modules

package
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var QueryTemplates = map[string]map[string]string{
	"aws": {

		"ec2_running_count":   `SELECT COUNT(*) as count FROM aws_ec2_instance WHERE instance_state = 'running'`,
		"ec2_running_list":    `SELECT instance_id, instance_type, instance_state, region, vpc_id FROM aws_ec2_instance WHERE instance_state = 'running'`,
		"ec2_all_list":        `SELECT instance_id, instance_type, instance_state, region, vpc_id FROM aws_ec2_instance`,
		"ec2_by_type":         `SELECT instance_type, COUNT(*) as count FROM aws_ec2_instance GROUP BY instance_type`,
		"ec2_security_groups": `SELECT i.instance_id, sg->>'GroupId' as group_id, sg->>'GroupName' as group_name FROM aws_ec2_instance i, jsonb_array_elements(i.security_groups) as sg`,

		"s3_bucket_count":   `SELECT COUNT(*) as count FROM aws_s3_bucket`,
		"s3_bucket_list":    `SELECT name, region, creation_date FROM aws_s3_bucket`,
		"s3_public_buckets": `SELECT name FROM aws_s3_bucket WHERE bucket_policy_is_public = true`,

		"rds_instance_list":    `SELECT db_instance_identifier, engine, db_instance_class, publicly_accessible FROM aws_rds_db_instance`,
		"rds_public_instances": `SELECT db_instance_identifier FROM aws_rds_db_instance WHERE publicly_accessible = true`,

		"lambda_function_list": `SELECT name, runtime, timeout, memory_size FROM aws_lambda_function`,
		"lambda_by_runtime":    `SELECT runtime, COUNT(*) as count FROM aws_lambda_function GROUP BY runtime`,

		"iam_users_no_mfa": `SELECT name, create_date FROM aws_iam_user WHERE NOT mfa_enabled`,
		"iam_role_list":    `SELECT name, arn FROM aws_iam_role`,

		"vpc_list":            `SELECT vpc_id, cidr_block, is_default FROM aws_vpc`,
		"security_group_open": `SELECT group_id, group_name FROM aws_vpc_security_group WHERE jsonb_array_length(ingress_rules) > 0`,
	},
}

QueryTemplates provides tested, working Steampipe queries

Functions

func FixSteampipeQuery added in v0.4.0 

func FixSteampipeQuery(query string, provider string) string

FixSteampipeQuery attempts to fix common AI-generated query mistakes

func GetQueryForPrompt added in v0.4.0 

func GetQueryForPrompt(prompt string, provider string) []string

GetQueryForPrompt returns a appropriate query based on the prompt

func NewInfraMapService 

func NewInfraMapService(client *dagger.Client) *dagger.Service

InfraMapService exposes infrastructure diagram generation as a service

func NewOpenInfraQuoteService 

func NewOpenInfraQuoteService(client *dagger.Client) *dagger.Service

OpenInfraQuoteService exposes cost analysis as a service

func NewSteampipeService 

func NewSteampipeService(client *dagger.Client) *dagger.Service

SteampipeService exposes Steampipe as an HTTP API service

func NewTerraformDocsService 

func NewTerraformDocsService(client *dagger.Client) *dagger.Service

TerraformDocsService exposes documentation generation as a service

func NewToolRegistryService 

func NewToolRegistryService(client *dagger.Client, services map[string]*dagger.Service) *dagger.Service

ToolRegistryService provides a registry of all available tools for the LLM

func ValidateQuery added in v0.4.0 

func ValidateQuery(query string) error

ValidateQuery does basic validation

Types

type AWSIAMRotationModule added in v0.6.4 

type AWSIAMRotationModule struct {
	// contains filtered or unexported fields
}

AWSIAMRotationModule manages AWS IAM credential rotation

func NewAWSIAMRotationModule added in v0.6.4 

func NewAWSIAMRotationModule(client *dagger.Client) *AWSIAMRotationModule

NewAWSIAMRotationModule creates a new AWS IAM rotation module

func (*AWSIAMRotationModule) DeleteAccessKey added in v0.6.4 

func (m *AWSIAMRotationModule) DeleteAccessKey(ctx context.Context, username string, accessKeyId string, profile string) (string, error)

DeleteAccessKey deletes an access key

func (*AWSIAMRotationModule) GetAccessKeyLastUsed added in v0.7.0 

func (m *AWSIAMRotationModule) GetAccessKeyLastUsed(ctx context.Context, accessKeyId string, profile string) (string, error)

GetAccessKeyLastUsed gets access key last used info

func (*AWSIAMRotationModule) GetVersion added in v0.7.0 

func (m *AWSIAMRotationModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the AWS CLI version

func (*AWSIAMRotationModule) ListAccessKeys added in v0.6.4 

func (m *AWSIAMRotationModule) ListAccessKeys(ctx context.Context, username string, profile string) (string, error)

ListAccessKeys lists access keys for a user

func (*AWSIAMRotationModule) RotateAccessKeys added in v0.6.4 

func (m *AWSIAMRotationModule) RotateAccessKeys(ctx context.Context, username string, profile string) (string, error)

RotateAccessKeys rotates AWS access keys for a user

func (*AWSIAMRotationModule) UpdateAccessKey added in v0.7.0 

func (m *AWSIAMRotationModule) UpdateAccessKey(ctx context.Context, username string, accessKeyId string, status string, profile string) (string, error)

UpdateAccessKey updates access key status

type AWSPricingModule added in v0.7.0 

type AWSPricingModule struct {
	// contains filtered or unexported fields
}

AWSPricingModule provides AWS pricing information using AWS CLI

func NewAWSPricingModule added in v0.7.0 

func NewAWSPricingModule(client *dagger.Client) *AWSPricingModule

NewAWSPricingModule creates a new AWS pricing module

func (*AWSPricingModule) CalculateMonthlyCost added in v0.7.0 

func (m *AWSPricingModule) CalculateMonthlyCost(ctx context.Context, resourceType, size, region string) (string, error)

CalculateMonthlyCost calculates estimated monthly cost for common resources

func (*AWSPricingModule) DescribeServices added in v0.8.0 

func (m *AWSPricingModule) DescribeServices(ctx context.Context, serviceCode string, maxItems string) (string, error)

DescribeServices gets metadata for AWS services and their pricing attributes

func (*AWSPricingModule) GetAttributeValues added in v0.7.0 

func (m *AWSPricingModule) GetAttributeValues(ctx context.Context, serviceCode, attributeName, maxItems string) (string, error)

GetAttributeValues gets available attribute values for AWS service pricing filters

func (*AWSPricingModule) GetEC2Pricing added in v0.7.0 

func (m *AWSPricingModule) GetEC2Pricing(ctx context.Context, instanceType, region string) (string, error)

GetEC2Pricing gets EC2 instance pricing for a specific region and instance type

func (*AWSPricingModule) GetProducts added in v0.8.0 

func (m *AWSPricingModule) GetProducts(ctx context.Context, serviceCode, filters, formatVersion, maxItems string) (string, error)

GetProducts gets AWS pricing information for products that match filter criteria

func (*AWSPricingModule) GetRDSPricing added in v0.7.0 

func (m *AWSPricingModule) GetRDSPricing(ctx context.Context, instanceClass, engine, region string) (string, error)

GetRDSPricing gets RDS pricing for a specific instance class and region

func (*AWSPricingModule) GetServicePricing added in v0.7.0 

func (m *AWSPricingModule) GetServicePricing(ctx context.Context, service, region string) (string, error)

GetServicePricing gets pricing for a specific AWS service

func (*AWSPricingModule) GetVersion added in v0.8.0 

func (m *AWSPricingModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the AWS CLI version

func (*AWSPricingModule) ListServices added in v0.7.0 

func (m *AWSPricingModule) ListServices(ctx context.Context) (string, error)

ListServices lists available AWS services for pricing

type ActionlintModule added in v0.6.4 

type ActionlintModule struct {
	// contains filtered or unexported fields
}

ActionlintModule runs actionlint for GitHub Actions workflow validation

func NewActionlintModule added in v0.6.4 

func NewActionlintModule(client *dagger.Client) *ActionlintModule

NewActionlintModule creates a new actionlint module

func (*ActionlintModule) GetVersion added in v0.6.4 

func (m *ActionlintModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of actionlint

func (*ActionlintModule) ScanDirectory added in v0.6.4 

func (m *ActionlintModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory for GitHub Actions workflow issues

func (*ActionlintModule) ScanDirectoryWithOptions added in v0.7.0 

func (m *ActionlintModule) ScanDirectoryWithOptions(ctx context.Context, dir string, formatTemplate, ignorePatterns string, color bool) (string, error)

ScanDirectoryWithOptions scans a directory with advanced options (format template, ignore patterns, color)

func (*ActionlintModule) ScanFile added in v0.6.4 

func (m *ActionlintModule) ScanFile(ctx context.Context, filePath string) (string, error)

ScanFile scans a specific workflow file

func (*ActionlintModule) ScanSpecificFiles added in v0.7.0 

func (m *ActionlintModule) ScanSpecificFiles(ctx context.Context, dir string, workflowFiles []string, formatTemplate, ignorePatterns string, color bool) (string, error)

ScanSpecificFiles scans specific workflow files with options

func (*ActionlintModule) ScanWithExternalTools added in v0.7.0 

func (m *ActionlintModule) ScanWithExternalTools(ctx context.Context, dir, shellcheckPath, pyflakesPath string, color bool) (string, error)

