component

package

v0.0.21-alpha Latest Latest Go to latest Published: Nov 18, 2025 License: Apache-2.0 Imports: 25 Imported by: 31

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smithy-security/smithy

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func NewDefaultPanicHandler() (*defaultPanicHandler, error)
func RunEnricher(ctx context.Context, enricher Enricher, opts ...RunnerOption) error
func RunFilter(ctx context.Context, filter Filter, opts ...RunnerOption) error
func RunReporter(ctx context.Context, reporter Reporter, opts ...RunnerOption) error
func RunScanner(ctx context.Context, scanner Scanner, opts ...RunnerOption) error
func RunTarget(ctx context.Context, target Target, opts ...RunnerOption) error
func TargetMetadataFromCtx(ctx context.Context) *ocsffindinginfo.DataSource
type Closer
type Enricher
type ErrInvalidRunnerConfig
- func (er ErrInvalidRunnerConfig) Error() string
type ErrRunnerOption
- func (er ErrRunnerOption) Error() string
type Filter
type PanicHandler
type Reader
type Reporter
type RunnerConfig
type RunnerConfigLogging
type RunnerConfigOption
type RunnerOption
- func RunnerWithComponentName(name string) RunnerOption
- func RunnerWithInstanceID(id uuid.UUID) RunnerOption
- func RunnerWithLogger(logger sdklogger.Logger) RunnerOption
- func RunnerWithStorer(store Storer) RunnerOption
type Scanner
type StoreConfig
type StoreType
- func ParseStoreType(name string) (StoreType, error)
- func (x StoreType) IsValid() bool
- func (x StoreType) String() string
type Storer
type Target
type Updater
type Validator
type Writer

Constants ¶

View Source

const (
	SCANNER_TARGET_METADATA_CTX_KEY scanner_ctx_key = iota
)

View Source

const SCANNER_TARGET_METADATA_PATH_ENV_VAR = "TARGET_METADATA_PATH"

Variables ¶

View Source

var ErrInvalidStoreType = errors.New("not a valid StoreType")

Functions ¶

func NewDefaultPanicHandler ¶

func NewDefaultPanicHandler() (*defaultPanicHandler, error)

NewDefaultPanicHandler returns a new default panic handler.

func RunEnricher ¶

func RunEnricher(ctx context.Context, enricher Enricher, opts ...RunnerOption) error

RunEnricher runs an enricher after initialising the run context.

func RunFilter ¶

func RunFilter(ctx context.Context, filter Filter, opts ...RunnerOption) error

RunFilter runs a filter after initialising the run context.

func RunReporter ¶

func RunReporter(ctx context.Context, reporter Reporter, opts ...RunnerOption) error

RunReporter runs a reporter after initialising the run context.

func RunScanner ¶

func RunScanner(ctx context.Context, scanner Scanner, opts ...RunnerOption) error

RunScanner runs a scanner after initialising the run context.

func RunTarget ¶

func RunTarget(ctx context.Context, target Target, opts ...RunnerOption) error

RunTarget runs a target after initialising the run context.

func TargetMetadataFromCtx ¶

func TargetMetadataFromCtx(ctx context.Context) *ocsffindinginfo.DataSource

TargetMetadataFromCtx is a small utility to return the target metadata picked up from the targets injected into the transformer ctx

Types ¶

type Closer ¶

type Closer interface {
	// Close can be implemented to gracefully close component dependencies.
	Close(context.Context) error
}

Closer allows to define behaviours to close component dependencies gracefully.

type Enricher ¶

type Enricher interface {
	// Annotate enriches vulnerability findings by some criteria.
	Annotate(ctx context.Context, findings []*finding.VulnerabilityFinding) ([]*finding.VulnerabilityFinding, error)
}

Enricher allows enriching vulnerability findings by some criteria.

type ErrInvalidRunnerConfig ¶

type ErrInvalidRunnerConfig struct {
	FieldName string
	Reason    string
}

ErrInvalidRunnerConfig is returned when a configuration is invalid.

func (ErrInvalidRunnerConfig) Error ¶

func (er ErrInvalidRunnerConfig) Error() string

type ErrRunnerOption ¶

type ErrRunnerOption struct {
	OptionName string
	Reason     string
}

ErrRunnerOption is returned when a supplied RunnerOption is not valid.

func (ErrRunnerOption) Error ¶

func (er ErrRunnerOption) Error() string

type Filter ¶

type Filter interface {
	// Filter returns filtered findings from the supplied ones applying some criteria.
	// It returns false if no findings have been filtered out.
	Filter(ctx context.Context, findings []*finding.VulnerabilityFinding) ([]*finding.VulnerabilityFinding, bool, error)
}

Filter allows filtering out vulnerability findings by some criteria.

type PanicHandler ¶

type PanicHandler interface {
	// HandlePanic handles a panic and returns an optional error with a signal on whether it should be
	// fatal or not.
	HandlePanic(ctx context.Context, err any) (error, bool)
}

PanicHandler defines a generic contract for handling panics following the recover semantics.

