api

package
v0.0.0-test Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2024 License: Apache-2.0 Imports: 3 Imported by: 57

Documentation

Index

Constants

View Source 
const (
	ServerCatAuth   string = "auth"
	ServerCatNotify string = "notify"
	ServerCatLog    string = "log"

	ServerTypeLDAP string = "ldap"
	ServerTypeSAML string = "saml"
	ServerTypeOIDC string = "oidc"

	ServerLDAPTypeOpenLDAP string = "OpenLDAP"
	ServerLDAPTypeMSAD     string = "MicrosoftAD"

	LDAPGroupMemberAttrOpenLDAP string = "memberUid"
	LDAPGroupMemberAttrMSAD     string = "member"

	LDAPUserNameAttrOpenLDAP string = "uid"
	LDAPUserNameAttrMSAD     string = "sAMAccountName"
)
View Source 
const (
	BenchCategoryDocker = "docker"
	BenchCategoryKube   = "kubernetes"
	BenchCategoryCustom = "custom"

	BenchTypeMaster    = "master"
	BenchTypeWorker    = "worker"
	BenchTypeHost      = "host"
	BenchTypeContainer = "container"
)
View Source 
const (
	SnifferStRunning string = "running"
	SnifferStStopped string = "stopped"
	SnifferStFailed  string = "failed"
)
View Source 
const (
	ScanVulStatusUnpatched  string = "unpatched"
	ScanVulStatusFixExists  string = "fix exists"
	ScanVulStatusWillNotFix string = "will not fix"
	ScanVulStatusUnaffected string = "unaffected"
)
View Source 
const (
	CfgTypeLearned     = "learned"
	CfgTypeUserCreated = "user_created"
	CfgTypeGround      = "ground"
	CfgTypeFederal     = "federal"
	CfgSystemDefined   = "system_defined"
)
View Source 
const (
	WireInline  string = share.WireInline
	WireDefault string = share.WireDefault
)
View Source 
const (
	WebhookDefaultName = "default"
	WebhookTypeSlack   = "Slack"
	WebhookTypeJSON    = "JSON"
	WebhookTypeTeams   = "Teams"
)
View Source 
const (
	AutoScaleNone      = ""
	AutoScaleImmediate = "immediate"
	AutoScaleDelayed   = "delayed"
	AutoScaleNA        = "n/a"
)
View Source 
const (
	ScanSourceJenkins    string = "jenkins"
	ScanSourceServerless string = "serverless"
)
View Source 
const (
	ComplianceTemplateAll   = "all"
	ComplianceTemplatePCI   = "PCI"
	ComplianceTemplateGDPR  = "GDPR"
	ComplianceTemplateHIPAA = "HIPAA"
	ComplianceTemplateNIST  = "NIST" // NIST SP 800-190
	ComplianceTemplatePCIv4 = "PCIv4"
	ComplianceTemplateDISA  = "DISA"
)
View Source 
const (
	VulnerabilityNameRecent           = "_RecentVuln"
	VulnerabilityNameRecentWithoutFix = "_RecentVulnWithoutFix"
)
View Source 
const (
	RegistryStatusIdle     = "idle"
	RegistryStatusScanning = "scanning"

	RegistryImageSourceOpenShift = "openshift"
)
View Source 
const (
	ScanSchManual     = "manual"
	ScanSchAuto       = "auto"
	ScanSchPeriodical = "periodical"

	ScanIntervalMin = 5 * 60
	ScanIntervalMax = 7 * 24 * 60 * 60

	ScanPersistImageMax = 8192
)
View Source 
const (
	MatchSrcYaml  = "yaml"
	MatchSrcImage = "image"
	MatchSrcBoth  = "both"
)
View Source 
const (
	ValidatingDenyRuleType   = "deny"
	ValidatingExceptRuleType = "exception"
	ValidatingAllowRuleType  = "allow" // same meaning as ValidatingExceptRuleType
)
View Source 
const (
	ApikeyExpireNever      string = "never"
	ApikeyExpireOneHour    string = "onehour"
	ApikeyExpireOneDay     string = "oneday"
	ApikeyExpireOneMonth   string = "onemonth"
	ApikeyExpireOneYear    string = "oneyear"
	ApikeyExpireCustomHour string = "hours"
)
View Source 
const (
	FedRoleNone   = ""
	FedRoleMaster = "master"
	FedRoleJoint  = "joint"
)
View Source 
const (
	FedClusterStatusNone           = "active"
	FedClusterStatusCmdUnknown     = "unknown_cmd"
	FedClusterStatusCmdReceived    = "notified"
	FedClusterStatusCmdReqError    = "req_error"
	FedStatusMasterUpgradeRequired = "master_upgrade_required" // for describing master cluster only
	FedStatusJointUpgradeRequired  = "joint_upgrade_required"  // for describing joint cluster only
	FedStatusClusterUpgradeOngoing = "cluster_upgrade_ongoing" // could get this status only when rolling upgrade & polling fed rules on joint cluster are happenging
	FedStatusJointVersionTooNew    = "joint_version_too_new"   // for describing joint cluster only
	FedStatusClusterConnected      = "connected"               // for describing master cluster only
	FedStatusClusterDisconnected   = "disconnected"            // for describing master cluster only
	FedStatusClusterJoined         = "joined"                  // for describing joint cluster only. short-lived (between joining and the first polling)
	FedStatusClusterOutOfSync      = "out_of_sync"             // for describing joint cluster only
	FedStatusClusterSynced         = "synced"                  // for describing joint cluster only
	FedStatusClusterKicked         = "kicked"                  // for describing self on joint cluster only
	FedStatusClusterLeft           = "left"                    // for describing joint cluster only
	FedStatusLicenseDisallowed     = "license_disallow"        // for describing clusters in fed
	FedStatusClusterPinging        = "pinging"                 // for describing joint cluster only. short-lived (between license update and the immediate ping)
	FedStatusClusterSyncing        = "syncing"                 // for describing joint cluster only. short-lived (when joint cluster is applying fed rules)
	FedStatusClusterPending        = "pending"                 // for describing joint cluster only. when master cluster is not sure joint cluster has finished the joining fed operation
)
View Source 
const (
	ProfilingCPU         string = "cpu"
	ProfilingMemory      string = "memory"
	ProfilingDurationMax uint32 = 60
)
View Source 
const (
	HTTPTestStepStage    = "stage"
	HTTPTestStepImage    = "images"
	HTTPTestStepURL      = "url"
	HTTPTestStepResponse = "response"
	HTTPTestStepError    = "error"
)
View Source 
const (
	CategoryEvent     = "event"
	CategoryViolation = "violation" // merged into CategoryRuntime in config, stil used in log category
	CategoryThreat    = "threat"    // merged into CategoryRuntime in config, stil used in log category
	CategoryIncident  = "incident"  // merged into CategoryRuntime in config, stil used in log category
	CategoryRuntime   = "security-event"
	CategoryAudit     = "audit"
)
View Source 
const (
	LogLevelEMERG   = "Emergency"
	LogLevelALERT   = "Alert"
	LogLevelCRIT    = "Critical"
	LogLevelERR     = "Error"
	LogLevelWARNING = "Warning"
	LogLevelNOTICE  = "Notice"
	LogLevelINFO    = "Info"
	LogLevelDEBUG   = "Debug"
)
View Source 
const (
	SeverityCritical = "Critical"
	SeverityHigh     = "High"
	SeverityMedium   = "Medium"
	SeverityLow      = "Low"
	SeverityInfo     = "Info"
)
View Source 
const (
	EventNameContainerStart              = "Container.Start"
	EventNameContainerStop               = "Container.Stop"
	EventNameContainerRemove             = "Container.Remove"
	EventNameContainerSecured            = "Container.Secured"
	EventNameContainerUnsecured          = "Container.Unsecured"
	EventNameAgentStart                  = "Enforcer.Start"
	EventNameAgentJoin                   = "Enforcer.Join"
	EventNameAgentStop                   = "Enforcer.Stop"
	EventNameAgentDisconnect             = "Enforcer.Disconnect"
	EventNameAgentConnect                = "Enforcer.Connect"
	EventNameAgentKicked                 = "Enforcer.Kicked"
	EventNameControllerStart             = "Controller.Start"
	EventNameControllerJoin              = "Controller.Join"
	EventNameControllerLeave             = "Controller.Leave"
	EventNameControllerStop              = "Controller.Stop"
	EventNameControllerDisconnect        = "Controller.Disconnect"
	EventNameControllerConnect           = "Controller.Connect"
	EventNameControllerLeadLost          = "Controller.Lead.Lost"
	EventNameControllerLeadElect         = "Controller.Lead.Elected"
	EventNameAuthLogin                   = "User.Login"
	EventNameAuthLogout                  = "User.Logout"
	EventNameAuthTimeout                 = "User.Timeout"
	EventNameAuthLoginFailed             = "User.Login.Failed"
	EventNameAuthLoginBlocked            = "User.Login.Blocked"
	EventNameAuthLoginUnblocked          = "User.Login.Unblocked"
	EventNameAuthUserPwdRestByAdmin      = "User.Password.Reset"
	EventNameAuthAccessDenied            = "User.Resource.Access.Denied"
	EventNameRESTWrite                   = "RESTful.Write"
	EventNameRESTRead                    = "RESTful.Read"
	EventNameScannerJoin                 = "Scanner.Join"
	EventNameScannerUpdate               = "Scanner.Update"
	EventNameScannerLeave                = "Scanner.Leave"
	EventNameScanFail                    = "Scan.Failed"
	EventNameScanSucceed                 = "Scan.Succeeded"
	EventNameBenchDockerFail             = "Docker.CIS.Benchmark.Failed"
	EventNameBenchKubeFail               = "Kubenetes.CIS.Benchmark.Failed"
	EventNameLicenseUpdate               = "License.Update"
	EventNameLicenseExpire               = "License.Expire"
	EventNameLicenseRemove               = "License.Remove"
	EventNameLicenseEnforcerLimitReached = "License.EnforcerLimitReached"
	EventNameAdmCtrlK8sConfigured        = "Admission.Control.Configured"   // for admission control
	EventNameAdmCtrlK8sConfigFailed      = "Admission.Control.ConfigFailed" // for admission control
	EventNameInitCfgMapDone              = "ConfigMap.Load"                 // for initial Config
	EventNameInitCfgMapError             = "ConfigMap.Failed"               // for initial Config failure
	EventNameCrdImported                 = "Crd.Import"                     // for crd Config import
	EventNameCrdRemoved                  = "Crd.Remove"                     // for crd Config remove due to k8s miss
	EventNameCrdErrDetected              = "Crd.Error"                      // for remove error crd
	EventNameCrdSkipped                  = "Crd.Skipped"                    // for crd skip ('kubectl create -f' on existing crd resource)
	EventNameFedPromote                  = "Federation.Promote"             // for multi-clusters
	EventNameFedDemote                   = "Federation.Demote"              // for multi-clusters
	EventNameFedJoin                     = "Federation.Join"                // for joint cluster in multi-clusters
	EventNameFedLeave                    = "Federation.Leave"               // for multi-clusters
	EventNameFedKick                     = "Federation.Kick"                // for multi-clusters
	EventNameFedPolicySync               = "Federation.Policy.Sync"         // for multi-clusters
	EventNameImport                      = "Configuration.Import"
	EventNameExport                      = "Configuration.Export"
	EventNameImportFail                  = "Configuration.Import.Failed"
	EventNameExportFail                  = "Configuration.Export.Failed"
	EventNameCloudScanNormal             = "Cloud.Scan.Normal" // for cloud scan nomal ret
	EventNameCloudScanAlert              = "Cloud.Scan.Alert"  // for cloud scan ret with alert
	EventNameCloudScanFail               = "Cloud.Scan.Fail"   // for cloud scan fail
	EventNameGroupAutoRemove             = "Group.Auto.Remove"
	EventNameMemoryPressureAgent         = "Agent.Memory.Pressure"
	EventNameMemoryPressureController    = "Controller.Memory.Pressure"
	EventNameK8sNvRBAC                   = "Kubenetes.NeuVector.RBAC"
	EventNameGroupAutoPromote            = "Group.Auto.Promote"
	EventNameAuthDefAdminPwdUnchanged    = "User.Password.Alert"
	EventNameScannerAutoScaleDisabled    = "Configuration.ScannerAutoScale.Disabled"
	EventNameK8sAdmissionWebhookChange   = "Kubenetes.Admission.Webhook.Change" // for admission control
	EventNameGroupMetricViolation        = "Group.Metric.Violation"
	EventNameKvRestored                  = "Configuration.Restore"
	EventNameScanDataRestored            = "Scan.Data.Restore"
)
View Source 
const (
	EventNameHostPrivilEscalate           = "Host.Privilege.Escalation"
	EventNameContainerPrivilEscalate      = "Container.Privilege.Escalation"
	EventNameHostSuspiciousProcess        = "Host.Suspicious.Process"
	EventNameContainerSuspiciousProcess   = "Container.Suspicious.Process"
	EventNameContainerQuarantined         = "Container.Quarantined"
	EventNameContainerUnquarantined       = "Container.Unquarantined"
	EventNameHostFileAccessViolation      = "Host.FileAccess.Violation"
	EventNameContainerFileAccessViolation = "Container.FileAccess.Violation"
	EventNameHostPackageUpdated           = "Host.Package.Updated"
	EventNameContainerPackageUpdated      = "Container.Package.Updated"
	EventNameHostTunnelDetected           = "Host.Tunnel.Detected"
	EventNameContainerTunnelDetected      = "Container.Tunnel.Detected"
	EventNameProcessProfileViolation      = "Process.Profile.Violation" // container
	EventNameHostProcessProfileViolation  = "Host.Process.Violation"    // host
)

TODO: these are not events but incidents

View Source 
const (
	EventNameComplianceContainerBenchViolation       = "Compliance.Container.Violation"
	EventNameComplianceContainerFileBenchViolation   = "Compliance.ContainerFile.Violation"
	EventNameComplianceHostBenchViolation            = "Compliance.Host.Violation"
	EventNameComplianceImageBenchViolation           = "Compliance.Image.Violation"
	EventNameContainerScanReport                     = "Container.Scan.Report"
	EventNameHostScanReport                          = "Host.Scan.Report"
	EventNameRegistryScanReport                      = "Registry.Scan.Report"
	EventNamePlatformScanReport                      = "Platform.Scan.Report"
	EventNameAdmCtrlK8sReqAllowed                    = "Admission.Control.Allowed"   // for admission control
	EventNameAdmCtrlK8sReqViolation                  = "Admission.Control.Violation" // for admission control
	EventNameAdmCtrlK8sReqDenied                     = "Admission.Control.Denied"    // for admission control
	EventNameComplianceContainerCustomCheckViolation = "Compliance.ContainerCustomCheck.Violation"
	EventNameComplianceHostCustomCheckViolation      = "Compliance.HostCustomCheck.Violation"
	EventNameAwsLambdaScan                           = "AwsLambda.Scan"
)

TODO: these are audit related

View Source 
const (
	EventCatREST       = "RESTFUL"
	EventCatAuth       = "AUTH"
	EventCatWorkload   = "WORKLOAD"
	EventCatAgent      = "ENFORCER"
	EventCatController = "CONTROLLER"
	EventCatScan       = "SCANNER"
	EventCatBench      = "CIS.BENCHMARK"
	EventCatLicense    = "LICENSE"
	EventCatConfigMap  = "CONFIGMAP"
	EventCatCrd        = "CRD"
	EventCatAdmCtrl    = "ADMISSION.CONTROL"
	EventCatFed        = "FEDERATION"
	EventCatConfig     = "CONFIGURATION"
	EventCatCloud      = "CLOUD"
	EventCatGroup      = "GROUP"
)
View Source 
const (
	ThreatActionMonitor = "alert"
	ThreatActionAllow   = "allow"
	ThreatActionBlock   = "deny"
	ThreatActionReset   = "reset"
)
View Source 
const (
	TargetServer = "server"
	TargetClient = "client"
)
View Source 
const (
	IncidentActionAlert  = "Alert"
	IncidentActionDenied = "Denied"
)
View Source 
const AddrGrpValVhPrefix string = "vh:"
View Source 
const AdmCtrlCrdRuleIDBase = 110000
View Source 
const AdmCtrlCrdRuleIDMax = 120000
View Source 
const AllContainerGroup string = "containers"
View Source 
const AllHostGroup string = "nodes"
View Source 
const AuthServerLocal string = "local"
View Source 
const AuthServerPlatform string = "_platform_"
View Source 
const BriefFlag string = "brief"
View Source 
const ConfSectionAll string = "all"
View Source 
const ConfSectionConfig string = "config"
View Source 
const ConfSectionPolicy string = "policy"
View Source 
const ConfSectionUser string = "user"
View Source 
const DefaultControllerRESTAPIPort = 10443
View Source 
const DlpRuleCommentMaxLen int = 256
View Source 
const DlpRuleNameMaxLen int = 256
View Source 
const DlpRulePatternMaxLen int = 512
View Source 
const DlpRulePatternMaxNum int = 16
View Source 
const DlpRulePatternTotalMaxLen int = 1024
View Source 
const DlpSensorNameMaxLen int = 256
View Source 
const DomainContainers string = "_containers"
View Source 
const DomainImages string = "_images"
View Source 
const DomainNodes string = "_nodes"
View Source 
const EndpointIngress string = "ingress"
View Source 
const EndpointKindAddrGroup string = "address"
View Source 
const EndpointKindContainer string = "container"
View Source 
const EndpointKindExternal string = "external"
View Source 
const EndpointKindHostIP string = "node_ip"
View Source 
const EndpointKindIPSvcGroup string = "ip_service"
View Source 
const EndpointKindService string = "nv_service" // Used in collapse view
View Source 
const EndpointKindWorkloadIP string = "workload_ip"
View Source 
const FederalGroupPrefix string = "fed."
View Source 
const FilterByAgent string = "enforcer"
View Source 
const FilterByDomain string = "domain"
View Source 
const FilterByGroup string = "group"
View Source 
const FilterByHost string = "node"
View Source 
const FilterByID string = "id"
View Source 
const FilterByPredefined string = "predefined"
View Source 
const FilterByWorkload string = "workload"
View Source 
const FilterPrefix string = "f_"
View Source 
const FilterServerCategory string = "category"
View Source 
const FilterServerType string = "type"
View Source 
const GrpMetricMax uint32 = (1<<32 - 1)
View Source 
const LearnedExternal string = "external"
View Source 
const LearnedGroupPrefix string = "nv."
View Source 
const LearnedHostPrefix string = "Host:"
View Source 
const LearnedSvcGroupPrefix string = "nv.ip."
View Source 
const LearnedWorkloadPrefix string = "Workload:"
View Source 
const LicenseIDTypeHost string = "host"
View Source 
const MaxDlpPredefinedRuleID = 40000
View Source 
const MaxFedAdmRespRuleID = 110000
View Source 
const MaxWafRuleID = 50000
View Source 
const MeterTypeICMPFlood string = "icmp_flood"
View Source 
const MeterTypeIPSrcSessionLimit string = "ip_src_session_limit"
View Source 
const MeterTypeSYNFlood string = "syn_flood"
View Source 
const MeterTypeTCPNoData string = "tcp_nodata"
View Source 
const MinDlpPredefinedRuleID = 30000
View Source 
const MinDlpRuleID = 20000
View Source 
const MinWafRuleID = 40000

waf

View Source 
const OPeq string = "eq"
View Source 
const OPgt string = "gt"
View Source 
const OPgte string = "gte"
View Source 
const OPin string = "in"
View Source 
const OPlt string = "lt"
View Source 
const OPlte string = "lte"
View Source 
const OPneq string = "neq"
View Source 
const OPprefix string = "prefix"
View Source 
const PageLimit string = "limit"
View Source 
const PageStart string = "start"
View Source 
const PlatformContainerAddon string = "addon"
View Source 
const PlatformContainerCore string = "core"
View Source 
const PolicyAppAny string = "any"
View Source 
const PolicyAutoID uint32 = 0
View Source 
const PolicyDomainNameMaxLen int = 256
View Source 
const PolicyFedRuleIDBase uint32 = share.PolicyFedRuleIDBase
View Source 
const PolicyFedRuleIDMax uint32 = share.PolicyFedRuleIDMax
View Source 
const PolicyGroundRuleIDBase uint32 = share.PolicyGroundRuleIDBase
View Source 
const PolicyGroundRuleIDMax uint32 = share.PolicyGroundRuleIDMax
View Source 
const PolicyLearnedIDBase uint32 = share.PolicyLearnedIDBase
View Source 
const PolicyPortAny string = "any"
View Source 
const QueryDuration string = "token_duration"
View Source 
const QueryKeySection string = "section"
View Source 
const QueryKeyShow string = "show"
View Source 
const QueryKeyView string = "view"
View Source 
const QueryScope string = "scope"
View Source 
const QueryValueShowAccepted string = "accepted"
View Source 
const QueryValueViewPod string = "pod"
View Source 
const QueryValueViewPodOnly string = "pod_only"
View Source 
const RESTAPIKeyHeader string = "X-Auth-Apikey"
View Source 
const RESTErrAdmCtrlUnSupported int = 30
View Source 
const RESTErrAgentError int = 21
View Source 
const RESTErrCISBenchError int = 23
View Source 
const RESTErrClusterRPCError int = 24
View Source 
const RESTErrClusterTimeout int = 11
View Source 
const RESTErrClusterWrongData int = 10
View Source 
const RESTErrDuplicateName int = 13
View Source 
const RESTErrFailExport int = 17
View Source 
const RESTErrFailImport int = 18
View Source 
const RESTErrFailKubernetesApi int = 28
View Source 
const RESTErrFailLockCluster int = 19
View Source 
const RESTErrFailReadCluster int = 9
View Source 
const RESTErrFailRegistryScan int = 27
View Source 
const RESTErrFailRepoScan int = 26
View Source 
const RESTErrFailWriteCluster int = 8
View Source 
const RESTErrFedDuplicateName int = 41
View Source 
const RESTErrFedJointUnreachable int = 40
View Source 
const RESTErrFedOperationFailed int = 39
View Source 
const RESTErrIBMSABadDashboardURL int = 45
View Source 
const RESTErrIBMSATestFailed int = 44
View Source 
const RESTErrInvalidName int = 15
View Source 
const RESTErrInvalidQueryToken int = 53
View Source 
const RESTErrInvalidRequest int = 6
View Source 
const RESTErrJointUpgradeRequired int = 43
View Source 
const RESTErrK8sApiSrvToWebhook int = 34
View Source 
const RESTErrK8sNvRBAC int = 31
View Source 
const RESTErrLicenseFail int = 20
View Source 
const RESTErrMasterUpgradeRequired int = 42
View Source 
const RESTErrMethodNotAllowed int = 2
View Source 
const RESTErrNoUpdatePermission int = 33
View Source 
const RESTErrNotEnoughFilter int = 12
View Source 
const RESTErrNotFound int = 1

Don't modify value or reorder

View Source 
const RESTErrNvPermission int = 35
View Source 
const RESTErrObjectAccessDenied int = 25
View Source 
const RESTErrObjectInuse int = 16
View Source 
const RESTErrObjectNotFound int = 7
View Source 
const RESTErrOpNotAllowed int = 4
View Source 
const RESTErrPasswordExpired int = 48
View Source 
const RESTErrPlatformAuthDisabled int = 50
View Source 
const RESTErrPromoteFail int = 49
View Source 
const RESTErrProxyError int = 29 // Not used
View Source 
const RESTErrRancherUnauthorized int = 51
View Source 
const RESTErrReadOnlyRules int = 46
View Source 
const RESTErrRemoteExportFail int = 52
View Source 
const RESTErrRemoteUnauthorized int = 37
View Source 
const RESTErrRemoterRequestFail int = 38
View Source 
const RESTErrTooManyLoginUser int = 5
View Source 
const RESTErrUnauthorized int = 3
View Source 
const RESTErrUserLoginBlocked int = 47
View Source 
const RESTErrWeakPassword int = 14
View Source 
const RESTErrWebhookIsDisabled int = 36
View Source 
const RESTErrWebhookSvcForAdmCtrl int = 32
View Source 
const RESTErrWorkloadNotRunning int = 22
View Source 
const RESTMaskedValue string = "The value is masked"
View Source 
const RESTNvPageDashboard string = "dashboard"
View Source 
const RESTNvPageHeader string = "X-Nv-Page"
View Source 
const RESTNvPageNavigationBar string = "navbar"
View Source 
const RESTRancherTokenHeader string = "X-R-Sess"
View Source 
const RESTTokenHeader string = "X-Auth-Token"
View Source 
const RawFlag string = "raw"
View Source 
const ScanStatusFailed string = "failed"
View Source 
const ScanStatusFailed_SignatureScan string = "failed_signature_scan"
View Source 
const ScanStatusFinished string = "finished"
View Source 
const ScanStatusIdle string = ""
View Source 
const ScanStatusScanning string = "scanning"
View Source 
const ScanStatusScheduled string = "scheduled"
View Source 
const ScanStatusUnsupported string = "unsupported"
View Source 
const SortAsc string = "asc"
View Source 
const SortDesc string = "desc"
View Source 
const SortPrefix string = "s_"
View Source 
const StartingFedAdmRespRuleID = 100000
View Source 
const StartingLocalAdmCtrlRuleID = 1000

Admission control

View Source 
const StartingLocalVulProfRuleID = 1000
View Source 
const StateLeft string = "stopped"
View Source 
const StateOffline string = "disconnected"
View Source 
const StateOnline string = "connected"
View Source 
const StateUnmanaged string = "unmanaged"
View Source 
const SupportFlag string = "support"
View Source 
const SyslogDefaultUDPPort uint16 = 514

syslog related

View Source 
const SyslogProtocolTCPTLS = 66
View Source 
const UserIdleTimeoutMax uint32 = 3600
View Source 
const UserIdleTimeoutMin uint32 = 30
View Source 
const UserRoleAdmin string = "admin"
View Source 
const UserRoleCIOps string = "ciops"
View Source 
const UserRoleFedAdmin string = "fedAdmin"

the following role can only be interactively assigned on master cluster in a federation

View Source 
const UserRoleFedReader string = "fedReader"
View Source 
const UserRoleIBMSA string = "ibmsa" // it's a hidden role. (no user has this role in kv)
View Source 
const UserRoleImportStatus string = "_hidden_import_status_#" // it's a hidden role. (no user has this role in kv)
View Source 
const UserRoleNone string = ""
View Source 
const UserRoleReader string = "reader"
View Source 
const VerboseFlag string = "verbose"
View Source 
const WithCapFlag string = "with_cap"
View Source 
const WorkloadStateDiscover string = "discover"
View Source 
const WorkloadStateExit string = "exit"
View Source 
const WorkloadStateMonitor string = "monitor"
View Source 
const WorkloadStateProtect string = "protect"
View Source 
const WorkloadStateQuarantine string = "quarantined"
View Source 
const WorkloadStateUnmanaged string = "unmanaged"
View Source 
const WorkloadTunnelIF string = "Workload:ingress"

Variables

View Source 
var LogLevelList []string = []string{
	LogLevelEMERG,
	LogLevelALERT,
	LogLevelCRIT,
	LogLevelERR,
	LogLevelWARNING,
	LogLevelNOTICE,
	LogLevelINFO,
	LogLevelDEBUG,
}
View Source 
var RESTTimeFomat string = time.RFC3339
View Source 
var ThreatLevelList []string = []string{
	LogLevelCRIT,
	LogLevelERR,
	LogLevelWARNING,
	LogLevelNOTICE,
	LogLevelINFO,
}

Functions

func RESTTimeString 

func RESTTimeString(t time.Time) string

func UpgradeLogLevel 

func UpgradeLogLevel(level string) string

Types

type AdmCtlTimeStamps 

type AdmCtlTimeStamps struct {
	Start      time.Time
	Parsed     time.Time
	GonnaFetch time.Time
	Fetched    time.Time
	Evaluated  time.Time
	Images     string // the original images specified in the admission request
}

type AlertType 

type AlertType string
const (
	AlertTypeRBAC           AlertType = "RBAC"
	AlertTypeTlsCertificate AlertType = "TLS_CERTIFICATE"
)

type AssetCVECount 

type AssetCVECount struct {
	ID          string `json:"id"`
	DisplayName string `json:"display_name"`
	Critical    int    `json:"critical,omitempty"`
	High        int    `json:"high"`
	Medium      int    `json:"medium"`
	Low         int    `json:"low"`
}

func (AssetCVECount) MarshalJSON 

func (c AssetCVECount) MarshalJSON() ([]byte, error)

type AssetQueryFilterViewModel 

type AssetQueryFilterViewModel struct {
	Type          string `json:"type"`
	QuickFilter   string `json:"quickFilter"`
	OrderByColumn string `json:"orderbyColumn"`
	OrderByType   string `json:"orderby"`
}

type AssetSessionSummary 

type AssetSessionSummary struct {
	TopImages []*AssetCVECount `json:"top_images"`
}

type Audit 

type Audit struct {
	LogCommon
	WorkloadID      string   `json:"workload_id,omitempty"`
	WorkloadName    string   `json:"workload_name,omitempty"`
	WorkloadDomain  string   `json:"workload_domain,omitempty"`
	WorkloadImage   string   `json:"workload_image,omitempty"`
	WorkloadService string   `json:"workload_service,omitempty"`
	Image           string   `json:"image,omitempty"`         // workload
	ImageID         string   `json:"image_id,omitempty"`      // workload
	Registry        string   `json:"registry,omitempty"`      // image
	RegistryName    string   `json:"registry_name,omitempty"` // image
	Repository      string   `json:"repository,omitempty"`    // image
	Tag             string   `json:"tag,omitempty"`           // image
	BaseOS          string   `json:"base_os,omitempty"`
	CriticalCnt     int      `json:"critical_vul_cnt"`
	HighCnt         int      `json:"high_vul_cnt"`
	MediumCnt       int      `json:"medium_vul_cnt"`
	CriticalVuls    []string `json:"critical_vuls,omitempty"`
	HighVuls        []string `json:"high_vuls,omitempty"`
	MediumVuls      []string `json:"medium_vuls,omitempty"`
	CVEDBVersion    string   `json:"cvedb_version,omitempty"`
	Message         string   `json:"message"`
	User            string   `json:"user,omitempty"`
	Error           string   `json:"error,omitempty"`
	AggregationFrom int64    `json:"aggregation_from,omitempty"`
	Count           uint32   `json:"count,omitempty"`
	Items           []string `json:"items,omitempty"`
	Group           string   `json:"group,omitempty"`
	Platform        string   `json:"platform,omitempty"`
	PlatformVersion string   `json:"platform_version,omitempty"`
	// cloud
	Region      string `json:"region,omitempty"`
	ProjectName string `json:"project_name,omitempty"`
	// one vuln. per log
	Packages       []string `json:"packages,omitempty"`
	PackageVersion string   `json:"package_ver,omitempty"`
	FixedVersion   string   `json:"fixed_ver,omitempty"`
	Score          float32  `json:"score,omitempty"`
	ScoreV3        float32  `json:"score_v3,omitempty"`
	Vectors        string   `json:"vectors,omitempty"`
	VectorsV3      string   `json:"vectors_v3,omitempty"`
	Link           string   `json:"link,omitempty"`
	Description    string   `json:"description,omitempty"`
	Published      string   `json:"pub_date,omitempty"`
	LastMod        string   `json:"last_mod_date,omitempty"`
	// report vuln. in layer
	ImageLayerDigest string `json:"image_layer_digest,omitempty"`
	Cmds             string `json:"cmds,omitempty"`
	// intermediate data
	Vuls                map[string]*share.ScanVulnerability `json:"-"`
	Layers              []Audit                             `json:"-"`
	PVCName             string                              `json:"pvc_name,omitempty"`
	PVCStorageClassName string                              `json:"pvc_storageclass_name,omitempty"`
}

func (*Audit) GetDomain 

func (o *Audit) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type Collection 

type Collection struct {
	Type         string                 `json:"type,omitempty"`
	Links        map[string]string      `json:"links"`
	CreateTypes  map[string]string      `json:"createTypes,omitempty"`
	Actions      map[string]string      `json:"actions"`
	Pagination   *Pagination            `json:"pagination,omitempty"`
	Sort         *Sort                  `json:"sort,omitempty"`
	Filters      map[string][]Condition `json:"filters,omitempty"`
	ResourceType string                 `json:"resourceType"`
}

type Condition 

type Condition struct {
	Modifier ModifierType `json:"modifier,omitempty"`
	Value    interface{}  `json:"value,omitempty"`
}

type Event 

type Event struct {
	LogCommon
	ControllerID    string            `json:"controller_id"`
	ControllerName  string            `json:"controller_name"`
	WorkloadID      string            `json:"workload_id"`
	WorkloadName    string            `json:"workload_name"`
	WorkloadDomain  string            `json:"workload_domain"`
	WorkloadImage   string            `json:"workload_image"`
	WorkloadService string            `json:"workload_service"`
	Category        string            `json:"category"`
	User            string            `json:"user"`
	UserRoles       map[string]string `json:"user_roles"` // domain -> role
	UserAddr        string            `json:"user_addr"`
	UserSession     string            `json:"user_session"`
	RESTMethod      string            `json:"rest_method,omitempty"`
	RESTRequest     string            `json:"rest_request,omitempty"`
	RESTBody        string            `json:"rest_body,omitempty"`
	EnforcerLimit   int               `json:"enforcer_limit,omitempty"`
	LicenseExpire   string            `json:"license_expire,omitempty"`
	Msg             string            `json:"message"`
}

func (*Event) GetDomain 

func (o *Event) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type IBMSAFinding 

type IBMSAFinding struct {
	ID          string
	Name        string
	Level       string
	EventType   string
	At          time.Time
	Protocol    uint8
	Direction   string
	ProtoName   string
	ClientIP    string
	ClientPort  uint16
	ClientPkts  int32
	ClientBytes int32
	ServerIP    string
	ServerPort  uint16
	ServerPkts  int32
	ServerBytes int32
}

type Incident 

type Incident struct {
	LogCommon
	ID              string   `json:"id"`
	WorkloadID      string   `json:"workload_id,omitempty"`
	WorkloadName    string   `json:"workload_name,omitempty"`
	WorkloadDomain  string   `json:"workload_domain,omitempty"`
	WorkloadImage   string   `json:"workload_image,omitempty"`
	WorkloadService string   `json:"workload_service,omitempty"`
	RemoteWL        string   `json:"remote_workload_id,omitempty"`
	RemoteWLName    string   `json:"remote_workload_name,omitempty"`
	RemoteWLDomain  string   `json:"remote_workload_domain,omitempty"`
	RemoteWLImage   string   `json:"remote_workload_image,omitempty"`
	RemoteWLService string   `json:"remote_workload_service,omitempty"`
	ProcName        string   `json:"proc_name,omitempty"`
	ProcPath        string   `json:"proc_path,omitempty"`
	ProcCmd         string   `json:"proc_cmd,omitempty"`
	ProcRealUID     int      `json:"proc_real_uid,omitempty"`
	ProcEffUID      int      `json:"proc_effective_uid,omitempty"`
	ProcRealUser    string   `json:"proc_real_user,omitempty"`
	ProcEffUser     string   `json:"proc_effective_user,omitempty"`
	FilePath        string   `json:"file_path,omitempty"`
	Files           []string `json:"file_name,omitempty"`
	ClientIP        string   `json:"client_ip,omitempty"`
	ServerIP        string   `json:"server_ip,omitempty"`
	ClientPort      uint16   `json:"client_port,omitempty"`
	ServerPort      uint16   `json:"server_port,omitempty"`
	ServerConnPort  uint16   `json:"server_conn_port,omitempty"`
	EtherType       uint16   `json:"ether_type,omitempty"`
	IPProto         uint8    `json:"ip_proto,omitempty"`
	ConnIngress     bool     `json:"conn_ingress,omitempty"`
	ProcPName       string   `json:"proc_parent_name,omitempty"`
	ProcPPath       string   `json:"proc_parent_path,omitempty"`
	Action          string   `json:"action"`
	Group           string   `json:"group,omitempty"`
	RuleID          string   `json:"rule_id"`
	AggregationFrom int64    `json:"aggregation_from,omitempty"`
	Count           int      `json:"count,omitempty"`
	Msg             string   `json:"message"`
}

func (*Incident) GetDomain 

func (o *Incident) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type LogCommon 

type LogCommon struct {
	Name              string `json:"name,omitempty"`
	Level             string `json:"level"`
	ReportedTimeStamp int64  `json:"reported_timestamp"`
	ReportedAt        string `json:"reported_at"`
	ClusterName       string `json:"cluster_name"`
	ResponseRuleID    int    `json:"response_rule_id,omitempty"`
	HostID            string `json:"host_id"`
	HostName          string `json:"host_name"`
	AgentID           string `json:"enforcer_id"`
	AgentName         string `json:"enforcer_name"`
}

type ModifierType 

type ModifierType string

type OwnerReference 

type OwnerReference struct {
	APIVersion         string `json:"apiVersion,omitempty" yaml:"apiVersion,omitempty"`
	BlockOwnerDeletion *bool  `json:"blockOwnerDeletion,omitempty" yaml:"blockOwnerDeletion,omitempty"`
	Controller         *bool  `json:"controller,omitempty" yaml:"controller,omitempty"`
	Kind               string `json:"kind,omitempty" yaml:"kind,omitempty"`
	Name               string `json:"name,omitempty" yaml:"name,omitempty"`
	UID                string `json:"uid,omitempty" yaml:"uid,omitempty"`
}

type Pagination 

type Pagination struct {
	Marker   string `json:"marker,omitempty"`
	First    string `json:"first,omitempty"`
	Previous string `json:"previous,omitempty"`
	Next     string `json:"next,omitempty"`
	Last     string `json:"last,omitempty"`
	Limit    *int64 `json:"limit,omitempty"`
	Total    *int64 `json:"total,omitempty"`
	Partial  bool   `json:"partial,omitempty"`
}

type Principal 

type Principal struct {
	Resource
	Annotations     map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
	Created         string            `json:"created,omitempty" yaml:"created,omitempty"`
	CreatorID       string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
	ExtraInfo       map[string]string `json:"extraInfo,omitempty" yaml:"extraInfo,omitempty"`
	Labels          map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
	LoginName       string            `json:"loginName,omitempty" yaml:"loginName,omitempty"`
	Me              bool              `json:"me,omitempty" yaml:"me,omitempty"`
	MemberOf        bool              `json:"memberOf,omitempty" yaml:"memberOf,omitempty"`
	Name            string            `json:"name,omitempty" yaml:"name,omitempty"`
	OwnerReferences []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
	PrincipalType   string            `json:"principalType,omitempty" yaml:"principalType,omitempty"`
	ProfilePicture  string            `json:"profilePicture,omitempty" yaml:"profilePicture,omitempty"`
	ProfileURL      string            `json:"profileURL,omitempty" yaml:"profileURL,omitempty"`
	Provider        string            `json:"provider,omitempty" yaml:"provider,omitempty"`
	Removed         string            `json:"removed,omitempty" yaml:"removed,omitempty"`
	UUID            string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
}

type PrincipalCollection 

type PrincipalCollection struct {
	Collection
	Data []Principal `json:"data,omitempty"`
}

type QuerySessionRequest 

type QuerySessionRequest struct {
	Type         int // 0=vul, 1=asset
	QueryToken   string
	CreationTime int64
	UserAccess   *UserAccessControl
	Filters      *VulQueryFilterViewModel
	FiltersAsset *AssetQueryFilterViewModel
}

type RESTAWSAccountKey 

type RESTAWSAccountKey struct {
	ID              string `json:"id"`
	AccessKeyID     string `json:"access_key_id,cloak"`
	SecretAccessKey string `json:"secret_access_key,cloak"`
	Region          string `json:"region"`
}

type RESTAWSAccountKeyConfig 

type RESTAWSAccountKeyConfig struct {
	ID              *string `json:"id,omitempty"`
	AccessKeyID     *string `json:"access_key_id,omitempty,cloak"`
	SecretAccessKey *string `json:"secret_access_key,omitempty,cloak"`
	Region          *string `json:"region,omitempty"`
}

type RESTAcceptedAlerts 

type RESTAcceptedAlerts struct {
	ManagerAlerts    []string `json:"manager_alerts"`    // message key slice of manager-generated alerts
	ControllerAlerts []string `json:"controller_alerts"` // message key slice of controller-generated alerts
	UserAlerts       []string `json:"user_alerts"`       // message key slice of current login user alerts
}

type RESTAdmCatOptions 

type RESTAdmCatOptions struct {
	K8sOptions *RESTAdmRuleOptions `json:"k8s_options,omitempty"`
}

type RESTAdmCtrlPromoteRequest 

type RESTAdmCtrlPromoteRequest struct {
	IDs []uint32 `json:"ids"`
}

type RESTAdmCtrlPromoteRequestData 

type RESTAdmCtrlPromoteRequestData struct {
	Request *RESTAdmCtrlPromoteRequest `json:"request"`
}

type RESTAdmCtrlRulesExport 

type RESTAdmCtrlRulesExport struct {
	ExportConfig        bool                     `json:"export_config"`
	IDs                 []uint32                 `json:"ids"` // used when ExportRules is true
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

type RESTAdmCtrlRulesTestResult 

type RESTAdmCtrlRulesTestResult struct {
	Index        int                        `json:"index"`
	Name         string                     `json:"name"`
	Kind         string                     `json:"kind"`
	Message      string                     `json:"message"`
	MatchedRules []*RESTAdmCtrlTestRuleInfo `json:"matched_rules"` // one entry per matched rule for all rules(irrelevant to rule type/status/mode/action)
	Allowed      bool                       `json:"allowed"`       // final result if the yaml is applied to k8s
}

type RESTAdmCtrlRulesTestResults 

type RESTAdmCtrlRulesTestResults struct {
	PropsUnavailable []string                      `json:"props_unavailable,omitempty"`
	GlobalMode       string                        `json:"global_mode"`       // monitor/protect
	Results          []*RESTAdmCtrlRulesTestResult `json:"results,omitempty"` // one entry per yaml doc
}

type RESTAdmCtrlTestRuleInfo 

type RESTAdmCtrlTestRuleInfo struct {
	ContainerImage string `json:"container_image"` // the tested container image in the pod
	ID             uint32 `json:"id"`
	Disabled       bool   `json:"disabled"`      // for disabled rules, we still get their matching results(not taking effect in determining final result) simply for user's reference
	Type           string `json:"type"`          // allow / deny
	Mode           string `json:"mode"`          // monitor/protect
	RuleDetails    string `json:"rule_details"`  // rule criteria details
	RuleCfgType    string `json:"rule_cfg_type"` // CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
}

type RESTAdmRuleCriterion 

type RESTAdmRuleCriterion struct {
	Name        string                  `json:"name"`
	Op          string                  `json:"op"`
	Value       string                  `json:"value"`
	SubCriteria []*RESTAdmRuleCriterion `json:"sub_criteria,omitempty"`
	Type        string                  `json:"type,omitempty"`
	Kind        string                  `json:"template_kind,omitempty"`
	Path        string                  `json:"path,omitempty"`
	ValueType   string                  `json:"value_type,omitempty"`
}

type RESTAdmRuleOptions 

type RESTAdmRuleOptions struct {
	RuleOptions map[string]*RESTAdmissionRuleOption `json:"rule_options"` // key is criterion name
}

type RESTAdmRuleTypeOptions 

type RESTAdmRuleTypeOptions struct {
	DenyOptions       *RESTAdmCatOptions      `json:"deny_options"`
	ExceptionOptions  *RESTAdmCatOptions      `json:"exception_options"`
	PspCollection     []*RESTAdmRuleCriterion `json:"psp_collection,omitempty"`
	PssCollections    map[string][]string     `json:"pss_collections,omitempty"`
	SigstoreVerifiers []string                `json:"sigstore_verifiers,omitempty"`
}

type RESTAdminCriteriaTemplate 

type RESTAdminCriteriaTemplate struct {
	Kind    string `json:"kind"`
	RawJson string `json:"rawjson"`
}

type RESTAdminCustomCriteriaOptions 

type RESTAdminCustomCriteriaOptions struct {
	Ops       []string `json:"ops"`
	Values    []string `json:"values,omitempty"`
	ValueType string   `json:"valuetype"`
}

type RESTAdmissionConfigData 

type RESTAdmissionConfigData struct {
	State                   *RESTAdmissionState               `json:"state,omitempty"`
	Options                 *RESTAdmRuleTypeOptions           `json:"admission_options,omitempty"`
	K8sEnv                  bool                              `json:"k8s_env"`
	CustomCriteriaOptions   []*RESTAdminCustomCriteriaOptions `json:"admission_custom_criteria_options,omitempty"`
	CustomCriteriaTemplates []*RESTAdminCriteriaTemplate      `json:"admission_custom_criteria_templates,omitempty"`
	PredefinedRiskyRoles    []string                          `json:"predefined_risky_roles,omitempty"`
}

type RESTAdmissionRule 

type RESTAdmissionRule struct {
	ID         uint32                  `json:"id"`
	Category   string                  `json:"category"`
	Comment    string                  `json:"comment"`
	Criteria   []*RESTAdmRuleCriterion `json:"criteria"`
	Disable    bool                    `json:"disable"`
	Critical   bool                    `json:"critical"`
	CfgType    string                  `json:"cfg_type"`   // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	RuleType   string                  `json:"rule_type"`  // ValidatingExceptRuleType / ValidatingDenyRuleType (see above)
	RuleMode   string                  `json:"rule_mode"`  // "" / share.AdmCtrlModeMonitor / share.AdmCtrlModeProtect
	Containers []string                `json:"containers"` // empty for all containers, "containers" / "init_containers" / "ephemeral_containers"
}

type RESTAdmissionRuleConfig 

type RESTAdmissionRuleConfig struct {
	ID         uint32                  `json:"id"`
	Category   *string                 `json:"category"`
	Comment    *string                 `json:"comment,omitempty"`
	Criteria   []*RESTAdmRuleCriterion `json:"criteria,omitempty"`
	Disable    *bool                   `json:"disable,omitempty"`
	Actions    *[]string               `json:"actions,omitempty"`
	CfgType    string                  `json:"cfg_type"`            // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	RuleType   string                  `json:"rule_type"`           // ValidatingExceptRuleType / ValidatingDenyRuleType (see above)
	RuleMode   *string                 `json:"rule_mode,omitempty"` // only for deny rules: "" / share.AdmCtrlModeMonitor / share.AdmCtrlModeProtect
	Containers []string                `json:"containers"`          // empty for all containers, "containers" / "init_containers" / "ephemeral_containers"
}

Passed from manager to controller. Omit fields indicate that it's not modified.

type RESTAdmissionRuleConfigData 

type RESTAdmissionRuleConfigData struct {
	Config *RESTAdmissionRuleConfig `json:"config"`
}

type RESTAdmissionRuleData 

type RESTAdmissionRuleData struct {
	Rule *RESTAdmissionRule `json:"rule"`
}

type RESTAdmissionRuleOption 

type RESTAdmissionRuleOption struct {
	Name       string                              `json:"name"`
	Ops        []string                            `json:"ops"`
	Values     []string                            `json:"values,omitempty"`
	MatchSrc   string                              `json:"match_src,omitempty"` // "yaml", "image", "both"
	SubOptions map[string]*RESTAdmissionRuleOption `json:"sub_options,omitempty"`
}

type RESTAdmissionRulesData 

type RESTAdmissionRulesData struct {
	Rules []*RESTAdmissionRule `json:"rules"`
}

type RESTAdmissionState 

type RESTAdmissionState struct {
	Enable               *bool             `json:"enable,omitempty"`
	Mode                 *string           `json:"mode,omitempty"`
	DefaultAction        *string           `json:"default_action,omitempty"`
	AdmClientMode        *string           `json:"adm_client_mode,omitempty"`
	AdmSvcType           *string           `json:"adm_svc_type,omitempty"`
	FailurePolicy        *string           `json:"failure_policy,omitempty"`          // "ignore" / "fail"
	AdmClientModeOptions map[string]string `json:"adm_client_mode_options,omitempty"` // key is AdmClientModeSvc or AdmClientModeUrl
	CtrlStates           map[string]bool   `json:"ctrl_states,omitempty"`             // key is NvAdmValidateType
	CfgType              string            `json:"cfg_type"`                          // CfgTypeUserCreated / CfgTypeGround (see above)
}

type RESTAdmissionStats 

type RESTAdmissionStats struct {
	K8sAllowedRequests       uint64 `json:"k8s_allowed_requests"`
	K8sDeniedRequests        uint64 `json:"k8s_denied_requests"`
	K8sErroneousRequests     uint64 `json:"k8s_erroneous_requests"`
	K8sIgnoredRequests       uint64 `json:"k8s_ignored_requests"`
	K8sProcessingRequests    int64  `json:"k8s_processing_requests"`
	JenkinsAllowedRequests   uint64 `json:"jenkins_allowed_requests"`   // obsolete
	JenkinsDeniedRequests    uint64 `json:"jenkins_denied_requests"`    // obsolete
	JenkinsErroneousRequests uint64 `json:"jenkins_erroneous_requests"` // obsolete
}

type RESTAdmissionStatsData 

type RESTAdmissionStatsData struct {
	Stats *RESTAdmissionStats `json:"stats"`
}

type RESTAgent 

type RESTAgent struct {
	ID          string            `json:"id"`
	Name        string            `json:"name"`
	DisplayName string            `json:"display_name"`
	HostName    string            `json:"host_name"`
	HostID      string            `json:"host_id"`
	Ver         string            `json:"version"`
	Labels      map[string]string `json:"labels"`
	Domain      string            `json:"domain"`
	PidMode     string            `json:"pid_mode"`
	NetworkMode string            `json:"network_mode"`
	CreatedAt   string            `json:"created_at"`
	StartedAt   string            `json:"started_at"`
	JoinedAt    string            `json:"joined_at"`
	MemoryLimit int64             `json:"memory_limit"`
	CPUs        string            `json:"cpus"`
	ClusterIP   string            `json:"cluster_ip"`
	State       string            `json:"connection_state"`
	DisconnAt   string            `json:"disconnected_at"`
	NvProtect   bool              `json:"nv_protect"`
}

Although we can define shared fields in RESTAgent and RESTController in a common struct, it would make filter not working

type RESTAgentConfig 

type RESTAgentConfig struct {
	Debug            *[]string `json:"debug,omitempty"`
	DisableNvProtect *bool     `json:"disable_nvprotect,omitempty"`
	DisableKvCCtl    *bool     `json:"disable_kvcctl,omitempty"`
	LogLevel         *string   `json:"log_level,omitempty"`
}

type RESTAgentConfigData 

type RESTAgentConfigData struct {
	Config *RESTAgentConfig `json:"config"`
}

type RESTAgentCounter 

type RESTAgentCounter struct {
	RXPackets           uint64   `json:"rx_packets"`
	RXDropPackets       uint64   `json:"rx_drop_packets"`
	TXPackets           uint64   `json:"tx_packets"`
	TXDropPackets       uint64   `json:"tx_drop_packets"`
	ErrorPackets        uint64   `json:"error_packets"`
	NoWorkloadPackets   uint64   `json:"no_workload_packets"`
	IPv4Packets         uint64   `json:"ipv4_packets"`
	IPv6Packets         uint64   `json:"ipv6_packets"`
	TCPPackets          uint64   `json:"tcp_packets"`
	TCPNoSessionPackets uint64   `json:"tcp_no_session_packets"`
	UDPPackets          uint64   `json:"udp_packets"`
	ICMPPackets         uint64   `json:"icmp_packets"`
	OtherPackets        uint64   `json:"other_packets"`
	Assemblys           uint64   `json:"total_assemblys"`
	FreedAssemblys      uint64   `json:"freed_assemblys"`
	Fragments           uint64   `json:"total_fragments"`
	FreedFragments      uint64   `json:"freed_fragments"`
	TimeoutFragments    uint64   `json:"timeout_fragments"`
	TotalSessions       uint64   `json:"total_sessions"`
	TCPSessions         uint64   `json:"tcp_sessions"`
	UDPSessions         uint64   `json:"udp_sessions"`
	ICMPSessions        uint64   `json:"icmp_sessions"`
	IPSessions          uint64   `json:"ip_sessions"`
	ParserSessions      []uint64 `json:"parser_sessions"`
	ParserPackets       []uint64 `json:"parser_packets"`
	DropMeters          uint64   `json:"drop_meters"`
	ProxyMeters         uint64   `json:"proxy_meters"`
	CurMeters           uint64   `json:"cur_meters"`
	CurLogCaches        uint64   `json:"cur_log_caches"`
	LimitDropConns      uint64   `json:"limit_drop_conns"`
	LimitPassConns      uint64   `json:"limit_pass_conns"`
	PolicyType1Rules    uint32   `json:"policy_type1_rules"`
	PolicyType2Rules    uint32   `json:"policy_type2_rules"`
	PolicyDomains       uint32   `json:"policy_domains"`
	PolicyDomainIPs     uint32   `json:"policy_domain_ips"`
	GoRoutines          uint32   `json:"goroutines"`
	LsofOutput          []string `json:"lsof"`
	PSOutput            []string `json:"ps"`
}

type RESTAgentCounterData 

type RESTAgentCounterData struct {
	Counter *RESTAgentCounter `json:"counter"`
}

type RESTAgentData 

type RESTAgentData struct {
	Agent *RESTAgent `json:"enforcer"`
}

type RESTAgentStatsData 

type RESTAgentStatsData struct {
	ID     string     `json:"id"`
	ReadAt string     `json:"read_at"`
	Stats  *RESTStats `json:"stats"`
}

type RESTAgentsData 

type RESTAgentsData struct {
	Agents []*RESTAgent `json:"enforcers"`
}

type RESTAllUserPermitOptions 

type RESTAllUserPermitOptions struct {
	Options RESTUserPermitOptions `json:"options"`
}

type RESTApikey 

type RESTApikey struct {
	ExpirationType      string              `json:"expiration_type"`
	ExpirationHours     uint32              `json:"expiration_hours"`
	Name                string              `json:"apikey_name"`
	SecretKey           string              `json:"apikey_secret,cloak"`
	Description         string              `json:"description"`
	Role                string              `json:"role"`
	RoleDomains         map[string][]string `json:"role_domains,omitempty"` // role -> domains
	ExpirationTimestamp int64               `json:"expiration_timestamp"`   // used in GET
	CreatedTimestamp    int64               `json:"created_timestamp"`      // used in GET
	CreatedByEntity     string              `json:"created_by_entity"`      // it could be username or apikey (access key)
}

type RESTApikeyCreation 

type RESTApikeyCreation struct {
	ExpirationType  string              `json:"expiration_type"`
	ExpirationHours uint32              `json:"expiration_hours"`
	Name            string              `json:"apikey_name"`
	Description     string              `json:"description"`
	Role            string              `json:"role"`
	RoleDomains     map[string][]string `json:"role_domains,omitempty"` // role -> domains
}

type RESTApikeyCreationData 

type RESTApikeyCreationData struct {
	Apikey *RESTApikeyCreation `json:"apikey"`
}

type RESTApikeyData 

type RESTApikeyData struct {
	Apikey *RESTApikey `json:"apikey"`
}

type RESTApikeyGenerated 

type RESTApikeyGenerated struct {
	Name      string `json:"apikey_name"`
	SecretKey string `json:"apikey_secret"`
}

type RESTApikeyGeneratedData 

type RESTApikeyGeneratedData struct {
	Apikey *RESTApikeyGenerated `json:"apikey"`
}

type RESTApikeysData 

type RESTApikeysData struct {
	Apikeys     []*RESTApikey `json:"apikeys"`
	GlobalRoles []string      `json:"global_roles"`
	DomainRoles []string      `json:"domain_roles"`
}

type RESTAssetIDList 

type RESTAssetIDList struct {
	IDs []string `json:"ids"`
}

type RESTAssetQueryStats 

type RESTAssetQueryStats struct {
	TotalRecordCount int                  `json:"total_records"`
	QueryToken       string               `json:"query_token"`
	PerfStats        []string             `json:"debug_perf_stats"`
	Summary          *AssetSessionSummary `json:"summary"`
}

for asset pagination

type RESTAssetView 

type RESTAssetView struct {
	Workloads []*RESTWorkloadAssetView    `json:"workloads"`
	Nodes     []*RESTHostAssetView        `json:"nodes"`
	Platforms []*RESTPlatformAssetView    `json:"platforms"`
	Images    []*RESTImageAssetView       `json:"images"`
	Vuls      []*RESTVulnerabilityAssetV2 `json:"vulnerabilities"`
	QueryStat *RESTVulQueryStats          `json:"summary"`
}

type RESTAuditsData 

type RESTAuditsData struct {
	Audits []*Audit `json:"audits"`
}

type RESTAuthData 

type RESTAuthData struct {
	ClientIP string            `json:"client_ip"`
	Password *RESTAuthPassword `json:"password,omitempty"`
	Token    *RESTAuthToken    `json:"Token,omitempty"`
}

type RESTAuthPassword 

type RESTAuthPassword struct {
	Username    string  `json:"username"`
	Password    string  `json:"password"`
	NewPassword *string `json:"new_password,omitempty"`
}

type RESTAuthToken 

type RESTAuthToken struct {
	Token    string `json:"token"`
	State    string `json:"state"`
	Redirect string `json:"redirect_endpoint"`
}

type RESTAvaiableComplianceFilter 

type RESTAvaiableComplianceFilter struct {
	AvailableFilter []string `json:"available_filter"`
}

type RESTAwsCloudRes 

type RESTAwsCloudRes struct {
	CloudType   string   `json:"cloud_type"`
	ProjectName string   `json:"project_name"`
	RegionList  []string `json:"region_list"`
	// any new resource add name need start with aws_xxx, other parameter can't use it as UI use aws_xxx to filter
	ResLambda *RESTAwsLambdaRes `json:"aws_lambda_resource"`
}

type RESTAwsFuncPermission 

type RESTAwsFuncPermission struct {
	AttachedPolicy bool                          `json:"aws_attached_policy"`
	PolicyLevel    string                        `json:"policy_permission_level"`
	PermitState    []string                      `json:"permission_state"`
	AllowedDetail  map[string][]RESTAwsResDetail `json:"allowed_detail"`
}

type RESTAwsFuncSummary 

type RESTAwsFuncSummary struct {
	FuncID          string `json:"function_id"`
	Version         string `json:"version"`
	FuncName        string `json:"function_name"`
	ScanResult      string `json:"scan_result"`
	HighVuls        int    `json:"high"`
	MedVuls         int    `json:"medium"`
	PermissionLevel string `json:"permission_level"`
	Status          string `json:"status"`
}

type RESTAwsFunction 

type RESTAwsFunction struct {
	FuncName string                  `json:"function_name"`
	Region   string                  `json:"region"`
	Report   []RESTScanAwsFuncReport `json:"report"`
}

type RESTAwsLambdaRes 

type RESTAwsLambdaRes struct {
	Status       string                             `json:"status"`
	RegionResMap map[string]*RESTAwsLambdaResDetail `json:"aws_region_resource"`
}

type RESTAwsLambdaResDetail 

type RESTAwsLambdaResDetail struct {
	Status     string               `json:"status"`
	LambdaFunc []RESTAwsFuncSummary `json:"func_list"`
}

type RESTAwsResDetail 

type RESTAwsResDetail struct {
	PermitLeve  string `json:"permission_level"`
	Resource    string `json:"resource"`
	PermitState string `json:"permission_state"`
}

type RESTAwsResource 

type RESTAwsResource struct {
	AccID       string            `json:"acc_id,cloak"`
	AccKey      string            `json:"acc_key,cloak"`
	ProjectName string            `json:"project_name"`
	RegionList  []string          `json:"region_list"`
	ResLambda   *RESTAwsLambdaRes `json:"aws_lambda_resource"`
}

type RESTAwsResourceConfig 

type RESTAwsResourceConfig struct {
	ProjectName string    `json:"project_name"`
	AccID       *string   `json:"acc_id,cloak,omitempty"`
	AccKey      *string   `json:"acc_key,cloak,omitempty"`
	RegionList  *[]string `json:"region_list,omitempty"`
}

type RESTAwsResourceCreate 

type RESTAwsResourceCreate struct {
	ProjectName string   `json:"project_name"`
	AccID       string   `json:"acc_id,cloak"`
	AccKey      string   `json:"acc_key,cloak"`
	RegionList  []string `json:"region_list,omitempty"`
}

type RESTBenchCheck 

type RESTBenchCheck struct {
	TestNum     string                      `json:"test_number"`
	Category    string                      `json:"category"`
	Type        string                      `json:"type"`
	Profile     string                      `json:"profile"`
	Scored      bool                        `json:"scored"`
	Automated   bool                        `json:"automated"`
	Description string                      `json:"description"`
	Remediation string                      `json:"remediation"`
	Tags        []string                    `json:"tags,omitempty"`    // Tags provide list of compliance that related to the cis test item.
	TagsV2      map[string]share.TagDetails `json:"tags_v2,omitempty"` // TagsV2 provide compliance details for each compliance tag
}

type RESTBenchItem 

type RESTBenchItem struct {
	RESTBenchCheck
	Level    string   `json:"level"`
	Evidence string   `json:"evidence,omitempty"`
	Location string   `json:"location,omitempty"`
	Message  []string `json:"message"`
	Group    string   `json:"group,omitempty"`
}

type RESTBenchMeta 

type RESTBenchMeta struct {
	RESTBenchCheck
}

type RESTBenchReport 

type RESTBenchReport struct {
	RunAtTimeStamp int64            `json:"run_timestamp"`
	RunAt          string           `json:"run_at"`
	Version        string           `json:"cis_version"`
	Items          []*RESTBenchItem `json:"items"`
}

type RESTCheckUpgradeInfo 

type RESTCheckUpgradeInfo struct {
	MinUpgradeVersion *RESTUpgradeInfo `json:"min_upgrade_version"`
	MaxUpgradeVersion *RESTUpgradeInfo `json:"max_upgrade_version"`
}

type RESTCloudResList 

type RESTCloudResList struct {
	AwsCloudRes []RESTAwsCloudRes `json:"cloud_resources"`
}

type RESTClusterCspUsage 

type RESTClusterCspUsage struct {
	CspType string `json:"csp_type"`
	Nodes   int    `json:"nodes"` // total nodes count in this cluster
}