ScanWithExternalTools scans workflows with shellcheck and pyflakes integration

type BuildXModule added in v0.8.2 

type BuildXModule struct {
	// contains filtered or unexported fields
}

BuildXModule provides Docker BuildX functionality for multi-platform image building

func NewBuildXModule added in v0.8.2 

func NewBuildXModule(client *dagger.Client) *BuildXModule

NewBuildXModule creates a new BuildX module

func (*BuildXModule) Build added in v0.8.2 

func (m *BuildXModule) Build(ctx context.Context, srcDir string, tag string, platform string, dockerfilePath string) (string, error)

Build builds an OCI image using Docker BuildX

func (*BuildXModule) Dev added in v0.8.2 

func (m *BuildXModule) Dev(ctx context.Context, srcDir string) (string, error)

Dev returns a development container with Docker BuildX installed

func (*BuildXModule) GetVersion added in v0.8.2 

func (m *BuildXModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the BuildX version information

func (*BuildXModule) Publish added in v0.8.2 

func (m *BuildXModule) Publish(ctx context.Context, srcDir string, tag string, platform string, username string, password string, registry string, dockerfilePath string) (string, error)

Publish builds and pushes an OCI image to a registry

type CertManagerModule added in v0.6.4 

type CertManagerModule struct {
	// contains filtered or unexported fields
}

CertManagerModule runs cert-manager for certificate management

func NewCertManagerModule added in v0.6.4 

func NewCertManagerModule(client *dagger.Client) *CertManagerModule

NewCertManagerModule creates a new cert-manager module

func (*CertManagerModule) CheckCertificate added in v0.6.4 

func (m *CertManagerModule) CheckCertificate(ctx context.Context, name string, namespace string, kubeconfig string) (string, error)

CheckCertificate checks certificate status

func (*CertManagerModule) CheckInstallation added in v0.7.0 

func (m *CertManagerModule) CheckInstallation(ctx context.Context, namespace string, kubeconfig string) (string, error)

CheckInstallation checks cert-manager installation status

func (*CertManagerModule) CreateCertificateRequest added in v0.7.0 

func (m *CertManagerModule) CreateCertificateRequest(ctx context.Context, name string, fromCertificateFile string, fetchCertificate bool, timeout string, kubeconfig string) (string, error)

CreateCertificateRequest creates a CertificateRequest using cmctl

func (*CertManagerModule) GetCertificates added in v0.6.4 

func (m *CertManagerModule) GetCertificates(ctx context.Context, namespace string, kubeconfig string) (string, error)

GetCertificates lists certificates

func (*CertManagerModule) GetVersion added in v0.6.4 

func (m *CertManagerModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of cert-manager

func (*CertManagerModule) Install added in v0.7.0 

func (m *CertManagerModule) Install(ctx context.Context, version string, dryRun bool) (string, error)

Install installs cert-manager using kubectl

func (*CertManagerModule) ListCertificates added in v0.7.0 

func (m *CertManagerModule) ListCertificates(ctx context.Context, namespace string, allNamespaces bool, kubeconfig string) (string, error)

ListCertificates lists certificates using kubectl

func (*CertManagerModule) RenewAllCertificates added in v0.8.0 

func (m *CertManagerModule) RenewAllCertificates(ctx context.Context, namespace string, kubeconfig string) (string, error)

RenewAllCertificates renews all certificates in a namespace

func (*CertManagerModule) RenewCertificate added in v0.6.4 

func (m *CertManagerModule) RenewCertificate(ctx context.Context, name string, namespace string, kubeconfig string) (string, error)

RenewCertificate renews a certificate

type CfnNagModule added in v0.6.4 

type CfnNagModule struct {
	// contains filtered or unexported fields
}

CfnNagModule runs cfn-nag for CloudFormation security scanning

func NewCfnNagModule added in v0.6.4 

func NewCfnNagModule(client *dagger.Client) *CfnNagModule

NewCfnNagModule creates a new cfn-nag module

func (*CfnNagModule) GenerateWhitelist added in v0.8.0 

func (m *CfnNagModule) GenerateWhitelist(ctx context.Context, templatePath string) (string, error)

GenerateWhitelist generates a whitelist template

func (*CfnNagModule) GetVersion added in v0.6.4 

func (m *CfnNagModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of cfn-nag

func (*CfnNagModule) ListRules added in v0.7.0 

func (m *CfnNagModule) ListRules(ctx context.Context) (string, error)

ListRules lists all available cfn-nag rules

func (*CfnNagModule) SPCMScan added in v0.7.0 

func (m *CfnNagModule) SPCMScan(ctx context.Context, inputPath string, outputFormat string) (string, error)

SPCMScan runs Stelligent Policy Complexity Metrics scan

func (*CfnNagModule) Scan added in v0.8.0 

func (m *CfnNagModule) Scan(ctx context.Context, inputPath string, outputFormat string, debug bool) (string, error)

Scan scans a CloudFormation template with options

func (*CfnNagModule) ScanDirectory added in v0.6.4 

func (m *CfnNagModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans all CloudFormation templates in a directory

func (*CfnNagModule) ScanTemplate added in v0.6.4 

func (m *CfnNagModule) ScanTemplate(ctx context.Context, templatePath string) (string, error)

ScanTemplate scans a CloudFormation template

func (*CfnNagModule) ScanWithParameters added in v0.7.0 

func (m *CfnNagModule) ScanWithParameters(ctx context.Context, inputPath string, parameterValuesPath string, conditionValuesPath string, ruleArguments string) (string, error)

ScanWithParameters scans with parameter values

func (*CfnNagModule) ScanWithProfile added in v0.7.0 

func (m *CfnNagModule) ScanWithProfile(ctx context.Context, templatePath string, profilePath string, denyListPath string) (string, error)

ScanWithProfile scans with specific rule profile

func (*CfnNagModule) ScanWithRules added in v0.6.4 

func (m *CfnNagModule) ScanWithRules(ctx context.Context, templatePath string, rulesPath string) (string, error)

ScanWithRules scans with custom rules

func (*CfnNagModule) ScanWithSuppression added in v0.8.0 

func (m *CfnNagModule) ScanWithSuppression(ctx context.Context, templatePath string, suppressRules []string) (string, error)

ScanWithSuppression scans with rule suppression

type CheckovModule 

type CheckovModule struct {
	// contains filtered or unexported fields
}

CheckovModule runs Checkov for multi-cloud security scanning

func NewCheckovModule 

func NewCheckovModule(client *dagger.Client) *CheckovModule

NewCheckovModule creates a new Checkov module

func (*CheckovModule) CreateConfig added in v0.7.0 

func (m *CheckovModule) CreateConfig(ctx context.Context, configPath string) (string, error)

CreateConfig generates configuration file from current settings

func (*CheckovModule) GetVersion 

func (m *CheckovModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Checkov

func (*CheckovModule) ScanDirectory 

func (m *CheckovModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory for security issues

func (*CheckovModule) ScanDirectoryWithOptions added in v0.8.0 

func (m *CheckovModule) ScanDirectoryWithOptions(ctx context.Context, dir string, framework string, output string, compact bool, quiet bool) (string, error)

ScanDirectoryWithOptions scans a directory with configurable options

func (*CheckovModule) ScanDockerImage added in v0.7.0 

func (m *CheckovModule) ScanDockerImage(ctx context.Context, dockerImage string, dockerfilePath string, output string) (string, error)

ScanDockerImage scans Docker container image for vulnerabilities

func (*CheckovModule) ScanFile 

func (m *CheckovModule) ScanFile(ctx context.Context, filePath string) (string, error)

ScanFile scans a specific file for security issues

func (*CheckovModule) ScanFileWithOptions added in v0.8.0 

func (m *CheckovModule) ScanFileWithOptions(ctx context.Context, filePath string, framework string, output string) (string, error)

ScanFileWithOptions scans a file with configurable options

func (*CheckovModule) ScanMultiFramework 

func (m *CheckovModule) ScanMultiFramework(ctx context.Context, dir string, frameworks []string) (string, error)

ScanMultiFramework scans for multiple cloud frameworks

func (*CheckovModule) ScanPackages added in v0.7.0 

func (m *CheckovModule) ScanPackages(ctx context.Context, dir string, output string) (string, error)

ScanPackages scans package dependencies for vulnerabilities

func (*CheckovModule) ScanSecrets added in v0.7.0 

func (m *CheckovModule) ScanSecrets(ctx context.Context, dir string, output string) (string, error)

ScanSecrets scans for hardcoded secrets in code

func (*CheckovModule) ScanWithConfig added in v0.7.0 

func (m *CheckovModule) ScanWithConfig(ctx context.Context, dir string, configFile string) (string, error)

ScanWithConfig scans using configuration file

func (*CheckovModule) ScanWithExternalModules added in v0.7.0 

func (m *CheckovModule) ScanWithExternalModules(ctx context.Context, dir string, downloadExternalModules bool) (string, error)

ScanWithExternalModules scans with external module downloading enabled

func (*CheckovModule) ScanWithPolicy 

func (m *CheckovModule) ScanWithPolicy(ctx context.Context, dir string, policyPath string) (string, error)

ScanWithPolicy scans using custom policies

func (*CheckovModule) ScanWithSeverity 

func (m *CheckovModule) ScanWithSeverity(ctx context.Context, dir string, severities []string) (string, error)

ScanWithSeverity scans filtering by severity levels

func (*CheckovModule) ScanWithSkips 

func (m *CheckovModule) ScanWithSkips(ctx context.Context, dir string, skipChecks []string) (string, error)