type Reader ¶

type Reader interface {
	// Read reads vulnerability findings from a storage.
	Read(ctx context.Context, instanceID uuid.UUID, queryOpts *store.QueryOpts) ([]*finding.VulnerabilityFinding, error)
}

Reader allows reading vulnerability findings from a storage.

type Reporter ¶

type Reporter interface {
	// Report reports vulnerability findings on a specified destination.
	// i.e. raises them as tickets on your favourite ticketing system.
	Report(ctx context.Context, findings []*finding.VulnerabilityFinding) error
}

Reporter advertises behaviours for reporting vulnerability findings.

type RunnerConfig ¶

type RunnerConfig struct {
	SDKVersion    string
	ComponentName string
	InstanceID    uuid.UUID

	Logging      RunnerConfigLogging
	PanicHandler PanicHandler

	StoreConfig StoreConfig
}

RunnerConfig is used for centralised runner configuration to be shared between components. This should be extended with all related things with reliability and observability.

type RunnerConfigLogging ¶

type RunnerConfigLogging struct {
	Level  sdklogger.RunnerConfigLoggingLevel
	Logger sdklogger.Logger
}

RunnerConfigLogging contains the configuration related with the runner logger.

type RunnerConfigOption ¶

type RunnerConfigOption func(*RunnerConfig) error

RunnerConfigOption can be used to override runner configuration defaults. For example overriding the default logger.

type RunnerOption ¶

type RunnerOption func(r *runner) error

RunnerOption is used to customise the runner if the provided defaults are not enough.

func RunnerWithComponentName ¶

func RunnerWithComponentName(name string) RunnerOption

RunnerWithComponentName allows customising the component name.

func RunnerWithInstanceID ¶

func RunnerWithInstanceID(id uuid.UUID) RunnerOption

RunnerWithInstanceID allows customising the instance id.

func RunnerWithLogger ¶

func RunnerWithLogger(logger sdklogger.Logger) RunnerOption

RunnerWithLogger allows customising the runner logger.

func RunnerWithStorer ¶

func RunnerWithStorer(store Storer) RunnerOption

RunnerWithStorer can be used to customise the underlying storage.

type Scanner ¶

type Scanner interface {
	// Transform transforms the raw scan data into vulnerability finding format.
	Transform(ctx context.Context) ([]*ocsf.VulnerabilityFinding, error)
}

Scanner reads a scan's result and produces vulnerability findings.

type StoreConfig ¶

type StoreConfig struct {
	DisableStoreValidation bool
	StoreType              StoreType
	Storer                 Storer
}

StoreConfig contains store configuration.

type StoreType ¶

type StoreType string

StoreType represents a store type ENUM(sqlite, postgresql, findings-client)

const (
	// StoreTypeSqlite is a StoreType of type sqlite.
	StoreTypeSqlite StoreType = "sqlite"
	// StoreTypePostgresql is a StoreType of type postgresql.
	StoreTypePostgresql StoreType = "postgresql"
	// StoreTypeFindingsClient is a StoreType of type findings-client.
	StoreTypeFindingsClient StoreType = "findings-client"
)

func ParseStoreType ¶

func ParseStoreType(name string) (StoreType, error)

ParseStoreType attempts to convert a string to a StoreType.

func (StoreType) IsValid ¶

func (x StoreType) IsValid() bool

IsValid provides a quick way to determine if the typed value is part of the allowed enumerated values

func (StoreType) String ¶

func (x StoreType) String() string

String implements the Stringer interface.

type Storer ¶

type Storer interface {
	Closer
	Validator
	Reader
	Updater
	Writer
}

Storer allows storing vulnerability findings in an underlying storage.

type Target ¶

type Target interface {
	// Prepare prepares the target to be scanned.
	Prepare(ctx context.Context) error
}

Target prepares the workflow environment.

type Updater ¶

type Updater interface {
	// Update updates existing vulnerability findings.
	Update(ctx context.Context, instanceID uuid.UUID, findings []*finding.VulnerabilityFinding) error
}

Updater allows updating vulnerability findings in an underlying storage.

type Validator ¶

type Validator interface {
	// Validate validates the supplied vulnerability finding and returns an error if invalid.
	Validate(finding *ocsf.VulnerabilityFinding) error
}

Validator allows validating vulnerability findings by a specified criteria.

type Writer ¶

type Writer interface {
	// Write writes non-existing vulnerability findings.
	Write(ctx context.Context, instanceID uuid.UUID, findings []*ocsf.VulnerabilityFinding) error
}

Writer allows writing non-existent vulnerability findings in an underlying storage.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
examples
enricher command
filter command
reporter command
scanner command
target command
internal
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.
store
local/sqlite
local/sqlite/sqlc
local/sqlite/sqlc/migrations empty file used to track migrations	empty file used to track migrations
remote/findings-client
remote/postgresql
remote/postgresql/sqlc
remote/postgresql/sqlc/migrations
utils
testing
uuid
vulnerability-finding

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL