gitlab.Response, error)
AddProjectHook(ctx context.Context, projectID int, opt *gitlab.AddProjectHookOptions) (*gitlab.ProjectHook, *gitlab.Response, error)
DeleteProjectHook(ctx context.Context, projectID int, hookID int) (*gitlab.Response, error)
ListVariables(ctx context.Context, projectID int, options *gitlab.ListProjectVariablesOptions) ([]*gitlab.ProjectVariable, *gitlab.Response, error)
CreateVariable(ctx context.Context, projectID int, opt *gitlab.CreateProjectVariableOptions) (*gitlab.ProjectVariable, *gitlab.Response, error)
UpdateVariable(ctx context.Context, projectID int, key string, opt *gitlab.UpdateProjectVariableOptions) (*gitlab.ProjectVariable, *gitlab.Response, error)
RemoveVariable(ctx context.Context, projectID int, key string) (*gitlab.Response, error)
CreateMergeRequest(ctx context.Context, project string, opt *gitlab.CreateMergeRequestOptions) (*gitlab.MergeRequest, *gitlab.Response, error)
GetProject(ctx context.Context, projectID int) (*gitlab.Project, *gitlab.Response, error)
IsProjectMember(ctx context.Context, projectID int, userID int, options *gitlab.ListProjectMembersOptions) (bool, error)
InviteReporter(ctx context.Context, projectID int, userID int) (*gitlab.ProjectMember, *gitlab.Response, error)
}
type GitlabClientFactory ¶ added in v0.17.1
type GitlabClientFactory interface {
FromIntegration(integration models.GitLabIntegration) (GitlabClientFacade, error)
FromIntegrationUUID(id uuid.UUID) (GitlabClientFacade, error)
FromOauth2Token(token models.GitLabOauth2Token, enableClientCache bool) (GitlabClientFacade, error)
FromAccessToken(accessToken string, baseURL string) (GitlabClientFacade, error)
}
type GitlabIntegrationRepository ¶ added in v0.17.1
type InTotoLinkRepository ¶ added in v0.17.1
type InTotoLinkRepository interface {
common.Repository[uuid.UUID, models.InTotoLink, DB]
FindByAssetAndSupplyChainID(assetID uuid.UUID, supplyChainID string) ([]models.InTotoLink, error)
Save(tx DB, model *models.InTotoLink) error
FindBySupplyChainID(supplyChainID string) ([]models.InTotoLink, error)
}
type InTotoVerifierService ¶ added in v0.17.1
type IntegrationAggregate ¶ added in v0.5.14
type IntegrationAggregate interface {
ThirdPartyIntegration
GetIntegration(id IntegrationID) ThirdPartyIntegration
GetUsers(org models.Org) []User
}
func GetThirdPartyIntegration ¶ added in v0.4.19
func GetThirdPartyIntegration(ctx Context) IntegrationAggregate
type IntegrationID ¶ added in v0.5.14
type IntegrationID string
const ( GitLabIntegrationID IntegrationID = "gitlab" GitHubIntegrationID IntegrationID = "github" AggregateID IntegrationID = "aggregate" JiraIntegrationID IntegrationID = "jira" WebhookIntegrationID IntegrationID = "webhook" )
type InvitationRepository ¶ added in v0.17.1
type JiraIntegrationRepository ¶ added in v0.17.1
type JiraIntegrationRepository interface {
Save(tx DB, model *models.JiraIntegration) error
Read(id uuid.UUID) (models.JiraIntegration, error)
FindByOrganizationID(orgID uuid.UUID) ([]models.JiraIntegration, error)
Delete(tx DB, id uuid.UUID) error
GetClientByIntegrationID(integrationID uuid.UUID) (models.JiraIntegration, error)
}
type LicenseRiskRepository ¶ added in v0.17.1
type LicenseRiskRepository interface {
common.Repository[string, models.LicenseRisk, DB]
GetAllLicenseRisksForAssetVersionPaged(tx DB, assetID uuid.UUID, assetVersionName string, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.LicenseRisk], error)
GetAllLicenseRisksForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
GetLicenseRisksByOtherAssetVersions(tx DB, assetVersionName string, assetID uuid.UUID) ([]models.LicenseRisk, error)
GetAllOverwrittenLicensesForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
MaybeGetLicenseOverwriteForComponent(assetID uuid.UUID, assetVersionName string, pURL packageurl.PackageURL) (models.LicenseRisk, error)
DeleteByComponentPurl(assetID uuid.UUID, assetVersionName string, purl packageurl.PackageURL) error
ListByArtifactName(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.LicenseRisk, error)