csp-adapter billing integration

type RESTCompProfilesExport 

type RESTCompProfilesExport struct {
	Names               []string                 `json:"names"`
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

compliance profile export. only support "default" profile to export(5.3+)

type RESTComplianceAsset 

type RESTComplianceAsset struct {
	Name        string                      `json:"name"`
	Category    string                      `json:"category"`
	Type        string                      `json:"type"`
	Level       string                      `json:"level"`
	Profile     string                      `json:"profile"`
	Scored      bool                        `json:"scored"`
	Description string                      `json:"description"`
	Message     []string                    `json:"message"`
	Remediation string                      `json:"remediation"`
	Group       string                      `json:"group"`
	Tags        map[string]share.TagDetails `json:"tags"`
	Workloads   []string                    `json:"workloads"`
	Nodes       []string                    `json:"nodes"`
	Images      []string                    `json:"images"`
	Platforms   []string                    `json:"platforms"`
}

type RESTComplianceAssetData 

type RESTComplianceAssetData struct {
	Compliances   []*RESTComplianceAsset  `json:"compliances"`
	Workloads     map[string][]RESTIDName `json:"workloads"`
	Nodes         map[string][]RESTIDName `json:"nodes"`
	Images        map[string][]RESTIDName `json:"images"`
	Platforms     map[string][]RESTIDName `json:"platforms"`
	KubeVersion   string                  `json:"kubernetes_cis_version"`
	DockerVersion string                  `json:"docker_cis_version"`
}

type RESTComplianceData 

type RESTComplianceData struct {
	RunAtTimeStamp int64            `json:"run_timestamp"`
	RunAt          string           `json:"run_at"`
	KubeVersion    string           `json:"kubernetes_cis_version"`
	DockerVersion  string           `json:"docker_cis_version"`
	Items          []*RESTBenchItem `json:"items"`
}

type RESTComplianceProfile 

type RESTComplianceProfile struct {
	Name          string                       `json:"name"`
	DisableSystem bool                         `json:"disable_system"`
	Entries       []RESTComplianceProfileEntry `json:"entries"`
	CfgType       string                       `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround (see above)
}

type RESTComplianceProfileConfig 

type RESTComplianceProfileConfig struct {
	Name          string                         `json:"name"`
	DisableSystem *bool                          `json:"disable_system,omitempty"`
	Entries       *[]*RESTComplianceProfileEntry `json:"entries,omitempty"`
	CfgType       string                         `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround (see above)
}

type RESTComplianceProfileConfigData 

type RESTComplianceProfileConfigData struct {
	Config *RESTComplianceProfileConfig `json:"config"`
}

type RESTComplianceProfileData 

type RESTComplianceProfileData struct {
	Profile *RESTComplianceProfile `json:"profile"`
}

type RESTComplianceProfileEntry 

type RESTComplianceProfileEntry struct {
	TestNum string   `json:"test_number"`
	Tags    []string `json:"tags"`
}

type RESTComplianceProfileEntryConfigData 

type RESTComplianceProfileEntryConfigData struct {
	Config *RESTComplianceProfileEntry `json:"config"`
}

type RESTComplianceProfilesData 

type RESTComplianceProfilesData struct {
	Profiles []*RESTComplianceProfile `json:"profiles"`
}

type RESTController 

type RESTController struct {
	ID                string            `json:"id"`
	Name              string            `json:"name"`
	DisplayName       string            `json:"display_name"`
	HostName          string            `json:"host_name"`
	HostID            string            `json:"host_id"`
	Ver               string            `json:"version"`
	Labels            map[string]string `json:"labels"`
	Domain            string            `json:"domain"`
	CreatedAt         string            `json:"created_at"`
	StartedAt         string            `json:"started_at"`
	JoinedAt          string            `json:"joined_at"`
	MemoryLimit       int64             `json:"memory_limit"`
	CPUs              string            `json:"cpus"`
	ClusterIP         string            `json:"cluster_ip"`
	Leader            bool              `json:"leader"`
	State             string            `json:"connection_state"`
	DisconnAt         string            `json:"disconnected_at"`
	OrchConnStatus    string            `json:"orch_conn_status"`
	OrchConnLastError string            `json:"orch_conn_last_error"`
	ReadPrimeConfig   bool              `json:"read_prime_config"`
}

type RESTControllerConfig 

type RESTControllerConfig struct {
	Debug    *[]string `json:"debug,omitempty"`
	LogLevel *string   `json:"log_level,omitempty"`
}

type RESTControllerConfigData 

type RESTControllerConfigData struct {
	Config *RESTControllerConfig `json:"config"`
}

type RESTControllerCounter 

type RESTControllerCounter struct {
	GraphNodes uint32   `json:"graph_nodes"`
	GoRoutines uint32   `json:"goroutines"`
	ScanTasks  uint32   `json:"scan_tasks"`
	LsofOutput []string `json:"lsof"`
	PSOutput   []string `json:"ps"`
}

type RESTControllerCounterData 

type RESTControllerCounterData struct {
	Counter *RESTControllerCounter `json:"counter"`
}

type RESTControllerData 

type RESTControllerData struct {
	Controller *RESTController `json:"controller"`
}

type RESTControllersData 

type RESTControllersData struct {
	Controllers []*RESTController `json:"controllers"`
}

type RESTConversation 

type RESTConversation struct {
	From *RESTConversationEndpoint `json:"from"`
	To   *RESTConversationEndpoint `json:"to"`
	*RESTConversationReport
}

func (*RESTConversation) GetDomain 

func (o *RESTConversation) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTConversationCompact 

type RESTConversationCompact struct {
	From string `json:"from"`
	To   string `json:"to"`
	*RESTConversationReport
}

type RESTConversationDetail 

type RESTConversationDetail struct {
	*RESTConversation
	Entries []*RESTConversationEntry `json:"entries"`
}

type RESTConversationEndpoint 

type RESTConversationEndpoint struct {
	Kind string `json:"kind"`
	RESTWorkloadBrief
}

The difference between Endpoint list and Workload Brief list is, endpoint list container nv.host, nv.workload and nv.external.

func (*RESTConversationEndpoint) GetDomain 

func (o *RESTConversationEndpoint) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTConversationEndpointConfig 

type RESTConversationEndpointConfig struct {
	ID          string  `json:"id"`
	DisplayName *string `json:"display_name,omitempty"` // Add an alias, empty string to reset to original DisplayName
}

type RESTConversationEndpointConfigData 

type RESTConversationEndpointConfigData struct {
	Config *RESTConversationEndpointConfig `json:"config"`
}

type RESTConversationEndpointData 

type RESTConversationEndpointData struct {
	Endpoints []*RESTConversationEndpoint `json:"endpoints"`
}

type RESTConversationEntry 

type RESTConversationEntry struct {
	Bytes        uint64 `json:"bytes"`
	Sessions     uint32 `json:"sessions"`
	Port         string `json:"port"`
	MappedPort   string `json:"mapped_port"`
	Application  string `json:"application"`
	Server       string `json:"Server"`
	ThreatName   string `json:"threat_name"`
	Severity     string `json:"severity"`
	PolicyAction string `json:"policy_action"`
	PolicyID     uint32 `json:"policy_id"`
	LastSeenAt   string `json:"last_seen_at"`
	CIP          string `json:"client_ip"`
	SIP          string `json:"server_ip"`
	FQDN         string `json:"fqdn"`
	Xff          bool   `json:"xff"`
	ToSidecar    bool   `json:"to_sidecar"`
	Nbe          bool   `json:"nbe"`
}

type RESTConversationQuery 

type RESTConversationQuery struct {
	From []string `json:"from"`
	To   []string `json:"to"`
}

type RESTConversationQueryData 

type RESTConversationQueryData struct {
	Query *RESTConversationQuery `json:"query"`
}

type RESTConversationReport 

type RESTConversationReport struct {
	Bytes        uint64                         `json:"bytes"`
	Sessions     uint32                         `json:"sessions"`
	Severity     string                         `json:"severity"`
	PolicyAction string                         `json:"policy_action"`
	Protos       []string                       `json:"protocols,omitempty"`
	Apps         []string                       `json:"applications,omitempty"`
	Ports        []string                       `json:"ports,omitempty"`
	SidecarProxy bool                           `json:"sidecar_proxy,omitempty"`
	EventType    []string                       `json:"event_type,omitempty"`
	XffEntry     bool                           `json:"xff_entry,omitempty"` //has xff entry
	Entries      []*RESTConversationReportEntry `json:"entries"`
	Nbe          bool                           `json:"nbe,omitempty"` //cross namespace entry
}

type RESTConversationReportEntry 

type RESTConversationReportEntry struct {
	Bytes        uint64 `json:"bytes"`
	Sessions     uint32 `json:"sessions"`
	Port         string `json:"port,omitempty"`
	Application  string `json:"application,omitempty"`
	PolicyAction string `json:"policy_action"`
	CIP          string `json:"client_ip,omitempty"`
	SIP          string `json:"server_ip,omitempty"`
	FQDN         string `json:"fqdn,omitempty"`
}

type RESTConversationsData 

type RESTConversationsData struct {
	Endpoints []*RESTConversationEndpoint `json:"endpoints"`
	Convers   []*RESTConversationCompact  `json:"conversations"`
}

type RESTConversationsDetailData 

type RESTConversationsDetailData struct {
	Conver *RESTConversationDetail `json:"conversation"`
}

type RESTConversationsVerboseData 

type RESTConversationsVerboseData struct {
	Endpoints []*RESTConversationEndpoint `json:"endpoints"`
	Convers   []*RESTConversation         `json:"conversations"`
}

type RESTCrdDlpGroupConfig 

type RESTCrdDlpGroupConfig struct {
	Status     bool                     `json:"status,omitempty"`
	RepSensors []RESTCrdDlpGroupSetting `json:"replace,omitempty"` //replace list used by GUI
}

type RESTCrdDlpGroupSetting 

type RESTCrdDlpGroupSetting struct {
	Name   string `json:"name"`
	Action string `json:"action"`
}

type RESTCrdGroupConfig 

type RESTCrdGroupConfig struct {
	OriginalName string               `json:"original_name"`
	Name         string               `json:"name"`
	Comment      string               `json:"comment"`
	Criteria     *[]RESTCriteriaEntry `json:"criteria,omitempty"`
	MonMetric    *bool                `json:"mon_metric,omitempty"`
	GrpSessCur   *uint32              `json:"grp_sess_cur,omitempty"`
	GrpSessRate  *uint32              `json:"grp_sess_rate,omitempty"`
	GrpBandWidth *uint32              `json:"grp_band_width,omitempty"`
}

type RESTCrdWafGroupConfig 

type RESTCrdWafGroupConfig struct {
	Status     bool                     `json:"status,omitempty"`
	RepSensors []RESTCrdWafGroupSetting `json:"replace,omitempty"` //replace list used by GUI
}

type RESTCrdWafGroupSetting 

type RESTCrdWafGroupSetting struct {
	Name   string `json:"name"`
	Action string `json:"action"`
}

type RESTCriteriaEntry 

type RESTCriteriaEntry struct {
	Key   string `json:"key"`
	Value string `json:"value"`
	Op    string `json:"op"`
}

type RESTCspAdapterInfo 

type RESTCspAdapterInfo struct {
	AdapterVersions string `json:"adapter_versions"`
}

type RESTCustomCheck 

type RESTCustomCheck struct {
	Name         string `json:"name"`
	Script       string `json:"script"`
	Configurable bool   `json:"configurable"`
}

Custom check

type RESTCustomCheckConfig 

type RESTCustomCheckConfig struct {
	Add    *RESTCustomChecks `json:"add"`
	Del    *RESTCustomChecks `json:"delete"`
	Update *RESTCustomChecks `json:"update"`
}

type RESTCustomCheckConfigData 

type RESTCustomCheckConfigData struct {
	Config *RESTCustomCheckConfig `json:"config"`
}

type RESTCustomCheckData 

type RESTCustomCheckData struct {
	Config *RESTCustomChecks `json:"config"`
}

type RESTCustomCheckListData 

type RESTCustomCheckListData struct {
	Configs []*RESTCustomChecks `json:"configs"`
}

type RESTCustomChecks 

type RESTCustomChecks struct {
	Group    string             `json:"group"`
	Enabled  bool               `json:"enabled"`
	Writable bool               `json:"writable"`
	Scripts  []*RESTCustomCheck `json:"scripts"`
}

type RESTDebugIP2Workload 

type RESTDebugIP2Workload struct {
	IP       string             `json:"ip"`
	Workload *RESTWorkloadBrief `json:"workload"`
}

type RESTDebugIP2WorkloadData 

type RESTDebugIP2WorkloadData struct {
	IP2Workloads []*RESTDebugIP2Workload `json:"ip_2_workloads"`
}

type RESTDebugSyncInfo 

type RESTDebugSyncInfo struct {
	ClusterIP      string                `json:"cluster_ip"`
	Leader         bool                  `json:"leader"`
	SyncErrorFound bool                  `json:"sync_error_found"`
	LearnedRuleMax uint32                `json:"learned_rule_max"`
	GraphNodeCount uint32                `json:"graph_node_count"`
	PolicyError    []*RESTPolicyMismatch `json:"policy_error,omitempty"`
}

type RESTDebugSyncInfoData 

type RESTDebugSyncInfoData struct {
	Sync []*RESTDebugSyncInfo `json:"sync"`
}

type RESTDeployFedRulesReq 

type RESTDeployFedRulesReq struct {
	Force bool     `json:"force"` // true means deploying all federal rules. false means only deploying the newly changed federal rules.
	IDs   []string `json:"ids"`   // empty means deploy to all clusters
}

for deploying fed settings to joint clusters

type RESTDeployFedRulesResp 

type RESTDeployFedRulesResp struct {
	Results map[string]int `json:"results"` // value: _fedSuccess/....
}

type RESTDerivedDlpRule 

type RESTDerivedDlpRule struct {
	Name     string   `json:"name"`
	ID       uint32   `json:"id"`
	Patterns []string `json:"patterns"`
}

type RESTDerivedDlpRuleData 

type RESTDerivedDlpRuleData struct {
	Rules []*RESTDerivedDlpRule `json:"rules"`
}

type RESTDerivedDlpRuleMac 

type RESTDerivedDlpRuleMac struct {
	Mac string `json:"mac"`
}

type RESTDerivedDlpRuleMacData 

type RESTDerivedDlpRuleMacData struct {
	Macs []*RESTDerivedDlpRuleMac `json:"macs"`
}

type RESTDerivedPolicyRule 

type RESTDerivedPolicyRule struct {
	ID          uint32 `json:"policy_id"`
	SrcIP       string `json:"from"`
	DstIP       string `json:"to"`
	Port        string `json:"port"`
	Action      string `json:"action"`
	Ingress     bool   `json:"ingress"`
	Application string `json:"application"`
	Domain      string `json:"domain,omitempty"`
}

type RESTDerivedPolicyRuleData 

type RESTDerivedPolicyRuleData struct {
	WorkloadRules []*RESTDerivedWorkloadPolicyRule `json:"workload_rules"`
}

type RESTDerivedWorkloadDlpRule 

type RESTDerivedWorkloadDlpRule struct {
	DlpWorkload *RESTWorkloadBrief `json:"dlp_workload"`
	Mode        string             `json:"mode,omitempty"`
	DefAct      uint32             `json:"defact,omitempty"`
	ApplyDir    int32              `json:"applydir,omitempty"`
	DlpMacs     []string           `json:"dlp_macs"`
	DlpRules    []*RESTDlpSetting  `json:"dlp_rules"`
	WafRules    []*RESTDlpSetting  `json:"waf_rules"`
	Rids        []uint32           `json:"rids"`
	Wafrids     []uint32           `json:"wafrids"`
	RuleType    string             `json:"ruletype"`
}

type RESTDerivedWorkloadDlpRuleData 

type RESTDerivedWorkloadDlpRuleData struct {
	Rules []*RESTDerivedWorkloadDlpRule `json:"rules"`
}

type RESTDerivedWorkloadPolicyRule 

type RESTDerivedWorkloadPolicyRule struct {
	Workload *RESTWorkloadBrief       `json:"workload"`
	Rules    []*RESTDerivedPolicyRule `json:"rules"`
}

type RESTDlpConfig 

type RESTDlpConfig struct {
	Name    string `json:"name"`
	Action  string `json:"action"`
	Comment string `json:"comment,omitempty"`
}

type RESTDlpCriteriaEntry 

type RESTDlpCriteriaEntry struct {
	Key     string `json:"key"`
	Value   string `json:"value"`
	Op      string `json:"op"`
	Context string `json:"context,omitempty"`
}

type RESTDlpGroup 

type RESTDlpGroup struct {
	Name    string            `json:"name"`
	Status  bool              `json:"status"`
	Sensors []*RESTDlpSetting `json:"sensors"`
	CfgType string            `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround
}

type RESTDlpGroupConfig 

type RESTDlpGroupConfig struct {
	Name       string           `json:"name"`
	Status     *bool            `json:"status,omitempty"`
	DelSensors *[]string        `json:"delete,omitempty"`  //delete list used by CLI
	Sensors    *[]RESTDlpConfig `json:"sensors,omitempty"` //change list used by CLI
	RepSensors *[]RESTDlpConfig `json:"replace,omitempty"` //replace list used by GUI
}

type RESTDlpGroupConfigData 

type RESTDlpGroupConfigData struct {
	Config *RESTDlpGroupConfig `json:"config"`
}

type RESTDlpGroupData 

type RESTDlpGroupData struct {
	DlpGroup *RESTDlpGroup `json:"dlp_group"`
}

type RESTDlpGroupsData 

type RESTDlpGroupsData struct {
	DlpGroups []*RESTDlpGroup `json:"dlp_groups"`
}

type RESTDlpRule 

type RESTDlpRule struct {
	Name     string                 `json:"name"`
	ID       uint32                 `json:"id"`
	Patterns []RESTDlpCriteriaEntry `json:"patterns"`
	CfgType  string                 `json:"cfg_type"`
}

type RESTDlpRuleConfig 

type RESTDlpRuleConfig struct {
	Name     string                 `json:"name"`
	Patterns []RESTDlpCriteriaEntry `json:"patterns"`
}

type RESTDlpRuleConfigData 

type RESTDlpRuleConfigData struct {
	Config *RESTDlpRuleConfig `json:"config"`
}

type RESTDlpRuleData 

type RESTDlpRuleData struct {
	Rule *RESTDlpRuleDetail `json:"rule"`
}

type RESTDlpRuleDetail 

type RESTDlpRuleDetail struct {
	Sensors []string       `json:"sensors"`
	Rules   []*RESTDlpRule `json:"rules"`
}

type RESTDlpRulesData 

type RESTDlpRulesData struct {
	Rules []*RESTDlpRule `json:"rules"`
}

type RESTDlpSensor 

type RESTDlpSensor struct {
	Name      string         `json:"name"`
	GroupList []string       `json:"groups"`
	RuleList  []*RESTDlpRule `json:"rules"`
	Comment   string         `json:"comment"`
	Predefine bool           `json:"predefine"`
	CfgType   string         `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround
}

type RESTDlpSensorConfig 

type RESTDlpSensorConfig struct {
	Name        string         `json:"name"`
	RuleChgList *[]RESTDlpRule `json:"change,omitempty"` //change list used by CLI
	RuleDelList *[]RESTDlpRule `json:"delete,omitempty"` //delete list used by CLI
	Rules       *[]RESTDlpRule `json:"rules,omitempty"`  //replace list used by GUI
	Comment     *string        `json:"comment,omitempty"`
}

type RESTDlpSensorConfigData 

type RESTDlpSensorConfigData struct {
	Config *RESTDlpSensorConfig `json:"config"`
}

type RESTDlpSensorData 

type RESTDlpSensorData struct {
	Sensor *RESTDlpSensor `json:"sensor"`
}

type RESTDlpSensorExport 

type RESTDlpSensorExport struct {
	Names               []string                 `json:"names"`
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

type RESTDlpSensorsData 

type RESTDlpSensorsData struct {
	Sensors []*RESTDlpSensor `json:"sensors"`
}

type RESTDlpSetting 

type RESTDlpSetting struct {
	Name      string `json:"name"`
	Action    string `json:"action"`
	Exist     bool   `json:"exist"`
	Predefine bool   `json:"predefine"`
	Comment   string `json:"comment,omitempty"`
	CfgType   string `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround. It's from the DLP sensor's cfgType
}

type RESTDomain 

type RESTDomain struct {
	Name             string            `json:"name"`
	Workloads        int               `json:"workloads"`
	RunningWorkloads int               `json:"running_workloads"`
	RunningPods      int               `json:"running_pods"`
	Services         int               `json:"services"`
	Tags             []string          `json:"tags"`
	Labels           map[string]string `json:"labels"`
	Nbe              bool              `json:"nbe"`
}

type RESTDomainConfig 

type RESTDomainConfig struct {
	TagPerDomain *bool `json:"tag_per_domain,omitempty"`
}

type RESTDomainConfigData 

type RESTDomainConfigData struct {
	Config *RESTDomainConfig `json:"config"`
}

type RESTDomainEntryConfig 

type RESTDomainEntryConfig struct {
	Name string    `json:"name"`
	Tags *[]string `json:"tags,omitempty"`
}

type RESTDomainEntryConfigData 

type RESTDomainEntryConfigData struct {
	Config *RESTDomainEntryConfig `json:"config"`
}

type RESTDomainsData 

type RESTDomainsData struct {
	Domains      []*RESTDomain `json:"domains"`
	TagPerDomain bool          `json:"tag_per_domain"`
}

type RESTEULA 

type RESTEULA struct {
	Accepted bool `json:"accepted"`
}

type RESTEULAData 

type RESTEULAData struct {
	EULA            *RESTEULA `json:"eula"`
	BootstrapPwdCmd string    `json:"bootstrap_password_command"`       // k8s command to retrieve the bootstrap password
	K8sRbacAlertMsg string    `json:"k8s_rbac_alert_message,omitempty"` // alert message when k8s role/rolebinding neuvector-binding-secret is not correct
}

type RESTError 

type RESTError struct {
	Code            int                  `json:"code"`
	Error           string               `json:"error"`
	Message         string               `json:"message"`
	PwdProfileBasic *RESTPwdProfileBasic `json:"password_profile_basic,omitempty"`
	ImportTaskData  *RESTImportTaskData  `json:"import_task_data,omitempty"`
}

type RESTErrorReadOnlyRules 

type RESTErrorReadOnlyRules struct {
	RESTError
	ReadOnlyRuleIDs []uint32 `json:"read_only_rule_ids"`
}

type RESTEventsData 

type RESTEventsData struct {
	Events []*Event `json:"events"`
}

type RESTExposedEndpoint 

type RESTExposedEndpoint struct {
	ID             string                         `json:"id"`
	Name           string                         `json:"name"`
	DisplayName    string                         `json:"display_name"`
	PodName        string                         `json:"pod_name"`
	Service        string                         `json:"service"`
	ThreatSeverity string                         `json:"severity"`
	CriticalVuls   int                            `json:"critical"`
	HighVuls       int                            `json:"high"`
	MedVuls        int                            `json:"medium"`
	PolicyMode     string                         `json:"policy_mode"`
	PolicyAction   string                         `json:"policy_action"`
	Protos         []string                       `json:"protocols,omitempty"`
	Apps           []string                       `json:"applications,omitempty"`
	Ports          []string                       `json:"ports,omitempty"`
	Entries        []*RESTConversationReportEntry `json:"entries"`
}

type RESTFedAuthData 

type RESTFedAuthData struct {
	ClientIP       string `json:"client_ip"`
	MasterUsername string `json:"master_username"`
	JointUsername  string `json:"joint_username"`
	MasterToken    string `json:"master_token"`
}

type RESTFedConfigData 

type RESTFedConfigData struct {
	PingInterval       *uint32                   `json:"ping_interval,omitempty"` // in minute
	PollInterval       *uint32                   `json:"poll_interval,omitempty"` // in minute
	Name               *string                   `json:"name,omitempty"`          // cluster name
	RestInfo           *share.CLUSRestServerInfo `json:"rest_info,omitempty"`
	UseProxy           *string                   `json:"use_proxy,omitempty"`   // "" / https
	DeployRepoScanData *bool                     `json:"deploy_repo_scan_data"` // whether fed repo scan data deployment is enabled
}

type RESTFedCspSupportReq 

type RESTFedCspSupportReq struct {
	ID           string `json:"id"`                     // id of joint cluster
	JointTicket  string `json:"joint_ticket"`           // generated using joint cluster's secret
	FedKvVersion string `json:"fed_kv_version"`         // kv version in the code of joint cluster
	RestVersion  string `json:"rest_version,omitempty"` // rest version in the code of joint cluster
}

type RESTFedCspSupportResp 

type RESTFedCspSupportResp struct {
	Compliant           bool     `json:"compliant"`
	ExpireTime          int64    `json:"expire_time"`     // the last billing "compliant" state's expiration time in seconds
	CspErrors           []string `json:"csp_errors"`      // internal errors from csp-adapter
	NvError             string   `json:"nv_error"`        // error message for nv to check csp-config
	CspConfigData       string   `json:"csp_config_data"` // raw csp-config data
	CspConfigFrom       string   `json:"csp_config_from"` // "master"/"joint"/ "": where is csp-config data from
	JointReportUsage    bool     `json:"joint_report_usage"`
	AdapterVersions     string   `json:"adapter_versions"`
	MeteringArchiveData string   `json:"metering_archive_data"` // raw metering-archive data
}

type RESTFedCspUsage 

type RESTFedCspUsage struct {
	TotalNodes   int                    `json:"total_nodes"`             // nodes of all reachable cluster(s) in the nv setup
	Unreachable  int                    `json:"unreachable_downstreams"` // unreachable downstream clusters
	CspUsages    map[string]int         `json:"csp_usages"`              // key: cspType, value: nodes of all reachable cluster(s) with the same cspType
	MemberUsages []*RESTClusterCspUsage `json:"member_usages"`           // list of all reachable clusters' usages, only available on master cluster
}

type RESTFedDataCfgMap 

type RESTFedDataCfgMap struct {
	ClusterName        string                    `json:"cluster_name"`                    // this cluster's unique name in federation
	PrimaryRestInfo    share.CLUSRestServerInfo  `json:"primary_rest_info"`               // rest info about primary cluster
	ManagedRestInfo    *share.CLUSRestServerInfo `json:"managed_rest_info,omitempty"`     // rest info about managed cluster (for managed clusters only)
	UseProxy           string                    `json:"use_proxy"`                       // "" / https
	JoinToken          string                    `json:"join_token"`                      // must be in a format that is 36 characters long, i.e., 32 hexadecimal characters grouped as 8-4-4-4-12 and separated by four hyphens
	DeployRepoScanData *bool                     `json:"deploy_repo_scan_data,omitempty"` // whether fed repo scan data deployment is enabled (for master cluster only)
}

type RESTFedImageScanResult 

type RESTFedImageScanResult struct {
	MD5     string                          `json:"md5"` // it's md5 of json.marshal(gob(regImageSummaryReport))
	Summary *share.CLUSRegistryImageSummary `json:"summary,omitempty"`
	Report  *share.CLUSScanReport           `json:"report,omitempty"`
}

type RESTFedInternalCommandReq 

type RESTFedInternalCommandReq struct {
	FedKvVersion string            `json:"fed_kv_version"` // kv version in the code of master cluster
	Command      string            `json:"command"`        // currently supported commands: _cmdPollFedRules / _cmdForcePullFedRules
	User         string            `json:"user"`           // current operating user
	Revisions    map[string]uint64 `json:"revisions"`      // key is fed rules type, value is the revision of current fed rules
}

type RESTFedInternalCommandResp 

type RESTFedInternalCommandResp struct {
	Result int `json:"result"` // value: _fedCmdReceived/....
}

type RESTFedJoinReq 

type RESTFedJoinReq struct {
	Name          string                    `json:"name"`                      // cluster name
	Server        string                    `json:"server"`                    // server of master cluster
	Port          uint                      `json:"port"`                      // port of master cluster
	JoinToken     string                    `json:"join_token"`                // generated by the master cluster, i.e. RESTFedJoinToken.JoinToken
	JointRestInfo *share.CLUSRestServerInfo `json:"joint_rest_info,omitempty"` // rest info about this joint cluster
	UseProxy      *string                   `json:"use_proxy,omitempty"`       // "" / https
}

type RESTFedJoinReqInternal 

type RESTFedJoinReqInternal struct {
	User         string                  `json:"user"`                   // current operating user
	Remote       string                  `json:"remote"`                 // current operating user's remote info
	UserRoles    map[string]string       `json:"user_roles"`             // current operating user's roles
	FedKvVersion string                  `json:"fed_kv_version"`         // kv version in the code of the joining cluster
	RestVersion  string                  `json:"rest_version,omitempty"` // rest version in the code of joining cluster
	JoinTicket   string                  `json:"join_ticket"`            // generated by the master cluster, not containing master's server/port
	JointCluster RESTFedJointClusterInfo `json:"joint_cluster"`          // info about joint cluster
	CspType      string                  `json:"csp_type"`
	Nodes        int                     `json:"nodes"`
}

type RESTFedJoinRespInternal 

type RESTFedJoinRespInternal struct {
	PollInterval  uint32                    `json:"poll_interval"`  // in minute
	CACert        string                    `json:"ca_cert"`        // ca cert for the federated rest server in master cluster
	ClientKey     string                    `json:"client_key"`     // client key for the joint cluster
	ClientCert    string                    `json:"client_cert"`    // client cert for the joint cluster
	MasterCluster *RESTFedMasterClusterInfo `json:"master_cluster"` // info about the master cluster
	CspType       string                    `json:"csp_type"`       // master's billing csp type
}

type RESTFedJoinToken 

type RESTFedJoinToken struct {
	JoinToken string `json:"join_token"`
}

type RESTFedJointClusterInfo 

type RESTFedJointClusterInfo struct {
	Disabled      bool                     `json:"disabled"`
	Name          string                   `json:"name"` // cluster name
	ID            string                   `json:"id"`
	Secret        string                   `json:"secret"`
	User          string                   `json:"user"`         // the user who joins this cluster to federation
	Status        string                   `json:"status"`       // ex: FedStatusClusterSynced/FedStatusClusterOutOfSync (see above)
	RestVersion   string                   `json:"rest_version"` // joint cluster's kv.GetRestVer()
	RestInfo      share.CLUSRestServerInfo `json:"rest_info"`
	ProxyRequired bool                     `json:"proxy_required"` // a joint cluster may be reachable without proxy even master cluster is configured to use proxy. decided when it joins fed.
}

type RESTFedLeaveReq 

type RESTFedLeaveReq struct {
	Force bool `json:"force"` // true means leave federation no matter master cluster succeeds or not
}

type RESTFedLeaveReqInternal 

type RESTFedLeaveReqInternal struct {
	ID          string            `json:"id"`           // id of the joint cluster to leave federation
	JointTicket string            `json:"joint_ticket"` // generated using joint cluster's secret
	User        string            `json:"user"`         // current operating user
	Remote      string            `json:"remote"`       // current operating user's remote info
	UserRoles   map[string]string `json:"user_roles"`   // current operating user's roles
}

for leaving federation request from joint clusters to master cluster

type RESTFedMasterClusterInfo 

type RESTFedMasterClusterInfo struct {
	Disabled    bool                     `json:"disabled"`
	Name        string                   `json:"name"` // cluster name
	ID          string                   `json:"id"`
	Secret      string                   `json:"secret"`       // used for encryoting/decrypting join_ticket issued by the master cluster. never export
	User        string                   `json:"user"`         // the user who promoets this cluster to master cluster in federation
	Status      string                   `json:"status"`       // ex: FedStatusClusterSynced/FedStatusClusterOutOfSync (see above)
	RestVersion string                   `json:"rest_version"` // from kv.GetRestVer()
	RestInfo    share.CLUSRestServerInfo `json:"rest_info"`
}

master cluster: a promoted cluster. One per-federation joint cluster: the other non-master clusters that join the federation 1. A cluster becomes master cluster after it's promoted (providing the ip/port for other clusters to join) 2. A cluster can join one federation at most 3. A master cluster with joint cluster(s) cannot join other federation 4. A master cluster without any joint cluster can join another federation. At the same time it becomes joint cluster of another federation.

