layer4

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 17, 2025 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ApplyFunc 

type ApplyFunc func(interface{}) (interface{}, error)

Prepared function to apply the change

type Assessment 

type Assessment struct {
	// RequirementId is the unique identifier for the requirement being tested.
	RequirementId string `json:"requirement-id" yaml:"requirement-id"`

	// Procedures defines possible testing procedures to evaluate the requirement.
	Procedures []AssessmentProcedure `json:"procedures" yaml:"procedures"`
}

Assessment defines all testing procedures for a requirement.

type AssessmentLog added in v0.8.0 

type AssessmentLog struct {
	// RequirementID is the unique identifier for the requirement being tested
	RequirementId string `yaml:"requirement-id"`
	// ProcedureId uniquely identifies the assessment procedure associated with the log
	ProcedureId string `json:"procedure-id,omitempty"`
	// Applicability is a slice of identifier strings to determine when this test is applicable
	Applicability []string `yaml:"applicability"`
	// Description is a human-readable description of the test
	Description string `yaml:"description"`
	// Result is true if the test passed
	Result Result `yaml:"result"`
	// Message is the human-readable result of the test
	Message string `yaml:"message"`
	// Steps is a slice of steps that were executed during the test
	Steps []AssessmentStep `yaml:"steps"`
	// StepsExecuted is the number of steps that were executed during the test
	StepsExecuted int `yaml:"steps-executed,omitempty"`
	// Start is the time the assessment run began.
	Start string `yaml:"start"`
	// End is the time the assessment run finished.
	// This is omitted if the assessment was interrupted or did not complete.
	End string `yaml:"end,omitempty"`
	// Value is the object that was returned during the test
	Value interface{} `yaml:"value,omitempty"`
	// Changes is a slice of changes that were made during the test
	Changes map[string]*Change `yaml:"changes,omitempty"`
	// Recommendation is a string to aid users in remediation, such as the text from a layer 2 assessment requirement
	Recommendation string `yaml:"recommendation,omitempty"`
}

AssessmentLog is a struct that contains the results of a single step within a ControlEvaluation.

func NewAssessment 

func NewAssessment(requirementId string, description string, applicability []string, steps []AssessmentStep) (*AssessmentLog, error)

NewAssessment creates a new AssessmentLog object and returns a pointer to it.

func (*AssessmentLog) AddStep added in v0.8.0 

func (a *AssessmentLog) AddStep(step AssessmentStep)

AddStep queues a new step in the AssessmentLog

func (*AssessmentLog) NewChange added in v0.8.0 

func (a *AssessmentLog) NewChange(
	changeName,
	targetName,
	description string,
	targetObject interface{},
	applyFunc ApplyFunc,
	revertFunc RevertFunc,
) *Change

NewChange creates a new Change object and adds it to the AssessmentLog.

func (*AssessmentLog) RevertChanges added in v0.8.0 

func (a *AssessmentLog) RevertChanges() (corrupted bool)

RevertChanges reverts all changes made by the assessment. It will not revert changes that have not been applied.

func (*AssessmentLog) Run added in v0.8.0 

func (a *AssessmentLog) Run(targetData interface{}, changesAllowed bool) Result

Run will execute all steps, halting if any step does not return layer4.Passed.

type AssessmentPlan added in v0.8.0 

type AssessmentPlan struct {
	ControlId string `json:"control-id" yaml:"control-id"`

	Assessments []Assessment `json:"assessments" yaml:"assessments"`
}

AssessmentPlan defines all testing procedures for a control id.

type AssessmentProcedure added in v0.8.0 

type AssessmentProcedure struct {
	// Id uniquely identifies the assessment procedure being executed
	Id string `json:"id" yaml:"id"`

	// Name provides a summary of the procedure
	Name string `json:"name" yaml:"name"`

	// Description provides a detailed explanation of the procedure
	Description string `json:"description" yaml:"description"`

	// Documentation provides a URL to documentation that describes how the assessment procedure evaluates the control requirement
	Documentation string `json:"documentation,omitempty" yaml:"documentation,omitempty"`
}

AssessmentProcedure describes a testing procedure for evaluating a Layer 2 control requirement.

type AssessmentStep 

type AssessmentStep func(payload interface{}, c map[string]*Change) (Result, string)

AssessmentStep is a function type that inspects the provided targetData and returns a Result with a message. The message may be an error string or other descriptive text.

func (AssessmentStep) MarshalJSON 

func (as AssessmentStep) MarshalJSON() ([]byte, error)

func (AssessmentStep) MarshalYAML 

func (as AssessmentStep) MarshalYAML() (interface{}, error)

func (AssessmentStep) String 

func (as AssessmentStep) String() string

type Change 

type Change struct {
	// TargetName is the name or ID of the resource or configuration that is to be changed
	TargetName string `yaml:"target-name"`
	// Description is a human-readable description of the change
	Description string `yaml:"description"`

