entities

package
v0.2.0-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2026 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Overview

Package entities contains domain entities for the Reglet domain model.

Package entities contains domain entities for the Reglet domain model. These are pure domain types with NO infrastructure dependencies.

Package entities contains domain entities for the Reglet domain model.

Package entities contains domain entities for the Reglet domain model.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Control 

type Control struct {
	ID                     string                  `yaml:"id"`
	Name                   string                  `yaml:"name"`
	Description            string                  `yaml:"description,omitempty"`
	Severity               string                  `yaml:"severity,omitempty"`
	Owner                  string                  `yaml:"owner,omitempty"`
	Tags                   []string                `yaml:"tags,omitempty"`
	DependsOn              []string                `yaml:"depends_on,omitempty"`
	Timeout                time.Duration           `yaml:"timeout,omitempty"`
	ObservationDefinitions []ObservationDefinition `yaml:"observations"`
}

Control represents a specific compliance check or validation unit. It is uniquely identified by its ID.

func (*Control) GetEffectiveTimeout 

func (c *Control) GetEffectiveTimeout(defaultTimeout time.Duration) time.Duration

GetEffectiveTimeout returns the control's timeout with fallback to default.

func (*Control) HasAnyTag 

func (c *Control) HasAnyTag(tags []string) bool

HasAnyTag returns true if the control has any of the specified tags.

func (*Control) HasDependency 

func (c *Control) HasDependency(controlID string) bool

HasDependency returns true if the control depends on the specified control ID.

func (*Control) HasTag 

func (c *Control) HasTag(tag string) bool

HasTag returns true if the control has the specified tag.

func (*Control) IsEmpty 

func (c *Control) IsEmpty() bool

IsEmpty returns true if this is the zero value.

func (*Control) MatchesAnySeverity 

func (c *Control) MatchesAnySeverity(severities []string) bool

MatchesAnySeverity returns true if the control matches any of the severities.

func (*Control) MatchesSeverity 

func (c *Control) MatchesSeverity(severity string) bool

MatchesSeverity returns true if the control matches the specified severity.

func (*Control) ObservationCount 

func (c *Control) ObservationCount() int

ObservationCount returns the number of observations in this control.

func (*Control) Validate 

func (c *Control) Validate() error

Validate ensures the control is well-formed.

type ControlDefaults 

type ControlDefaults struct {
	Severity string        `yaml:"severity,omitempty"`
	Owner    string        `yaml:"owner,omitempty"`
	Tags     []string      `yaml:"tags,omitempty"`
	Timeout  time.Duration `yaml:"timeout,omitempty"`
}

ControlDefaults specifies values inherited by controls when not explicitly set.

type ControlsSection 

type ControlsSection struct {
	Defaults *ControlDefaults `yaml:"defaults,omitempty"`
	Items    []Control        `yaml:"items"`
}

ControlsSection groups validation controls and their default settings.

type ObservationDefinition 

type ObservationDefinition struct {
	Plugin string                 `yaml:"plugin"`
	Config map[string]interface{} `yaml:"config,omitempty"`
	Expect []string               `yaml:"expect,omitempty"`
}

ObservationDefinition configuration for a specific plugin execution. It is an immutable value object. Renamed from Observation to ObservationDefinition to avoid confusion with ObservationResult.

type PluginRegistry 

type PluginRegistry struct {
	// contains filtered or unexported fields
}

PluginRegistry maps plugin aliases to their specifications. This allows observations to reference plugins by alias while the runtime resolves them to their actual sources.

func NewPluginRegistry 

func NewPluginRegistry() *PluginRegistry

NewPluginRegistry creates a new empty plugin registry.

func (*PluginRegistry) AllSpecs 

func (pr *PluginRegistry) AllSpecs() []*PluginSpec

AllSpecs returns all registered plugin specifications.

func (*PluginRegistry) HasPlugin 

func (pr *PluginRegistry) HasPlugin(name string) bool

HasPlugin reports whether a plugin with the given name is registered.

func (*PluginRegistry) Register 

func (pr *PluginRegistry) Register(spec *PluginSpec) error

Register adds a plugin specification to the registry.

func (*PluginRegistry) Resolve 

func (pr *PluginRegistry) Resolve(alias string) *PluginSpec

Resolve looks up a plugin by alias and returns its specification. If the alias is not registered, it returns a default spec where name=source.

type PluginSpec 

type PluginSpec struct {
	// Name is the alias used in observations (e.g., "file", "file-legacy")
	Name string

	// Source is the plugin source (e.g., "file", "ghcr.io/reglet-dev/reglet-plugins/file:1.0.0")
	Source string

	// Version is the explicit version constraint (e.g., "1.2.0")
	Version string

	// Digest is the optional content hash for pinning (e.g., "sha256:abc123...")
	Digest string

	// Verify indicates whether signature verification is required
	Verify bool
}

PluginSpec represents a plugin declaration with optional version and source.

func ParsePluginDeclaration 

func ParsePluginDeclaration(declaration string) (*PluginSpec, error)

ParsePluginDeclaration parses a single plugin declaration string. Supported formats:

  • "file" -> name=file, source=file
  • "file@1.2.0" -> name=file, source=file, version=1.2.0
  • "ghcr.io/.../file:1.2.0" -> name=file, source=full path
  • "ghcr.io/.../file@sha256:abc..." -> name=file, source=path, digest=sha256:abc...

func ParsePluginDeclarationWithAlias 

func ParsePluginDeclarationWithAlias(alias string, source interface{}) (*PluginSpec, error)

ParsePluginDeclarationWithAlias parses a plugin declaration with an explicit alias. Format: "alias: source" or expanded map format.

func (*PluginSpec) IsBuiltIn 

func (ps *PluginSpec) IsBuiltIn() bool

IsBuiltIn returns true if this plugin references a built-in plugin.

func (*PluginSpec) PluginName 

func (ps *PluginSpec) PluginName() string

PluginName returns the actual plugin name to load (without version suffix).

type Profile 

type Profile struct {
	Metadata ProfileMetadata        `yaml:"profile"`
	Plugins  []string               `yaml:"plugins,omitempty"`
	Vars     map[string]interface{} `yaml:"vars,omitempty"`
	Controls ControlsSection        `yaml:"controls"`
}

Profile represents the Reglet profile configuration. Aggregate root in the Configuration context.

Profile defines the validation configuration and ruleset. It serves as the aggregate root for the configuration context.

Invariants enforced: - Unique control IDs - All dependencies must exist - Name and version are mandatory - At least one observation per control

func (*Profile) AddControl 

func (p *Profile) AddControl(ctrl Control) error

AddControl safely adds a new control to the profile. It returns an error if the control is invalid or already exists.

func (*Profile) ApplyDefaults 

func (p *Profile) ApplyDefaults()

ApplyDefaults propagates default values to all controls in the profile.

func (*Profile) BuildPluginRegistry 

func (p *Profile) BuildPluginRegistry() (*PluginRegistry, error)

BuildPluginRegistry creates a PluginRegistry from the profile's plugin declarations. This supports the current simple list format for backwards compatibility. Future versions will support map format with aliases.

func (*Profile) CheckForCycles 

func (p *Profile) CheckForCycles() error

CheckForCycles checks if the control dependency graph contains any cycles.

func (*Profile) ControlCount 

func (p *Profile) ControlCount() int

ControlCount returns the total number of controls.

func (*Profile) ExcludeControlsByID 

func (p *Profile) ExcludeControlsByID(excludeIDs []string) []Control

ExcludeControlsByID returns a subset of controls excluding the specified IDs.

func (*Profile) GetAllControls 

func (p *Profile) GetAllControls() []Control

GetAllControls returns all controls in the profile.

func (*Profile) GetControl 

func (p *Profile) GetControl(id string) *Control

GetControl retrieves a control by its ID. It returns nil if the control is not found.

func (*Profile) GetMetadata 

func (p *Profile) GetMetadata() ProfileMetadata

GetMetadata returns the profile metadata.

func (*Profile) GetPlugins 

func (p *Profile) GetPlugins() []string

GetPlugins returns the list of plugins required by this profile.

func (*Profile) GetVars 

func (p *Profile) GetVars() map[string]interface{}

GetVars returns the profile variables.

func (*Profile) HasControl 

func (p *Profile) HasControl(id string) bool

HasControl reports whether a control with the given ID exists.

func (*Profile) SelectControlsBySeverity 

func (p *Profile) SelectControlsBySeverity(severities []string) []Control

SelectControlsBySeverity returns a subset of controls matching any of the specified severities. If severities is empty, all controls are returned.

func (*Profile) SelectControlsByTags 

func (p *Profile) SelectControlsByTags(tags []string) []Control

SelectControlsByTags returns a subset of controls matching any of the specified tags. If tags is empty, all controls are returned.

func (*Profile) Validate 

func (p *Profile) Validate() error

Validate checks the integrity of the profile configuration.

type ProfileMetadata 

type ProfileMetadata struct {
	Name        string `yaml:"name"`
	Version     string `yaml:"version"`
	Description string `yaml:"description,omitempty"`
}

ProfileMetadata contains descriptive information about the profile.

type ProfileReader 

type ProfileReader interface {
	// Metadata access
	GetMetadata() ProfileMetadata
	GetPlugins() []string
	BuildPluginRegistry() (*PluginRegistry, error)
	GetVars() map[string]interface{}

	// Control queries
	GetControl(id string) *Control
	HasControl(id string) bool
	ControlCount() int
	GetAllControls() []Control

	// Filtering
	SelectControlsByTags(tags []string) []Control
	SelectControlsBySeverity(severities []string) []Control
	ExcludeControlsByID(excludeIDs []string) []Control

	// Validation
	CheckForCycles() error
}

ProfileReader provides read-only access to profile data. This interface enforces immutability and prevents accidental mutations.

Both raw Profile and ValidatedProfile implement this interface, allowing consumers to work with either type through the same contract.

type ValidatedProfile 

type ValidatedProfile struct {
	*Profile // Embedded raw profile (provides ProfileReader interface)

}

ValidatedProfile represents a fully compiled and validated profile. This is an immutable value object created by the ProfileCompiler.

It embeds the raw Profile and adds compiled/enriched state: - Defaults have been applied to all controls - All validations have passed - Dependency graph has been verified (no cycles)

func NewValidatedProfile 

func NewValidatedProfile(profile *Profile) *ValidatedProfile

NewValidatedProfile creates a new ValidatedProfile from a raw profile. This is an internal constructor - use ProfileCompiler.Compile() instead.

func (*ValidatedProfile) IsValidated 

func (v *ValidatedProfile) IsValidated() bool

IsValidated always returns true for ValidatedProfile. This is a marker method to distinguish from raw Profile at runtime if needed.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.