type RESTFedMembereshipData 

type RESTFedMembereshipData struct {
	FedRole            string                     `json:"fed_role"`                 // FedRoleMaster / FedRoleJoint / FedRoleNone (see above)
	LocalRestInfo      share.CLUSRestServerInfo   `json:"local_rest_info"`          //
	MasterCluster      *RESTFedMasterClusterInfo  `json:"master_cluster,omitempty"` // master cluster
	JointClusters      []*RESTFedJointClusterInfo `json:"joint_clusters"`           // all non-master clusters in the federation
	UseProxy           string                     `json:"use_proxy"`                // "" / https
	DeployRepoScanData bool                       `json:"deploy_repo_scan_data"`    // whether fed repo scan data deployment is enabled
}

type RESTFedPingReq 

type RESTFedPingReq struct {
	Token        string `json:"token"`
	FedKvVersion string `json:"fed_kv_version"` // kv version in the code of the master cluster
}

type RESTFedPingResp 

type RESTFedPingResp struct {
	Result int `json:"result"` // value: _fedSuccess/....
}

type RESTFedPromoteReqData 

type RESTFedPromoteReqData struct {
	Name               string                    `json:"name,omitempty"`             // cluster name
	PingInterval       uint32                    `json:"ping_interval"`              // in minute
	PollInterval       uint32                    `json:"poll_interval"`              // in minute
	MasterRestInfo     *share.CLUSRestServerInfo `json:"master_rest_info,omitempty"` // rest info about this master cluster
	UseProxy           *string                   `json:"use_proxy,omitempty"`        // "" / https
	DeployRepoScanData *bool                     `json:"deploy_repo_scan_data"`      // whether fed repo scan data deployment is enabled
}

type RESTFedPromoteRespData 

type RESTFedPromoteRespData struct {
	FedRole            string                   `json:"fed_role"`
	MasterCluster      RESTFedMasterClusterInfo `json:"master_cluster"`        // info about this master cluster
	UseProxy           string                   `json:"use_proxy,omitempty"`   // "" / https
	DeployRepoScanData bool                     `json:"deploy_repo_scan_data"` // whether fed repo scan data deployment is enabled
}

type RESTFedRemovedReqInternal 

type RESTFedRemovedReqInternal struct {
	User string `json:"user"` // current operating user
}

type RESTFedRulesSettings 

type RESTFedRulesSettings struct {
	AdmCtrlRulesData    *share.CLUSFedAdmCtrlRulesData   `json:"admctrl_rules_data,omitempty"`
	NetworkRulesData    *share.CLUSFedNetworkRulesData   `json:"network_rules_data,omitempty"`
	ResponseRulesData   *share.CLUSFedResponseRulesData  `json:"response_rules_data,omitempty"`
	GroupsData          *share.CLUSFedGroupsData         `json:"groups_data,omitempty"`
	FileMonitorData     *share.CLUSFedFileMonitorData    `json:"file_monitor_data,omitempty"`
	ProcessProfilesData *share.CLUSFedProcessProfileData `json:"process_profiles_data,omitempty"`
	SystemConfigData    *share.CLUSFedSystemConfigData   `json:"system_config_data,omitempty"`
}

type RESTFedScanDataRevs 

type RESTFedScanDataRevs struct {
	RegConfigRev   uint64            `json:"reg_config_rev"`   // fed registry revision
	ScannedRegRevs map[string]uint64 `json:"scanned_reg_revs"` // revisions of all fed registry scan data (registry name : revision)
	ScannedRepoRev uint64            `json:"scanned_repo_rev"` // revision of fed repo scan data on master cluster
}

type RESTFedScanResultData 

type RESTFedScanResultData struct {
	UpdatedScanResults map[string]map[string]*RESTFedImageScanResult `json:"updated_scan_result,omitempty"` // registry name : image id : scan result; it contains only new/updated scan results
	DeletedScanResults map[string][]string                           `json:"deleted_scan_result,omitempty"` // registry name : []image id. map value being nil means the registry is deleted
	UpToDateRegs       []string                                      `json:"up_to_date_regs,omitempty"`     // registries whose images scan result in managed cluster is already up-to-date
}

type RESTFedSystemConfig 

type RESTFedSystemConfig struct {
	Webhooks []RESTWebhook `json:"webhooks"`
}

fed system config

type RESTFedSystemConfigConfig 

type RESTFedSystemConfigConfig struct {
	Webhooks *[]*RESTWebhook `json:"webhooks,omitempty"`
}

type RESTFedTokenResp 

type RESTFedTokenResp struct {
	Token string `json:"token"` // for issued by remote joint cluster
}

type RESTFedView 

type RESTFedView struct {
	Compatible bool `json:"compatible"`
}

type RESTFileMonitorConfig 

type RESTFileMonitorConfig struct {
	AddFilters    []*RESTFileMonitorFilterConfig `json:"add_filters,omitempty"`
	DelFilters    []*RESTFileMonitorFilterConfig `json:"delete_filters,omitempty"`
	UpdateFilters []*RESTFileMonitorFilterConfig `json:"update_filters,omitempty"`
}

type RESTFileMonitorConfigData 

type RESTFileMonitorConfigData struct {
	Config *RESTFileMonitorConfig `json:"config"`
}

type RESTFileMonitorFile 

type RESTFileMonitorFile struct {
	Path    string   `json:"path"`
	Mask    uint64   `json:"mask"`
	IsDir   bool     `json:"is_dir"`
	Protect bool     `json:"protect"`
	Files   []string `json:"files"`
}

type RESTFileMonitorFileData 

type RESTFileMonitorFileData struct {
	Files []*RESTFileMonitorFile `json:"files"`
}

type RESTFileMonitorFilter 

type RESTFileMonitorFilter struct {
	Filter           string   `json:"filter"`
	Recursive        bool     `json:"recursive"`
	Behavior         string   `json:"behavior"`
	Apps             []string `json:"applications"`
	CfgType          string   `json:"cfg_type"`
	Group            string   `json:"group,omitempty"`
	CreatedTimeStamp int64    `json:"created_timestamp"`
	UpdatedTimeStamp int64    `json:"last_modified_timestamp"`
}

type RESTFileMonitorFilterConfig 

type RESTFileMonitorFilterConfig struct {
	Filter    string   `json:"filter"`
	Recursive bool     `json:"recursive"`
	Behavior  string   `json:"behavior"`
	Apps      []string `json:"applications"`
	Group     string   `json:"group"`
}

type RESTFileMonitorProfile 

type RESTFileMonitorProfile struct {
	Group   string                   `json:"group"`
	Filters []*RESTFileMonitorFilter `json:"filters"`
}

type RESTFileMonitorProfileData 

type RESTFileMonitorProfileData struct {
	Profile *RESTFileMonitorProfile `json:"profile"`
}

type RESTFileMonitorProfilesData 

type RESTFileMonitorProfilesData struct {
	Profiles []*RESTFileMonitorProfile `json:"profiles"`
}

type RESTGCRKey 

type RESTGCRKey struct {
	JsonKey string `json:"json_key,cloak"`
}

type RESTGCRKeyConfig 

type RESTGCRKeyConfig struct {
	JsonKey *string `json:"json_key,omitempty,cloak"`
}

type RESTGroup 

type RESTGroup struct {
	RESTGroupBrief
	Criteria      []RESTCriteriaEntry  `json:"criteria"`
	Members       []*RESTWorkloadBrief `json:"members"`
	PolicyRules   []uint32             `json:"policy_rules"`
	ResponseRules []uint32             `json:"response_rules"`
}

type RESTGroupBatchDelete 

type RESTGroupBatchDelete struct {
	Groups []string `json:"groups"`
}

type RESTGroupBrief 

type RESTGroupBrief struct {
	Name            string   `json:"name"`
	Comment         string   `json:"comment"`
	Learned         bool     `json:"learned"`
	Reserved        bool     `json:"reserved"`
	PolicyMode      string   `json:"policy_mode,omitempty"`
	ProfileMode     string   `json:"profile_mode,omitempty"`
	NotScored       bool     `json:"not_scored"`
	Domain          string   `json:"domain"`
	CreaterDomains  []string `json:"creater_domains"`
	Kind            string   `json:"kind"`
	PlatformRole    string   `json:"platform_role"`
	CfgType         string   `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	BaselineProfile string   `json:"baseline_profile"`
	MonMetric       bool     `json:"monitor_metric"`
	GrpSessCur      uint32   `json:"group_sess_cur"`
	GrpSessRate     uint32   `json:"group_sess_rate"`
	GrpBandWidth    uint32   `json:"group_band_width"`
	RESTGroupCaps
}

type RESTGroupCaps 

type RESTGroupCaps struct {
	// use * and omitempty to make sure 'false' value is returned if requested
	CapChgMode  *bool `json:"cap_change_mode,omitempty"`
	CapScorable *bool `json:"cap_scorable,omitempty"`
}

type RESTGroupConfig 

type RESTGroupConfig struct {
	Name         string               `json:"name"`
	Comment      *string              `json:"comment"`
	Criteria     *[]RESTCriteriaEntry `json:"criteria,omitempty"`
	CfgType      string               `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	MonMetric    *bool                `json:"monitor_metric,omitempty"`
	GrpSessCur   *uint32              `json:"group_sess_cur,omitempty"`
	GrpSessRate  *uint32              `json:"group_sess_rate,omitempty"`
	GrpBandWidth *uint32              `json:"group_band_width,omitempty"`
}

type RESTGroupConfigData 

type RESTGroupConfigData struct {
	Config *RESTGroupConfig `json:"config"`
}

type RESTGroupData 

type RESTGroupData struct {
	Group *RESTGroupDetail `json:"group"`
}

type RESTGroupDetail 

type RESTGroupDetail struct {
	RESTGroupBrief
	Criteria      []RESTCriteriaEntry  `json:"criteria"`
	Members       []*RESTWorkloadBrief `json:"members"`
	PolicyRules   []*RESTPolicyRule    `json:"policy_rules"`
	ResponseRules []*RESTResponseRule  `json:"response_rules"`
}

type RESTGroupExport 

type RESTGroupExport struct {
	Groups              []string                 `json:"groups"`
	PolicyMode          string                   `json:"policy_mode,omitempty"`
	ProfileMode         string                   `json:"profile_mode,omitempty"` // for both process/file profiles(if specified) since 5.4.1
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

NV 5.4(-): process/file profile mode value priority is "policy_mode" NV 5.4.1(+): process/file profile mode value priority is "profile_mode" -> "policy_mode" NV future: process profile mode value priority is "profile_mode" -> "policy_mode" NV future: file profile mode value priority is "file_profile_mode" -> "profile_mode" -> "policy_mode"

type RESTGroupStatsData 

type RESTGroupStatsData struct {
	Name   string     `json:"name"`
	ReadAt string     `json:"read_at"`
	Stats  *RESTStats `json:"stats"`
}

type RESTGroupsBriefData 

type RESTGroupsBriefData struct {
	Groups []*RESTGroupBrief `json:"groups"`
}

type RESTGroupsData 

type RESTGroupsData struct {
	Groups []*RESTGroup `json:"groups"`
}

type RESTHost 

type RESTHost struct {
	Name              string                   `json:"name"`
	ID                string                   `json:"id"`
	Runtime           string                   `json:"runtime"`
	RuntimeVer        string                   `json:"runtime_version"`
	RuntimeAPIVer     string                   `json:"runtime_api_version"`
	Platform          string                   `json:"platform"`
	OS                string                   `json:"os"`
	Kernel            string                   `json:"kernel"`
	CPUs              int64                    `json:"cpus"`
	Memory            int64                    `json:"memory"`
	CGroupVersion     int                      `json:"cgroup_version"`
	Containers        int                      `json:"containers"`
	Pods              int                      `json:"pods"`
	Ifaces            map[string][]*RESTIPAddr `json:"interfaces"`
	State             string                   `json:"state"`
	CapDockerBench    bool                     `json:"cap_docker_bench"`
	CapKubeBench      bool                     `json:"cap_kube_bench"`
	DockerBenchStatus string                   `json:"docker_bench_status,omitempty"`
	KubeBenchStatus   string                   `json:"kube_bench_status,omitempty"`
	PolicyMode        string                   `json:"policy_mode"`
	ProfileMode       string                   `json:"profile_mode"`
	ScanSummary       *RESTScanBrief           `json:"scan_summary"`
	StorageDriver     string                   `json:"storage_driver"`
	Labels            map[string]string        `json:"labels"`
	Annotations       map[string]string        `json:"annotations"`
}

type RESTHostAsset 

type RESTHostAsset struct {
	ID          string `json:"id"`
	DisplayName string `json:"display_name"`
	PolicyMode  string `json:"policy_mode"`
}

type RESTHostAssetView 

type RESTHostAssetView struct {
	ID              string   `json:"id"`
	Name            string   `json:"name"`
	PolicyMode      string   `json:"policy_mode"`
	OS              string   `json:"os"`
	Kernel          string   `json:"kernel"`
	CPUs            int      `json:"cpus"`
	Memory          int64    `json:"memory"`
	Containers      int      `json:"containers"`
	High            int      `json:"high"`
	Medium          int      `json:"medium"`
	Low             int      `json:"low"`
	Vulnerabilities []string `json:"vulnerabilities"`
	ScannedAt       string   `json:"scanned_at"`
}

type RESTHostData 

type RESTHostData struct {
	Host *RESTHost `json:"host"`
}

type RESTHostsData 

type RESTHostsData struct {
	Hosts []*RESTHost `json:"hosts"`
}

type RESTIBMSAConfig 

type RESTIBMSAConfig struct {
	AccountID         string `json:"account_id"`
	APIKey            string `json:"apikey"`
	ProviderID        string `json:"provider_id"` // service-id
	FindingsURL       string `json:"findings_url"`
	TokenURL          string `json:"token_url"`
	OnboardNoteName   string `json:"onboard_note_name"`
	OnboardID         string `json:"onboard_id"`
	OnboardProviderID string `json:"onboard_provider_id"`
}

type RESTIBMSASetupToken 

type RESTIBMSASetupToken struct {
	AccessToken string `json:"access_token"`
}

type RESTIBMSASetupUrl 

type RESTIBMSASetupUrl struct {
	URL string `json:"url"`
}

type RESTIDName 

type RESTIDName struct {
	ID          string   `json:"id"`
	DisplayName string   `json:"display_name"`
	PolicyMode  string   `json:"policy_mode"`
	Domains     []string `json:"domains"`
}

type RESTIPAddr 

type RESTIPAddr struct {
	IP       string `json:"ip"`
	IPPrefix int    `json:"ip_prefix"`
	Gateway  string `json:"gateway"`
}

type RESTIPPort 

type RESTIPPort struct {
	IP   string `json:"ip"`
	Port uint16 `json:"port"`
}

type RESTImageAsset 

type RESTImageAsset struct {
	ID          string `json:"id"`
	DisplayName string `json:"display_name"`
	PolicyMode  string `json:"policy_mode"`
}

type RESTImageAssetView 

type RESTImageAssetView struct {
	ID              string   `json:"id"`
	Name            string   `json:"name"`
	High            int      `json:"high"`
	Medium          int      `json:"medium"`
	Low             int      `json:"low"`
	Vulnerabilities []string `json:"vulnerabilities"`
}

type RESTImageAssetViewV2 

type RESTImageAssetViewV2 struct {
	ID        string `json:"image_id"`
	Name      string `json:"repository"`
	Critical  int    `json:"critical,omitempty"`
	High      int    `json:"high"`
	Medium    int    `json:"medium"`
	CreatedAt string `json:"created_at"`
	ScannedAt string `json:"scanned_at"`
	Digest    string `json:"digest"`
	BaseOS    string `json:"base_os"`
	RegName   string `json:"reg_name"`
	Registry  string `json:"repo_url"`
	Size      int    `json:"size"`
	Tag       string `json:"tag"`
}

func (RESTImageAssetViewV2) MarshalJSON 

func (c RESTImageAssetViewV2) MarshalJSON() ([]byte, error)

type RESTImportTask 

type RESTImportTask struct {
	TID            string    `json:"tid"`
	CtrlerID       string    `json:"ctrler_id"`
	LastUpdateTime time.Time `json:"last_update_time,omitempty"`
	Percentage     int       `json:"percentage"`
	TriggeredBy    string    `json:"triggered_by,omitempty"` // fullname of the user who triggers import
	Status         string    `json:"status,omitempty"`
	TempToken      string    `json:"temp_token,omitempty"`
}

Import task

type RESTImportTaskData 

type RESTImportTaskData struct {
	Data *RESTImportTask `json:"data"`
}

type RESTIncidentsData 

type RESTIncidentsData struct {
	Incidents []*Incident `json:"incidents"`
}

type RESTInternalSubnets 

type RESTInternalSubnets struct {
	ConfiguredInternalSubnets []string `json:"configured_internal_subnets,omitempty"`
	LearnedInternalSubnets    []string `json:"learned_internal_subnets,omitempty"`
	EffectiveInternalSubnets  []string `json:"effective_internal_subnets,omitempty"`
}

type RESTInternalSubnetsData 

type RESTInternalSubnetsData struct {
	InternalSubnets *RESTInternalSubnets `json:"internal_subnets"`
}

type RESTK8sNvAcceptableAlerts 

type RESTK8sNvAcceptableAlerts struct {
	ClusterRoleErrors        map[string]string `json:"clusterrole_errors"`        // key is md5 of the English message
	ClusterRoleBindingErrors map[string]string `json:"clusterrolebinding_errors"` // key is md5 of the English message
	RoleErrors               map[string]string `json:"role_errors"`               // key is md5 of the English message
	RoleBindingErrors        map[string]string `json:"rolebinding_errors"`        // key is md5 of the English message
	NvCrdSchemaErrors        map[string]string `json:"neuvector_crd_errors"`      // key is md5 of the English message
	OtherAlerts              map[string]string `json:"other_alerts"`              // key is md5 of the English message
}

type RESTK8sNvRbacStatus 

type RESTK8sNvRbacStatus struct {
	ClusterRoleErrors        []string                   `json:"clusterrole_errors,omitempty"`        // obsolete
	ClusterRoleBindingErrors []string                   `json:"clusterrolebinding_errors,omitempty"` // obsolete
	RoleErrors               []string                   `json:"role_errors,omitempty"`               // obsolete
	RoleBindingErrors        []string                   `json:"rolebinding_errors,omitempty"`        // obsolete
	NvCrdSchemaErrors        []string                   `json:"neuvector_crd_errors,omitempty"`      // obsolete
	NvUpgradeInfo            *RESTCheckUpgradeInfo      `json:"neuvector_upgrade_info"`
	AcceptableAlerts         *RESTK8sNvAcceptableAlerts `json:"acceptable_alerts,omitempty"` // acceptable controller-generated alerts
	AcceptedAlerts           []string                   `json:"accepted_alerts,omitempty"`   // keys of accepted manager-generated/user alerts
}

type RESTLicenseCode 

type RESTLicenseCode struct {
	LicenseCode string `json:"license_code"`
}

type RESTLicenseInfo 

type RESTLicenseInfo struct {
	Name           string `json:"name"`
	Email          string `json:"email"`
	Phone          string `json:"phone"`
	ID             string `json:"id,omitempty"`
	IDType         string `json:"id_type,omitempty"`
	InstallationID string `json:"installation_id"` // nv installation id
}

func (*RESTLicenseInfo) GetDomain 

func (o *RESTLicenseInfo) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTLicenseKey 

type RESTLicenseKey struct {
	LicenseKey string `json:"license_key,cloak"`
}

type RESTLicenseKeyCfgMap 

type RESTLicenseKeyCfgMap struct {
	RESTLicenseKey
	AlwaysReload bool `json:"always_reload"`
}

type RESTLicenseRequest 

type RESTLicenseRequest struct {
	Name  string `json:"name"`
	Email string `json:"email"`
	Phone string `json:"phone"`
}

type RESTLicenseRequestData 

type RESTLicenseRequestData struct {
	Request *RESTLicenseRequest `json:"license_request"`
}

type RESTLicenseShow 

type RESTLicenseShow struct {
	Info *RESTLicenseInfo `json:"info"`
}

type RESTLicenseShowData 

type RESTLicenseShowData struct {
	License *RESTLicenseShow `json:"license"`
}

type RESTList 

type RESTList struct {
	Application  []string        `json:"application,omitempty"`
	RegistryType []string        `json:"registry_type,omitempty"`
	Compliance   []RESTBenchMeta `json:"compliance,omitempty"`
}

type RESTListData 

type RESTListData struct {
	List *RESTList `json:"list"`
}

type RESTMappableRoles 

type RESTMappableRoles struct {
	DefaultRoles     []string `json:"default_roles"`
	GroupRoles       []string `json:"group_roles"`        // mappable roles for group's global domain
	GroupDomainRoles []string `json:"group_domain_roles"` // mappable roles for group's namespaces
}

type RESTMeter 

type RESTMeter struct {
	Type       string `json:"type"`
	Workload   string `json:"workload_id"`
	PeerIP     string `json:"peer_ip"`
	Count      uint32 `json:"cur_count"`
	SpanCount  uint32 `json:"span_count"`
	Span       uint8  `json:"span"`
	Tap        bool   `json:"tap"`
	Idle       uint16 `json:"idle"`
	UpperLimit uint32 `json:"upper_limit"`
	LowerLimit uint32 `json:"lower_limit"`
}

type RESTMeterList 

type RESTMeterList struct {
	Meters []*RESTMeter `json:"meters"`
}

type RESTMetry 

type RESTMetry struct {
	CPU           float64 `json:"cpu"`
	Memory        uint64  `json:"memory"`
	SessionIn     uint32  `json:"session_in"`
	SessionOut    uint32  `json:"session_out"`
	SessionCurIn  uint32  `json:"cur_session_in,omitempty"`
	SessionCurOut uint32  `json:"cur_session_out,omitempty"`
	PacketIn      uint64  `json:"packet_in"`
	PacketOut     uint64  `json:"packet_out"`
	ByteIn        uint64  `json:"byte_in"`
	ByteOut       uint64  `json:"byte_out"`
}

type RESTModuleCve 

type RESTModuleCve struct {
	Name   string `json:"name"`
	Status string `json:"status"`
}

type RESTNvAcceptableAlerts 

type RESTNvAcceptableAlerts struct {
	ClusterRoleAlerts        *RESTNvAlertGroup `json:"clusterrole_alerts,omitempty"`
	ClusterRoleBindingAlerts *RESTNvAlertGroup `json:"clusterrolebinding_alerts,omitempty"`
	RoleAlerts               *RESTNvAlertGroup `json:"role_alerts,omitempty"`
	RoleBindingAlerts        *RESTNvAlertGroup `json:"rolebinding_alerts,omitempty"`
	NvCrdSchemaAlerts        *RESTNvAlertGroup `json:"neuvector_crd_alerts,omitempty"`
	CertificateAlerts        *RESTNvAlertGroup `json:"certificate_alerts,omitempty"`
	OtherAlerts              *RESTNvAlertGroup `json:"other_alerts,omitempty"`
}

type RESTNvAlert 

type RESTNvAlert struct {
	ID      string `json:"id"` // ID is md5 of the English message
	Message string `json:"message"`
}

type RESTNvAlertGroup 

type RESTNvAlertGroup struct {
	Type AlertType      `json:"type"`
	Data []*RESTNvAlert `json:"data,omitempty"`
}

type RESTNvAlerts 

type RESTNvAlerts struct {
	NvUpgradeInfo    *RESTCheckUpgradeInfo   `json:"neuvector_upgrade_info"`
	AcceptableAlerts *RESTNvAcceptableAlerts `json:"acceptable_alerts,omitempty"` // acceptable controller-generated alerts
	AcceptedAlerts   []string                `json:"accepted_alerts,omitempty"`   // keys of accepted manager-generated/user alerts
}

type RESTNvUsage 

type RESTNvUsage struct {
	LocalClusterRole  string              `json:"local_clusterd_role"` // "primary", "downstream", "standalone"
	FedUsage          *RESTFedCspUsage    `json:"fed_usage,omitempty"` // list of all reachable clusters' usages, only available on master cluster
	LocalClusterUsage RESTClusterCspUsage `json:"local_cluster_usage"` // local cluster' cspType & usage
	CspConfigFrom     string              `json:"csp_config_from"`     // "master"/"joint"/ "": where is csp-config data from when collecting support config
}

type RESTPermitsAssigned 

type RESTPermitsAssigned struct {
	Permits []*RESTRolePermission `json:"permissions"`
	Domains []string              `json:"domains"` // all domains in this slice have the same permissions assigned
}

type RESTPlatformAsset 

type RESTPlatformAsset struct {
	ID          string `json:"id"`
	DisplayName string `json:"display_name"`
	PolicyMode  string `json:"policy_mode"`
}

type RESTPlatformAssetView 

type RESTPlatformAssetView struct {
	ID              string   `json:"id"`
	Name            string   `json:"name"`
	Version         string   `json:"version"`
	BaseOS          string   `json:"base_os"`
	High            int      `json:"high"`
	Medium          int      `json:"medium"`
	Low             int      `json:"low"`
	Vulnerabilities []string `json:"vulnerabilities"`
}

type RESTPolicyMismatch 

type RESTPolicyMismatch struct {
	ClusterRule *RESTPolicyRule `json:"cluster_rule"`
	LearnedRule *RESTPolicyRule `json:"learned_rule"`
}

type RESTPolicyPromoteRequest 

type RESTPolicyPromoteRequest struct {
	IDs []uint32 `json:"ids"`
}

type RESTPolicyPromoteRequestData 

type RESTPolicyPromoteRequestData struct {
	Request *RESTPolicyPromoteRequest `json:"request"`
}

type RESTPolicyRule 

type RESTPolicyRule struct {
	ID           uint32   `json:"id"`
	Comment      string   `json:"comment"`
	From         string   `json:"from"`  // group name
	To           string   `json:"to"`    // group name
	Ports        string   `json:"ports"` // free-style port list
	Action       string   `json:"action"`
	Applications []string `json:"applications"`
	Learned      bool     `json:"learned"`
	Disable      bool     `json:"disable"`
	CreatedTS    int64    `json:"created_timestamp"`
	LastModTS    int64    `json:"last_modified_timestamp"`
	CfgType      string   `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	Priority     uint32   `json:"priority"`
}

type RESTPolicyRuleActionData 

type RESTPolicyRuleActionData struct {
	Move   *RESTPolicyRuleMove   `json:"move,omitempty"`
	Insert *RESTPolicyRuleInsert `json:"insert,omitempty"`
	Rules  *[]*RESTPolicyRule    `json:"rules,omitempty"`
	Delete *[]uint32             `json:"delete,omitempty"`
}

type RESTPolicyRuleConfig 

type RESTPolicyRuleConfig struct {
	ID           uint32    `json:"id"`
	Comment      *string   `json:"comment,omitempty"`
	From         *string   `json:"from,omitempty"`  // group name
	To           *string   `json:"to,omitempty"`    // group name
	Ports        *string   `json:"ports,omitempty"` // free-style port list
	Action       *string   `json:"action,omitempty"`
	Applications *[]string `json:"applications,omitempty"`
	Disable      *bool     `json:"disable,omitempty"`
	CfgType      string    `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	Priority     uint32    `json:"priority,omitempty"`
}

Omit fields indicate that it's not modified.

