catalog

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2026 License: BSD-2-Clause Imports: 5 Imported by: 0

Documentation

Overview

Package catalog provides types and loading for the control catalog.

The catalog is the authoritative set of controls the platform implements. Controls are organized into groups (technical, organizational) defined in YAML files under catalog/.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Catalog 

type Catalog struct {
	Groups   []Group
	Controls map[string]*Control // keyed by control ID
}

Catalog holds all loaded control groups indexed by group and control ID.

func Load 

func Load(catalogDir string, subdirs ...string) (*Catalog, error)

Load reads all catalog YAML files from the given directory.

type Control 

type Control struct {
	ID                     string   `yaml:"id"`
	Title                  string   `yaml:"title"`
	Description            string   `yaml:"description"`
	Category               string   `yaml:"category"`     // technical | policy | process | physical
	CSFFunction            string   `yaml:"csf_function"` // identify | protect | detect | respond | recover | govern
	Status                 string   `yaml:"status"`       // verified | to_do | planned | validated
	Owner                  string   `yaml:"owner"`        // platform | operator | shared
	Components             []string `yaml:"components,omitempty"`
	References             []string `yaml:"references,omitempty"`
	OperatorResponsibility string   `yaml:"operator_responsibility,omitempty"`

	// DerivedStatus is computed by the derive step — not persisted in YAML.
	// It is set when all findings for this control are resolved with evidence.
	DerivedStatus string `yaml:"-"`
}

Control represents a single security control.

type FrameworkCatalog 

type FrameworkCatalog struct {
	Framework struct {
		ID      string `yaml:"id"`
		Title   string `yaml:"title"`
		Version string `yaml:"version"`
		Source  string `yaml:"source"`
	} `yaml:"framework"`
	Requirements []FrameworkRequirement           `yaml:"requirements"`
	ByID         map[string]*FrameworkRequirement `yaml:"-"`
}

FrameworkCatalog holds the normative requirement text for a framework.

func LoadFrameworkCatalog 

func LoadFrameworkCatalog(catalogDir, name string) (*FrameworkCatalog, error)

LoadFrameworkCatalog reads a framework catalog YAML (e.g. catalog/frameworks/eudi-secreq.yaml).

type FrameworkRequirement 

type FrameworkRequirement struct {
	ID          string `yaml:"id"`
	Title       string `yaml:"title"`
	Section     string `yaml:"section"`
	Description string `yaml:"description"`
}

FrameworkRequirement holds the normative text for one framework requirement.

type Group 

type Group struct {
	ID       string    `yaml:"id"`
	Title    string    `yaml:"title"`
	Controls []Control `yaml:"-"`
}

Group is a named collection of controls.

type GroupFile 

type GroupFile struct {
	Group    Group     `yaml:"group"`
	Controls []Control `yaml:"controls"`
}

GroupFile is the top-level structure of a catalog YAML file. In the real YAML, `group:` and `controls:` are siblings at the top level.

type Metadata 

type Metadata struct {
	Version string `yaml:"version"`
	Groups  []struct {
		ID   string `yaml:"id"`
		File string `yaml:"file"`
	} `yaml:"groups"`
}

Metadata is the top-level catalog descriptor.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.