ScanWithSkips scans while skipping specific checks

func (*CheckovModule) ScanWithSpecificChecks added in v0.8.0 

func (m *CheckovModule) ScanWithSpecificChecks(ctx context.Context, dir string, checks string, skipChecks string) (string, error)

ScanWithSpecificChecks scans with specific checks enabled or disabled

type CloudQueryModule added in v0.6.4 

type CloudQueryModule struct {
	// contains filtered or unexported fields
}

CloudQueryModule runs CloudQuery for cloud asset inventory

func NewCloudQueryModule added in v0.6.4 

func NewCloudQueryModule(client *dagger.Client) *CloudQueryModule

NewCloudQueryModule creates a new CloudQuery module

func (*CloudQueryModule) GetTables added in v0.7.0 

func (m *CloudQueryModule) GetTables(ctx context.Context, source string, outputDir string, format string) (string, error)

GetTables generates table documentation

func (*CloudQueryModule) GetVersion added in v0.6.4 

func (m *CloudQueryModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of CloudQuery

func (*CloudQueryModule) InitConfig added in v0.7.0 

func (m *CloudQueryModule) InitConfig(ctx context.Context, source string, destination string) (string, error)

InitConfig generates initial configuration

func (*CloudQueryModule) InstallPlugin added in v0.7.0 

func (m *CloudQueryModule) InstallPlugin(ctx context.Context, pluginName string) (string, error)

InstallPlugin installs a CloudQuery plugin

func (*CloudQueryModule) ListProviders added in v0.6.4 

func (m *CloudQueryModule) ListProviders(ctx context.Context) (string, error)

ListProviders lists available CloudQuery providers

func (*CloudQueryModule) Login added in v0.7.0 

func (m *CloudQueryModule) Login(ctx context.Context) (string, error)

Login to CloudQuery Hub

func (*CloudQueryModule) Logout added in v0.7.0 

func (m *CloudQueryModule) Logout(ctx context.Context) (string, error)

Logout from CloudQuery Hub

func (*CloudQueryModule) MigrateConfig added in v0.7.0 

func (m *CloudQueryModule) MigrateConfig(ctx context.Context, configPath string) (string, error)

MigrateConfig updates destination schema

func (*CloudQueryModule) MigrateWithOptions added in v0.8.0 

func (m *CloudQueryModule) MigrateWithOptions(ctx context.Context, configPath string, logLevel string) (string, error)

MigrateWithOptions migrates schema with configurable options

func (*CloudQueryModule) Switch added in v0.8.0 

func (m *CloudQueryModule) Switch(ctx context.Context) (string, error)

Switch between CloudQuery contexts or configurations

func (*CloudQueryModule) SyncWithConfig added in v0.6.4 

func (m *CloudQueryModule) SyncWithConfig(ctx context.Context, configPath string) (string, error)

SyncWithConfig syncs cloud resources using configuration

func (*CloudQueryModule) SyncWithOptions added in v0.8.0 

func (m *CloudQueryModule) SyncWithOptions(ctx context.Context, configPath string, logLevel string, noMigrate bool) (string, error)

SyncWithOptions syncs cloud resources with configurable options

func (*CloudQueryModule) TestConnection added in v0.7.0 

func (m *CloudQueryModule) TestConnection(ctx context.Context, configPath string) (string, error)

TestConnection tests plugin connections

func (*CloudQueryModule) ValidateConfig added in v0.6.4 

func (m *CloudQueryModule) ValidateConfig(ctx context.Context, configPath string) (string, error)

ValidateConfig validates CloudQuery configuration

type CloudsplainingModule added in v0.6.4 

type CloudsplainingModule struct {
	// contains filtered or unexported fields
}

CloudsplainingModule runs Cloudsplaining for AWS IAM security assessment

func NewCloudsplainingModule added in v0.6.4 

func NewCloudsplainingModule(client *dagger.Client) *CloudsplainingModule

NewCloudsplainingModule creates a new Cloudsplaining module

func (*CloudsplainingModule) CreateExclusionsFile added in v0.7.0 

func (m *CloudsplainingModule) CreateExclusionsFile(ctx context.Context) (string, error)

CreateExclusionsFile creates exclusions file template

func (*CloudsplainingModule) CreateMultiAccountConfig added in v0.7.0 

func (m *CloudsplainingModule) CreateMultiAccountConfig(ctx context.Context, outputFile string) (string, error)

CreateMultiAccountConfig creates multi-account configuration file

func (*CloudsplainingModule) CreateReportFromResults added in v0.6.4 

func (m *CloudsplainingModule) CreateReportFromResults(ctx context.Context, resultsPath string) (string, error)

CreateReportFromResults creates an HTML report from scan results

func (*CloudsplainingModule) Download added in v0.7.0 

func (m *CloudsplainingModule) Download(ctx context.Context, profile string, includeNonDefaultPolicyVersions bool) (string, error)

Download downloads AWS account authorization data

func (*CloudsplainingModule) GetVersion added in v0.8.0 

func (m *CloudsplainingModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of CloudSplaining

func (*CloudsplainingModule) ScanAccountAuthorization added in v0.6.4 

func (m *CloudsplainingModule) ScanAccountAuthorization(ctx context.Context, profile string) (string, error)

ScanAccountAuthorization scans account authorization details

func (*CloudsplainingModule) ScanAccountData added in v0.7.0 

func (m *CloudsplainingModule) ScanAccountData(ctx context.Context, inputFile string, exclusionsFile string, outputDir string) (string, error)

ScanAccountData scans downloaded account authorization data

func (*CloudsplainingModule) ScanMultiAccount added in v0.7.0 

func (m *CloudsplainingModule) ScanMultiAccount(ctx context.Context, configFile string, profile string, roleName string, outputBucket string, outputDirectory string) (string, error)

ScanMultiAccount scans multiple AWS accounts

func (*CloudsplainingModule) ScanPolicyFile added in v0.6.4 

func (m *CloudsplainingModule) ScanPolicyFile(ctx context.Context, policyPath string) (string, error)

ScanPolicyFile scans a specific IAM policy file

func (*CloudsplainingModule) ScanWithMinimization added in v0.6.4 

func (m *CloudsplainingModule) ScanWithMinimization(ctx context.Context, profile string, minimizeStatementId string) (string, error)

ScanWithMinimization scans with policy minimization recommendations

type ConftestModule added in v0.6.4 

type ConftestModule struct {
	// contains filtered or unexported fields
}

ConftestModule runs Conftest for OPA policy testing

func NewConftestModule added in v0.6.4 

func NewConftestModule(client *dagger.Client) *ConftestModule

NewConftestModule creates a new Conftest module

func (*ConftestModule) GetVersion added in v0.6.4 

func (m *ConftestModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Conftest

func (*ConftestModule) ParseFile added in v0.7.0 

func (m *ConftestModule) ParseFile(ctx context.Context, filePath string, parser string) (string, error)

ParseFile parses and prints structured data from input files

func (*ConftestModule) PushPolicies added in v0.7.0 

func (m *ConftestModule) PushPolicies(ctx context.Context, registryURL string, policyPath string) (string, error)

PushPolicies pushes OPA policy bundles to OCI registry

func (*ConftestModule) TestFile added in v0.6.4 

func (m *ConftestModule) TestFile(ctx context.Context, filePath string, policyPath string) (string, error)

TestFile tests a specific file against policies

func (*ConftestModule) TestWithOptions added in v0.8.0 

func (m *ConftestModule) TestWithOptions(ctx context.Context, inputFile string, policy string, namespace string, allNamespaces bool, output string, parser string) (string, error)

TestWithOptions tests configuration files with comprehensive options

func (*ConftestModule) TestWithPolicy added in v0.6.4 

func (m *ConftestModule) TestWithPolicy(ctx context.Context, dir string, policyPath string) (string, error)

TestWithPolicy tests files against OPA policies

func (*ConftestModule) VerifyPolicies added in v0.7.0 

func (m *ConftestModule) VerifyPolicies(ctx context.Context, policyPath string) (string, error)

VerifyPolicies runs policy unit tests

func (*ConftestModule) VerifyWithOptions added in v0.8.0 

func (m *ConftestModule) VerifyWithOptions(ctx context.Context, policy string, showBuiltinErrors bool) (string, error)

VerifyWithOptions runs policy unit tests with options

type ContainerRegistryModule added in v0.7.0 

type ContainerRegistryModule struct {
	// contains filtered or unexported fields
}

ContainerRegistryModule provides Docker registry operations

func NewContainerRegistryModule added in v0.7.0 

func NewContainerRegistryModule(client *dagger.Client) *ContainerRegistryModule

NewContainerRegistryModule creates a new container registry module

func (*ContainerRegistryModule) ListImages added in v0.7.0 

func (m *ContainerRegistryModule) ListImages(ctx context.Context, repository string, all bool) (string, error)

ListImages lists local Docker images

func (*ContainerRegistryModule) Login added in v0.7.0 

func (m *ContainerRegistryModule) Login(ctx context.Context, registry, username, password string) (string, error)

Login to container registry

func (*ContainerRegistryModule) Logout added in v0.7.0 

func (m *ContainerRegistryModule) Logout(ctx context.Context, registry string) (string, error)

Logout from container registry

func (*ContainerRegistryModule) PullImage added in v0.7.0 

func (m *ContainerRegistryModule) PullImage(ctx context.Context, image string) (string, error)