type RESTPolicyRuleConfigData 

type RESTPolicyRuleConfigData struct {
	Config    *RESTPolicyRuleConfig `json:"config"`
	Replicate bool                  `json:"replicate,omitempty"`
}

type RESTPolicyRuleData 

type RESTPolicyRuleData struct {
	Rule *RESTPolicyRule `json:"rule"`
}

type RESTPolicyRuleInsert 

type RESTPolicyRuleInsert struct {
	// nil: last; 0: first; +id: after rule 'id'; -id: before rule 'id'
	After *int              `json:"after,omitempty"`
	Rules []*RESTPolicyRule `json:"rules"`
}

type RESTPolicyRuleMove 

type RESTPolicyRuleMove struct {
	// nil: last; 0: first; +id: after rule 'id'; -id: before rule 'id'
	After *int   `json:"after,omitempty"`
	ID    uint32 `json:"id"`
}

type RESTPolicyRulesData 

type RESTPolicyRulesData struct {
	Rules []*RESTPolicyRule `json:"rules"`
}

type RESTPolicyViolationsData 

type RESTPolicyViolationsData struct {
	Violations []*Violation `json:"violations"`
}

type RESTPolicyViolationsWLData 

type RESTPolicyViolationsWLData struct {
	ViolationWorkloads []*RESTViolationWorkload `json:"violation_workloads"`
}

type RESTPollFedRulesReq 

type RESTPollFedRulesReq struct {
	ID           string            `json:"id"`                     // id of joint cluster
	Name         string            `json:"name"`                   // name of joint cluster
	JointTicket  string            `json:"joint_ticket"`           // generated using joint cluster's secret
	FedKvVersion string            `json:"fed_kv_version"`         // kv version in the code of joint cluster
	RestVersion  string            `json:"rest_version,omitempty"` // rest version in the code of joint cluster
	Revisions    map[string]uint64 `json:"revisions"`              // key is fed rules type, value is the revision
	CspType      string            `json:"csp_type"`               // joint cluster's billing csp type
	Nodes        int               `json:"nodes"`
}

for polling fed rules/settings from joint clusters to master cluster

type RESTPollFedRulesResp 

type RESTPollFedRulesResp struct {
	Result             int                 `json:"result"`                // value: _fedSuccess/....
	PollInterval       uint32              `json:"poll_interval"`         // in minute
	Settings           []byte              `json:"settings,omitempty"`    // marshall of RESTFedRulesSettings, which contains only modified settings (for ~5.0.x)
	Revisions          map[string]uint64   `json:"revisions"`             // key is fed rules type, value is the revision. It contains only revisions of modified settings
	ScanDataRevs       RESTFedScanDataRevs `json:"scan_data_revs"`        // the latest revisions of all the fed registry/repo scan data on master cluster
	DeployRepoScanData bool                `json:"deploy_repo_scan_data"` // for informing whether master cluster deploys repo scan data to managed clusters
	CspType            string              `json:"csp_type"`              // master's billing csp type
}

type RESTPollFedScanDataReq 

type RESTPollFedScanDataReq struct {
	ID            string                       `json:"id"`                        // id of joint cluster
	Name          string                       `json:"name"`                      // name of joint cluster
	JointTicket   string                       `json:"joint_ticket"`              // generated using joint cluster's secret
	FedKvVersion  string                       `json:"fed_kv_version"`            // kv version in the code of joint cluster
	RestVersion   string                       `json:"rest_version"`              // rest version in the code of joint cluster
	RegConfigRev  uint64                       `json:"reg_config_rev"`            // revision of fed registry setting that the managed cluster remembers
	UpToDateRegs  []string                     `json:"up_to_date_regs,omitempty"` // fed registry/repo whose images scan result in managed cluster is already up-to-date
	ScanResultMD5 map[string]map[string]string `json:"scan_result_md5"`           // all scan result md5 of the scanned images in fed registry/repo that have different scan data revision from master (registry name : image id : scan result md5)
	IgnoreRegs    []string                     `json:"ignore_regs,omitempty"`     // the other fed registry/repo that have different scan data revision from master
}

type RESTPollFedScanDataResp 

type RESTPollFedScanDataResp struct {
	Result             int                          `json:"result"`                 // value: _fedSuccess/....
	PollInterval       uint32                       `json:"poll_interval"`          // in minute
	RegistryCfg        *share.CLUSFedRegistriesData `json:"registry_cfg,omitempty"` // all fed registry' settings if there is any change since last polling
	ScanResultData     RESTFedScanResultData        `json:"scan_result_data"`       // (partial) updated/deleted scan result of the requested fed registry/repo
	HasMoreScanResult  bool                         `json:"has_more_scan_reresult"` // (bandwidth consideration) true when master cluster returns partial scan result in ScanResultData for instructing managed clusters to keep polling.
	ThrottleTime       int64                        `json:"throttle_time"`          // in ms. decided by master cluster
	DeployRepoScanData bool                         `json:"deploy_repo_scan_data"`  // for informing whether master cluster deploys repo scan data to managed clusters
}

type RESTProbeContainer 

type RESTProbeContainer struct {
	Id       string  `json:"id"`
	Pid      int32   `json:"pid"`
	Children []int32 `json:"children"`
	PortsMap string  `json:"port_map"`
}

type RESTProbeContainersData 

type RESTProbeContainersData struct {
	Containers []*RESTProbeContainer `json:"containers"`
}

type RESTProbeProcess 

type RESTProbeProcess struct {
	Pid       int32  `json:"pid"`
	Ppid      int32  `json:"ppid"`
	Name      string `json:"name"`
	Ruid      uint32 `json:"ruid"`
	Euid      uint32 `json:"euid"`
	ScanTimes uint32 `json:"scan_times"`
	StartTime uint64 `json:"start_times"`
	Reported  uint32 `json:"reported"`
	Container string `json:"container"`
}

type RESTProbeProcessesData 

type RESTProbeProcessesData struct {
	Processes []*RESTProbeProcess `json:"processes"`
}

type RESTProbeSummary 

type RESTProbeSummary struct {
	ContainerMap    uint32 `json:"containers"`
	PidContainerMap uint32 `json:"pid_containers"`
	PidProcMap      uint32 `json:"pid_procs"`
	NewProcesses    uint32 `json:"new_procs"`
	NewSuspicProc   uint32 `json:"new_suspicious_procs"`
	ContainerStops  uint32 `json:"stopped_container"`
	PidSet          uint32 `json:"pids"`
	SessionTable    uint32 `json:"host_sessions"`
}

type RESTProbeSummaryData 

type RESTProbeSummaryData struct {
	Summary *RESTProbeSummary `json:"summary"`
}

type RESTProcessInfo 

type RESTProcessInfo struct {
	Name             string `json:"name"`
	Pid              uint32 `json:"pid"`
	Parent           uint32 `json:"parent"`
	Group            uint32 `json:"group"`
	Session          uint32 `json:"session"`
	Cmdline          string `json:"cmdline"`
	Root             bool   `json:"root"`
	User             string `json:"user"`
	Status           string `json:"status"`
	StartAtTimeStamp int64  `json:"start_timestamp"`
	Action           string `json:"action"`
}

type RESTProcessList 

type RESTProcessList struct {
	Processes []*RESTProcessInfo `json:"processes"`
}

type RESTProcessProfile 

type RESTProcessProfile struct {
	Group        string                     `json:"group"`
	AlertDisable bool                       `json:"alert_disabled,omitempty"`
	HashEnable   bool                       `json:"hash_enabled,omitempty"`
	Baseline     string                     `json:"baseline"`
	Mode         string                     `json:"mode"`
	ProcessList  []*RESTProcessProfileEntry `json:"process_list"`
}

type RESTProcessProfileConfig 

type RESTProcessProfileConfig struct {
	Group          string                           `json:"group"`
	AlertDisable   *bool                            `json:"alert_disabled,omitempty"`
	HashEnable     *bool                            `json:"hash_enabled,omitempty"`
	Baseline       *string                          `json:"baseline,omitempty"`
	ProcessChgList *[]RESTProcessProfileEntryConfig `json:"process_change_list,omitempty"`
	ProcessDelList *[]RESTProcessProfileEntryConfig `json:"process_delete_list,omitempty"`
}

type RESTProcessProfileConfigData 

type RESTProcessProfileConfigData struct {
	Config *RESTProcessProfileConfig `json:"process_profile_config"`
}

type RESTProcessProfileData 

type RESTProcessProfileData struct {
	Profile *RESTProcessProfile `json:"process_profile"`
}

type RESTProcessProfileEntry 

type RESTProcessProfileEntry struct {
	Name             string `json:"name"`
	Path             string `json:"path,omitempty"`
	User             string `json:"user,omitempty"`
	Uid              int32  `json:"uid,omitempty"`
	Action           string `json:"action"`
	CfgType          string `json:"cfg_type"`
	Uuid             string `json:"uuid"`
	Group            string `json:"group,omitempty"`
	AllowFileUpdate  bool   `json:"allow_update"`
	CreatedTimeStamp int64  `json:"created_timestamp"`
	UpdatedTimeStamp int64  `json:"last_modified_timestamp"`
}

type RESTProcessProfileEntryConfig 

type RESTProcessProfileEntryConfig struct {
	Name            string `json:"name"`
	Path            string `json:"path"`
	Action          string `json:"action"`
	Group           string `json:"group"`
	AllowFileUpdate bool   `json:"allow_update"`
}

type RESTProcessProfilesData 

type RESTProcessProfilesData struct {
	Profiles []*RESTProcessProfile `json:"process_profiles"`
}

type RESTProcessRuleResp 

type RESTProcessRuleResp struct {
	Entry *RESTProcessUuidEntry `json:"process_rule"`
}

type RESTProcessRulesResp 

type RESTProcessRulesResp struct {
	Entries []RESTProcessUuidEntry `json:"process_rules"`
}

type RESTProcessUuidEntry 

type RESTProcessUuidEntry struct {
	Active int                     `json:"active"`
	Group  string                  `json:"group"`
	Rule   RESTProcessProfileEntry `json:"rule"`
}

uuid for process rules

type RESTProfiling 

type RESTProfiling struct {
	Methods  []string `json:"methods"`
	Duration uint32   `json:"duration"`
}

type RESTProfilingData 

type RESTProfilingData struct {
	Profiling *RESTProfiling `json:"profiling"`
}

type RESTProtoPort 

type RESTProtoPort struct {
	IPProto uint8  `json:"ip_proto"`
	Port    uint16 `json:"port"`
}

type RESTProxy 

type RESTProxy struct {
	URL      string `json:"url"`
	Username string `json:"username"`
	Password string `json:"password,cloak"`
}

type RESTProxyConfig 

type RESTProxyConfig struct {
	URL      *string `json:"url"`
	Username *string `json:"username"`
	Password *string `json:"password,cloak"`
}

type RESTPwdProfile 

type RESTPwdProfile struct {
	Name                        string `json:"name"`
	Comment                     string `json:"comment"`
	MinLen                      int    `json:"min_len"`
	MinUpperCount               int    `json:"min_uppercase_count"` // for alphabet characters
	MinLowerCount               int    `json:"min_lowercase_count"` // for alphabet characters
	MinDigitCount               int    `json:"min_digit_count"`
	MinSpecialCount             int    `json:"min_special_count"`
	EnablePwdExpiration         bool   `json:"enable_password_expiration"`
	PwdExpireAfterDays          int    `json:"password_expire_after_days"` // must be > 0 when EnablePwdExpiration is true
	EnablePwdHistory            bool   `json:"enable_password_history"`
	PwdHistoryCount             int    `json:"password_keep_history_count"`
	EnableBlockAfterFailedLogin bool   `json:"enable_block_after_failed_login"` // for "Block X minutes after N times consecutive failed attempts"
	BlockAfterFailedCount       int    `json:"block_after_failed_login_count"`  // must be > 0 when EnableBlockAfterFailedLogin is true
	BlockMinutes                int    `json:"block_minutes"`                   // must be > 0 when EnableBlockAfterFailedLogin is true
	SessionTimeout              uint32 `json:"session_timeout"`                 // for default user session timeout (in seconds)
}

password profile

type RESTPwdProfileBasic 

type RESTPwdProfileBasic struct {
	MinLen          int `json:"min_len"`
	MinUpperCount   int `json:"min_uppercase_count"` // for alphabet characters
	MinLowerCount   int `json:"min_lowercase_count"` // for alphabet characters
	MinDigitCount   int `json:"min_digit_count"`
	MinSpecialCount int `json:"min_special_count"`
}

type RESTPwdProfileConditional 

type RESTPwdProfileConditional struct {
	Name                        *string `json:"name,omitempty"`
	Comment                     *string `json:"comment,omitempty"`
	MinLen                      int     `json:"min_len"`
	MinUpperCount               int     `json:"min_uppercase_count"` // for alphabet characters
	MinLowerCount               int     `json:"min_lowercase_count"` // for alphabet characters
	MinDigitCount               int     `json:"min_digit_count"`
	MinSpecialCount             int     `json:"min_special_count"`
	EnablePwdExpiration         *bool   `json:"enable_password_expiration,omitempty"`
	PwdExpireAfterDays          *int    `json:"password_expire_after_days,omitempty"` // must be > 0 when EnablePwdExpiration is true
	EnablePwdHistory            *bool   `json:"enable_password_history,omitempty"`
	PwdHistoryCount             *int    `json:"password_keep_history_count,omitempty"`
	EnableBlockAfterFailedLogin *bool   `json:"enable_block_after_failed_login,omitempty"` // for "Block X minutes after N times consecutive failed attempts"
	BlockAfterFailedCount       *int    `json:"block_after_failed_login_count,omitempty"`  // must be > 0 when EnableBlockAfterFailedLogin is true
	BlockMinutes                *int    `json:"block_minutes,omitempty"`                   // must be > 0 when EnableBlockAfterFailedLogin is true
	SessionTimeout              *uint32 `json:"session_timeout,omitempty"`                 // for default user session timeout (in seconds)
}

type RESTPwdProfileConfig 

type RESTPwdProfileConfig struct {
	Name                        string  `json:"name"`
	Active                      *bool   `json:"active,omitempty"`
	Comment                     *string `json:"comment,omitempty"`
	MinLen                      *int    `json:"min_len,omitempty"`
	MinUpperCount               *int    `json:"min_uppercase_count,omitempty"` // for alphabet characters
	MinLowerCount               *int    `json:"min_lowercase_count,omitempty"` // for alphabet characters
	MinDigitCount               *int    `json:"min_digit_count,omitempty"`     // for 0 ~ 9
	MinSpecialCount             *int    `json:"min_special_count,omitempty"`   // !”#$%&'()*+,-./:;<=>?@[\]^_`{|}~
	EnablePwdExpiration         *bool   `json:"enable_password_expiration,omitempty"`
	PwdExpireAfterDays          *int    `json:"password_expire_after_days,omitempty"` // must be > 0 when EnablePwdExpiration is true
	EnablePwdHistory            *bool   `json:"enable_password_history,omitempty"`
	PwdHistoryCount             *int    `json:"password_keep_history_count,omitempty"`
	EnableBlockAfterFailedLogin *bool   `json:"enable_block_after_failed_login,omitempty"` // for "Block X minutes after N times consecutive failed attempts"
	BlockAfterFailedCount       *int    `json:"block_after_failed_login_count,omitempty"`  // must be > 0 when EnableBlockAfterFailedLogin is true
	BlockMinutes                *int    `json:"block_minutes,omitempty"`                   // must be > 0 when EnableBlockAfterFailedLogin is true
	SessionTimeout              *uint32 `json:"session_timeout,omitempty"`                 // for default user session timeout (in seconds)
}

type RESTPwdProfileConfigData 

type RESTPwdProfileConfigData struct {
	Config *RESTPwdProfileConfig `json:"config"`
}

type RESTPwdProfileData 

type RESTPwdProfileData struct {
	PwdProfile *RESTPwdProfile `json:"pwd_profile"`
}

type RESTPwdProfileDataConditional 

type RESTPwdProfileDataConditional struct {
	PwdProfile *RESTPwdProfileConditional `json:"pwd_profile"`
}

type RESTPwdProfilesData 

type RESTPwdProfilesData struct {
	PwdProfiles       []*RESTPwdProfile `json:"pwd_profiles"`
	ActiveProfileName string            `json:"active_profile_name"`
}

type RESTPwdProfilesDataCfgMap 

type RESTPwdProfilesDataCfgMap struct {
	RESTPwdProfilesData
	AlwaysReload bool `json:"always_reload"`
}

type RESTRegistry 

type RESTRegistry struct {
	Name               string             `json:"name"`
	Type               string             `json:"registry_type"`
	Registry           string             `json:"registry"`
	Username           string             `json:"username"`
	Password           string             `json:"password,cloak"`
	AuthToken          string             `json:"auth_token,cloak"`
	AuthWithToken      bool               `json:"auth_with_token"`
	Domains            []string           `json:"domains"`
	Filters            []string           `json:"filters"`
	RescanImage        bool               `json:"rescan_after_db_update"`
	ScanLayers         bool               `json:"scan_layers"`
	RepoLimit          int                `json:"repo_limit"`
	TagLimit           int                `json:"tag_limit"`
	Schedule           RESTScanSchedule   `json:"schedule"`
	AwsKey             *RESTAWSAccountKey `json:"aws_key,omitempty"`
	GcrKey             *RESTGCRKey        `json:"gcr_key,omitempty"`
	JfrogMode          string             `json:"jfrog_mode"`
	JfrogAQL           bool               `json:"jfrog_aql"`
	GitlabApiUrl       string             `json:"gitlab_external_url"`
	GitlabPrivateToken string             `json:"gitlab_private_token,cloak"`
	IBMCloudTokenURL   string             `json:"ibm_cloud_token_url"`
	IBMCloudAccount    string             `json:"ibm_cloud_account"`
	CfgType            string             `json:"cfg_type"`
	IgnoreProxy        bool               `json:"ignore_proxy"`
}

type RESTRegistryAuth 

type RESTRegistryAuth struct {
	Username      string            `json:"username,omitempty"`
	Password      string            `json:"password,omitempty,cloak"`
	AuthToken     string            `json:"auth_token,omitempty,cloak"`
	AuthWithToken bool              `json:"auth_with_token,omitempty"`
	AwsKey        RESTAWSAccountKey `json:"aws_key,omitempty"`
	GcrKey        RESTGCRKey        `json:"gcr_key,omitempty"`
}

type RESTRegistryConfig 

type RESTRegistryConfig struct {
	Name               string                   `json:"name"`
	Type               string                   `json:"registry_type"`
	Registry           *string                  `json:"registry,omitempty"`
	Domains            *[]string                `json:"domains,omitempty"`
	Filters            *[]string                `json:"filters,omitempty"`
	Username           *string                  `json:"username,omitempty"`
	Password           *string                  `json:"password,omitempty,cloak"`
	AuthToken          *string                  `json:"auth_token,omitempty,cloak"`
	AuthWithToken      *bool                    `json:"auth_with_token,omitempty"`
	RescanImage        *bool                    `json:"rescan_after_db_update,omitempty"`
	ScanLayers         *bool                    `json:"scan_layers,omitempty"`
	RepoLimit          *int                     `json:"repo_limit,omitempty"`
	TagLimit           *int                     `json:"tag_limit,omitempty"`
	Schedule           *RESTScanSchedule        `json:"schedule,omitempty"`
	AwsKey             *RESTAWSAccountKeyConfig `json:"aws_key,omitempty"`
	GcrKey             *RESTGCRKeyConfig        `json:"gcr_key,omitempty"`
	JfrogMode          *string                  `json:"jfrog_mode,omitempty"`
	JfrogAQL           *bool                    `json:"jfrog_aql,omitempty"`
	GitlabApiUrl       *string                  `json:"gitlab_external_url,omitempty"`
	GitlabPrivateToken *string                  `json:"gitlab_private_token,omitempty,cloak"`
	IBMCloudTokenURL   *string                  `json:"ibm_cloud_token_url,omitempty"`
	IBMCloudAccount    *string                  `json:"ibm_cloud_account,omitempty"`
	CfgType            string                   `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	IgnoreProxy        *bool                    `json:"ignore_proxy,omitempty"`
}

type RESTRegistryConfigAuth 

type RESTRegistryConfigAuth struct {
	Username      *string                  `json:"username,omitempty"`
	Password      *string                  `json:"password,omitempty,cloak"`
	AuthToken     *string                  `json:"auth_token,omitempty,cloak"`
	AuthWithToken *bool                    `json:"auth_with_token,omitempty"`
	AwsKey        *RESTAWSAccountKeyConfig `json:"aws_key,omitempty"`
	GcrKey        *RESTGCRKeyConfig        `json:"gcr_key,omitempty"`
}

type RESTRegistryConfigData 

type RESTRegistryConfigData struct {
	Config *RESTRegistryConfig `json:"config"`
}

type RESTRegistryConfigDataV2 

type RESTRegistryConfigDataV2 struct {
	Config *RESTRegistryConfigV2 `json:"config"`
}

type RESTRegistryConfigIntegrations 

type RESTRegistryConfigIntegrations struct {
	JfrogMode          *string `json:"jfrog_mode,omitempty"`
	JfrogAQL           *bool   `json:"jfrog_aql,omitempty"`
	GitlabApiUrl       *string `json:"gitlab_external_url,omitempty"`
	GitlabPrivateToken *string `json:"gitlab_private_token,omitempty,cloak"`
	IBMCloudTokenURL   *string `json:"ibm_cloud_token_url,omitempty"`
	IBMCloudAccount    *string `json:"ibm_cloud_account,omitempty"`
}

type RESTRegistryConfigScan 

type RESTRegistryConfigScan struct {
	RescanImage *bool             `json:"rescan_after_db_update,omitempty"`
	ScanLayers  *bool             `json:"scan_layers,omitempty"`
	RepoLimit   *int              `json:"repo_limit,omitempty"`
	TagLimit    *int              `json:"tag_limit,omitempty"`
	Schedule    *RESTScanSchedule `json:"schedule,omitempty"`
	IgnoreProxy *bool             `json:"ignore_proxy,omitempty"`
}

type RESTRegistryConfigV2 

type RESTRegistryConfigV2 struct {
	Name         string                          `json:"name"`
	Type         string                          `json:"registry_type"`
	Registry     *string                         `json:"registry,omitempty"`
	Domains      *[]string                       `json:"domains,omitempty"`
	Filters      *[]string                       `json:"filters,omitempty"`
	CfgType      string                          `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
	Auth         *RESTRegistryConfigAuth         `json:"auth,omitempty"`
	Scan         *RESTRegistryConfigScan         `json:"scan,omitempty"`
	Integrations *RESTRegistryConfigIntegrations `json:"integrations,omitempty"`
}

type RESTRegistryDebugImage 

type RESTRegistryDebugImage struct {
	Domain     string                       `json:"domain"`
	Repository string                       `json:"repository"`
	Tags       []*RESTRegistryDebugImageTag `json:"tags"`
}

type RESTRegistryDebugImageData 

type RESTRegistryDebugImageData struct {
	Images []*RESTRegistryDebugImage `json:"images"`
}

type RESTRegistryDebugImageTag 

type RESTRegistryDebugImageTag struct {
	Tag    string `json:"tag"`
	Serial string `json:"serial"`
}

type RESTRegistryImageSummary 

type RESTRegistryImageSummary struct {
	Domain     string            `json:"domain"`
	Repository string            `json:"repository"`
	Tag        string            `json:"tag"`
	ImageID    string            `json:"image_id"`
	Digest     string            `json:"digest"`
	Size       int64             `json:"size"`
	Author     string            `json:"author"`
	RunAsRoot  bool              `json:"run_as_root"`
	CreatedAt  string            `json:"created_at"`
	Envs       []string          `json:"envs"`
	Labels     map[string]string `json:"labels"`
	Layers     []string          `json:"layers"`
	RESTScanBrief
}

type RESTRegistryImageSummaryData 

type RESTRegistryImageSummaryData struct {
	Images []*RESTRegistryImageSummary `json:"images"`
}

type RESTRegistryIntegrations 

type RESTRegistryIntegrations struct {
	JfrogMode          string `json:"jfrog_mode,omitempty"`
	JfrogAQL           bool   `json:"jfrog_aql,omitempty"`
	GitlabApiUrl       string `json:"gitlab_external_url,omitempty"`
	GitlabPrivateToken string `json:"gitlab_private_token,omitempty,cloak"`
	IBMCloudTokenURL   string `json:"ibm_cloud_token_url,omitempty"`
	IBMCloudAccount    string `json:"ibm_cloud_account,omitempty"`
}

type RESTRegistryScan 

type RESTRegistryScan struct {
	RescanImage bool             `json:"rescan_after_db_update,omitempty"`
	ScanLayers  bool             `json:"scan_layers,omitempty"`
	RepoLimit   int              `json:"repo_limit,omitempty"`
	TagLimit    int              `json:"tag_limit,omitempty"`
	Schedule    RESTScanSchedule `json:"schedule,omitempty"`
	IgnoreProxy bool             `json:"ignore_proxy,omitempty"`
}

type RESTRegistrySummary 

type RESTRegistrySummary struct {
	RESTRegistry
	Status    string `json:"status"`
	ErrMsg    string `json:"error_message"`
	ErrDetail string `json:"error_detail"`
	StartedAt string `json:"started_at"`
	RESTScanStatus
}

type RESTRegistrySummaryData 

type RESTRegistrySummaryData struct {
	Summary *RESTRegistrySummary `json:"summary"`
}

type RESTRegistrySummaryListData 

type RESTRegistrySummaryListData struct {
	Summarys []*RESTRegistrySummary `json:"summarys"`
}

type RESTRegistryTestData 

type RESTRegistryTestData struct {
	Config *RESTRegistry `json:"config"`
}

type RESTRegistryTestDataV2 

type RESTRegistryTestDataV2 struct {
	Config *RESTRegistryV2 `json:"config"`
}

type RESTRegistryTestStep 

type RESTRegistryTestStep struct {
	Step    string `json:"step_type"`
	Content string `json:"step_content"`
}

type RESTRegistryTestStepData 

type RESTRegistryTestStepData struct {
	Steps []*RESTRegistryTestStep `json:"steps"`
}

type RESTRegistryV2 

type RESTRegistryV2 struct {
	Name         string                   `json:"name"`
	Type         string                   `json:"registry_type"`
	Registry     string                   `json:"registry"`
	Domains      []string                 `json:"domains"`
	Filters      []string                 `json:"filters"`
	CfgType      string                   `json:"cfg_type"`
	Auth         RESTRegistryAuth         `json:"auth,omitempty"`
	Scan         RESTRegistryScan         `json:"scan,omitempty"`
	Integrations RESTRegistryIntegrations `json:"integrations,omitempty"`
}

type RESTRemoteExportOptions 

type RESTRemoteExportOptions struct {
	RemoteRepositoryNickname string `json:"remote_repository_nickname"`
	FilePath                 string `json:"file_path"`
	Comment                  string `json:"comment"`
}

func (*RESTRemoteExportOptions) IsValid 

func (config *RESTRemoteExportOptions) IsValid() bool

type RESTRemoteRepo_GitHubConfig 

type RESTRemoteRepo_GitHubConfig struct {
	RepositoryOwnerUsername          string `json:"repository_owner_username"`
	RepositoryName                   string `json:"repository_name"`
	RepositoryBranchName             string `json:"repository_branch_name"`
	PersonalAccessToken              string `json:"personal_access_token,cloak"`
	PersonalAccessTokenCommitterName string `json:"personal_access_token_committer_name"`
	PersonalAccessTokenEmail         string `json:"personal_access_token_email"`
}

remote repositories

type RESTRemoteRepository 

type RESTRemoteRepository struct {
	Nickname            string                       `json:"nickname"`
	Provider            string                       `json:"provider"`
	Comment             string                       `json:"comment"`
	Enable              bool                         `json:"enable"`
	GitHubConfiguration *RESTRemoteRepo_GitHubConfig `json:"github_configuration"`
}

type RESTRemoteRepositoryConfig 

type RESTRemoteRepositoryConfig struct {
	// Provider is unchangable
	Nickname            string                                   `json:"nickname"`
	Comment             *string                                  `json:"comment"`
	Enable              *bool                                    `json:"enable"`
	GitHubConfiguration *RESTRemoteRepository_GitHubConfigConfig `json:"github_configuration"`
}

type RESTRemoteRepositoryConfigData 

type RESTRemoteRepositoryConfigData struct {
	Config *RESTRemoteRepositoryConfig `json:"config"`
}

type RESTRemoteRepository_GitHubConfigConfig 

type RESTRemoteRepository_GitHubConfigConfig struct {
	RepositoryOwnerUsername          *string `json:"repository_owner_username"`
	RepositoryName                   *string `json:"repository_name"`
	RepositoryBranchName             *string `json:"repository_branch_name"`
	PersonalAccessToken              *string `json:"personal_access_token,cloak"`
	PersonalAccessTokenCommitterName *string `json:"personal_access_token_committer_name"`
	PersonalAccessTokenEmail         *string `json:"personal_access_token_email"`
}

func (*RESTRemoteRepository_GitHubConfigConfig) IsValid 

func (g *RESTRemoteRepository_GitHubConfigConfig) IsValid() bool

TODO: generalize this

type RESTRemoteRolePermits 

type RESTRemoteRolePermits struct {
	Role                string                `json:"role"`                                // global role on managed clusters in fed
	RoleDomains         map[string][]string   `json:"role_domains,omitempty"`              // role -> domains on managed clusters in fed
	ExtraPermits        []*RESTRolePermission `json:"extra_permissions,omitempty"`         // extra permissions(other than 'RoleDomains') for global domain on managed clusters in fed. only for Rancher SSO
	ExtraPermitsDomains []RESTPermitsAssigned `json:"extra_permissions_domains,omitempty"` // list of extra permissions(other than 'RoleDomains') for namespaces on managed clusters in fed. only for Rancher SSO
}

type RESTResponseRule 

type RESTResponseRule struct {
	ID         uint32                     `json:"id"`
	Event      string                     `json:"event"`
	Comment    string                     `json:"comment"`
	Group      string                     `json:"group"`
	Conditions []share.CLUSEventCondition `json:"conditions"`
	Actions    []string                   `json:"actions"`
	Webhooks   []string                   `json:"webhooks"`
	Disable    bool                       `json:"disable"`
	CfgType    string                     `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
}

type RESTResponseRuleActionData 

type RESTResponseRuleActionData struct {
	Insert *RESTResponseRuleInsert `json:"insert,omitempty"`
}

type RESTResponseRuleConfig 

type RESTResponseRuleConfig struct {
	ID         uint32                      `json:"id"`
	Comment    *string                     `json:"comment,omitempty"`
	Group      *string                     `json:"group,omitempty"`
	Event      *string                     `json:"event,omitempty"`
	Conditions *[]share.CLUSEventCondition `json:"conditions,omitempty"`
	Actions    *[]string                   `json:"actions,omitempty"`
	Webhooks   *[]string                   `json:"webhooks,omitempty"`
	Disable    *bool                       `json:"disable,omitempty"`
	CfgType    string                      `json:"cfg_type"` // CfgTypeLearned / CfgTypeUserCreated / CfgTypeGround / CfgTypeFederal (see above)
}

Omit fields indicate that it's not modified.

type RESTResponseRuleConfigData 

type RESTResponseRuleConfigData struct {
	Config *RESTResponseRuleConfig `json:"config"`
}

type RESTResponseRuleData 

type RESTResponseRuleData struct {
	Rule *RESTResponseRule `json:"rule"`
}

type RESTResponseRuleInsert 

type RESTResponseRuleInsert struct {
	// nil: last; 0: first; +id: after rule 'id'; -id: before rule 'id'
	After *int                `json:"after,omitempty"`
	Rules []*RESTResponseRule `json:"rules"`
}

type RESTResponseRuleOptionData 

type RESTResponseRuleOptionData struct {
	Options  map[string]*RESTResponseRuleOptions `json:"response_rule_options"`
	Webhooks []string                            `json:"webhooks"`
}

type RESTResponseRuleOptions 

type RESTResponseRuleOptions struct {
	Types         []string            `json:"types"`
	Name          []string            `json:"name,omitempty"`
	Level         []string            `json:"level,omitempty"`
	DisabledProps map[string][]string `json:"disabled_props,omitempty"`
}

type RESTResponseRulesData 

type RESTResponseRulesData struct {
	Rules []*RESTResponseRule `json:"rules"`
}

type RESTRiskScoreMetrics 

type RESTRiskScoreMetrics struct {
	Platform         string                    `json:"platform"`
	K8sVersion       string                    `json:"kube_version"`
	OCVersion        string                    `json:"openshift_version"`
	NewServiceMode   string                    `json:"new_service_policy_mode"`
	NewProfileMode   string                    `json:"new_service_profile_mode"`
	DenyAdmCtrlRules int                       `json:"deny_adm_ctrl_rules"`
	Hosts            int                       `json:"hosts"`
	WLs              RESTRiskScoreMetricsWL    `json:"workloads"`
	Groups           RESTRiskScoreMetricsGroup `json:"groups"`
	CVEs             RESTRiskScoreMetricsCVE   `json:"cves"`
}

type RESTRiskScoreMetricsCVE 

type RESTRiskScoreMetricsCVE struct {
	DiscoverCVEs int `json:"discover_cves"`
	MonitorCVEs  int `json:"monitor_cves"`
	ProtectCVEs  int `json:"protect_cves"`
	PlatformCVEs int `json:"platform_cves"`
	HostCVEs     int `json:"host_cves"`
}

type RESTRiskScoreMetricsGroup 

type RESTRiskScoreMetricsGroup struct {
	Groups                int `json:"groups"`
	DiscoverGroups        int `json:"discover_groups"`
	MonitorGroups         int `json:"monitor_groups"`
	ProtectGroups         int `json:"protect_groups"`
	ProfileDiscoverGroups int `json:"profile_discover_groups"`
	ProfileMonitorGroups  int `json:"profile_monitor_groups"`
	ProfileProtectGroups  int `json:"profile_protect_groups"`
	DiscoverGroupsZD      int `json:"discover_groups_zero_drift"`
	MonitorGroupsZD       int `json:"monitor_groups_zero_drift"`
	ProtectGroupsZD       int `json:"protect_groups_zero_drift"`
}

type RESTRiskScoreMetricsWL 

type RESTRiskScoreMetricsWL struct {
	RunningPods    int `json:"running_pods"`
	PrivilegedWLs  int `json:"privileged_wls"`
	RootWLs        int `json:"root_wls"`
	DiscoverExtEPs int `json:"discover_ext_eps"`
	MonitorExtEPs  int `json:"monitor_ext_eps"`
	ProtectExtEPs  int `json:"protect_ext_eps"`
	ThrtExtEPs     int `json:"threat_ext_eps"`
	VioExtEPs      int `json:"violate_ext_eps"`
}

type RESTRolePermission 

type RESTRolePermission struct {
	ID    string `json:"id"` // permission id. see share/access.go
	Read  bool   `json:"read"`
	Write bool   `json:"write"`
}

type RESTRolePermitOptionInternal 

type RESTRolePermitOptionInternal struct {
	ID             string
	Value          uint32
	SupportScope   byte // 1: support global scope, 2: support domain scope, 3: support both scopes
	ReadSupported  bool
	WriteSupported bool