	// TargetObject is supplemental data describing the object that was changed
	TargetObject interface{} `yaml:"target-object,omitempty"`
	// Applied is true if the change was successfully applied at least once
	Applied bool `yaml:"applied,omitempty"`
	// Reverted is true if the change was successfully reverted and not applied again
	Reverted bool `yaml:"reverted,omitempty"`
	// Error is used if any error occurred during the change
	Error error `yaml:"error,omitempty"`
	// Allowed may be disabled to prevent the change from being applied
	Allowed bool `yaml:"allowed,omitempty"`
	// contains filtered or unexported fields
}

Change is a struct that contains the data and functions associated with a single change to a target resource.

func NewChange 

func NewChange(targetName string, description string, targetObject interface{}, applyFunc ApplyFunc, revertFunc RevertFunc) Change

NewChange creates a new Change object.

func (*Change) Allow 

func (c *Change) Allow()

Allow marks the change as allowed to be applied.

func (*Change) Apply 

func (c *Change) Apply(targetName string, targetObject interface{}, changeInput interface{}) (applied bool, changeOutput interface{})

Apply the prepared function for the change. It will not apply the change if it has already been applied and not reverted. It will also not apply the change if it is not allowed.

func (*Change) Revert 

func (c *Change) Revert(data interface{})

Revert the change by executing the revert function. It will not revert the change if it has not been applied.

type Contact added in v0.8.0 

type Contact struct {
	// The contact person's name.
	Name string `json:"name" yaml:"name"`

	// Indicates whether this admin is the first point of contact for inquiries. Only one entry should be marked as primary.
	Primary bool `json:"primary" yaml:"primary"`

	// The entity with which the contact is affiliated, such as a school or employer.
	Affiliation *string `json:"affiliation,omitempty" yaml:"affiliation,omitempty"`

	// A preferred email address to reach the contact.
	Email *string `json:"email,omitempty" yaml:"email,omitempty"`

	// A social media handle or profile for the contact.
	Social *string `json:"social,omitempty" yaml:"social,omitempty"`
}

type ControlEvaluation 

type ControlEvaluation struct {
	// Name is the name of the control being evaluated
	Name string `yaml:"name"`
	// ControlID is the unique identifier for the control being evaluated
	ControlID string `yaml:"control-id"`
	// Result is the overall result of the control evaluation
	Result Result `yaml:"result"`
	// Message is the human-readable result of the final assessment to run in this evaluation
	Message string `yaml:"message"`
	// CorruptedState is true if the control evaluation was interrupted and changes were not reverted
	CorruptedState bool `yaml:"corrupted-state"`
	// AssessmentLogs is a map of pointers to AssessmentLog objects to establish idempotency
	AssessmentLogs []*AssessmentLog `yaml:"assessmentlogs"`
}

ControlEvaluation is a struct that contains all assessment results, organized by name.

func (*ControlEvaluation) AddAssessment 

func (c *ControlEvaluation) AddAssessment(requirementId string, description string, applicability []string, steps []AssessmentStep) (assessment *AssessmentLog)

AddAssessment creates a new AssessmentLog object and adds it to the ControlEvaluation.

func (*ControlEvaluation) Cleanup 

func (c *ControlEvaluation) Cleanup()

Cleanup reverts all changes made by the ControlEvaluation.

func (*ControlEvaluation) Evaluate 

func (c *ControlEvaluation) Evaluate(targetData interface{}, userApplicability []string, changesAllowed bool)

Evaluate runs each step in each assessment, updating the relevant fields on the control evaluation. It will halt if a step returns a failed result. The targetData is the data that the assessment will be run against. The userApplicability is a slice of strings that determine when the assessment is applicable. The changesAllowed determines whether the assessment is allowed to execute its changes.

type EvaluationPlan added in v0.8.0 

type EvaluationPlan struct {
	Metadata Metadata `json:"metadata" yaml:"metadata"`

	Plans []AssessmentPlan `json:"plans" yaml:"plans"`
}

EvaluationPlan defines how a set of Layer 4 controls are to be evaluated.

type Metadata added in v0.8.0 

type Metadata struct {
	Id string `json:"id" yaml:"id"`

	Version string `json:"version,omitempty" yaml:"version,omitempty"`

	Author Contact `json:"author" yaml:"author"`
}

Metadata contains metadata about the evaluation plan.

type Result 

type Result int

Result is an enum representing the result of a control evaluation This is designed to restrict the possible result values to a set of known states 

const (
	NotRun Result = iota
	Passed
	Failed
	NeedsReview
	NotApplicable
	Unknown
)

func UpdateAggregateResult 

func UpdateAggregateResult(previous Result, new Result) Result

UpdateAggregateResult compares the current result with the new result and returns the most severe of the two.

func (Result) MarshalJSON 

func (r Result) MarshalJSON() ([]byte, error)

MarshalJSON ensures that Result is serialized as a string in JSON

func (Result) MarshalYAML 

func (r Result) MarshalYAML() (interface{}, error)

MarshalYAML ensures that Result is serialized as a string in YAML

func (Result) String 

func (r Result) String() string

type RevertFunc 

type RevertFunc func(interface{}) error

Prepared function to revert the change after it has been applied

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.