ApplyAndSave(tx DB, licenseRisk *models.LicenseRisk, vulnEvent *models.VulnEvent) error
}
type LicenseRiskService ¶ added in v0.17.1
type LicenseRiskService interface {
FindLicenseRisksInComponents(assetVersion models.AssetVersion, components []models.Component, artifactName string) error
UpdateLicenseRiskState(tx DB, userID string, licenseRisk *models.LicenseRisk, statusType string, justification string, mechanicalJustification models.MechanicalJustificationType) (models.VulnEvent, error)
MakeFinalLicenseDecision(vulnID, finalLicense, justification, userID string) error
}
type ManualMitigateEvent ¶ added in v0.5.1
type MiddlewareFunc ¶
type MiddlewareFunc = echo.MiddlewareFunc
type OpenSourceInsightService ¶ added in v0.17.1
type OrgObject ¶ added in v0.17.1
type OrgObject struct {
ID uuid.UUID `json:"id"`
Name string `json:"name"`
ContactPhoneNumber *string `json:"contactPhoneNumber"`
NumberOfEmployees *int `json:"numberOfEmployees"`
Country *string `json:"country"`
Industry *string `json:"industry"`
CriticalInfrastructure bool `json:"criticalInfrastructure"`
ISO27001 bool `json:"iso27001"`
NIST bool `json:"nist"`
Grundschutz bool `json:"grundschutz"`
Slug string `json:"slug"`
Description string `json:"description"`
IsPublic bool `json:"isPublic"`
Language string `json:"language"`
ExternalEntityProviderID *string `json:"externalEntityProviderId,omitempty"`
}
func ToOrgObject ¶ added in v0.17.1
type OrgService ¶ added in v0.17.1
type OrganizationRepository ¶ added in v0.17.1
type OrganizationRepository interface {
common.Repository[uuid.UUID, models.Org, DB]
ReadBySlug(slug string) (models.Org, error)
Update(tx DB, organization *models.Org) error
ContentTree(orgID uuid.UUID, projects []string) []any // returns project dtos as values - including fetched assets
GetOrgByID(id uuid.UUID) (models.Org, error)
}
type PageInfo ¶
func GetPageInfo ¶
type PersonalAccessTokenRepository ¶ added in v0.17.1
type PersonalAccessTokenRepository interface {
common.Repository[uuid.UUID, models.PAT, DB]
GetByFingerprint(fingerprint string) (models.PAT, error)
FindByUserIDs(userID []uuid.UUID) ([]models.PAT, error)
ListByUserID(userID string) ([]models.PAT, error)
DeleteByFingerprint(fingerprint string) error
MarkAsLastUsedNow(fingerprint string) error
}
type PolicyRepository ¶ added in v0.17.1
type ProjectObject ¶ added in v0.17.1
type ProjectObject struct {
ID uuid.UUID `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Slug string `json:"slug"`
ParentID *uuid.UUID `json:"parentId,omitempty"`
Parent *ProjectObject `json:"parent,omitempty"` // recursive structure
IsPublic bool `json:"isPublic"`
Type string `json:"type"`
RepositoryID *string `json:"repositoryId"`
RepositoryName *string `json:"repositoryName"`
ExternalEntityProviderID *string `json:"externalEntityProviderId,omitempty"`
ExternalEntityID *string `json:"externalEntityId,omitempty"`
}
func ToProjectObject ¶ added in v0.17.1
func ToProjectObject(p models.Project) ProjectObject
type ProjectRepository ¶ added in v0.17.1
type ProjectRepository interface {
Read(projectID uuid.UUID) (models.Project, error)
ReadBySlug(organizationID uuid.UUID, slug string) (models.Project, error)
ReadBySlugUnscoped(organizationID uuid.UUID, slug string) (models.Project, error)
Update(tx DB, project *models.Project) error
Delete(tx DB, projectID uuid.UUID) error
Create(tx DB, project *models.Project) error
Activate(tx DB, projectID uuid.UUID) error
RecursivelyGetChildProjects(projectID uuid.UUID) ([]models.Project, error)
GetDirectChildProjects(projectID uuid.UUID) ([]models.Project, error)
GetByOrgID(organizationID uuid.UUID) ([]models.Project, error)
GetProjectByAssetID(assetID uuid.UUID) (models.Project, error)
List(idSlice []uuid.UUID, parentID *uuid.UUID, organizationID uuid.UUID) ([]models.Project, error)
ListPaged(projectIDs []uuid.UUID, parentID *uuid.UUID, orgID uuid.UUID, pageInfo PageInfo, search string) (Paged[models.Project], error)
EnablePolicyForProject(tx DB, projectID uuid.UUID, policyID uuid.UUID) error