	// non-nil only for complex permissions like PERM_RUNTIME_POLICIES. PERM_RUNTIME_POLICIES is visible to client but in controller it's PERM_NETWORK_POLICY + PERM_SYSTEM_POLICY
	ComplexPermits []*RESTRolePermitOptionInternal
}

type RESTScanAppPackage 

type RESTScanAppPackage struct {
	AppName    string `json:"app_name"`
	ModuleName string `json:"module_name"`
	Version    string `json:"version"`
	FileName   string `json:"file_name"`
}

type RESTScanAwsFuncDetail 

type RESTScanAwsFuncDetail struct {
	RESTScanBrief  `json:"scan_brief"`
	RESTScanReport `json:"scan_report"`
}

type RESTScanAwsFuncReport 

type RESTScanAwsFuncReport struct {
	FuncID     string                           `json:"function_id"`
	NvSecID    string                           `json:"nv_sec_id"`
	Version    string                           `json:"version"`
	ScanResult RESTScanAwsFuncDetail            `json:"scan_result"`
	AllowedRes map[string]RESTAwsFuncPermission `json:"allowed_resources"` // key: resource_name value: list of func in res
	ReqRes     map[string]RESTAwsFuncPermission `json:"req_resources"`     // key: resource_name value: list of func in res
}

type RESTScanBrief 

type RESTScanBrief struct {
	Status           string `json:"status"`
	CriticalVuls     int    `json:"critical"`
	HighVuls         int    `json:"high"`
	MedVuls          int    `json:"medium"`
	Result           string `json:"result"`
	ScannedTimeStamp int64  `json:"scanned_timestamp"`
	ScannedAt        string `json:"scanned_at"`
	BaseOS           string `json:"base_os"`
	CVEDBVersion     string `json:"scanner_version"`
	CVEDBCreateTime  string `json:"cvedb_create_time"`
}

func (*RESTScanBrief) CVECount 

func (sb *RESTScanBrief) CVECount() int

type RESTScanCacheData 

type RESTScanCacheData struct {
	CacheRecords []RESTScanCacheRecord `json:"cache_records,omitempty"`
	RecordSize   uint64                `json:"record_total_size,omitempty"`
	MissCnt      uint64                `json:"cache_misses,omitempty"`
	HitCnt       uint64                `json:"cache_hits,omitempty"`
}

type RESTScanCacheRecord 

type RESTScanCacheRecord struct {
	Layer   string    `json:"layer_id,omitempty"`
	Size    uint64    `json:"size,omitempty"`
	RefCnt  uint32    `json:"reference_count,omitempty"`
	RefLast time.Time `json:"last_referred,omitempty"`
}

type RESTScanCacheStat 

type RESTScanCacheStat struct {
	RecordCnt  uint64 `json:"record_count,omitempty"`
	RecordSize uint64 `json:"record_total_size,omitempty"`
	MissCnt    uint64 `json:"cache_misses,omitempty"`
	HitCnt     uint64 `json:"cache_hits,omitempty"`
}

type RESTScanConfig 

type RESTScanConfig struct {
	AutoScan bool `json:"auto_scan"`
}

type RESTScanConfigConfig 

type RESTScanConfigConfig struct {
	AutoScan *bool `json:"auto_scan"`
}

type RESTScanConfigData 

type RESTScanConfigData struct {
	Config *RESTScanConfig `json:"config"`
}

type RESTScanImageSummary 

type RESTScanImageSummary struct {
	Image     string `json:"image"`
	ImageID   string `json:"image_id"`
	Author    string `json:"author"`
	CreatedAt string `json:"created_at"`
	RESTScanBrief
}

type RESTScanImageSummaryData 

type RESTScanImageSummaryData struct {
	Summary []*RESTScanImageSummary `json:"images"`
}

type RESTScanLayer 

type RESTScanLayer struct {
	Digest string               `json:"digest"`
	Cmds   string               `json:"cmds"`
	Vuls   []*RESTVulnerability `json:"vulnerabilities"`
	Size   int64                `json:"size"`
}

type RESTScanLayersReport 

type RESTScanLayersReport struct {
	Layers []*RESTScanLayer `json:"layers"`
}

type RESTScanLayersReportData 

type RESTScanLayersReportData struct {
	Report *RESTScanLayersReport `json:"report"`
}

type RESTScanMeta 

type RESTScanMeta struct {
	Source    string `json:"source"`
	User      string `json:"user"`
	Job       string `json:"job"`       // jenkins: job; serverless: service
	Workspace string `json:"workspace"` // jenkins
	Function  string `json:"function"`  // serverless
	Region    string `json:"region"`    // serverless
}

type RESTScanModule 

type RESTScanModule struct {
	Name    string           `json:"name"`
	File    string           `json:"file"`
	Version string           `json:"version"`
	Source  string           `json:"source"`
	CVEs    []*RESTModuleCve `json:"cves,omitempty"`
	CPEs    []string         `json:"cpes,omitempty"`
}

type RESTScanPackageReqData 

type RESTScanPackageReqData struct {
	ProjectName  string               `json:"project_name"`
	FunctionName string               `json:"function_name"`
	Region       string               `json:"region"`
	AppPkgs      []RESTScanAppPackage `json:"application_packages"`
}

type RESTScanPkgReport 

type RESTScanPkgReport struct {
	Verdict         string               `json:"verdict,omitempty"`
	NvSecId         string               `json:"nv_sec_id"`
	CVEDBVersion    string               `json:"cvedb_version"`
	CVEDBCreateTime string               `json:"cvedb_create_time"`
	Vuls            []*RESTVulnerability `json:"vulnerabilities"`
}

type RESTScanPkgReportData 

type RESTScanPkgReportData struct {
	Report *RESTScanPkgReport `json:"report"`
}

type RESTScanPlatformSummary 

type RESTScanPlatformSummary struct {
	Platform   string `json:"platform"`
	K8sVersion string `json:"kube_version"`
	OCVersion  string `json:"openshift_version"`
	RESTScanBrief
}

type RESTScanPlatformSummaryData 

type RESTScanPlatformSummaryData struct {
	Summary []*RESTScanPlatformSummary `json:"platforms"`
}

type RESTScanRepoReport 

type RESTScanRepoReport struct {
	Verdict         string           `json:"verdict,omitempty"`
	ImageID         string           `json:"image_id"`
	Registry        string           `json:"registry"`
	Repository      string           `json:"repository"`
	Tag             string           `json:"tag"`
	Digest          string           `json:"digest"`
	Size            int64            `json:"size"`
	Author          string           `json:"author"`
	BaseOS          string           `json:"base_os"`
	CreatedAt       string           `json:"created_at"`
	CVEDBVersion    string           `json:"cvedb_version"`
	CVEDBCreateTime string           `json:"cvedb_create_time"`
	Layers          []*RESTScanLayer `json:"layers"`
	RESTScanReport
}

type RESTScanRepoReportData 

type RESTScanRepoReportData struct {
	Report *RESTScanRepoReport `json:"report"`
}

type RESTScanRepoReq 

type RESTScanRepoReq struct {
	Metadata   RESTScanMeta `json:"metadata"`
	Registry   string       `json:"registry"`
	Username   string       `json:"username,omitempty"`
	Password   string       `json:"password,omitempty"`
	Repository string       `json:"repository"`
	Tag        string       `json:"tag"`
	ScanLayers bool         `json:"scan_layers"`
	BaseImage  string       `json:"base_image"`
}

type RESTScanRepoReqData 

type RESTScanRepoReqData struct {
	Request *RESTScanRepoReq `json:"request"`
}

type RESTScanRepoSubmitData 

type RESTScanRepoSubmitData struct {
	Result *share.ScanResult `json:"result"`
}

This is for scanner to summit the scan result

type RESTScanReport 

type RESTScanReport struct {
	Vuls          []*RESTVulnerability   `json:"vulnerabilities"`
	Modules       []*RESTScanModule      `json:"modules,omitempty"`
	Checks        []*RESTBenchItem       `json:"checks,omitempty"`
	Secrets       []*RESTScanSecret      `json:"secrets,omitempty"`
	SetIDs        []*RESTScanSetIdPerm   `json:"setid_perms,omitempty"`
	Envs          []string               `json:"envs,omitempty"`
	Labels        map[string]string      `json:"labels,omitempty"`
	Cmds          []string               `json:"cmds,omitempty"`
	SignatureInfo *RESTScanSignatureInfo `json:"signature_data,omitempty"`
}

type RESTScanReportData 

type RESTScanReportData struct {
	Report *RESTScanReport `json:"report"`
}

type RESTScanSchedule 

type RESTScanSchedule struct {
	Schedule string `json:"schedule"`
	Interval int    `json:"interval"`
}

type RESTScanSecret 

type RESTScanSecret struct {
	Type       string `json:"type"`       // the secret description
	Evidence   string `json:"evidence"`   // found in a cloaked string
	File       string `json:"path"`       // file path
	Suggestion string `json:"suggestion"` // Todo:
}

type RESTScanSetIdPerm 

type RESTScanSetIdPerm struct {
	Type     string `json:"type"`     // the set id descriptions
	Evidence string `json:"evidence"` // file atributes
	File     string `json:"path"`     // file path
}

type RESTScanSignatureInfo 

type RESTScanSignatureInfo struct {
	Verifiers             []string `json:"verifiers,omitempty"`
	VerificationTimestamp string   `json:"verification_timestamp"`
}

type RESTScanStatus 

type RESTScanStatus struct {
	Scanned         int    `json:"scanned"`
	Scheduled       int    `json:"scheduled"`
	Scanning        int    `json:"scanning"`
	Failed          int    `json:"failed"`
	CVEDBVersion    string `json:"cvedb_version"`
	CVEDBCreateTime string `json:"cvedb_create_time"`
}

func (*RESTScanStatus) GetDomain 

func (o *RESTScanStatus) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTScanStatusData 

type RESTScanStatusData struct {
	Status *RESTScanStatus `json:"status"`
}

type RESTScanner 

type RESTScanner struct {
	ID              string `json:"id"`
	CVEDBVersion    string `json:"cvedb_version"`
	CVEDBCreateTime string `json:"cvedb_create_time"`
	JoinedTS        int64  `json:"joined_timestamp"`
	RPCServer       string `json:"server"`
	RPCServerPort   uint16 `json:"port"`
	Containers      int    `json:"scanned_containers"`
	Hosts           int    `json:"scanned_hosts"`
	Images          int    `json:"scanned_images"`
	Serverless      int    `json:"scanned_serverless"`
}

type RESTScannerData 

type RESTScannerData struct {
	Scanners []*RESTScanner `json:"scanners"`
}

type RESTScoreMetricsData 

type RESTScoreMetricsData struct {
	Metrics        *RESTRiskScoreMetrics  `json:"metrics"`
	Ingress        []*RESTExposedEndpoint `json:"ingress"`
	Egress         []*RESTExposedEndpoint `json:"egress"`
	SecurityScores *RESTSecurityScores    `json:"security_scores"`
}

type RESTSecurityData 

type RESTSecurityData struct {
	Threats    []*Threat    `json:"threats"`
	Incidents  []*Incident  `json:"incidents"`
	Violations []*Violation `json:"violations"`
}

type RESTSecurityScores 

type RESTSecurityScores struct {
	NewServiceModeScore      int `json:"new_service_mode_score"`
	ServiceModeScore         int `json:"service_mode_score"`
	ServiceModeScoreBy100    int `json:"service_mode_score_by_100"`
	ExposureScore            int `json:"exposure_score"`
	ExposureScoreBy100       int `json:"exposure_score_by_100"`
	PrivilegedContainerScore int `json:"privileged_container_score"`
	RunAsRootScore           int `json:"run_as_root_score"`
	AdmissionRuleScore       int `json:"admission_rule_score"`
	VulnerabilityScore       int `json:"vulnerability_score"`
	VulnerabilityScoreBy100  int `json:"vulnerability_score_by_100"`
	SecurityRiskScore        int `json:"security_risk_score"`
}

type RESTSelfApikeyData 

type RESTSelfApikeyData struct {
	Apikey        *RESTApikey                      `json:"apikey"`
	GlobalPermits []*RESTRolePermission            `json:"global_permissions,omitempty"`
	DomainPermits map[string][]*RESTRolePermission `json:"domain_permissions,omitempty"` // domain -> permissions
}

type RESTSelfUserData 

type RESTSelfUserData struct {
	User                *RESTUser                        `json:"user"`
	PwdDaysUntilExpire  int                              `json:"password_days_until_expire"`  // negative means password never expires
	PwdHoursUntilExpire int                              `json:"password_hours_until_expire"` // the hours part beyond PwdDaysUntilExpire, 0 ~ 23
	GlobalPermits       []*RESTRolePermission            `json:"global_permissions,omitempty"`
	DomainPermits       map[string][]*RESTRolePermission `json:"domain_permissions,omitempty"`        // domain -> permissions
	RemoteGlobalPermits []*RESTRolePermission            `json:"remote_global_permissions,omitempty"` // for accessing managed clusters on primary cluster's UI
}

type RESTServer 

type RESTServer struct {
	Name string          `json:"server_name"`
	Type string          `json:"server_type"`
	LDAP *RESTServerLDAP `json:"ldap,omitempty"`
	SAML *RESTServerSAML `json:"saml,omitempty"`
	OIDC *RESTServerOIDC `json:"oidc,omitempty"`
}

type RESTServerConfig 

type RESTServerConfig struct {
	Name string                `json:"name"`
	LDAP *RESTServerLDAPConfig `json:"ldap,omitempty"`
	SAML *RESTServerSAMLConfig `json:"saml,omitempty"`
	OIDC *RESTServerOIDCConfig `json:"oidc,omitempty"`
}

type RESTServerConfigData 

type RESTServerConfigData struct {
	Config *RESTServerConfig `json:"config"`
}

type RESTServerData 

type RESTServerData struct {
	Server *RESTServer `json:"server"`
}

type RESTServerGroupRoleConfigData 

type RESTServerGroupRoleConfigData struct {
	Groups []string `json:"groups"`
}

type RESTServerGroupRoleDomainsConfig 

type RESTServerGroupRoleDomainsConfig struct {
	Name             string                  `json:"name"` // server name
	GroupRoleMapping *share.GroupRoleMapping `json:"mapped_roles,omitempty"`
}

Used by CLI to set one group's role mapping at a time.

type RESTServerGroupRoleDomainsConfigData 

type RESTServerGroupRoleDomainsConfigData struct {
	Config *RESTServerGroupRoleDomainsConfig `json:"config"`
}

type RESTServerGroupsOrderConfig 

type RESTServerGroupsOrderConfig struct {
	Name   string   `json:"name"`   // server name
	Groups []string `json:"groups"` // groups in mapping order
}

Used by CLI to set mapped groups order.

type RESTServerGroupsOrderConfigData 

type RESTServerGroupsOrderConfigData struct {
	Config *RESTServerGroupsOrderConfig `json:"config"`
}

type RESTServerLDAP 

type RESTServerLDAP struct {
	Type            string `json:"directory"`
	Hostname        string `json:"hostname"`
	Port            uint16 `json:"port"`
	SSL             bool   `json:"ssl"`
	BaseDN          string `json:"base_dn"`
	GroupDN         string `json:"group_dn"`
	BindDN          string `json:"bind_dn"`
	BindPasswd      string `json:"bind_password,cloak"`
	GroupMemberAttr string `json:"group_member_attr"`
	UserNameAttr    string `json:"username_attr"`

	Enable           bool                      `json:"enable"`
	DefaultRole      string                    `json:"default_role"`
	RoleGroups       map[string][]string       `json:"role_groups,omitempty"`        // role -> groups
	GroupMappedRoles []*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)
}

type RESTServerLDAPConfig 

type RESTServerLDAPConfig struct {
	Type            *string `json:"directory,omitempty"`
	Hostname        *string `json:"hostname,omitempty"`
	Port            *uint16 `json:"port,omitempty"`
	SSL             *bool   `json:"ssl,omitempty"`
	BaseDN          *string `json:"base_dn,omitempty"`
	GroupDN         *string `json:"group_dn,omitempty"`
	BindDN          *string `json:"bind_dn,omitempty"`
	BindPasswd      *string `json:"bind_password,cloak,omitempty"`
	GroupMemberAttr *string `json:"group_member_attr,omitempty"`
	UserNameAttr    *string `json:"username_attr,omitempty"`

	Enable           *bool                      `json:"enable,omitempty"`
	DefaultRole      *string                    `json:"default_role,omitempty"`
	RoleGroups       *map[string][]string       `json:"role_groups,omitempty"`        // role -> groups. deprecated since 4.2
	GroupMappedRoles *[]*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)
}

type RESTServerLDAPConfigCfgMap 

type RESTServerLDAPConfigCfgMap struct {
	RESTServerLDAPConfig
	AlwaysReload bool `json:"always_reload"`
}

type RESTServerLDAPTest 

type RESTServerLDAPTest struct {
	Username string `json:"username"`
	Password string `json:"password,cloak"`
}

type RESTServerOIDC 

type RESTServerOIDC struct {
	Issuer       string   `json:"issuer"`
	AuthURL      string   `json:"authorization_endpoint"`
	TokenURL     string   `json:"token_endpoint"`
	UserInfoURL  string   `json:"user_info_endpoint"`
	ClientID     string   `json:"client_id"`
	ClientSecret string   `json:"client_secret,cloak"`
	GroupClaim   string   `json:"group_claim"`
	Scopes       []string `json:"scopes"`

	Enable           bool                      `json:"enable"`
	DefaultRole      string                    `json:"default_role"`
	RoleGroups       map[string][]string       `json:"role_groups,omitempty"`        // role -> groups
	GroupMappedRoles []*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)
	UseProxy         bool                      `json:"use_proxy,omitempty"`
}

type RESTServerOIDCConfig 

type RESTServerOIDCConfig struct {
	Issuer       *string   `json:"issuer"`
	ClientID     *string   `json:"client_id"`
	ClientSecret *string   `json:"client_secret,cloak"`
	GroupClaim   *string   `json:"group_claim"`
	Scopes       *[]string `json:"scopes,omitempty"`

	Enable           *bool                      `json:"enable"`
	DefaultRole      *string                    `json:"default_role"`
	RoleGroups       *map[string][]string       `json:"role_groups,omitempty"`        // role -> groups. deprecated since 4.2
	GroupMappedRoles *[]*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)
	UseProxy         *bool                      `json:"use_proxy"`
}

type RESTServerOIDCConfigCfgMap 

type RESTServerOIDCConfigCfgMap struct {
	RESTServerOIDCConfig
	AlwaysReload bool `json:"always_reload"`
}

type RESTServerRoleGroupsConfig 

type RESTServerRoleGroupsConfig struct {
	Name   string   `json:"name"`
	Role   string   `json:"role"`
	Groups []string `json:"groups"`
}

Used by CLI to set one role mapping at a time.

type RESTServerRoleGroupsConfigData 

type RESTServerRoleGroupsConfigData struct {
	Config *RESTServerRoleGroupsConfig `json:"config"`
}

type RESTServerSAML 

type RESTServerSAML struct {
	SSOURL     string             `json:"sso_url"`
	Issuer     string             `json:"issuer"`
	X509Cert   string             `json:"x509_cert,cloak"`
	GroupClaim string             `json:"group_claim"`
	X509Certs  []RESTX509CertInfo `json:"x509_certs"`

	Enable           bool                      `json:"enable"`
	DefaultRole      string                    `json:"default_role"`
	RoleGroups       map[string][]string       `json:"role_groups,omitempty"`        // role -> groups
	GroupMappedRoles []*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)

	AuthnSigningEnabled bool   `json:"authn_signing_enabled,omitempty"` // Optional. Enable signing AuthnRequest.  Default off.
	SigningCert         string `json:"signing_cert,omitempty"`          // Optional.
	//SigningKey          string `json:"signing_key,omitempty"`           // Optional.
	SLOEnabled bool   `json:"slo_enabled,omitempty"` // Optional.
	SLOURL     string `json:"slo_url,omitempty"`     // Optional.
}

type RESTServerSAMLConfig 

type RESTServerSAMLConfig struct {
	SSOURL     *string `json:"sso_url"`
	Issuer     *string `json:"issuer"`
	X509Cert   *string `json:"x509_cert,cloak"`
	GroupClaim *string `json:"group_claim"`

	Enable           *bool                      `json:"enable,omitempty"`
	DefaultRole      *string                    `json:"default_role,omitempty"`
	RoleGroups       *map[string][]string       `json:"role_groups,omitempty"`        // role -> groups. deprecated since 4.2
	GroupMappedRoles *[]*share.GroupRoleMapping `json:"group_mapped_roles,omitempty"` // group -> (role -> domains)
	X509CertExtra    *[]string                  `json:"x509_cert_extra,omitempty"`

	AuthnSigningEnabled *bool   `json:"authn_signing_enabled,omitempty"` // Optional. Enable signing AuthnRequest.  Default off.
	SigningCert         *string `json:"signing_cert,omitempty"`          // Optional.
	SigningKey          *string `json:"signing_key,omitempty"`           // Optional.
	SLOEnabled          *bool   `json:"slo_enabled,omitempty"`           // Optional.
	SLOURL              *string `json:"slo_url,omitempty"`               // Optional.
}

type RESTServerSAMLConfigCfgMap 

type RESTServerSAMLConfigCfgMap struct {
	RESTServerSAMLConfig
	AlwaysReload bool `json:"always_reload"`
}

type RESTServerTest 

type RESTServerTest struct {
	Name     string                `json:"name,omitempty"` // either name or one of server configs must present
	LDAP     *RESTServerLDAPConfig `json:"ldap,omitempty"`
	TestLDAP *RESTServerLDAPTest   `json:"test_ldap,omitempty"`
}

type RESTServerTestData 

type RESTServerTestData struct {
	Test *RESTServerTest `json:"test"`
}

type RESTServerTestResult 

type RESTServerTestResult struct {
	Groups []string `json:"groups"`
}

type RESTServerTestResultData 

type RESTServerTestResultData struct {
	Result *RESTServerTestResult `json:"result"`
}

type RESTServersData 

type RESTServersData struct {
	Servers       []*RESTServer      `json:"servers"`
	MappableRoles *RESTMappableRoles `json:"mappable_roles"`
}

type RESTService 

type RESTService struct {
	Name            string               `json:"name"`
	Comment         string               `json:"comment"`
	PolicyMode      string               `json:"policy_mode"`
	ProfileMode     string               `json:"profile_mode"`
	NotScored       bool                 `json:"not_scored"`
	Domain          string               `json:"domain"`
	PlatformRole    string               `json:"platform_role"`
	Members         []*RESTWorkloadBrief `json:"members"`
	PolicyRules     []*RESTPolicyRule    `json:"policy_rules"`
	ResponseRules   []*RESTResponseRule  `json:"response_rules"`
	ServiceAddr     *RESTIPPort          `json:"service_addr,omitempty"`
	IngressExposure bool                 `json:"ingress_exposure"`
	EgressExposure  bool                 `json:"egress_exposure"`
	BaselineProfile string               `json:"baseline_profile"`
	RESTGroupCaps
}

type RESTServiceBatchConfig 

type RESTServiceBatchConfig struct {
	Services        []string `json:"services,omitempty"`
	PolicyMode      *string  `json:"policy_mode,omitempty"`
	ProfileMode     *string  `json:"profile_mode,omitempty"`
	BaselineProfile *string  `json:"baseline_profile,omitempty"`
	NotScored       *bool    `json:"not_scored,omitempty"`
}

type RESTServiceBatchConfigData 

type RESTServiceBatchConfigData struct {
	Config *RESTServiceBatchConfig `json:"config"`
}

type RESTServiceConfig 

type RESTServiceConfig struct {
	Name            string  `json:"name"`
	Domain          string  `json:"domain"`
	Comment         *string `json:"comment"`
	PolicyMode      *string `json:"policy_mode,omitempty"`
	ProfileMode     *string `json:"profile_mode,omitempty"`
	BaselineProfile *string `json:"baseline_profile,omitempty"`
	NotScored       *bool   `json:"not_scored,omitempty"`
}

type RESTServiceConfigData 

type RESTServiceConfigData struct {
	Config *RESTServiceConfig `json:"config"`
}

type RESTServiceData 

type RESTServiceData struct {
	Service *RESTService `json:"service"`
}

type RESTServicesData 

type RESTServicesData struct {
	Services []*RESTService `json:"services"`
}

type RESTSession 

type RESTSession struct {
	ID             uint64 `json:"id"`
	Workload       string `json:"workload_id"`
	EtherType      uint16 `json:"ether_type"`
	Application    string `json:"application"`
	ClientMAC      string `json:"client_mac"`
	ServerMAC      string `json:"server_mac"`
	ClientIP       string `json:"client_ip"`
	ServerIP       string `json:"server_ip"`
	ClientPort     uint16 `json:"client_port"`
	ServerPort     uint16 `json:"server_port"`
	ICMPCode       uint8  `json:"icmp_code"`
	ICMPType       uint8  `json:"icmp_type"`
	IPProto        uint8  `json:"ip_proto"`
	ClientState    string `json:"client_state"`
	ServerState    string `json:"server_state"`
	ClientPkts     uint32 `json:"client_pkts"`
	ServerPkts     uint32 `json:"server_pkts"`
	ClientBytes    uint64 `json:"client_bytes"`
	ServerBytes    uint64 `json:"server_bytes"`
	ClientAsmPkts  uint32 `json:"client_asm_pkts"`
	ServerAsmPkts  uint32 `json:"server_asm_pkts"`
	ClientAsmBytes uint64 `json:"client_asm_bytes"`
	ServerAsmBytes uint64 `json:"server_asm_bytes"`
	Age            uint32 `json:"age"`
	Idle           uint32 `json:"idle"`
	Life           uint32 `json:"life"`
	Ingress        bool   `json:"ingress"`
	Tap            bool   `json:"tap"`
	MidStream      bool   `json:"mid_stream"`
	PolicyID       uint32 `json:"policy_id"`
	PolicyAction   string `json:"policy_action"`
	XffIP          string `json:"xff_ip"`
	XffApp         string `json:"xff_app"`
	XffPort        uint16 `json:"xff_port"`
}

type RESTSessionList 

type RESTSessionList struct {
	Sessions []*RESTSession `json:"sessions"`
}

type RESTSessionSummary 

type RESTSessionSummary struct {
	CurSessions     uint32 `json:"cur_sessions"`
	CurTCPSessions  uint32 `json:"cur_tcp_sessions"`
	CurUDPSessions  uint32 `json:"cur_udp_sessions"`
	CurICMPSessions uint32 `json:"cur_icmp_sessions"`
	CurIPSessions   uint32 `json:"cur_ip_sessions"`
}

type RESTSessionSummaryData 

type RESTSessionSummaryData struct {
	Summary *RESTSessionSummary `json:"summary"`
}

type RESTSnifferArgs 

type RESTSnifferArgs struct {
	FileNumber *uint32 `json:"file_number,omitempty"`
	Duration   *uint32 `json:"duration,omitempty"`
	Filter     *string `json:"filter,omitempty"`
}

type RESTSnifferArgsData 

type RESTSnifferArgsData struct {
	Sniffer *RESTSnifferArgs `json:"sniffer"`
}

type RESTSnifferData 

type RESTSnifferData struct {
	Sniffer *RESTSnifferInfo `json:"sniffer"`
}

type RESTSnifferInfo 

type RESTSnifferInfo struct {
	ID         string `json:"id"`
	AgentID    string `json:"enforcer_id"`
	WorkloadID string `json:"container_id"`
	FileNumber uint32 `json:"file_number"`
	Size       int64  `json:"size"`
	Status     string `json:"status"`
	Args       string `json:"args"`
	StartTime  int64  `json:"start_time"`
	StopTime   int64  `json:"stop_time"`
}

type RESTSnifferResult 

type RESTSnifferResult struct {
	ID string `json:"id"`
}

type RESTSnifferResultData 

type RESTSnifferResultData struct {
	Result *RESTSnifferResult `json:"result"`
}

type RESTSniffersData 

type RESTSniffersData struct {
	Sniffers []*RESTSnifferInfo `json:"sniffers"`
}

type RESTStats 

type RESTStats struct {
	Interval uint32    `json:"interval"`
	Total    RESTMetry `json:"total"`
	Span1    RESTMetry `json:"span_1"`
	Span12   RESTMetry `json:"span_12"`
	Span60   RESTMetry `json:"span_60"`
}

type RESTSysAtmoConfigConfig 

type RESTSysAtmoConfigConfig struct {
	ModeAutoD2M         *bool  `json:"mode_auto_d2m"`
	ModeAutoD2MDuration *int64 `json:"mode_auto_d2m_duration"`
	ModeAutoM2P         *bool  `json:"mode_auto_m2p"`
	ModeAutoM2PDuration *int64 `json:"mode_auto_m2p_duration"`
}

type RESTSysNetConfigConfig 

type RESTSysNetConfigConfig struct {
	NetServiceStatus     *bool   `json:"net_service_status,omitempty"`
	NetServicePolicyMode *string `json:"net_service_policy_mode,omitempty"`
	DisableNetPolicy     *bool   `json:"disable_net_policy,omitempty"`
	DetectUnmanagedWl    *bool   `json:"detect_unmanaged_wl,omitempty"`
}

type RESTSystemConfig 

type RESTSystemConfig struct {
	NewServicePolicyMode      string                    `json:"new_service_policy_mode"`
	NewServiceProfileMode     string                    `json:"new_service_profile_mode"`
	NewServiceProfileBaseline string                    `json:"new_service_profile_baseline"`
	UnusedGroupAging          uint8                     `json:"unused_group_aging"`
	SyslogServer              string                    `json:"syslog_ip"`
	SyslogIPProto             uint8                     `json:"syslog_ip_proto"`
	SyslogPort                uint16                    `json:"syslog_port"`
	SyslogLevel               string                    `json:"syslog_level"`
	SyslogEnable              bool                      `json:"syslog_status"`
	SyslogCategories          []string                  `json:"syslog_categories"`
	SyslogInJSON              bool                      `json:"syslog_in_json"`
	SyslogServerCert          string                    `json:"syslog_server_cert"`
	SingleCVEPerSyslog        bool                      `json:"single_cve_per_syslog"`
	SyslogCVEInLayers         bool                      `json:"syslog_cve_in_layers"`
	OutputEventToLogs         bool                      `json:"output_event_to_logs"`
	AuthOrder                 []string                  `json:"auth_order"`
	AuthByPlatform            bool                      `json:"auth_by_platform"`
	RancherEP                 string                    `json:"rancher_ep"`
	InternalSubnets           []string                  `json:"configured_internal_subnets,omitempty"`
	Webhooks                  []RESTWebhook             `json:"webhooks"`
	ClusterName               string                    `json:"cluster_name"`
	ControllerDebug           []string                  `json:"controller_debug"`
	MonitorServiceMesh        bool                      `json:"monitor_service_mesh"`
	RegistryHttpProxyEnable   bool                      `json:"registry_http_proxy_status"`
	RegistryHttpsProxyEnable  bool                      `json:"registry_https_proxy_status"`
	RegistryHttpProxy         RESTProxy                 `json:"registry_http_proxy"`
	RegistryHttpsProxy        RESTProxy                 `json:"registry_https_proxy"`
	IBMSAEpEnabled            bool                      `json:"ibmsa_ep_enabled"`
	IBMSAEpStart              uint32                    `json:"ibmsa_ep_start"`
	IBMSAEpDashboardURL       string                    `json:"ibmsa_ep_dashboard_url"`
	IBMSAEpConnectedAt        string                    `json:"ibmsa_ep_connected_at"`
	XffEnabled                bool                      `json:"xff_enabled"`
	NetServiceStatus          bool                      `json:"net_service_status"`
	NetServicePolicyMode      string                    `json:"net_service_policy_mode"`
	DisableNetPolicy          bool                      `json:"disable_net_policy"`
	DetectUnmanagedWl         bool                      `json:"detect_unmanaged_wl"`
	ModeAutoD2M               bool                      `json:"mode_auto_d2m"`
	ModeAutoD2MDuration       int64                     `json:"mode_auto_d2m_duration"`
	ModeAutoM2P               bool                      `json:"mode_auto_m2p"`
	ModeAutoM2PDuration       int64                     `json:"mode_auto_m2p_duration"`
	ScannerAutoscale          RESTSystemConfigAutoscale `json:"scanner_autoscale"`
	NoTelemetryReport         bool                      `json:"no_telemetry_report"`
	CspType                   string                    `json:"csp_type"`
	RemoteRepositories        []RESTRemoteRepository    `json:"remote_repositories"`
	EnableTLSVerification     bool                      `json:"enable_tls_verification"`
	GlobalCaCerts             []string                  `json:"cacerts"`
}

If more log servers needed, they can be defined as servers.

type RESTSystemConfigAuthCfgV2 

type RESTSystemConfigAuthCfgV2 struct {
	AuthOrder      *[]string `json:"auth_order,omitempty"`
	AuthByPlatform *bool     `json:"auth_by_platform,omitempty"`
	RancherEP      *string   `json:"rancher_ep,omitempty"`
}

type RESTSystemConfigAuthV2 

type RESTSystemConfigAuthV2 struct {
	AuthOrder      []string `json:"auth_order"`
	AuthByPlatform bool     `json:"auth_by_platform"`
	RancherEP      string   `json:"rancher_ep"`
}

type RESTSystemConfigAutoscale 

type RESTSystemConfigAutoscale struct {
	Strategy         string `json:"strategy"`
	MinPods          uint32 `json:"min_pods"`
	MaxPods          uint32 `json:"max_pods"`
	DisabledByOthers bool   `json:"disabled_by_others"` // true when autoscale is disabled because controller detects 3rd-party tool keeps reverting our autoscale
}

type RESTSystemConfigAutoscaleConfig 

type RESTSystemConfigAutoscaleConfig struct {
	Strategy *string `json:"strategy,omitempty"`
	MinPods  *uint32 `json:"min_pods,omitempty"`
	MaxPods  *uint32 `json:"max_pods,omitempty"`
}

for scanner autoscaling

type RESTSystemConfigConfig 

type RESTSystemConfigConfig struct {
	NewServicePolicyMode      *string                          `json:"new_service_policy_mode,omitempty"`
	NewServiceProfileMode     *string                          `json:"new_service_profile_mode,omitempty"`
	NewServiceProfileBaseline *string                          `json:"new_service_profile_baseline,omitempty"`
	UnusedGroupAging          *uint8                           `json:"unused_group_aging,omitempty"`
	SyslogServer              *string                          `json:"syslog_ip,omitempty"`
	SyslogIPProto             *uint8                           `json:"syslog_ip_proto,omitempty"`
	SyslogPort                *uint16                          `json:"syslog_port,omitempty"`
	SyslogLevel               *string                          `json:"syslog_level,omitempty"`
	SyslogEnable              *bool                            `json:"syslog_status,omitempty"`
	SyslogCategories          *[]string                        `json:"syslog_categories,omitempty"`
	SyslogInJSON              *bool                            `json:"syslog_in_json,omitempty"`
	SyslogServerCert          *string                          `json:"syslog_server_cert,omitempty"`
	SingleCVEPerSyslog        *bool                            `json:"single_cve_per_syslog,omitempty"`
	SyslogCVEInLayers         *bool                            `json:"syslog_cve_in_layers,omitempty"`
	OutputEventToLogs         *bool                            `json:"output_event_to_logs,omitempty"`
	AuthOrder                 *[]string                        `json:"auth_order,omitempty"`
	AuthByPlatform            *bool                            `json:"auth_by_platform,omitempty"`
	RancherEP                 *string                          `json:"rancher_ep,omitempty"`
	WebhookEnable             *bool                            `json:"webhook_status,omitempty"` // deprecated, kept for backward-compatibility, skip docs
	WebhookUrl                *string                          `json:"webhook_url,omitempty"`    // deprecated, kept for backward-compatibility, skip docs
	Webhooks                  *[]*RESTWebhook                  `json:"webhooks,omitempty"`
	ClusterName               *string                          `json:"cluster_name,omitempty"`
	ControllerDebug           *[]string                        `json:"controller_debug,omitempty"`
	MonitorServiceMesh        *bool                            `json:"monitor_service_mesh,omitempty"`
	RegistryHttpProxyEnable   *bool                            `json:"registry_http_proxy_status,omitempty"`
	RegistryHttpsProxyEnable  *bool                            `json:"registry_https_proxy_status,omitempty"`
	RegistryHttpProxy         *RESTProxy                       `json:"registry_http_proxy,omitempty"`
	RegistryHttpsProxy        *RESTProxy                       `json:"registry_https_proxy,omitempty"`
	RegistryHttpProxyCfg      *RESTProxyConfig                 `json:"registry_http_proxy_cfg,omitempty"`
	RegistryHttpsProxyCfg     *RESTProxyConfig                 `json:"registry_https_proxy_cfg,omitempty"`
	IBMSAEpEnabled            *bool                            `json:"ibmsa_ep_enabled,omitempty"`
	IBMSAEpDashboardURL       *string                          `json:"ibmsa_ep_dashboard_url,omitempty"`
	XffEnabled                *bool                            `json:"xff_enabled,omitempty"`
	ScannerAutoscale          *RESTSystemConfigAutoscaleConfig `json:"scanner_autoscale,omitempty"`
	NoTelemetryReport         *bool                            `json:"no_telemetry_report,omitempty"`
	RemoteRepositories        *[]RESTRemoteRepository          `json:"remote_repositories,omitempty"`
	EnableTLSVerification     *bool                            `json:"enable_tls_verification,omitempty"`
	GlobalCaCerts             *[]string                        `json:"cacerts,omitempty"`
}

type RESTSystemConfigConfigCfgMap 

type RESTSystemConfigConfigCfgMap struct {
	RESTSystemConfigConfig
	RESTSysNetConfigConfig
	RESTSysAtmoConfigConfig
	ScanConfig   *RESTScanConfigConfig `json:"scan_config,omitempty"`
	AlwaysReload bool                  `json:"always_reload"`
}

type RESTSystemConfigConfigData 

type RESTSystemConfigConfigData struct {
	Config     *RESTSystemConfigConfig    `json:"config,omitempty"`
	ConfigV2   *RESTSystemConfigConfigV2  `json:"config_v2,omitempty"`
	FedConfig  *RESTFedSystemConfigConfig `json:"fed_config,omitempty"`
	NetConfig  *RESTSysNetConfigConfig    `json:"net_config,omitempty"`
	AtmoConfig *RESTSysAtmoConfigConfig   `json:"atmo_config,omitempty"`
}

type RESTSystemConfigConfigV2 

type RESTSystemConfigConfigV2 struct {
	SvcCfg             *RESTSystemConfigSvcCfgV2        `json:"svc_cfg,omitempty"`
	SyslogCfg          *RESTSystemConfigSyslogCfgV2     `json:"syslog_cfg,omitempty"`
	AuthCfg            *RESTSystemConfigAuthCfgV2       `json:"auth_cfg,omitempty"`
	ProxyCfg           *RESTSystemConfigProxyCfgV2      `json:"proxy_cfg,omitempty"`
	TlsCfg             *RESTSystemConfigTlsCfg          `json:"tls_cfg,omitempty"`
	Webhooks           *[]*RESTWebhook                  `json:"webhooks,omitempty"`
	IbmsaCfg           *RESTSystemConfigIBMSAVCfg2      `json:"ibmsa_cfg,omitempty"`
	ScannerAutoscale   *RESTSystemConfigAutoscaleConfig `json:"scanner_autoscale_cfg,omitempty"`
	MiscCfg            *RESTSystemConfigMiscCfgV2       `json:"misc_cfg,omitempty"`
	RemoteRepositories *[]RESTRemoteRepository          `json:"remote_repositories,omitempty"`
}

type RESTSystemConfigData 

type RESTSystemConfigData struct {
	Config    *RESTSystemConfig    `json:"config"`
	FedConfig *RESTFedSystemConfig `json:"fed_config"`
}

type RESTSystemConfigDataV2 

type RESTSystemConfigDataV2 struct {
	Config    *RESTSystemConfigV2  `json:"config"`
	FedConfig *RESTFedSystemConfig `json:"fed_config"`
}

type RESTSystemConfigIBMSAV2 

type RESTSystemConfigIBMSAV2 struct {
	IBMSAEpEnabled      bool   `json:"ibmsa_ep_enabled"`
	IBMSAEpStart        uint32 `json:"ibmsa_ep_start"`
	IBMSAEpDashboardURL string `json:"ibmsa_ep_dashboard_url"`
	IBMSAEpConnectedAt  string `json:"ibmsa_ep_connected_at"`
}

type RESTSystemConfigIBMSAVCfg2 

type RESTSystemConfigIBMSAVCfg2 struct {
	IBMSAEpEnabled      *bool   `json:"ibmsa_ep_enabled,omitempty"`
	IBMSAEpDashboardURL *string `json:"ibmsa_ep_dashboard_url,omitempty"`
}

type RESTSystemConfigMiscCfgV2 

type RESTSystemConfigMiscCfgV2 struct {
	// InternalSubnets      *[]string `json:"configured_internal_subnets,omitempty"`
	UnusedGroupAging   *uint8    `json:"unused_group_aging,omitempty"`
	ClusterName        *string   `json:"cluster_name,omitempty"`
	ControllerDebug    *[]string `json:"controller_debug,omitempty"`
	MonitorServiceMesh *bool     `json:"monitor_service_mesh,omitempty"`
	XffEnabled         *bool     `json:"xff_enabled,omitempty"`
	NoTelemetryReport  *bool     `json:"no_telemetry_report,omitempty"`
}

type RESTSystemConfigMiscV2 

type RESTSystemConfigMiscV2 struct {
	InternalSubnets    []string `json:"configured_internal_subnets,omitempty"`
	UnusedGroupAging   uint8    `json:"unused_group_aging"`
	ClusterName        string   `json:"cluster_name"`
	ControllerDebug    []string `json:"controller_debug"`
	MonitorServiceMesh bool     `json:"monitor_service_mesh"`
	XffEnabled         bool     `json:"xff_enabled"`
	NoTelemetryReport  bool     `json:"no_telemetry_report"`
	CspType            string   `json:"csp_type"` // billing csp type (local or master cluster)
}

type RESTSystemConfigModeAutoV2 

type RESTSystemConfigModeAutoV2 struct {
	ModeAutoD2M         bool  `json:"mode_auto_d2m"`
	ModeAutoD2MDuration int64 `json:"mode_auto_d2m_duration"`
	ModeAutoM2P         bool  `json:"mode_auto_m2p"`
	ModeAutoM2PDuration int64 `json:"mode_auto_m2p_duration"`
}

type RESTSystemConfigNetSvcV2 

type RESTSystemConfigNetSvcV2 struct {
	NetServiceStatus     bool   `json:"net_service_status"`
	NetServicePolicyMode string `json:"net_service_policy_mode"`
	DisableNetPolicy     bool   `json:"disable_net_policy"`
	DetectUnmanagedWl    bool   `json:"detect_unmanaged_wl"`
}

type RESTSystemConfigNewSvcV2 

type RESTSystemConfigNewSvcV2 struct {
	NewServicePolicyMode      string `json:"new_service_policy_mode"`
	NewServiceProfileMode     string `json:"new_service_profile_mode"`
	NewServiceProfileBaseline string `json:"new_service_profile_baseline"`
}

type RESTSystemConfigProxyCfgV2 

type RESTSystemConfigProxyCfgV2 struct {
	RegistryHttpProxyEnable  *bool            `json:"registry_http_proxy_status,omitempty"`
	RegistryHttpsProxyEnable *bool            `json:"registry_https_proxy_status,omitempty"`
	RegistryHttpProxy        *RESTProxy       `json:"registry_http_proxy,omitempty"`
	RegistryHttpsProxy       *RESTProxy       `json:"registry_https_proxy,omitempty"`
	RegistryHttpProxyCfg     *RESTProxyConfig `json:"registry_http_proxy_cfg,omitempty"`
	RegistryHttpsProxyCfg    *RESTProxyConfig `json:"registry_https_proxy_cfg,omitempty"`
}

type RESTSystemConfigProxyV2 

type RESTSystemConfigProxyV2 struct {
	RegistryHttpProxyEnable  bool            `json:"registry_http_proxy_status"`
	RegistryHttpsProxyEnable bool            `json:"registry_https_proxy_status"`
	RegistryHttpProxy        RESTProxy       `json:"registry_http_proxy"`
	RegistryHttpsProxy       RESTProxy       `json:"registry_https_proxy"`
	RegistryHttpProxyCfg     RESTProxyConfig `json:"registry_http_proxy_cfg"`
	RegistryHttpsProxyCfg    RESTProxyConfig `json:"registry_https_proxy_cfg"`
}

type RESTSystemConfigSvcCfgV2 

type RESTSystemConfigSvcCfgV2 struct {
	NewServicePolicyMode      *string `json:"new_service_policy_mode,omitempty"`
	NewServiceProfileMode     *string `json:"new_service_profile_mode,omitempty"`
	NewServiceProfileBaseline *string `json:"new_service_profile_baseline,omitempty"`
}

type RESTSystemConfigSyslogCfgV2 

type RESTSystemConfigSyslogCfgV2 struct {
	SyslogServer       *string   `json:"syslog_ip,omitempty"`
	SyslogIPProto      *uint8    `json:"syslog_ip_proto,omitempty"`
	SyslogPort         *uint16   `json:"syslog_port,omitempty"`
	SyslogLevel        *string   `json:"syslog_level,omitempty"`
	SyslogEnable       *bool     `json:"syslog_status,omitempty"`
	SyslogCategories   *[]string `json:"syslog_categories,omitempty"`
	SyslogInJSON       *bool     `json:"syslog_in_json,omitempty"`
	SingleCVEPerSyslog *bool     `json:"single_cve_per_syslog"`
	SyslogCVEInLayers  *bool     `json:"syslog_cve_in_layers,omitempty"`
	SyslogServerCert   *string   `json:"syslog_server_cert,omitempty"`
	OutputEventToLogs  *bool     `json:"output_event_to_logs,omitempty"`
}

type RESTSystemConfigSyslogV2 

type RESTSystemConfigSyslogV2 struct {
	SyslogServer       string   `json:"syslog_ip"`
	SyslogIPProto      uint8    `json:"syslog_ip_proto"`
	SyslogPort         uint16   `json:"syslog_port"`
	SyslogLevel        string   `json:"syslog_level"`
	SyslogEnable       bool     `json:"syslog_status"`
	SyslogCategories   []string `json:"syslog_categories"`
	SyslogInJSON       bool     `json:"syslog_in_json"`
	SingleCVEPerSyslog bool     `json:"single_cve_per_syslog"`
	SyslogCVEInLayers  bool     `json:"syslog_cve_in_layers"`
	SyslogServerCert   string   `json:"syslog_server_cert"`
	OutputEventToLogs  bool     `json:"output_event_to_logs"`
}

type RESTSystemConfigTls 

type RESTSystemConfigTls struct {
	EnableTLSVerification bool     `json:"enable_tls_verification"`
	GlobalCaCerts         []string `json:"cacerts"`
}

type RESTSystemConfigTlsCfg 

type RESTSystemConfigTlsCfg struct {
	EnableTLSVerification *bool     `json:"enable_tls_verification"`
	GlobalCaCerts         *[]string `json:"cacerts"`
}

type RESTSystemConfigV2 

type RESTSystemConfigV2 struct {
	NewSvc             RESTSystemConfigNewSvcV2   `json:"new_svc"`
	Syslog             RESTSystemConfigSyslogV2   `json:"syslog"`
	Auth               RESTSystemConfigAuthV2     `json:"auth"`
	Misc               RESTSystemConfigMiscV2     `json:"misc"`
	Webhooks           []RESTWebhook              `json:"webhooks"`
	Proxy              RESTSystemConfigProxyV2    `json:"proxy"`
	IBMSA              RESTSystemConfigIBMSAV2    `json:"ibmsa"`
	NetSvc             RESTSystemConfigNetSvcV2   `json:"net_svc"`
	ModeAuto           RESTSystemConfigModeAutoV2 `json:"mode_auto"`
	ScannerAutoscale   RESTSystemConfigAutoscale  `json:"scanner_autoscale"`
	RemoteRepositories []RESTRemoteRepository     `json:"remote_repositories"`
	TlsCfg             RESTSystemConfigTls        `json:"tls_cfg"`
}

type RESTSystemRequest 

type RESTSystemRequest struct {
	PolicyMode      *string        `json:"policy_mode,omitempty"`
	ProfileMode     *string        `json:"profile_mode,omitempty"`
	BaselineProfile *string        `json:"baseline_profile,omitempty"`
	Unquar          *RESTUnquarReq `json:"unquarantine,omitempty"`
}

type RESTSystemRequestData 

type RESTSystemRequestData struct {
	Request *RESTSystemRequest `json:"request"`
}

type RESTSystemStats 

type RESTSystemStats struct {
	ExpiredTokens int `json:"expired_tokens"`
	ScanStateKeys int `json:"scan_state_keys"`
	ScanDataKeys  int `json:"scan_data_keys"`
}

func (*RESTSystemStats) GetDomain 

func (o *RESTSystemStats) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTSystemStatsData 

type RESTSystemStatsData struct {
	Stats *RESTSystemStats `json:"stats"`
}

type RESTSystemSummary 

type RESTSystemSummary struct {
	Hosts            int      `json:"hosts"`
	Controllers      int      `json:"controllers"`
	Agents           int      `json:"enforcers"`
	OfflineAgents    int      `json:"disconnected_enforcers"`
	Domains          int      `json:"domains"`
	Workloads        int      `json:"workloads"`
	RunningWorkloads int      `json:"running_workloads"`
	RunningPods      int      `json:"running_pods"`
	Services         int      `json:"services"`
	PolicyRules      int      `json:"policy_rules"`
	Scanners         int      `json:"scanners"`
	Platform         string   `json:"platform"`
	K8sVersion       string   `json:"kube_version"`
	OCVersion        string   `json:"openshift_version"`
	CVEDBVersion     string   `json:"cvedb_version"`
	CVEDBCreateTime  string   `json:"cvedb_create_time"`
	CompoVersions    []string `json:"component_versions"`
}

type RESTSystemSummaryData 

type RESTSystemSummaryData struct {
	Summary *RESTSystemSummary `json:"summary"`
}

type RESTSystemUsageReport 

type RESTSystemUsageReport struct {
	Signature      string `json:"signature"`
	ReportedTS     int64  `json:"reported_timestamp"`
	ReportedAt     string `json:"reported_at"`
	Platform       string `json:"platform"`
	Hosts          int    `json:"hosts"`
	CPUCores       int    `json:"cores"`
	Controllers    int    `json:"controllers"`
	Agents         int    `json:"enforcers"`
	Scanners       int    `json:"scanners"`
	CVEDBVersion   string `json:"cvedb_version"`
	Registries     int    `json:"registries"`
	Domains        int    `json:"domains"`
	RunningPods    int    `json:"running_pods"`
	Groups         int    `json:"groups"`
	MonitorGroups  int    `json:"monitor_groups"`
	ProtectGroups  int    `json:"protect_groups"`
	PolicyRules    int    `json:"policy_rules"`
	AdmCtrlRules   int    `json:"adm_ctrl_rules"`
	RespRules      int    `json:"response_rules"`
	CRDRules       int    `json:"crd_rules"`
	Clusters       int    `json:"clusters"`
	SLessProjs     int    `json:"sl_projs"`
	InstallationID string `json:"installation_id"`
}

func (*RESTSystemUsageReport) GetDomain 

func (o *RESTSystemUsageReport) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type RESTSystemUsageReportData 

type RESTSystemUsageReportData struct {
	Usage           []*RESTSystemUsageReport `json:"usage"`
	TelemetryStatus RESTTeleStatus           `json:"telemetry_status"`
}

type RESTSystemWebhookConfigData 

type RESTSystemWebhookConfigData struct {
	Config *RESTWebhook `json:"config"`
}

type RESTTeleStatus 

type RESTTeleStatus struct {
	TeleFreq           uint                   `json:"telemetry_freq"`
	TeleURL            string                 `json:"telemetry_url"`
	CurrentVersion     string                 `json:"current_version"`
	MinUpgradeVersion  RESTUpgradeVersionInfo `json:"min_upgrade_version"`
	MaxUpgradeVersion  RESTUpgradeVersionInfo `json:"max_upgrade_version"`
	LastTeleUploadTime string                 `json:"last_telemetry_upload_time"`
}

type RESTThreatData 

type RESTThreatData struct {
	Threat *Threat `json:"threat"`
}

type RESTThreatsData 

type RESTThreatsData struct {
	Threats []*Threat `json:"threats"`
}

type RESTToken 

type RESTToken struct {
	Token         string                           `json:"token"`
	GlobalPermits []*RESTRolePermission            `json:"global_permissions"`
	DomainPermits map[string][]*RESTRolePermission `json:"domain_permissions"` // domain -> permissions list
	RESTUser
}

type RESTTokenAuthServer 

type RESTTokenAuthServer struct {
	Name string `json:"server_name"`
	Type string `json:"server_type"`
}

type RESTTokenAuthServerRedirect 

type RESTTokenAuthServerRedirect struct {
	Name        string `json:"server_name"`
	Type        string `json:"server_type"`
	RedirectURL string `json:"redirect_url"`
}

type RESTTokenAuthServersData 

type RESTTokenAuthServersData struct {
	Servers []*RESTTokenAuthServer `json:"servers"`
}

type RESTTokenAuthServersRedirectData 

type RESTTokenAuthServersRedirectData struct {
	Redirect *RESTTokenAuthServerRedirect `json:"redirect"`
}

type RESTTokenData 

type RESTTokenData struct {
	Token               *RESTToken `json:"token"`
	PwdDaysUntilExpire  int        `json:"password_days_until_expire"`  // negative means we don't know it (for ldap/saml/oidc login).
	PwdHoursUntilExpire int        `json:"password_hours_until_expire"` // the hours part beyond PwdDaysUntilExpire, 0 ~ 23
	NeedToResetPassword bool       `json:"need_to_reset_password"`      // prompt the uer to login again & provide the new password to reset after login

}

type RESTTokenRedirect 

type RESTTokenRedirect struct {
	// The NeuVector URL to redirect after authentication/logout.
	Redirect string `json:"redirect_endpoint"`
	// (Optional)
	// When absent, the redirect url will be used as issuer in SAML request.
	// When it is specified, the value here will be used as the issuer.
	// This is for Single Logout where redirect url and issue can be different.
	Issuer string `json:"issuer"`
}

Used to generate redirect request for integration like SAML or OIDC.

type RESTUnquarReq 

type RESTUnquarReq struct {
	RuleID uint32 `json:"response_rule,omitempty"`
	Group  string `json:"group,omitempty"`
}

type RESTUpgradeInfo 

type RESTUpgradeInfo struct {
	Version     string `json:"version"` // must be in semantic versioning, like v5.0.0
	ReleaseDate string `json:"release_date"`
	Tag         string `json:"tag"`
}

telemetry

type RESTUpgradeVersionInfo 

type RESTUpgradeVersionInfo struct {
	Version     string `json:"version"`
	ReleaseDate string `json:"release_date"`
	Tag         string `json:"tag"`
}

type RESTUser 

type RESTUser struct {
	Fullname              string                 `json:"fullname"`
	Server                string                 `json:"server"`
	Username              string                 `json:"username"`
	Password              string                 `json:"password,cloak"`
	EMail                 string                 `json:"email"`
	Role                  string                 `json:"role"`
	ExtraPermits          []*RESTRolePermission  `json:"extra_permissions,omitempty"` // extra permissions(other than 'Role') on global domain. only for Rancher SSO
	Timeout               uint32                 `json:"timeout"`
	Locale                string                 `json:"locale"`
	DefaultPWD            bool                   `json:"default_password"`                    // If the user is using default password
	ModifyPWD             bool                   `json:"modify_password"`                     // if the password should be modified
	RoleDomains           map[string][]string    `json:"role_domains,omitempty"`              // role -> domains
	ExtraPermitsDomains   []RESTPermitsAssigned  `json:"extra_permissions_domains,omitempty"` // list of extra permissions(other than 'RoleDomains') on namespaces. only for Rancher SSO
	RemoteRolePermits     *RESTRemoteRolePermits `json:"remote_role_permissions,omitempty"`   // permissions on managed clusters in fed. only for Rancher SSO
	LastLoginTimeStamp    int64                  `json:"last_login_timestamp"`
	LastLoginAt           string                 `json:"last_login_at"`
	LoginCount            uint32                 `json:"login_count"`
	BlockedForFailedLogin bool                   `json:"blocked_for_failed_login"`     // if the user is blocked for too mnay failed login
	BlockedForPwdExpired  bool                   `json:"blocked_for_password_expired"` // if the user is blocked for expired password
	PwdResettable         bool                   `json:"password_resettable"`          // if the user's password can be reset by the current login user
}

type RESTUserConfig 

type RESTUserConfig struct {
	Fullname    string               `json:"fullname"`
	Password    *string              `json:"password,omitempty,cloak"`
	NewPassword *string              `json:"new_password,omitempty,cloak"`
	PwdProfile  *string              `json:"pwd_profile"`
	EMail       *string              `json:"email,omitempty"`
	Role        *string              `json:"role,omitempty"`
	Timeout     *uint32              `json:"timeout,omitempty"`
	Locale      *string              `json:"locale,omitempty"`
	RoleDomains *map[string][]string `json:"role_domains,omitempty"` // role -> domains
}

type RESTUserConfigData 

type RESTUserConfigData struct {
	Config *RESTUserConfig `json:"config"`
}

type RESTUserData 

type RESTUserData struct {
	User *RESTUser `json:"user"`
}

type RESTUserPermitOption 

type RESTUserPermitOption struct {
	ID             string `json:"id"`
	ReadSupported  bool   `json:"read_supported"`
	WriteSupported bool   `json:"write_supported"`
}

custom role

type RESTUserPermitOptions 

type RESTUserPermitOptions struct {
	GlobalOptions []*RESTUserPermitOption `json:"global_options"`
	DomainOptions []*RESTUserPermitOption `json:"domain_options"`
}

type RESTUserPwdConfig 

type RESTUserPwdConfig struct {
	Fullname            string  `json:"fullname"`
	ClearFailedLogin    *bool   `json:"clear_failed_login,omitempty"`
	NewPassword         *string `json:"new_password,omitempty,cloak"`
	ForceResetPwd       bool    `json:"force_reset_password,omitempty"`
	ResetPwdInNextLogin bool    `json:"reset_password_in_next_login,omitempty"`
}

type RESTUserPwdConfigData 

type RESTUserPwdConfigData struct {
	Config *RESTUserPwdConfig `json:"config"`
}

type RESTUserRole 

type RESTUserRole struct {
	Name        string                `json:"name"`
	Comment     string                `json:"comment"`
	Reserved    bool                  `json:"reserved"` // true for pre-defined roles
	Permissions []*RESTRolePermission `json:"permissions"`
}

type RESTUserRoleConfig 

type RESTUserRoleConfig struct {
	Name        string                `json:"name"`
	Comment     string                `json:"comment"`
	Permissions []*RESTRolePermission `json:"permissions"`
}

type RESTUserRoleConfigData 

type RESTUserRoleConfigData struct {
	Config *RESTUserRoleConfig `json:"config"`
}

type RESTUserRoleData 

type RESTUserRoleData struct {
	Role *RESTUserRole `json:"role"`
}

type RESTUserRoleDomainsConfig 

type RESTUserRoleDomainsConfig struct {
	Fullname string   `json:"fullname"`
	Role     string   `json:"role"`
	Domains  []string `json:"domains"`
}

Used by CLI to set one role domain at a time.