PullImage pulls an image from the registry

func (*ContainerRegistryModule) PushImage added in v0.7.0 

func (m *ContainerRegistryModule) PushImage(ctx context.Context, image string) (string, error)

PushImage pushes an image to the registry

func (*ContainerRegistryModule) TagImage added in v0.7.0 

func (m *ContainerRegistryModule) TagImage(ctx context.Context, sourceImage, targetImage string) (string, error)

TagImage creates a tag for an image

type CosignModule added in v0.6.4 

type CosignModule struct {
	// contains filtered or unexported fields
}

CosignModule runs Cosign for container signing and verification

func NewCosignModule added in v0.6.4 

func NewCosignModule(client *dagger.Client) *CosignModule

NewCosignModule creates a new Cosign module

func (*CosignModule) AttestSBOM added in v0.6.4 

func (m *CosignModule) AttestSBOM(ctx context.Context, imageName string, sbomPath string, privateKeyPath string) (string, error)

AttestSBOM creates an SBOM attestation for an image

func (*CosignModule) AttestWithOptions added in v0.8.0 

func (m *CosignModule) AttestWithOptions(ctx context.Context, imageName string, predicatePath string, keyPath string) (string, error)

AttestWithOptions creates attestation with comprehensive options

func (*CosignModule) CopyImage added in v0.7.0 

func (m *CosignModule) CopyImage(ctx context.Context, sourceImage string, destinationImage string) (string, error)

CopyImage copies images between registries

func (*CosignModule) GenerateKeyPair added in v0.6.4 

func (m *CosignModule) GenerateKeyPair(ctx context.Context, outputDir string) (string, error)

GenerateKeyPair generates a new signing key pair

func (*CosignModule) GetVersion added in v0.7.0 

func (m *CosignModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Cosign

func (*CosignModule) SignBlob added in v0.7.0 

func (m *CosignModule) SignBlob(ctx context.Context, blobPath string, keyPath string, outputSignature string) (string, error)

SignBlob signs arbitrary blob using Cosign

func (*CosignModule) SignImage added in v0.6.4 

func (m *CosignModule) SignImage(ctx context.Context, imageName string, privateKeyPath string) (string, error)

SignImage signs a container image (requires authentication)

func (*CosignModule) SignImageKeyless added in v0.6.4 

func (m *CosignModule) SignImageKeyless(ctx context.Context, imageName string) (string, error)

SignImageKeyless signs an image using keyless signing (OIDC)

func (*CosignModule) SignImageWithOptions added in v0.8.0 

func (m *CosignModule) SignImageWithOptions(ctx context.Context, imageName string, keyPath string, keyless bool) (string, error)

SignImageWithOptions signs container image with comprehensive options

func (*CosignModule) UploadBlob added in v0.7.0 

func (m *CosignModule) UploadBlob(ctx context.Context, blobPath string, registryURL string) (string, error)

UploadBlob uploads generic artifact as a blob to registry

func (*CosignModule) UploadWasm added in v0.7.0 

func (m *CosignModule) UploadWasm(ctx context.Context, wasmPath string, registryURL string) (string, error)

UploadWasm uploads WebAssembly module to registry

func (*CosignModule) VerifyAttestation added in v0.6.4 

func (m *CosignModule) VerifyAttestation(ctx context.Context, imageName string, attestationType string) (string, error)

VerifyAttestation verifies attestations for an image

func (*CosignModule) VerifyAttestationWithOptions added in v0.8.0 

func (m *CosignModule) VerifyAttestationWithOptions(ctx context.Context, imageName string, keyPath string, policyPath string) (string, error)

VerifyAttestationWithOptions verifies attestation with comprehensive options

func (*CosignModule) VerifyBlob added in v0.7.0 

func (m *CosignModule) VerifyBlob(ctx context.Context, blobPath string, signaturePath string, keyPath string) (string, error)

VerifyBlob verifies blob signature using Cosign

func (*CosignModule) VerifyImage added in v0.6.4 

func (m *CosignModule) VerifyImage(ctx context.Context, imageName string) (string, error)

VerifyImage verifies a signed container image

func (*CosignModule) VerifyImageWithKey added in v0.6.4 

func (m *CosignModule) VerifyImageWithKey(ctx context.Context, imageName string, publicKeyPath string) (string, error)

VerifyImageWithKey verifies an image with a specific public key

func (*CosignModule) VerifyImageWithOptions added in v0.8.0 

func (m *CosignModule) VerifyImageWithOptions(ctx context.Context, imageName string, keyPath string, keyless bool) (string, error)

VerifyImageWithOptions verifies container image with comprehensive options

type CustodianModule added in v0.6.4 

type CustodianModule struct {
	// contains filtered or unexported fields
}

CustodianModule runs Cloud Custodian for cloud governance

func NewCustodianModule added in v0.6.4 

func NewCustodianModule(client *dagger.Client) *CustodianModule

NewCustodianModule creates a new Cloud Custodian module

func (*CustodianModule) DryRun added in v0.6.4 

func (m *CustodianModule) DryRun(ctx context.Context, policyPath string) (string, error)

DryRun performs a dry run of a policy

func (*CustodianModule) GetVersion added in v0.7.0 

func (m *CustodianModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Cloud Custodian

func (*CustodianModule) Logs added in v0.8.0 

func (m *CustodianModule) Logs(ctx context.Context, policyPath string, outputDir string) (string, error)

Logs retrieves logs for a specific policy

func (*CustodianModule) Metrics added in v0.8.0 

func (m *CustodianModule) Metrics(ctx context.Context, policyPath string, outputDir string, start string, end string) (string, error)

Metrics retrieves metrics for policy execution

func (*CustodianModule) Report added in v0.8.0 

func (m *CustodianModule) Report(ctx context.Context, policyPath string, outputDir string, format string) (string, error)

Report generates a tabular report on policy matched resources

func (*CustodianModule) RunPolicy added in v0.6.4 

func (m *CustodianModule) RunPolicy(ctx context.Context, policyPath string, outputDir string) (string, error)

RunPolicy runs a custodian policy

func (*CustodianModule) Schema added in v0.7.0 

func (m *CustodianModule) Schema(ctx context.Context, resourceType string) (string, error)

Schema shows schema for a particular resource type

func (*CustodianModule) ValidatePolicy added in v0.6.4 

func (m *CustodianModule) ValidatePolicy(ctx context.Context, policyPath string) (string, error)

ValidatePolicy validates a custodian policy

type DependencyTrackModule added in v0.6.4 

type DependencyTrackModule struct {
	Client *dagger.Client
}

DependencyTrackModule provides OWASP Dependency-Track scanning capabilities

func NewDependencyTrackModule added in v0.6.4 

func NewDependencyTrackModule(client *dagger.Client) *DependencyTrackModule

NewDependencyTrackModule creates a new DependencyTrack module

func (*DependencyTrackModule) AnalyzeProject added in v0.6.4 

func (m *DependencyTrackModule) AnalyzeProject(ctx context.Context, projectPath string, projectName string, projectVersion string) (string, error)

AnalyzeProject generates and uploads SBOM for a project directory

func (*DependencyTrackModule) GenerateBOM added in v0.8.0 

func (m *DependencyTrackModule) GenerateBOM(ctx context.Context, projectType string, projectPath string, outputFile string) (string, error)

GenerateBOM generates CycloneDX BOM using various build tools

func (*DependencyTrackModule) GenerateReport added in v0.6.4 

func (m *DependencyTrackModule) GenerateReport(ctx context.Context, projectName string, projectVersion string) (string, error)

GenerateReport generates a vulnerability report using dtrack-cli (requires existing project)

func (*DependencyTrackModule) ScanSBOM added in v0.6.4 

func (m *DependencyTrackModule) ScanSBOM(ctx context.Context, sbomPath string) (string, error)

ScanSBOM scans a Software Bill of Materials (SBOM) file using dtrack-cli

func (*DependencyTrackModule) TrackDependencies added in v0.6.4 

func (m *DependencyTrackModule) TrackDependencies(ctx context.Context, projectPath string, projectName string, projectVersion string) (string, error)

TrackDependencies uploads SBOM to track dependencies (tracking happens server-side)

func (*DependencyTrackModule) UploadBOM added in v0.8.0 

func (m *DependencyTrackModule) UploadBOM(ctx context.Context, bomPath string, projectName string, projectVersion string, serverURL string, apiKey string) (string, error)

UploadBOM uploads BOM file to Dependency Track using dtrack-cli

func (*DependencyTrackModule) UploadBOMAPI added in v0.8.0 

func (m *DependencyTrackModule) UploadBOMAPI(ctx context.Context, bomPath string, serverURL string, apiKey string, projectName string, projectVersion string, autoCreate bool) (string, error)

UploadBOMAPI uploads BOM to Dependency Track via REST API using curl

func (*DependencyTrackModule) ValidateComponents added in v0.6.4 

func (m *DependencyTrackModule) ValidateComponents(ctx context.Context, projectPath string, projectName string, projectVersion string) (string, error)

ValidateComponents uploads SBOM for validation (policy evaluation happens server-side)

type DockleConfig added in v0.6.4 

type DockleConfig struct {
	Format     string
	Output     string
	ExitLevel  string
	AcceptKey  []string
	AcceptFile []string
	Ignore     []string
}

type DockleModule added in v0.6.4 

type DockleModule struct {
	// contains filtered or unexported fields
}

func NewDockleModule added in v0.6.4 

func NewDockleModule(client *dagger.Client) *DockleModule

func (*DockleModule) GetVersion added in v0.8.0 

func (m *DockleModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Dockle

func (*DockleModule) ListChecks added in v0.6.4 

func (m *DockleModule) ListChecks(ctx context.Context) (*dagger.Container, error)

