Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ApplyFunc ¶
type ApplyFunc func(interface{}) (interface{}, error)
Prepared function to apply the change
type Assessment ¶
type Assessment struct {
// RequirementID is the unique identifier for the requirement being tested
RequirementId string `yaml:"requirement-id"`
// Applicability is a slice of identifier strings to determine when this test is applicable
Applicability []string `yaml:"applicability"`
// Description is a human-readable description of the test
Description string `yaml:"description"`
// Result is true if the test passed
Result Result `yaml:"result"`
// Message is the human-readable result of the test
Message string `yaml:"message"`
// Steps is a slice of steps that were executed during the test
Steps []AssessmentStep `yaml:"steps"`
// StepsExecuted is the number of steps that were executed during the test
StepsExecuted int `yaml:"steps-executed,omitempty"`
// Start is the time the assessment run began.
Start string `yaml:"start"`
// End is the time the assessment run finished.
// This is omitted if the assessment was interrupted or did not complete.
End string `yaml:"end,omitempty"`
// Value is the object that was returned during the test
Value interface{} `yaml:"value,omitempty"`
// Changes is a slice of changes that were made during the test
Changes map[string]*Change `yaml:"changes,omitempty"`
// Recommendation is a string to aid users in remediation, such as the text from a layer 2 assessment requirement
Recommendation string `yaml:"recommendation,omitempty"`
}
Assessment is a struct that contains the results of a single step within a ControlEvaluation.
func NewAssessment ¶
func NewAssessment(requirementId string, description string, applicability []string, steps []AssessmentStep) (*Assessment, error)
NewAssessment creates a new Assessment object and returns a pointer to it.
func (*Assessment) AddStep ¶
func (a *Assessment) AddStep(step AssessmentStep)
AddStep queues a new step in the Assessment
func (*Assessment) NewChange ¶
func (a *Assessment) NewChange( changeName, targetName, description string, targetObject interface{}, applyFunc ApplyFunc, revertFunc RevertFunc, ) *Change
NewChange creates a new Change object and adds it to the Assessment.
func (*Assessment) RevertChanges ¶
func (a *Assessment) RevertChanges() (corrupted bool)
RevertChanges reverts all changes made by the assessment. It will not revert changes that have not been applied.
func (*Assessment) Run ¶
func (a *Assessment) Run(targetData interface{}, changesAllowed bool) Result
Run will execute all steps, halting if any step does not return layer4.Passed.
type AssessmentStep ¶
AssessmentStep is a function type that inspects the provided targetData and returns a Result with a message. The message may be an error string or other descriptive text.
func (AssessmentStep) MarshalJSON ¶
func (as AssessmentStep) MarshalJSON() ([]byte, error)
func (AssessmentStep) MarshalYAML ¶
func (as AssessmentStep) MarshalYAML() (interface{}, error)
func (AssessmentStep) String ¶
func (as AssessmentStep) String() string
type Change ¶
type Change struct {
// TargetName is the name or ID of the resource or configuration that is to be changed
TargetName string `yaml:"target-name"`
// Description is a human-readable description of the change
Description string `yaml:"description"`
// TargetObject is supplemental data describing the object that was changed
TargetObject interface{} `yaml:"target-object,omitempty"`
// Applied is true if the change was successfully applied at least once
Applied bool `yaml:"applied,omitempty"`
// Reverted is true if the change was successfully reverted and not applied again
Reverted bool `yaml:"reverted,omitempty"`
// Error is used if any error occurred during the change
Error error `yaml:"error,omitempty"`
// Allowed may be disabled to prevent the change from being applied
Allowed bool `yaml:"allowed,omitempty"`
// contains filtered or unexported fields
}
Change is a struct that contains the data and functions associated with a single change to a target resource.
func NewChange ¶
func NewChange(targetName string, description string, targetObject interface{}, applyFunc ApplyFunc, revertFunc RevertFunc) Change
NewChange creates a new Change object.
func (*Change) Apply ¶
func (c *Change) Apply(targetName string, targetObject interface{}, changeInput interface{}) (applied bool, changeOutput interface{})
Apply the prepared function for the change. It will not apply the change if it has already been applied and not reverted. It will also not apply the change if it is not allowed.
type ControlEvaluation ¶
type ControlEvaluation struct {
// Name is the name of the control being evaluated
Name string `yaml:"name"`
// ControlID is the unique identifier for the control being evaluated
ControlID string `yaml:"control-id"`
// Result is the overall result of the control evaluation
Result Result `yaml:"result"`
// Message is the human-readable result of the final assessment to run in this evaluation
Message string `yaml:"message"`
// CorruptedState is true if the control evaluation was interrupted and changes were not reverted
CorruptedState bool `yaml:"corrupted-state"`
// Assessments is a map of pointers to Assessment objects to establish idempotency
Assessments []*Assessment `yaml:"assessments"`
}
ControlEvaluation is a struct that contains all assessment results, organized by name.
func (*ControlEvaluation) AddAssessment ¶
func (c *ControlEvaluation) AddAssessment(requirementId string, description string, applicability []string, steps []AssessmentStep) (assessment *Assessment)
AddAssessment creates a new Assessment object and adds it to the ControlEvaluation.
func (*ControlEvaluation) Cleanup ¶
func (c *ControlEvaluation) Cleanup()
Cleanup reverts all changes made by the ControlEvaluation.
func (*ControlEvaluation) Evaluate ¶
func (c *ControlEvaluation) Evaluate(targetData interface{}, userApplicability []string, changesAllowed bool)
Evaluate runs each step in each assessment, updating the relevant fields on the control evaluation. It will halt if a step returns a failed result. The targetData is the data that the assessment will be run against. The userApplicability is a slice of strings that determine when the assessment is applicable. The changesAllowed determines whether the assessment is allowed to execute its changes.
type Result ¶
type Result int
Result is an enum representing the result of a control evaluation This is designed to restrict the possible result values to a set of known states
func UpdateAggregateResult ¶
UpdateAggregateResult compares the current result with the new result and returns the most severe of the two.
func (Result) MarshalJSON ¶
MarshalJSON ensures that Result is serialized as a string in JSON
func (Result) MarshalYAML ¶
MarshalYAML ensures that Result is serialized as a string in YAML
type RevertFunc ¶
type RevertFunc func(interface{}) error
Prepared function to revert the change after it has been applied
Source Files