type RESTUserRoleDomainsConfigData 

type RESTUserRoleDomainsConfigData struct {
	Config *RESTUserRoleDomainsConfig `json:"config"`
}

type RESTUserRolesData 

type RESTUserRolesData struct {
	Roles []*RESTUserRole `json:"roles"`
}

type RESTUserRolesDataCfgMap 

type RESTUserRolesDataCfgMap struct {
	RESTUserRolesData
	AlwaysReload bool `json:"always_reload"`
}

type RESTUsersData 

type RESTUsersData struct {
	Users       []*RESTUser `json:"users"`
	GlobalRoles []string    `json:"global_roles"`
	DomainRoles []string    `json:"domain_roles"`
}

type RESTUsersDataCfgMap 

type RESTUsersDataCfgMap struct {
	RESTUsersData
	AlwaysReload bool `json:"always_reload"`
}

type RESTViolationWorkload 

type RESTViolationWorkload struct {
	Workload *RESTWorkloadBrief `json:"workload"`
	Count    int                `json:"count"`
}

type RESTVulQueryStats 

type RESTVulQueryStats struct {
	TotalRecordCount        int                     `json:"total_records"`
	TotalMatchedRecordCount int                     `json:"total_matched_records"`
	QueryToken              string                  `json:"query_token"`
	PerfStats               []string                `json:"debug_perf_stats"`
	Summary                 *VulAssetSessionSummary `json:"summary"`
}

type RESTVulnPackageVersion 

type RESTVulnPackageVersion struct {
	PackageVersion string `json:"package_version"`
	FixedVersion   string `json:"fixed_version"`
}

type RESTVulnProfilesExport 

type RESTVulnProfilesExport struct {
	Names               []string                 `json:"names"`
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

vlunerability profile export. only support "default" profile to export(5.3+)

type RESTVulnerability 

type RESTVulnerability struct {
	Name           string   `json:"name"`
	Score          float32  `json:"score"`
	Severity       string   `json:"severity"`
	Vectors        string   `json:"vectors"`
	Description    string   `json:"description"`
	FileName       string   `json:"file_name"`
	PackageName    string   `json:"package_name"`
	PackageVersion string   `json:"package_version"`
	FixedVersion   string   `json:"fixed_version"`
	Link           string   `json:"link"`
	ScoreV3        float32  `json:"score_v3"`
	VectorsV3      string   `json:"vectors_v3"`
	PublishedTS    int64    `json:"published_timestamp"`
	LastModTS      int64    `json:"last_modified_timestamp"`
	CPEs           []string `json:"cpes,omitempty"`
	CVEs           []string `json:"cves,omitempty"`
	FeedRating     string   `json:"feed_rating"`
	InBaseImage    bool     `json:"in_base_image,omitempty"`
	Tags           []string `json:"tags,omitempty"`
	DbKey          string   `json:"-"`
}

type RESTVulnerabilityAsset 

type RESTVulnerabilityAsset struct {
	Name        string                              `json:"name"`
	Severity    string                              `json:"severity"`
	Description string                              `json:"description"`
	Packages    map[string][]RESTVulnPackageVersion `json:"packages"`
	Link        string                              `json:"link"`
	Score       float32                             `json:"score"`
	Vectors     string                              `json:"vectors"`
	ScoreV3     float32                             `json:"score_v3"`
	VectorsV3   string                              `json:"vectors_v3"`
	PublishedTS int64                               `json:"published_timestamp"`
	LastModTS   int64                               `json:"last_modified_timestamp"`
	Workloads   []string                            `json:"workloads"`
	Nodes       []string                            `json:"nodes"`
	Images      []string                            `json:"images"`
	Platforms   []string                            `json:"platforms"`
}

type RESTVulnerabilityAssetData 

type RESTVulnerabilityAssetData struct {
	Vuls      []*RESTVulnerabilityAsset `json:"vulnerabilities"`
	Workloads map[string][]RESTIDName   `json:"workloads"`
	Nodes     map[string][]RESTIDName   `json:"nodes"`
	Images    map[string][]RESTIDName   `json:"images"`
	Platforms map[string][]RESTIDName   `json:"platforms"`
}

type RESTVulnerabilityAssetDataV2 

type RESTVulnerabilityAssetDataV2 struct {
	Vuls               []*RESTVulnerabilityAssetV2 `json:"vulnerabilities"`
	QuickFilterMatched int                         `json:"qf_matched_records"`
	PerfStats          []string                    `json:"debug_perf_stats,omitempty"`
}

type RESTVulnerabilityAssetV2 

type RESTVulnerabilityAssetV2 struct {
	Name        string                              `json:"name"`
	Severity    string                              `json:"severity"`
	Description string                              `json:"description"`
	Packages    map[string][]RESTVulnPackageVersion `json:"packages"`
	Link        string                              `json:"link"`
	Score       float32                             `json:"score"`
	Vectors     string                              `json:"vectors"`
	ScoreV3     float32                             `json:"score_v3"`
	VectorsV3   string                              `json:"vectors_v3"`
	PublishedTS int64                               `json:"published_timestamp"`
	LastModTS   int64                               `json:"last_modified_timestamp"`

	Workloads   []*RESTWorkloadAsset `json:"workloads,omitempty"`
	WorkloadIDs []string             `json:"-"`

	Nodes    []*RESTHostAsset `json:"nodes,omitempty"`
	NodesIDs []string         `json:"-"`

	Images    []*RESTImageAsset `json:"images,omitempty"`
	ImagesIDs []string          `json:"-"`

	Platforms    []*RESTPlatformAsset `json:"platforms,omitempty"`
	PlatformsIDs []string             `json:"-"`
}

type RESTVulnerabilityProfile 

type RESTVulnerabilityProfile struct {
	Name    string                          `json:"name"`
	Entries []RESTVulnerabilityProfileEntry `json:"entries"`
	CfgType string                          `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround (see above)
}

type RESTVulnerabilityProfileConfig 

type RESTVulnerabilityProfileConfig struct {
	Name    string                            `json:"name"`
	Entries *[]*RESTVulnerabilityProfileEntry `json:"entries,omitempty"`
	CfgType string                            `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround (see above)
}

type RESTVulnerabilityProfileConfigData 

type RESTVulnerabilityProfileConfigData struct {
	Config *RESTVulnerabilityProfileConfig `json:"config"`
}

type RESTVulnerabilityProfileData 

type RESTVulnerabilityProfileData struct {
	Profile *RESTVulnerabilityProfile `json:"profile"`
}

type RESTVulnerabilityProfileEntry 

type RESTVulnerabilityProfileEntry struct {
	ID      uint32   `json:"id"`
	Name    string   `json:"name"`
	Comment string   `json:"comment"`
	Days    uint     `json:"days"` // Only used for 'recent' vuln entries
	Domains []string `json:"domains"`
	Images  []string `json:"images"`
}

type RESTVulnerabilityProfileEntryConfigData 

type RESTVulnerabilityProfileEntryConfigData struct {
	Config *RESTVulnerabilityProfileEntry `json:"config"`
}

type RESTVulnerabilityProfilesData 

type RESTVulnerabilityProfilesData struct {
	Profiles []*RESTVulnerabilityProfile `json:"profiles"`
}

type RESTWafConfig 

type RESTWafConfig struct {
	Name    string `json:"name"`
	Action  string `json:"action"`
	Comment string `json:"comment,omitempty"`
}

type RESTWafCriteriaEntry 

type RESTWafCriteriaEntry struct {
	Key     string `json:"key"`
	Value   string `json:"value"`
	Op      string `json:"op"`
	Context string `json:"context,omitempty"`
}

type RESTWafGroup 

type RESTWafGroup struct {
	Name    string            `json:"name"`
	Status  bool              `json:"status"`
	Sensors []*RESTWafSetting `json:"sensors"`
	CfgType string            `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround
}

type RESTWafGroupConfig 

type RESTWafGroupConfig struct {
	Name       string           `json:"name"`
	Status     *bool            `json:"status,omitempty"`
	DelSensors *[]string        `json:"delete,omitempty"`  //delete list used by CLI
	Sensors    *[]RESTWafConfig `json:"sensors,omitempty"` //change list used by CLI
	RepSensors *[]RESTWafConfig `json:"replace,omitempty"` //replace list used by GUI
}

type RESTWafGroupConfigData 

type RESTWafGroupConfigData struct {
	Config *RESTWafGroupConfig `json:"config"`
}

type RESTWafGroupData 

type RESTWafGroupData struct {
	WafGroup *RESTWafGroup `json:"waf_group"`
}

type RESTWafGroupsData 

type RESTWafGroupsData struct {
	WafGroups []*RESTWafGroup `json:"waf_groups"`
}

type RESTWafRule 

type RESTWafRule struct {
	Name     string                 `json:"name"` // simple rule anme
	ID       uint32                 `json:"id"`
	Patterns []RESTWafCriteriaEntry `json:"patterns"`
	CfgType  string                 `json:"cfg_type"`
}

type RESTWafRuleData 

type RESTWafRuleData struct {
	Rule *RESTWafRuleDetail `json:"rule"`
}

type RESTWafRuleDetail 

type RESTWafRuleDetail struct {
	Sensors []string       `json:"sensors"`
	Rules   []*RESTWafRule `json:"rules"`
}

type RESTWafRulesData 

type RESTWafRulesData struct {
	Rules []*RESTWafRule `json:"rules"`
}

type RESTWafSensor 

type RESTWafSensor struct {
	Name      string         `json:"name"`
	GroupList []string       `json:"groups"`
	RuleList  []*RESTWafRule `json:"rules"`
	Comment   string         `json:"comment"`
	Predefine bool           `json:"predefine"`
	CfgType   string         `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround
}

type RESTWafSensorConfig 

type RESTWafSensorConfig struct {
	Name        string         `json:"name"`
	RuleChgList *[]RESTWafRule `json:"change,omitempty"` //change list used by CLI
	RuleDelList *[]RESTWafRule `json:"delete,omitempty"` //delete list used by CLI
	Rules       *[]RESTWafRule `json:"rules,omitempty"`  //replace list used by GUI
	Comment     *string        `json:"comment,omitempty"`
}

type RESTWafSensorConfigData 

type RESTWafSensorConfigData struct {
	Config *RESTWafSensorConfig `json:"config"`
}

type RESTWafSensorData 

type RESTWafSensorData struct {
	Sensor *RESTWafSensor `json:"sensor"`
}

type RESTWafSensorExport 

type RESTWafSensorExport struct {
	Names               []string                 `json:"names"`
	RemoteExportOptions *RESTRemoteExportOptions `json:"remote_export_options,omitempty"`
}

type RESTWafSensorsData 

type RESTWafSensorsData struct {
	Sensors []*RESTWafSensor `json:"sensors"`
}

type RESTWafSetting 

type RESTWafSetting struct {
	Name    string `json:"name"`
	Action  string `json:"action"`
	Exist   bool   `json:"exist"`
	Comment string `json:"comment,omitempty"`
	CfgType string `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeGround. It's from the WAF sensor's cfgType
}

type RESTWebhook 

type RESTWebhook struct {
	Name     string `json:"name"`
	Url      string `json:"url"`
	Enable   bool   `json:"enable"`
	UseProxy bool   `json:"use_proxy"`
	Type     string `json:"type"`
	CfgType  string `json:"cfg_type"` // CfgTypeUserCreated / CfgTypeFederal (see above)
}

type RESTWorkload 

type RESTWorkload struct {
	RESTWorkloadBrief
	AgentID        string                   `json:"enforcer_id"`
	AgentName      string                   `json:"enforcer_name"`
	NetworkMode    string                   `json:"network_mode"`
	CreatedAt      string                   `json:"created_at"`
	StartedAt      string                   `json:"started_at"`
	FinishedAt     string                   `json:"finished_at"`
	Running        bool                     `json:"running"`
	SecuredAt      string                   `json:"secured_at"`
	ExitCode       int                      `json:"exit_code"`
	Ifaces         map[string][]*RESTIPAddr `json:"interfaces"`
	Ports          []*RESTWorkloadPorts     `json:"ports"`
	Labels         map[string]string        `json:"labels"`
	Applications   []string                 `json:"applications"`
	MemoryLimit    int64                    `json:"memory_limit"`
	CPUs           string                   `json:"cpus"`
	Children       []*RESTWorkload          `json:"children"`
	ServiceAccount string                   `json:"service_account"`
}

type RESTWorkloadAsset 

type RESTWorkloadAsset struct {
	ID          string `json:"id"`
	Domain      string `json:"domain"`
	DisplayName string `json:"display_name"`
	PolicyMode  string `json:"policy_mode"`
	Service     string `json:"service"`
	Image       string `json:"image"`
}

type RESTWorkloadAssetView 

type RESTWorkloadAssetView struct {
	ID              string   `json:"id"`
	Name            string   `json:"name"`
	Domain          string   `json:"domain"`
	Image           string   `json:"image"`
	Applications    []string `json:"applications"`
	PolicyMode      string   `json:"policy_mode"`
	ServiceGroup    string   `json:"service_group"`
	High            int      `json:"high"`
	Medium          int      `json:"medium"`
	Low             int      `json:"low"`
	Vulnerabilities []string `json:"vulnerabilities"`
	ScannedAt       string   `json:"scanned_at"`
}

type RESTWorkloadBrief 

type RESTWorkloadBrief struct {
	ID                 string               `json:"id"`
	Name               string               `json:"name"`
	DisplayName        string               `json:"display_name"`
	PodName            string               `json:"pod_name"`
	HostName           string               `json:"host_name"`
	HostID             string               `json:"host_id"`
	Image              string               `json:"image"`
	ImageID            string               `json:"image_id"`
	ImgCreateAt        string               `json:"image_created_at"`
	ImgRegScand        bool                 `json:"image_reg_scanned"`
	PlatformRole       string               `json:"platform_role"`
	Domain             string               `json:"domain"`
	State              string               `json:"state"`
	Service            string               `json:"service"`
	Author             string               `json:"author"`
	ServiceGroup       string               `json:"service_group"`
	ShareNSWith        string               `json:"share_ns_with,omitempty"`
	CapSniff           bool                 `json:"cap_sniff"`
	HasDatapath        bool                 `json:"has_datapath"`
	CapQuar            bool                 `json:"cap_quarantine"`
	CapChgMode         bool                 `json:"cap_change_mode"`
	PolicyMode         string               `json:"policy_mode"`
	ProfileMode        string               `json:"profile_mode"`
	ScanSummary        *RESTScanBrief       `json:"scan_summary"`
	Children           []*RESTWorkloadBrief `json:"children"`
	QuarReason         string               `json:"quarantine_reason,omitempty"`
	ServiceMesh        bool                 `json:"service_mesh"`
	ServiceMeshSidecar bool                 `json:"service_mesh_sidecar"`
	Privileged         bool                 `json:"privileged"`
	RunAsRoot          bool                 `json:"run_as_root"`
	BaselineProfile    string               `json:"baseline_profile"`
}

func (*RESTWorkloadBrief) GetDomain 

func (o *RESTWorkloadBrief) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

NOTE: This is a special case. Only read is authorized, but there is no data structure associated 

with the write action. We use this object to authorize again.

type RESTWorkloadBriefV2 

type RESTWorkloadBriefV2 struct {
	ID           string `json:"id"`
	Name         string `json:"name"`
	DisplayName  string `json:"display_name"`
	HostName     string `json:"host_name"`
	HostID       string `json:"host_id"`
	Image        string `json:"image"`
	ImageID      string `json:"image_id"`
	ImgCreateAt  string `json:"image_created_at"`
	ImgRegScand  bool   `json:"image_reg_scanned"`
	Domain       string `json:"domain"`
	State        string `json:"state"`
	Service      string `json:"service"`
	Author       string `json:"author"`
	ServiceGroup string `json:"service_group"`
}

type RESTWorkloadConfig 

type RESTWorkloadConfig struct {
	Wire       string `json:"wire,omitempty"`
	Quarantine bool   `json:"quarantine"`
	QuarReason string `json:"quarantine_reason,omitempty"`
}

type RESTWorkloadConfigCfg 

type RESTWorkloadConfigCfg struct {
	Wire       *string `json:"wire,omitempty"`
	Quarantine *bool   `json:"quarantine,omitempty"`
}

Omit fields indicate that it's not modified.

type RESTWorkloadConfigCfgData 

type RESTWorkloadConfigCfgData struct {
	Config *RESTWorkloadConfigCfg `json:"config"`
}

type RESTWorkloadConfigData 

type RESTWorkloadConfigData struct {
	Config *RESTWorkloadConfig `json:"config"`
}

type RESTWorkloadDetail 

type RESTWorkloadDetail struct {
	RESTWorkload
	Groups   []string              `json:"groups"`
	AppPorts map[string]string     `json:"app_ports"`
	Children []*RESTWorkloadDetail `json:"children"`
}

type RESTWorkloadDetailData 

type RESTWorkloadDetailData struct {
	Workload *RESTWorkloadDetail `json:"workload"`
}

type RESTWorkloadDetailDataV2 

type RESTWorkloadDetailDataV2 struct {
	Workload *RESTWorkloadDetailV2 `json:"workload"`
}

type RESTWorkloadDetailMiscV2 

type RESTWorkloadDetailMiscV2 struct {
	Groups   []string                `json:"groups"`
	AppPorts map[string]string       `json:"app_ports"`
	Children []*RESTWorkloadDetailV2 `json:"children"`
}

type RESTWorkloadDetailV2 

type RESTWorkloadDetailV2 struct {
	RESTWorkloadV2
	Misc RESTWorkloadDetailMiscV2 `json:"misc"`
}

type RESTWorkloadIntercept 

type RESTWorkloadIntercept struct {
	ID         string                       `json:"id"`
	Inline     bool                         `json:"inline"`
	Quarantine bool                         `json:"quarantine"`
	Ports      []*RESTWorkloadInterceptPort `json:"ports"`
}

type RESTWorkloadInterceptData 

type RESTWorkloadInterceptData struct {
	Intercept *RESTWorkloadIntercept `json:"intercept"`
}

type RESTWorkloadInterceptPort 

type RESTWorkloadInterceptPort struct {
	Port          string `json:"port"`
	Peer          string `json:"peer"`
	MAC           string `json:"mac"`
	UCMAC         string `json:"uc_mac"`
	BCMAC         string `json:"bc_mac"`
	InPort        string `json:"in_port"`
	ExPort        string `json:"ex_port"`
	InPortRules   string `json:"in_rules"`
	ExPortRules   string `json:"ex_rules"`
	EnforcerRules string `json:"enforcer_rules"`
}

type RESTWorkloadPorts 

type RESTWorkloadPorts struct {
	RESTProtoPort
	HostIP   string `json:"host_ip"`
	HostPort uint16 `json:"host_port"`
}

type RESTWorkloadRequest 

type RESTWorkloadRequest struct {
	Command string `json:"command,omitempty"`
}

type RESTWorkloadRequestData 

type RESTWorkloadRequestData struct {
	Request RESTWorkloadRequest `json:"request"`
}

type RESTWorkloadRtAttribesV2 

type RESTWorkloadRtAttribesV2 struct {
	PodName        string                   `json:"pod_name"`
	ShareNSWith    string                   `json:"share_ns_with,omitempty"`
	Privileged     bool                     `json:"privileged"`
	RunAsRoot      bool                     `json:"run_as_root"`
	Labels         map[string]string        `json:"labels"`
	MemoryLimit    int64                    `json:"memory_limit"`
	CPUs           string                   `json:"cpus"`
	ServiceAccount string                   `json:"service_account"`
	NetworkMode    string                   `json:"network_mode"`
	Ifaces         map[string][]*RESTIPAddr `json:"interfaces"`
	Ports          []*RESTWorkloadPorts     `json:"ports"`
	Applications   []string                 `json:"applications"`
}

type RESTWorkloadSecurityV2 

type RESTWorkloadSecurityV2 struct {
	CapSniff           bool           `json:"cap_sniff"`
	CapQuar            bool           `json:"cap_quarantine"`
	CapChgMode         bool           `json:"cap_change_mode"`
	ServiceMesh        bool           `json:"service_mesh"`
	ServiceMeshSidecar bool           `json:"service_mesh_sidecar"`
	PolicyMode         string         `json:"policy_mode"`
	ProfileMode        string         `json:"profile_mode"`
	BaselineProfile    string         `json:"baseline_profile"`
	QuarReason         string         `json:"quarantine_reason,omitempty"`
	ScanSummary        *RESTScanBrief `json:"scan_summary"`
}

type RESTWorkloadStatsData 

type RESTWorkloadStatsData struct {
	ID     string     `json:"id"`
	ReadAt string     `json:"read_at"`
	Stats  *RESTStats `json:"stats"`
}

type RESTWorkloadV2 

type RESTWorkloadV2 struct {
	WlBrief        RESTWorkloadBriefV2      `json:"brief"`
	WlSecurity     RESTWorkloadSecurityV2   `json:"security"`
	WlRtAttributes RESTWorkloadRtAttribesV2 `json:"rt_attributes"`
	Children       []*RESTWorkloadV2        `json:"children"`
	AgentID        string                   `json:"enforcer_id"`
	AgentName      string                   `json:"enforcer_name"`
	PlatformRole   string                   `json:"platform_role"`
	CreatedAt      string                   `json:"created_at"`
	StartedAt      string                   `json:"started_at"`
	FinishedAt     string                   `json:"finished_at"`
	Running        bool                     `json:"running"`
	SecuredAt      string                   `json:"secured_at"`
	ExitCode       int                      `json:"exit_code"`
}

type RESTWorkloadsBriefData 

type RESTWorkloadsBriefData struct {
	Workloads []*RESTWorkloadBrief `json:"workloads"`
}

type RESTWorkloadsData 

type RESTWorkloadsData struct {
	Workloads []*RESTWorkload `json:"workloads"`
}

type RESTWorkloadsDataV2 

type RESTWorkloadsDataV2 struct {
	Workloads []*RESTWorkloadV2 `json:"workloads"` // for pagination, manager needs each layer in workload object to have <22 members
}

type RESTX509CertInfo 

type RESTX509CertInfo struct {
	X509Cert          string `json:"x509_cert"`
	IssuerCommonName  string `json:"issuer_cn"`
	SubjectCommonName string `json:"subject_cn"`
	ValidityNotAfter  uint64 `json:"subject_notafter"`
}

type REST_SigstoreRootOfTrustCollection 

type REST_SigstoreRootOfTrustCollection struct {
	RootsOfTrust []REST_SigstoreRootOfTrust_GET `json:"roots_of_trust"`
}

type REST_SigstoreRootOfTrust_GET 

type REST_SigstoreRootOfTrust_GET struct {
	Name                 string                  `json:"name"`
	IsPrivate            bool                    `json:"is_private"`
	RootlessKeypairsOnly bool                    `json:"rootless_keypairs_only"`
	RekorPublicKey       string                  `json:"rekor_public_key,omitempty"`
	RootCert             string                  `json:"root_cert,omitempty"`
	SCTPublicKey         string                  `json:"sct_public_key,omitempty"`
	Verifiers            []REST_SigstoreVerifier `json:"verifiers,omitempty"`
	CfgType              string                  `json:"cfg_type"`
	Comment              string                  `json:"comment"`
}

type REST_SigstoreRootOfTrust_PATCH 

type REST_SigstoreRootOfTrust_PATCH struct {
	RekorPublicKey *string `json:"rekor_public_key,omitempty"`
	RootCert       *string `json:"root_cert,omitempty"`
	SCTPublicKey   *string `json:"sct_public_key,omitempty"`
	Comment        *string `json:"comment,omitempty"`
}

type REST_SigstoreRootOfTrust_POST 

type REST_SigstoreRootOfTrust_POST struct {
	Name                 string `json:"name"`
	IsPrivate            bool   `json:"is_private"`
	RootlessKeypairsOnly bool   `json:"rootless_keypairs_only"`
	RekorPublicKey       string `json:"rekor_public_key,omitempty"`
	RootCert             string `json:"root_cert,omitempty"`
	SCTPublicKey         string `json:"sct_public_key,omitempty"`
	Comment              string `json:"comment"`
}

type REST_SigstoreVerifier 

type REST_SigstoreVerifier struct {
	Name         string `json:"name"`
	VerifierType string `json:"verifier_type"`
	PublicKey    string `json:"public_key"`
	CertIssuer   string `json:"cert_issuer"`
	CertSubject  string `json:"cert_subject"`
	Comment      string `json:"comment"`
}

type REST_SigstoreVerifierCollection 

type REST_SigstoreVerifierCollection struct {
	Verifiers []REST_SigstoreVerifier `json:"verifiers"`
}

type REST_SigstoreVerifier_PATCH 

type REST_SigstoreVerifier_PATCH struct {
	VerifierType *string `json:"verifier_type,omitempty"`
	PublicKey    *string `json:"public_key,omitempty"`
	CertIssuer   *string `json:"cert_issuer,omitempty"`
	CertSubject  *string `json:"cert_subject,omitempty"`
	Comment      *string `json:"comment,omitempty"`
}

type Resource 

type Resource struct {
	ID      string            `json:"id,omitempty"`
	Type    string            `json:"type,omitempty"`
	Links   map[string]string `json:"links"`
	Actions map[string]string `json:"actions"`
}

type Sort 

type Sort struct {
	Name    string            `json:"name,omitempty"`
	Order   SortOrder         `json:"order,omitempty"`
	Reverse string            `json:"reverse,omitempty"`
	Links   map[string]string `json:"links,omitempty"`
}

type SortOrder 

type SortOrder string

type Threat 

type Threat struct {
	LogCommon
	ID              string `json:"id"`
	ThreatID        uint32 `json:"threat_id"`
	ClientWL        string `json:"client_workload_id"`
	ClientWLName    string `json:"client_workload_name"`
	ClientWLDomain  string `json:"client_workload_domain,omitempty"`
	ClientWLImage   string `json:"client_workload_image,omitempty"`
	ClientWLService string `json:"client_workload_service,omitempty"`
	ServerWL        string `json:"server_workload_id"`
	ServerWLName    string `json:"server_workload_name"`
	ServerWLDomain  string `json:"server_workload_domain,omitempty"`
	ServerWLImage   string `json:"server_workload_image,omitempty"`
	ServerWLService string `json:"server_workload_service,omitempty"`
	Severity        string `json:"severity"`
	Action          string `json:"action"`
	Count           uint32 `json:"count"`
	EtherType       uint16 `json:"ether_type"`
	ClientPort      uint16 `json:"client_port"`
	ServerPort      uint16 `json:"server_port"`
	ServerConnPort  uint16 `json:"server_conn_port"`
	ICMPCode        uint8  `json:"icmp_code"`
	ICMPType        uint8  `json:"icmp_type"`
	IPProto         uint8  `json:"ip_proto"`
	ClientIP        string `json:"client_ip"`
	ServerIP        string `json:"server_ip"`
	Application     string `json:"application"`
	Sensor          string `json:"sensor"`
	Group           string `json:"group"`
	Target          string `json:"target"`
	Monitor         bool   `json:"monitor"`
	CapLen          uint16 `json:"cap_len,omitempty"`
	Packet          string `json:"packet,omitempty"`
	Msg             string `json:"message"`
}

func (*Threat) GetDomain 

func (o *Threat) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type User 

type User struct {
	Resource
	Annotations          map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
	Conditions           []UserCondition   `json:"conditions,omitempty" yaml:"conditions,omitempty"`
	Created              string            `json:"created,omitempty" yaml:"created,omitempty"`
	CreatorID            string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
	Description          string            `json:"description,omitempty" yaml:"description,omitempty"`
	Enabled              *bool             `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Labels               map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
	Me                   bool              `json:"me,omitempty" yaml:"me,omitempty"`
	MustChangePassword   bool              `json:"mustChangePassword,omitempty" yaml:"mustChangePassword,omitempty"`
	Name                 string            `json:"name,omitempty" yaml:"name,omitempty"`
	OwnerReferences      []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
	Password             string            `json:"password,omitempty" yaml:"password,omitempty"`
	PrincipalIDs         []string          `json:"principalIds,omitempty" yaml:"principalIds,omitempty"`
	Removed              string            `json:"removed,omitempty" yaml:"removed,omitempty"`
	State                string            `json:"state,omitempty" yaml:"state,omitempty"`
	Transitioning        string            `json:"transitioning,omitempty" yaml:"transitioning,omitempty"`
	TransitioningMessage string            `json:"transitioningMessage,omitempty" yaml:"transitioningMessage,omitempty"`
	UUID                 string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
	Username             string            `json:"username,omitempty" yaml:"username,omitempty"`
}

type UserAccessControl 

type UserAccessControl struct {
	LoginName           string
	LoginID             string
	LoginType           int
	Op                  string
	Roles               map[string]string              // domain -> role
	WRoles              map[string]string              // special domain(containing wildcard char) -> role
	ExtraPermits        map[string]share.NvPermissions // domain -> permissions. only for Rancher SSO
	ApiCategoryID       int8
	RequiredPermissions uint32
	BoostPermissions    uint32
}

type UserCollection 

type UserCollection struct {
	Collection
	Data []User `json:"data,omitempty"`
}

type UserCondition 

type UserCondition struct {
	LastTransitionTime string `json:"lastTransitionTime,omitempty" yaml:"lastTransitionTime,omitempty"`
	LastUpdateTime     string `json:"lastUpdateTime,omitempty" yaml:"lastUpdateTime,omitempty"`
	Message            string `json:"message,omitempty" yaml:"message,omitempty"`
	Reason             string `json:"reason,omitempty" yaml:"reason,omitempty"`
	Status             string `json:"status,omitempty" yaml:"status,omitempty"`
	Type               string `json:"type,omitempty" yaml:"type,omitempty"`
}

type Violation 

type Violation struct {
	LogCommon
	ID            string   `json:"id"`
	ClientWL      string   `json:"client_id"`
	ClientName    string   `json:"client_name"`
	ClientDomain  string   `json:"client_domain,omitempty"`
	ClientImage   string   `json:"client_image,omitempty"`
	ClientService string   `json:"client_service,omitempty"`
	ServerWL      string   `json:"server_id"`
	ServerName    string   `json:"server_name"`
	ServerDomain  string   `json:"server_domain,omitempty"`
	ServerImage   string   `json:"server_image,omitempty"`
	ServerService string   `json:"server_service,omitempty"`
	ServerPort    uint16   `json:"server_port"`
	IPProto       uint8    `json:"ip_proto"`
	Applications  []string `json:"applications"`
	Servers       []string `json:"servers"`
	Sessions      uint32   `json:"sessions"`
	PolicyAction  string   `json:"policy_action"`
	PolicyID      uint32   `json:"policy_id"`
	ClientIP      string   `json:"client_ip"`
	ServerIP      string   `json:"server_ip"`
	FQDN          string   `json:"fqdn"`
	Xff           bool     `json:"xff"`
	Nbe           bool     `json:"nbe"`
}

func (*Violation) GetDomain 

func (o *Violation) GetDomain(f share.GetAccessObjectFunc) ([]string, []string)

type VulAssetCountDist 

type VulAssetCountDist struct {
	Critical   int `json:"critical,omitempty"`
	High       int `json:"high"`
	Medium     int `json:"medium"`
	Low        int `json:"low"`
	Platforms  int `json:"platform"`
	Images     int `json:"image"`
	Nodes      int `json:"node"`
	Containers int `json:"container"`
}

func (VulAssetCountDist) MarshalJSON 

func (c VulAssetCountDist) MarshalJSON() ([]byte, error)

temporarily revert critical cve logic

type VulAssetSessionSummary 

type VulAssetSessionSummary struct {
	CountDist *VulAssetCountDist `json:"count_distribution"`
	TopImages []*AssetCVECount   `json:"top_images"`
	TopNodes  []*AssetCVECount   `json:"top_nodes"`
}

type VulQueryFilterViewModel 

type VulQueryFilterViewModel struct {
	PackageType   string `json:"packageType"`
	SeverityType  string `json:"severityType"`
	ScoreType     string `json:"scoreType"`
	PublishedType string `json:"publishedType"`
	PublishedTime int64  `json:"publishedTime"`

	MatchType4Ns    string   `json:"matchTypeNs"`
	SelectedDomains []string `json:"selectedDomains"`

	ServiceName   string `json:"serviceName"`
	ImageName     string `json:"imageName"`
	NodeName      string `json:"nodeName"`
	ContainerName string `json:"containerName"`

	ServiceNameMatchType   string `json:"matchTypeService"`
	ImageNameMatchType     string `json:"matchTypeImage"`
	NodeNameMatchType      string `json:"matchTypeNode"`
	ContainerNameMatchType string `json:"matchTypeContainer"`

	ScoreV2 []int `json:"scoreV2"`
	ScoreV3 []int `json:"scoreV3"`

	QuickFilter string `json:"quickFilter"`

	OrderByColumn string `json:"orderbyColumn"`
	OrderByType   string `json:"orderby"`
	ViewType      string `json:"viewType"`

	//specific for /v1/assetvul
	LastModifiedTime int64  `json:"last_modified_timestamp"`
	DebugCVEName     string `json:"debugcve"`
}

for Vulnerability Page

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.