ListChecks lists all available Dockle security checks

func (*DockleModule) ScanDockerfile added in v0.6.4 

func (m *DockleModule) ScanDockerfile(ctx context.Context, dockerfilePath string, opts ...DockleOption) (*dagger.Container, error)

ScanDockerfile scans a Dockerfile for best practices

func (*DockleModule) ScanImage added in v0.6.4 

func (m *DockleModule) ScanImage(ctx context.Context, imageRef string, opts ...DockleOption) (*dagger.Container, error)

ScanImage scans a container image for security issues using Dockle

func (*DockleModule) ScanImageJSON added in v0.8.0 

func (m *DockleModule) ScanImageJSON(ctx context.Context, imageRef string, outputFile string) (string, error)

ScanImageJSON scans a container image and returns JSON output (MCP compatible)

func (*DockleModule) ScanImageString added in v0.8.0 

func (m *DockleModule) ScanImageString(ctx context.Context, imageRef string) (string, error)

ScanImageString scans a container image and returns string output (MCP compatible)

func (*DockleModule) ScanTarball added in v0.6.4 

func (m *DockleModule) ScanTarball(ctx context.Context, tarballPath string, opts ...DockleOption) (*dagger.Container, error)

ScanTarball scans a container image tarball

func (*DockleModule) ScanTarballJSON added in v0.8.0 

func (m *DockleModule) ScanTarballJSON(ctx context.Context, tarballPath string, outputFile string) (string, error)

ScanTarballJSON scans a container image tarball and returns JSON output (MCP compatible)

func (*DockleModule) ScanTarballString added in v0.8.0 

func (m *DockleModule) ScanTarballString(ctx context.Context, tarballPath string) (string, error)

ScanTarballString scans a container image tarball and returns string output (MCP compatible)

func (*DockleModule) ScanWithPolicy added in v0.6.4 

func (m *DockleModule) ScanWithPolicy(ctx context.Context, imageRef string, policyPath string, opts ...DockleOption) (*dagger.Container, error)

ScanWithPolicy scans using a custom policy file

type DockleOption added in v0.6.4 

type DockleOption func(*DockleConfig)

func WithAcceptFile added in v0.6.4 

func WithAcceptFile(files []string) DockleOption

func WithAcceptKey added in v0.6.4 

func WithAcceptKey(keys []string) DockleOption

func WithDockleFormat added in v0.6.4 

func WithDockleFormat(format string) DockleOption

func WithDockleIgnore added in v0.6.4 

func WithDockleIgnore(ignores []string) DockleOption

func WithDockleOutput added in v0.6.4 

func WithDockleOutput(output string) DockleOption

func WithExitLevel added in v0.6.4 

func WithExitLevel(level string) DockleOption

type FalcoModule added in v0.6.4 

type FalcoModule struct {
	// contains filtered or unexported fields
}

FalcoModule runs Falco for runtime security monitoring

func NewFalcoModule added in v0.6.4 

func NewFalcoModule(client *dagger.Client) *FalcoModule

NewFalcoModule creates a new Falco module

func (*FalcoModule) DescribeRule added in v0.7.0 

func (m *FalcoModule) DescribeRule(ctx context.Context, ruleName string, rulesPath string) (string, error)

DescribeRule describes a specific Falco rule

func (*FalcoModule) DescribeRuleSimple added in v0.8.0 

func (m *FalcoModule) DescribeRuleSimple(ctx context.Context, ruleName string, rulesPath string) (string, error)

DescribeRuleSimple describes a specific Falco rule (MCP compatible)

func (*FalcoModule) DryRun added in v0.7.0 

func (m *FalcoModule) DryRun(ctx context.Context, rulesPath string, configPath string) (string, error)

DryRun performs dry run without monitoring

func (*FalcoModule) DryRunSimple added in v0.8.0 

func (m *FalcoModule) DryRunSimple(ctx context.Context, configPath string, rulesPath string) (string, error)

DryRunSimple performs dry run without monitoring (MCP compatible)

func (*FalcoModule) GetVersion added in v0.6.4 

func (m *FalcoModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Falco

func (*FalcoModule) GetVersionSimple added in v0.8.0 

func (m *FalcoModule) GetVersionSimple(ctx context.Context) (string, error)

GetVersionSimple returns the version of Falco (MCP compatible)

func (*FalcoModule) ListFields added in v0.7.0 

func (m *FalcoModule) ListFields(ctx context.Context) (string, error)

ListFields lists available fields for Falco rules

func (*FalcoModule) ListFieldsWithSource added in v0.8.0 

func (m *FalcoModule) ListFieldsWithSource(ctx context.Context, source string) (string, error)

ListFieldsWithSource lists supported fields for Falco rules (MCP compatible)

func (*FalcoModule) ListRules added in v0.7.0 

func (m *FalcoModule) ListRules(ctx context.Context, rulesPath string) (string, error)

ListRules lists all loaded Falco rules

func (*FalcoModule) ListRulesSimple added in v0.8.0 

func (m *FalcoModule) ListRulesSimple(ctx context.Context, rulesPath string) (string, error)

ListRulesSimple lists all loaded Falco rules (MCP compatible)

func (*FalcoModule) RunWithCustomRules added in v0.6.4 

func (m *FalcoModule) RunWithCustomRules(ctx context.Context, rulesPath string, kubeconfig string) (string, error)

RunWithCustomRules runs Falco with custom rules

func (*FalcoModule) RunWithDefaultRules added in v0.6.4 

func (m *FalcoModule) RunWithDefaultRules(ctx context.Context, kubeconfig string) (string, error)

RunWithDefaultRules runs Falco with default rules

func (*FalcoModule) StartMonitoring added in v0.8.0 

func (m *FalcoModule) StartMonitoring(ctx context.Context, configPath string, rulesPath string, outputFormat string) (string, error)

StartMonitoring starts Falco runtime security monitoring (MCP compatible)

func (*FalcoModule) ValidateRules added in v0.6.4 

func (m *FalcoModule) ValidateRules(ctx context.Context, rulesPath string) (string, error)

ValidateRules validates Falco rules syntax

func (*FalcoModule) ValidateRulesSimple added in v0.8.0 

func (m *FalcoModule) ValidateRulesSimple(ctx context.Context, rulesPath string) (string, error)

ValidateRulesSimple validates Falco rules syntax (MCP compatible)

type FleetModule added in v0.6.4 

type FleetModule struct {
	// contains filtered or unexported fields
}

FleetModule runs Fleet for GitOps with Kubernetes

func NewFleetModule added in v0.6.4 

func NewFleetModule(client *dagger.Client) *FleetModule

NewFleetModule creates a new Fleet module

func (*FleetModule) ApplyGitRepo added in v0.8.0 

func (m *FleetModule) ApplyGitRepo(ctx context.Context, gitrepoFile string, namespace string) (string, error)

ApplyGitRepo applies Fleet GitRepo configuration using kubectl (MCP compatible)

func (*FleetModule) CreateGitRepo added in v0.6.4 

func (m *FleetModule) CreateGitRepo(ctx context.Context, name string, repoURL string, branch string, path string, kubeconfig string) (string, error)

CreateGitRepo creates a new Git repository resource

func (*FleetModule) DescribeGitRepo added in v0.7.0 

func (m *FleetModule) DescribeGitRepo(ctx context.Context, name string, namespace string, kubeconfig string) (string, error)

DescribeGitRepo describes a Fleet GitRepo

func (*FleetModule) DescribeGitRepoSimple added in v0.8.0 

func (m *FleetModule) DescribeGitRepoSimple(ctx context.Context, gitrepoName string, namespace string) (string, error)

DescribeGitRepoSimple describes a Fleet GitRepo (MCP compatible)

func (*FleetModule) GetBundleDeployments added in v0.7.0 

func (m *FleetModule) GetBundleDeployments(ctx context.Context, kubeconfig string, namespace string) (string, error)

GetBundleDeployments lists Fleet bundle deployments

func (*FleetModule) GetBundleDeploymentsSimple added in v0.8.0 

func (m *FleetModule) GetBundleDeploymentsSimple(ctx context.Context, namespace string) (string, error)

GetBundleDeploymentsSimple lists Fleet bundle deployments (MCP compatible)

func (*FleetModule) GetBundles added in v0.7.0 

func (m *FleetModule) GetBundles(ctx context.Context, kubeconfig string, namespace string) (string, error)

GetBundles lists Fleet bundles

func (*FleetModule) GetBundlesSimple added in v0.8.0 

func (m *FleetModule) GetBundlesSimple(ctx context.Context, namespace string) (string, error)

GetBundlesSimple lists Fleet bundles (MCP compatible)

func (*FleetModule) GetClusters added in v0.6.4 

func (m *FleetModule) GetClusters(ctx context.Context, kubeconfig string) (string, error)

GetClusters lists Fleet clusters

func (*FleetModule) GetGitRepos added in v0.6.4 

func (m *FleetModule) GetGitRepos(ctx context.Context, kubeconfig string) (string, error)

GetGitRepos lists Git repositories managed by Fleet

func (*FleetModule) GetGitReposSimple added in v0.8.0 

func (m *FleetModule) GetGitReposSimple(ctx context.Context, namespace string) (string, error)

GetGitReposSimple lists Git repositories managed by Fleet (MCP compatible)

func (*FleetModule) Install added in v0.7.0 

func (m *FleetModule) Install(ctx context.Context, namespace string, kubeconfig string) (string, error)

Install installs Fleet using Helm

func (*FleetModule) InstallWithVersion added in v0.8.0 

func (m *FleetModule) InstallWithVersion(ctx context.Context, version string) (string, error)

InstallWithVersion installs Fleet using Helm with specific version (MCP compatible)

type GatekeeperConfig added in v0.6.4 

type GatekeeperConfig struct {
	GatekeeperVersion string
	RegoVersion       string
	ConstraintsDir    string
	TemplatesDir      string
	KubeconfigPath    string
	Namespace         string
	Format            string
	Output            string
	Query             string
	Verbose           bool
	Coverage          bool
}

type GatekeeperModule added in v0.6.4 

type GatekeeperModule struct {
	// contains filtered or unexported fields
}

func NewGatekeeperModule added in v0.6.4 

func NewGatekeeperModule(client *dagger.Client) *GatekeeperModule

func (*GatekeeperModule) AnalyzeViolations added in v0.6.4 

func (m *GatekeeperModule) AnalyzeViolations(ctx context.Context, opts ...GatekeeperOption) (*dagger.Container, error)

AnalyzeViolations analyzes constraint violations in the cluster

func (*GatekeeperModule) ApplyConstraint added in v0.8.0 

func (m *GatekeeperModule) ApplyConstraint(ctx context.Context, constraintFile string) (string, error)

ApplyConstraint applies Gatekeeper constraint using kubectl (MCP compatible)

func (*GatekeeperModule) ApplyConstraintTemplate added in v0.8.0 

func (m *GatekeeperModule) ApplyConstraintTemplate(ctx context.Context, templateFile string) (string, error)

ApplyConstraintTemplate applies Gatekeeper constraint template using kubectl (MCP compatible)

func (*GatekeeperModule) GenerateConstraintTemplate added in v0.6.4 

func (m *GatekeeperModule) GenerateConstraintTemplate(ctx context.Context, templateName string, opts ...GatekeeperOption) (*dagger.Container, error)

GenerateConstraintTemplate creates a new constraint template

func (*GatekeeperModule) GetConstraintTemplates added in v0.8.0 

func (m *GatekeeperModule) GetConstraintTemplates(ctx context.Context) (string, error)

GetConstraintTemplates lists Gatekeeper constraint templates (MCP compatible)

func (*GatekeeperModule) GetConstraints added in v0.8.0 

func (m *GatekeeperModule) GetConstraints(ctx context.Context, constraintType string) (string, error)

GetConstraints lists Gatekeeper constraints (MCP compatible)

func (*GatekeeperModule) GetStatus added in v0.8.0 

func (m *GatekeeperModule) GetStatus(ctx context.Context) (string, error)

GetStatus gets Gatekeeper system status (MCP compatible)

func (*GatekeeperModule) GetVersion added in v0.7.0 

func (m *GatekeeperModule) GetVersion(ctx context.Context) (*dagger.Container, error)

GetVersion returns the version of Gatekeeper

func (*GatekeeperModule) InstallGatekeeper added in v0.8.0 

func (m *GatekeeperModule) InstallGatekeeper(ctx context.Context, version string, useHelm bool) (string, error)

InstallGatekeeper installs Gatekeeper using kubectl or Helm (MCP compatible)

func (*GatekeeperModule) SyncConstraints added in v0.6.4 

func (m *GatekeeperModule) SyncConstraints(ctx context.Context, opts ...GatekeeperOption) (*dagger.Container, error)

SyncConstraints syncs Gatekeeper constraints with cluster state

func (*GatekeeperModule) TestConstraints added in v0.6.4 

func (m *GatekeeperModule) TestConstraints(ctx context.Context, testsDir string, opts ...GatekeeperOption) (*dagger.Container, error)

TestConstraints runs tests for Gatekeeper constraints

func (*GatekeeperModule) UninstallGatekeeper added in v0.8.0 

func (m *GatekeeperModule) UninstallGatekeeper(ctx context.Context, version string, useHelm bool) (string, error)

UninstallGatekeeper uninstalls Gatekeeper (MCP compatible)

func (*GatekeeperModule) ValidateConstraints added in v0.6.4 

func (m *GatekeeperModule) ValidateConstraints(ctx context.Context, resourcesDir string, opts ...GatekeeperOption) (*dagger.Container, error)

ValidateConstraints validates Kubernetes resources against OPA Gatekeeper constraints

type GatekeeperOption added in v0.6.4 

type GatekeeperOption func(*GatekeeperConfig)

func WithConstraintsDir added in v0.6.4 

func WithConstraintsDir(dir string) GatekeeperOption

func WithCoverage added in v0.6.4 

func WithCoverage(coverage bool) GatekeeperOption

func WithFormat added in v0.6.4 

func WithFormat(format string) GatekeeperOption

func WithGatekeeperVersion added in v0.6.4 

func WithGatekeeperVersion(version string) GatekeeperOption

func WithKubeconfigPath added in v0.6.4 

func WithKubeconfigPath(path string) GatekeeperOption

func WithNamespace added in v0.6.4 

func WithNamespace(namespace string) GatekeeperOption

func WithOutput added in v0.6.4 

func WithOutput(output string) GatekeeperOption

func WithQuery added in v0.6.4 

func WithQuery(query string) GatekeeperOption

func WithRegoVersion added in v0.6.4 

func WithRegoVersion(version string) GatekeeperOption

func WithTemplatesDir added in v0.6.4 

func WithTemplatesDir(dir string) GatekeeperOption

func WithVerbose added in v0.6.4 

func WithVerbose(verbose bool) GatekeeperOption

type GitHubAdminModule added in v0.6.4 

type GitHubAdminModule struct {
	// contains filtered or unexported fields
}

GitHubAdminModule provides GitHub administration tools

func NewGitHubAdminModule added in v0.6.4 

func NewGitHubAdminModule(client *dagger.Client) *GitHubAdminModule

NewGitHubAdminModule creates a new GitHub admin module

func (*GitHubAdminModule) AuditOrgSecurity added in v0.6.4 

func (m *GitHubAdminModule) AuditOrgSecurity(ctx context.Context, org string, token string) (string, error)

AuditOrgSecurity audits organization security settings

func (*GitHubAdminModule) CreateOrgRepo added in v0.7.0 

func (m *GitHubAdminModule) CreateOrgRepo(ctx context.Context, org string, repoName string, isPrivate bool, token string) (string, error)

CreateOrgRepo creates a repository in an organization

func (*GitHubAdminModule) CreateOrgRepoSimple added in v0.8.0 

func (m *GitHubAdminModule) CreateOrgRepoSimple(ctx context.Context, organization string, repoName string, visibility string, description string) (string, error)

CreateOrgRepoSimple creates a repository in an organization (MCP compatible)

func (*GitHubAdminModule) GetOrgMembers added in v0.6.4 

func (m *GitHubAdminModule) GetOrgMembers(ctx context.Context, org string, token string) (string, error)

GetOrgMembers gets organization members

func (*GitHubAdminModule) GetRepoInfoDetailed added in v0.7.0 

func (m *GitHubAdminModule) GetRepoInfoDetailed(ctx context.Context, owner string, repo string, token string) (string, error)

GetRepoInfoDetailed gets detailed repository information

func (*GitHubAdminModule) GetRepoInfoSimple added in v0.8.0 

func (m *GitHubAdminModule) GetRepoInfoSimple(ctx context.Context, repository string) (string, error)

GetRepoInfoSimple gets repository information (MCP compatible)

func (*GitHubAdminModule) GetRepoPermissions added in v0.6.4 

func (m *GitHubAdminModule) GetRepoPermissions(ctx context.Context, owner string, repo string, token string) (string, error)

GetRepoPermissions gets repository permissions

func (*GitHubAdminModule) GetVersion added in v0.7.0 

func (m *GitHubAdminModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns GitHub CLI version

func (*GitHubAdminModule) GetVersionSimple added in v0.8.0 

func (m *GitHubAdminModule) GetVersionSimple(ctx context.Context) (string, error)

GetVersionSimple returns GitHub CLI version (MCP compatible)

func (*GitHubAdminModule) ListOrgIssues added in v0.7.0 

func (m *GitHubAdminModule) ListOrgIssues(ctx context.Context, org string, state string, token string) (string, error)

ListOrgIssues lists issues across organization repositories

func (*GitHubAdminModule) ListOrgIssuesSimple added in v0.8.0 

func (m *GitHubAdminModule) ListOrgIssuesSimple(ctx context.Context, organization string, state string) (string, error)

ListOrgIssuesSimple lists issues across organization repositories (MCP compatible)

func (*GitHubAdminModule) ListOrgPRs added in v0.7.0 

func (m *GitHubAdminModule) ListOrgPRs(ctx context.Context, org string, state string, token string) (string, error)

ListOrgPRs lists pull requests across organization repositories

func (*GitHubAdminModule) ListOrgPRsSimple added in v0.8.0 

func (m *GitHubAdminModule) ListOrgPRsSimple(ctx context.Context, organization string, state string) (string, error)

ListOrgPRsSimple lists pull requests across organization repositories (MCP compatible)

func (*GitHubAdminModule) ListOrgRepos added in v0.7.0 

func (m *GitHubAdminModule) ListOrgRepos(ctx context.Context, org string, visibility string, token string) (string, error)

ListOrgRepos lists repositories in an organization

func (*GitHubAdminModule) ListOrgReposSimple added in v0.8.0 

func (m *GitHubAdminModule) ListOrgReposSimple(ctx context.Context, organization string, visibility string) (string, error)

ListOrgReposSimple lists repositories in an organization (MCP compatible)

type GitHubPackagesModule added in v0.6.4 

type GitHubPackagesModule struct {
	// contains filtered or unexported fields
}

GitHubPackagesModule manages GitHub Packages security

func NewGitHubPackagesModule added in v0.6.4 

func NewGitHubPackagesModule(client *dagger.Client) *GitHubPackagesModule

NewGitHubPackagesModule creates a new GitHub Packages module

func (*GitHubPackagesModule) AuditDependencies added in v0.7.0 

func (m *GitHubPackagesModule) AuditDependencies(ctx context.Context, owner string, repo string, token string) (string, error)

AuditDependencies audits package dependencies for vulnerabilities

func (*GitHubPackagesModule) AuditDependenciesSimple added in v0.8.0 

func (m *GitHubPackagesModule) AuditDependenciesSimple(ctx context.Context, organization string, packageName string, version string) (string, error)

AuditDependenciesSimple audits dependencies (MCP compatible)

func (*GitHubPackagesModule) CheckSignatures added in v0.7.0 

func (m *GitHubPackagesModule) CheckSignatures(ctx context.Context, owner string, packageName string, version string, token string) (string, error)

CheckSignatures verifies package signatures

func (*GitHubPackagesModule) CheckSignaturesSimple added in v0.8.0 

func (m *GitHubPackagesModule) CheckSignaturesSimple(ctx context.Context, organization string, packageName string, version string) (string, error)

CheckSignaturesSimple verifies package signatures (MCP compatible)

func (*GitHubPackagesModule) EnforcePolicies added in v0.7.0 

func (m *GitHubPackagesModule) EnforcePolicies(ctx context.Context, owner string, repo string, policyFile string, token string) (string, error)

EnforcePolicies enforces package security policies

func (*GitHubPackagesModule) EnforcePoliciesSimple added in v0.8.0 

func (m *GitHubPackagesModule) EnforcePoliciesSimple(ctx context.Context, organization string, policyFile string) (string, error)

EnforcePoliciesSimple enforces security policies (MCP compatible)

func (*GitHubPackagesModule) GenerateSBOM added in v0.7.0 

func (m *GitHubPackagesModule) GenerateSBOM(ctx context.Context, owner string, repo string, token string) (string, error)

GenerateSBOM generates Software Bill of Materials

func (*GitHubPackagesModule) GenerateSBOMSimple added in v0.8.0 

func (m *GitHubPackagesModule) GenerateSBOMSimple(ctx context.Context, organization string, packageName string, outputFormat string) (string, error)

GenerateSBOMSimple generates SBOM (MCP compatible)

func (*GitHubPackagesModule) GetPackageVersions added in v0.6.4 

func (m *GitHubPackagesModule) GetPackageVersions(ctx context.Context, owner string, packageName string, token string) (string, error)

GetPackageVersions gets versions of a package

func (*GitHubPackagesModule) GetVersion added in v0.7.0 

func (m *GitHubPackagesModule) GetVersion(ctx context.Context, token string) (string, error)

GetVersion returns API version information

func (*GitHubPackagesModule) GetVersionSimple added in v0.8.0 

func (m *GitHubPackagesModule) GetVersionSimple(ctx context.Context) (string, error)

GetVersionSimple returns GitHub CLI version (MCP compatible)

func (*GitHubPackagesModule) ListPackages added in v0.6.4 

func (m *GitHubPackagesModule) ListPackages(ctx context.Context, owner string, repo string, token string) (string, error)

ListPackages lists packages in a repository

func (*GitHubPackagesModule) ListPackagesSimple added in v0.8.0 

func (m *GitHubPackagesModule) ListPackagesSimple(ctx context.Context, organization string, packageType string) (string, error)

ListPackagesSimple lists packages in organization (MCP compatible)

func (*GitHubPackagesModule) ScanPackage added in v0.6.4 

func (m *GitHubPackagesModule) ScanPackage(ctx context.Context, packageName string, version string, token string) (string, error)

ScanPackage scans a GitHub package for vulnerabilities

type GitSecretsModule added in v0.6.4 

type GitSecretsModule struct {
	// contains filtered or unexported fields
}

GitSecretsModule runs git-secrets for AWS credential scanning

func NewGitSecretsModule added in v0.6.4 

func NewGitSecretsModule(client *dagger.Client) *GitSecretsModule

NewGitSecretsModule creates a new git-secrets module

func (*GitSecretsModule) InstallHooks added in v0.7.0 

func (m *GitSecretsModule) InstallHooks(ctx context.Context, repoPath string, force bool) (string, error)

InstallHooks installs git-secrets hooks in a repository

func (*GitSecretsModule) Scan added in v0.8.0 

func (m *GitSecretsModule) Scan(ctx context.Context, sourcePath string, opts GitSecretsScanOptions) (string, error)

Scan runs git-secrets scan on the provided directory

type GitSecretsScanOptions added in v0.8.0 

type GitSecretsScanOptions struct {
	OutputFormat string
	ScanHistory  bool
	Recursive    bool
}

GitSecretsScanOptions contains options for git-secrets scanning

type GitleaksDetectOptions added in v0.8.0 

type GitleaksDetectOptions struct {
	ConfigPath   string
	ReportFormat string
	ReportPath   string
	Verbose      bool
	NoGit        bool
}

GitleaksDetectOptions contains options for gitleaks detection

type GitleaksModule added in v0.6.4 

type GitleaksModule struct {
	// contains filtered or unexported fields
}

GitleaksModule runs Gitleaks for fast secret scanning

func NewGitleaksModule added in v0.6.4 

func NewGitleaksModule(client *dagger.Client) *GitleaksModule

NewGitleaksModule creates a new Gitleaks module

func (*GitleaksModule) Detect added in v0.8.0 

func (m *GitleaksModule) Detect(ctx context.Context, sourcePath string, opts GitleaksDetectOptions) (string, error)

Detect runs gitleaks detect on the provided directory

func (*GitleaksModule) Protect added in v0.8.0 

func (m *GitleaksModule) Protect(ctx context.Context, sourcePath string, opts GitleaksProtectOptions) (string, error)

Protect runs gitleaks protect for pre-commit scanning

type GitleaksProtectOptions added in v0.8.0 

type GitleaksProtectOptions struct {
	ConfigPath string
	Staged     bool
	Verbose    bool
}

GitleaksProtectOptions contains options for gitleaks protection

type GoldilocksModule added in v0.6.4 

type GoldilocksModule struct {
	// contains filtered or unexported fields
}

GoldilocksModule runs Goldilocks for Kubernetes resource recommendations

func NewGoldilocksModule added in v0.6.4 

func NewGoldilocksModule(client *dagger.Client) *GoldilocksModule

NewGoldilocksModule creates a new Goldilocks module

func (*GoldilocksModule) CreateVPA added in v0.6.4 

func (m *GoldilocksModule) CreateVPA(ctx context.Context, namespace string, kubeconfig string) (string, error)

CreateVPA creates Vertical Pod Autoscaler resources

func (*GoldilocksModule) EnableNamespace added in v0.7.0 

func (m *GoldilocksModule) EnableNamespace(ctx context.Context, namespace string, kubeconfig string) (string, error)

EnableNamespace enables Goldilocks for a namespace

func (*GoldilocksModule) GetRecommendations added in v0.6.4 

func (m *GoldilocksModule) GetRecommendations(ctx context.Context, namespace string, kubeconfig string) (string, error)

GetRecommendations gets resource recommendations

func (*GoldilocksModule) GetVersion added in v0.6.4 

func (m *GoldilocksModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Goldilocks

func (*GoldilocksModule) InstallHelm added in v0.7.0 

func (m *GoldilocksModule) InstallHelm(ctx context.Context, namespace string, kubeconfig string) (string, error)

InstallHelm installs Goldilocks using Helm

func (*GoldilocksModule) Uninstall added in v0.7.0 

func (m *GoldilocksModule) Uninstall(ctx context.Context, namespace string, kubeconfig string) (string, error)

Uninstall removes Goldilocks using Helm

type IacPlanModule added in v0.6.4 

type IacPlanModule struct {
	// contains filtered or unexported fields
}

IacPlanModule runs Terraform/OpenTofu plan operations

func NewIacPlanModule added in v0.6.4 

func NewIacPlanModule(client *dagger.Client) *IacPlanModule

NewIacPlanModule creates a new IaC plan module

func (*IacPlanModule) AnalyzePlan added in v0.6.4 

func (m *IacPlanModule) AnalyzePlan(ctx context.Context, planJsonContent string, analysisTypes []string) (string, error)

AnalyzePlan analyzes plan JSON for security and compliance insights

func (*IacPlanModule) ComparePlans added in v0.6.4 

func (m *IacPlanModule) ComparePlans(ctx context.Context, baselinePlan string, currentPlan string) (string, error)

ComparePlans compares two plan JSON files to show differences

func (*IacPlanModule) FormatConfiguration added in v0.6.4 

func (m *IacPlanModule) FormatConfiguration(ctx context.Context, workdir string, tool string, check bool) (string, error)

FormatConfiguration formats Terraform/OpenTofu configuration files

func (*IacPlanModule) GenerateGraph added in v0.6.4 

func (m *IacPlanModule) GenerateGraph(ctx context.Context, workdir string, tool string, graphType string) (string, error)