DisablePolicyForProject(tx DB, projectID uuid.UUID, policyID uuid.UUID) error
Upsert(projects *[]*models.Project, conflictingColumns []clause.Column, toUpdate []string) error
EnableCommunityManagedPolicies(tx DB, projectID uuid.UUID) error
UpsertSplit(tx DB, externalProviderID string, projects []*models.Project) ([]*models.Project, []*models.Project, error)
}
type ProjectRiskHistoryRepository ¶ added in v0.17.1
type ProjectRiskHistoryRepository interface {
GetRiskHistory(projectID uuid.UUID, start, end time.Time) ([]models.ProjectRiskHistory, error)
UpdateRiskAggregation(projectRisk *models.ProjectRiskHistory) error
}
type ProjectRole ¶ added in v0.17.1
type ProjectService ¶ added in v0.17.1
type ProjectService interface {
ReadBySlug(ctx Context, organizationID uuid.UUID, slug string) (models.Project, error)
ListAllowedProjects(ctx Context) ([]models.Project, error)
ListAllowedProjectsPaged(c Context) (Paged[models.Project], error)
ListProjectsByOrganizationID(organizationID uuid.UUID) ([]models.Project, error)
RecursivelyGetChildProjects(projectID uuid.UUID) ([]models.Project, error)
GetDirectChildProjects(projectID uuid.UUID) ([]models.Project, error)
CreateProject(ctx Context, project *models.Project) error
BootstrapProject(rbac AccessControl, project *models.Project) error
}
type RBACMiddleware ¶ added in v0.17.1
type RBACProvider ¶ added in v0.17.1
type RBACProvider interface {
GetDomainRBAC(domain string) AccessControl
DomainsOfUser(user string) ([]string, error)
}
type ReleaseRepository ¶ added in v0.17.1
type ReleaseRepository interface {
common.Repository[uuid.UUID, models.Release, DB]
GetByProjectID(projectID uuid.UUID) ([]models.Release, error)
ReadWithItems(id uuid.UUID) (models.Release, error)
ReadRecursive(id uuid.UUID) (models.Release, error)
GetByProjectIDPaged(tx DB, projectID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[models.Release], error)
CreateReleaseItem(tx DB, item *models.ReleaseItem) error
DeleteReleaseItem(tx DB, id uuid.UUID) error
GetCandidateItemsForRelease(projectID uuid.UUID, releaseID *uuid.UUID) ([]models.Artifact, []models.Release, error)
}
type Repository ¶ added in v0.4.19
type Role ¶ added in v0.17.1
type Role string
const ( RoleOwner Role = "owner" RoleAdmin Role = "admin" RoleMember Role = "member" RoleGuest Role = "guest" // this is mainly for backwards compatibility - and to have a default value // noone should ever have the role unknown. This happens, if you logged into devguard before the "real permission sync" - not forwarding permission sync // was added RoleUnknown Role = "unknown" )
type SBOMCreatedEvent ¶ added in v0.17.1
type SBOMCreatedEvent struct {
SBOM *cdx.BOM `json:"sbom"`
Org OrgObject `json:"org"`
Project ProjectObject `json:"project"`
Asset AssetObject `json:"asset"`
AssetVersion AssetVersionObject `json:"assetVersion"`
Artifact ArtifactObject `json:"artifact"`
}
type SBOMScanner ¶ added in v0.17.1
type SBOMScanner interface {
Scan(bom normalize.SBOM) ([]models.VulnInPackage, error)
}
type SortQuery ¶
func GetSortQuery ¶
type StatisticsRepository ¶ added in v0.17.1
type StatisticsRepository interface {
TimeTravelDependencyVulnState(artifactName *string, assetVersionName string, assetID uuid.UUID, time time.Time) ([]models.DependencyVuln, error)
AverageFixingTime(artifactNam *string, assetVersionName string, assetID uuid.UUID, riskIntervalStart, riskIntervalEnd float64) (time.Duration, error)
// AverageFixingTimeForRelease computes average fixing time across all artifacts included in a release tree
AverageFixingTimeForRelease(releaseID uuid.UUID, riskIntervalStart, riskIntervalEnd float64) (time.Duration, error)
// CVSS-based average fixing time methods
AverageFixingTimeByCvss(artifactName *string, assetVersionName string, assetID uuid.UUID, cvssIntervalStart, cvssIntervalEnd float64) (time.Duration, error)
AverageFixingTimeByCvssForRelease(releaseID uuid.UUID, cvssIntervalStart, cvssIntervalEnd float64) (time.Duration, error)
CVESWithKnownExploitsInAssetVersion(assetVersion models.AssetVersion) ([]models.CVE, error)
}
type StatisticsService ¶ added in v0.17.1
type StatisticsService interface {
UpdateArtifactRiskAggregation(artifact *models.Artifact, assetID uuid.UUID, begin time.Time, end time.Time) error
GetAverageFixingTime(artifactName *string, assetVersionName string, assetID uuid.UUID, severity string) (time.Duration, error)
GetArtifactRiskHistory(artifactName *string, assetVersionName string, assetID uuid.UUID, start time.Time, end time.Time) ([]models.ArtifactRiskHistory, error)
// Release scoped statistics
GetReleaseRiskHistory(releaseID uuid.UUID, start time.Time, end time.Time) ([]models.ArtifactRiskHistory, error)
GetAverageFixingTimeForRelease(releaseID uuid.UUID, severity string) (time.Duration, error)
// CVSS-based average fixing time methods
GetAverageFixingTimeByCvss(artifactName *string, assetVersionName string, assetID uuid.UUID, severity string) (time.Duration, error)
GetAverageFixingTimeByCvssForRelease(releaseID uuid.UUID, severity string) (time.Duration, error)
GetComponentRisk(artifactName *string, assetVersionName string, assetID uuid.UUID) (map[string]models.Distribution, error)
}
type SupplyChainRepository ¶ added in v0.17.1
type SupplyChainRepository interface {
common.Repository[uuid.UUID, models.SupplyChain, DB]
FindByDigest(digest string) ([]models.SupplyChain, error)
FindBySupplyChainID(supplyChainID string) ([]models.SupplyChain, error)
PercentageOfVerifiedSupplyChains(assetVersionName string, assetID uuid.UUID) (float64, error)
}
type ThirdPartyIntegration ¶ added in v0.4.19
type ThirdPartyIntegration interface {
WantsToHandleWebhook(ctx Context) bool
HandleWebhook(ctx Context) error
ListOrgs(ctx Context) ([]models.Org, error) // maps identity providers to orgs
ListGroups(ctx context.Context, userID string, providerID string) ([]models.Project, []Role, error) // maps groups to projects
ListProjects(ctx context.Context, userID string, providerID string, groupID string) ([]models.Asset, []Role, error) // maps projects to assets
ListRepositories(ctx Context) ([]Repository, error)
HasAccessToExternalEntityProvider(ctx Context, externalEntityProviderID string) (bool, error)
HandleEvent(event any) error
CreateIssue(ctx context.Context, asset models.Asset, assetVersionName string, vuln models.Vuln, projectSlug string, orgSlug string, justification string, userID string) error
UpdateIssue(ctx context.Context, asset models.Asset, assetVersionSlug string, vuln models.Vuln) error
CreateLabels(ctx context.Context, asset models.Asset) error
GetID() IntegrationID
}
type VulnEventRepository ¶ added in v0.17.1
type VulnEventRepository interface {
SaveBatch(db DB, events []models.VulnEvent) error
Save(db DB, event *models.VulnEvent) error
ReadAssetEventsByVulnID(vulnID string, vulnType models.VulnType) ([]models.VulnEventDetail, error)
ReadEventsByAssetIDAndAssetVersionName(assetID uuid.UUID, assetVersionName string, pageInfo PageInfo, filter []FilterQuery) (Paged[models.VulnEventDetail], error)
}
type VulnRepository ¶ added in v0.17.1
type VulnRepository interface {
FindByTicketID(tx DB, ticketID string) (models.Vuln, error)
Save(db DB, vuln *models.Vuln) error
Transaction(fn func(tx DB) error) error
GetOrgFromVuln(vuln models.Vuln) (models.Org, error)
ApplyAndSave(tx DB, dependencyVuln models.Vuln, vulnEvent *models.VulnEvent) error
}
type WebhookIntegrationRepository ¶ added in v0.17.1
type WebhookIntegrationRepository interface {
Save(tx DB, model *models.WebhookIntegration) error
Read(id uuid.UUID) (models.WebhookIntegration, error)
FindByOrgIDAndProjectID(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error)
Delete(tx DB, id uuid.UUID) error
GetClientByIntegrationID(integrationID uuid.UUID) (models.WebhookIntegration, error)
GetProjectWebhooks(orgID uuid.UUID, projectID uuid.UUID) ([]models.WebhookIntegration, error)
}
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
TODO: rename the package name to vuln
|
TODO: rename the package name to vuln |
Click to show internal directories.
Click to hide internal directories.