Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( DefaultRepo = "sirosfoundation/compliance" DefaultURL = "https://compliance.siros.org" DefaultName = "Compliance Dashboard" )
Defaults used when no .grc.yaml exists.
View Source
var DefaultFrameworks = []FrameworkConfig{
{ID: "eudi", Name: "EUDI Security Requirements", CatalogFile: "eudi-secreq.yaml", MappingFile: "eudi-secreq.yaml", SidebarPosition: 1, ListKey: "requirements", KeyField: "id", StatusField: "result", WorkStatusField: "status", NotesField: "observation", DeriveMode: "result", Slug: "eudi", Source: "ENISA – Security Requirements for European Digital Identity Wallets v0.5"},
{ID: "iso27001", Name: "ISO 27001 Annex A", CatalogFile: "iso27001-annexa.yaml", MappingFile: "iso27001-annexa.yaml", SidebarPosition: 2, KeyField: "annex_a", Source: "ISO/IEC 27001:2022 Annex A"},
{ID: "gdpr", Name: "GDPR Checklist", CatalogFile: "gdpr-checklist.yaml", MappingFile: "gdpr.yaml", SidebarPosition: 3, KeyField: "match_name", Source: "GDPR Checklist for Data Controllers"},
{ID: "owasp-asvs", Name: "OWASP ASVS 4.0.3 Level 3", CatalogFile: "owasp-asvs.yaml", MappingFile: "owasp-asvs.yaml", SidebarPosition: 4, KeyField: "section", Source: "OWASP Application Security Verification Standard 4.0.3"},
}
DefaultFrameworks is used when no .grc.yaml is present (backward compat).
Functions ¶
This section is empty.
Types ¶
type CatalogConfig ¶ added in v0.2.0
type CatalogConfig struct {
Dir string `yaml:"dir"`
Subdirs []string `yaml:"subdirs"`
FrameworksDir string `yaml:"frameworks_subdir"`
}
CatalogConfig holds catalog-specific settings.
type Config ¶
type Config struct {
Root string
CatalogDir string
MappingsDir string
AuditsDir string
SiteDir string
OSCALDir string
Project ProjectConfig
Frameworks []FrameworkConfig
CatalogSubdirs []string
FrameworksSubdir string
}
Config holds the resolved runtime configuration.
type DirConfig ¶ added in v0.2.0
type DirConfig struct {
Dir string `yaml:"dir"`
}
DirConfig holds directory layout settings.
type FrameworkConfig ¶ added in v0.2.0
type FrameworkConfig struct {
ID string `yaml:"id"`
Name string `yaml:"name"`
CatalogFile string `yaml:"catalog_file"`
MappingFile string `yaml:"mapping_file"`
SidebarPosition int `yaml:"sidebar_position"`
// Mapping schema fields (generic loading/deriving).
ListKey string `yaml:"list_key"` // top-level YAML key (default: "mappings")
KeyField string `yaml:"key_field"` // field name for requirement ID
StatusField string `yaml:"status_field"` // assessment status field (default: "coverage")
WorkStatusField string `yaml:"work_status_field"` // optional secondary status field
NotesField string `yaml:"notes_field"` // field name for notes (default: "notes")
DeriveMode string `yaml:"derive_mode"` // "result" or "coverage" (default: "coverage")
Slug string `yaml:"slug"` // URL slug for framework dir (default: ID)
Source string `yaml:"source"` // source attribution for per-requirement pages
}
FrameworkConfig describes one compliance framework to load and render.
func (*FrameworkConfig) ApplyDefaults ¶ added in v0.3.0
func (fw *FrameworkConfig) ApplyDefaults()
ApplyDefaults fills in zero-value fields with sensible defaults.
type GRCFile ¶ added in v0.2.0
type GRCFile struct {
Project ProjectConfig `yaml:"project"`
Catalog CatalogConfig `yaml:"catalog"`
Mappings DirConfig `yaml:"mappings"`
Audits DirConfig `yaml:"audits"`
Site DirConfig `yaml:"site"`
OSCAL DirConfig `yaml:"oscal"`
Frameworks []FrameworkConfig `yaml:"frameworks"`
}
GRCFile is the top-level .grc.yaml file structure.
type ProjectConfig ¶ added in v0.2.0
type ProjectConfig struct {
Name string `yaml:"name"`
Repo string `yaml:"repo"`
URL string `yaml:"url"`
}
ProjectConfig holds project-level identity settings.
Source Files
Click to show internal directories.
Click to hide internal directories.