GenerateGraph generates dependency graph from Terraform configuration

func (*IacPlanModule) GeneratePlan added in v0.6.4 

func (m *IacPlanModule) GeneratePlan(ctx context.Context, workdir string, tool string, varFiles []string, destroy bool) (string, error)

GeneratePlan generates Terraform/OpenTofu plan and exports to JSON

func (*IacPlanModule) ManageWorkspace added in v0.6.4 

func (m *IacPlanModule) ManageWorkspace(ctx context.Context, workdir string, tool string, operation string, workspaceName string) (string, error)

ManageWorkspace manages Terraform workspaces

func (*IacPlanModule) ValidateConfiguration added in v0.6.4 

func (m *IacPlanModule) ValidateConfiguration(ctx context.Context, workdir string, tool string) (string, error)

ValidateConfiguration validates Terraform/OpenTofu configuration

type InfraMapModule 

type InfraMapModule struct {
	// contains filtered or unexported fields
}

InfraMapModule generates infrastructure diagrams from Terraform

func NewInfraMapModule 

func NewInfraMapModule(client *dagger.Client) *InfraMapModule

NewInfraMapModule creates a new InfraMap module instance

func (*InfraMapModule) GenerateFromHCL 

func (m *InfraMapModule) GenerateFromHCL(ctx context.Context, directory string, format string) (string, error)

GenerateFromHCL generates an infrastructure diagram from Terraform HCL files

func (*InfraMapModule) GenerateFromState 

func (m *InfraMapModule) GenerateFromState(ctx context.Context, stateFile string, format string) (string, error)

GenerateFromState generates an infrastructure diagram from a Terraform state file

func (*InfraMapModule) GenerateWithOptions 

func (m *InfraMapModule) GenerateWithOptions(ctx context.Context, input string, options InfraMapOptions) (string, error)

GenerateWithOptions generates a diagram with custom options

func (*InfraMapModule) GetVersion added in v0.8.0 

func (m *InfraMapModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of InfraMap

func (*InfraMapModule) PruneState 

func (m *InfraMapModule) PruneState(ctx context.Context, stateFile string) (string, error)

PruneState removes unnecessary information from Terraform state

type InfraMapOptions 

type InfraMapOptions struct {
	// Raw shows all resources without InfraMap logic
	Raw bool
	// Clean removes unconnected nodes (default: true)
	Clean bool
	// Provider filters by specific provider (aws, google, azurerm, etc.)
	Provider string
	// Format output format (png, svg, pdf, dot)
	Format string
}

InfraMapOptions contains options for diagram generation

type InfraScanModule 

type InfraScanModule struct {
	// contains filtered or unexported fields
}

InfraScanModule runs infrastructure scanning tools Supports both AWS infrastructure mapping (infrascan) and security scanning (Trivy)

func NewInfraScanModule 

func NewInfraScanModule(client *dagger.Client) *InfraScanModule

NewInfraScanModule creates a new InfraScan module

func (*InfraScanModule) GenerateGraph added in v0.8.0 

func (m *InfraScanModule) GenerateGraph(ctx context.Context, inputDir string) (string, error)

GenerateGraph generates a graph from scan results

func (*InfraScanModule) GetVersion 

func (m *InfraScanModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of the scanner (infrascan)

func (*InfraScanModule) RenderGraph added in v0.8.0 

func (m *InfraScanModule) RenderGraph(ctx context.Context, inputFile string, openBrowser bool) (string, error)

RenderGraph renders an infrastructure graph

func (*InfraScanModule) ScanAWSInfrastructure added in v0.8.0 

func (m *InfraScanModule) ScanAWSInfrastructure(ctx context.Context, regions []string, outputDir string) (string, error)

ScanAWSInfrastructure scans AWS infrastructure and generates a system map

func (*InfraScanModule) ScanDirectory 

func (m *InfraScanModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory for security issues (using Trivy)

func (*InfraScanModule) ScanFile 

func (m *InfraScanModule) ScanFile(ctx context.Context, filePath string) (string, error)

ScanFile scans a specific Terraform file (using Trivy)

func (*InfraScanModule) ScanWithRules 

func (m *InfraScanModule) ScanWithRules(ctx context.Context, dir string, rulesFile string) (string, error)

ScanWithRules scans using custom rule set (using Trivy)

type K8sNetworkPolicyModule added in v0.6.4 

type K8sNetworkPolicyModule struct {
	// contains filtered or unexported fields
}

K8sNetworkPolicyModule runs Kubernetes network policy tools

func NewK8sNetworkPolicyModule added in v0.6.4 

func NewK8sNetworkPolicyModule(client *dagger.Client) *K8sNetworkPolicyModule

NewK8sNetworkPolicyModule creates a new Kubernetes network policy module

func (*K8sNetworkPolicyModule) AnalyzePolicies added in v0.6.4 

func (m *K8sNetworkPolicyModule) AnalyzePolicies(ctx context.Context, namespace string, kubeconfig string) (string, error)

AnalyzePolicies analyzes network policies in the cluster (legacy function for compatibility)

func (*K8sNetworkPolicyModule) KubectlNetworkPolicy added in v0.8.0 

func (m *K8sNetworkPolicyModule) KubectlNetworkPolicy(ctx context.Context, action string, resource string, namespace string, outputFormat string, kubeconfig string) (string, error)

KubectlNetworkPolicy manages network policies using kubectl

func (*K8sNetworkPolicyModule) NetfetchDashboard added in v0.8.0 

func (m *K8sNetworkPolicyModule) NetfetchDashboard(ctx context.Context, port string, kubeconfig string) (string, error)

NetfetchDashboard launches netfetch dashboard for network policy visualization

func (*K8sNetworkPolicyModule) NetfetchScan added in v0.7.0 

func (m *K8sNetworkPolicyModule) NetfetchScan(ctx context.Context, namespace string, dryrun bool, cilium bool, target string, kubeconfig string) (string, error)

NetfetchScan scans network policies using netfetch

func (*K8sNetworkPolicyModule) NetpolDiff added in v0.8.0 

func (m *K8sNetworkPolicyModule) NetpolDiff(ctx context.Context, dir1 string, dir2 string, outputFormat string) (string, error)

NetpolDiff compares network policies between two directories

func (*K8sNetworkPolicyModule) NetpolEval added in v0.7.0 

func (m *K8sNetworkPolicyModule) NetpolEval(ctx context.Context, dirpath string, source string, destination string, port string, verbose bool) (string, error)

NetpolEval evaluates network connectivity using netpol-analyzer

func (*K8sNetworkPolicyModule) NetpolList added in v0.7.0 

func (m *K8sNetworkPolicyModule) NetpolList(ctx context.Context, dirpath string, verbose bool, quiet bool) (string, error)

NetpolList lists all allowed connections using netpol-analyzer

func (*K8sNetworkPolicyModule) TestConnectivity added in v0.6.4 

func (m *K8sNetworkPolicyModule) TestConnectivity(ctx context.Context, sourceNamespace string, targetNamespace string, targetService string, kubeconfig string) (string, error)

TestConnectivity tests network connectivity between pods (legacy function for compatibility)

func (*K8sNetworkPolicyModule) ValidatePolicy added in v0.6.4 

func (m *K8sNetworkPolicyModule) ValidatePolicy(ctx context.Context, policyPath string, kubeconfig string) (string, error)

ValidatePolicy validates a network policy (legacy function for compatibility)

type KubeBenchModule added in v0.6.4 

type KubeBenchModule struct {
	// contains filtered or unexported fields
}

KubeBenchModule runs kube-bench for Kubernetes security benchmarks

func NewKubeBenchModule added in v0.6.4 

func NewKubeBenchModule(client *dagger.Client) *KubeBenchModule

NewKubeBenchModule creates a new kube-bench module

func (*KubeBenchModule) GetVersion added in v0.6.4 

func (m *KubeBenchModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of kube-bench

func (*KubeBenchModule) RunASFF added in v0.7.0 

func (m *KubeBenchModule) RunASFF(ctx context.Context, kubeconfig string) (string, error)

RunASFF runs benchmark with AWS Security Finding Format output

func (*KubeBenchModule) RunBenchmark added in v0.6.4 

func (m *KubeBenchModule) RunBenchmark(ctx context.Context, kubeconfig string) (string, error)

RunBenchmark runs CIS Kubernetes benchmark

func (*KubeBenchModule) RunMasterBenchmark added in v0.6.4 

func (m *KubeBenchModule) RunMasterBenchmark(ctx context.Context, kubeconfig string) (string, error)

RunMasterBenchmark runs benchmark for master node

func (*KubeBenchModule) RunNodeBenchmark added in v0.6.4 

func (m *KubeBenchModule) RunNodeBenchmark(ctx context.Context, kubeconfig string) (string, error)

RunNodeBenchmark runs benchmark for worker node

func (*KubeBenchModule) RunWithChecks added in v0.7.0 

func (m *KubeBenchModule) RunWithChecks(ctx context.Context, kubeconfig string, checks string) (string, error)

RunWithChecks runs specific checks only

func (*KubeBenchModule) RunWithCustomOutput added in v0.7.0 

func (m *KubeBenchModule) RunWithCustomOutput(ctx context.Context, kubeconfig string, outputFormat string, outputFile string) (string, error)

RunWithCustomOutput runs benchmark with custom output format and file

func (*KubeBenchModule) RunWithSkip added in v0.7.0 

func (m *KubeBenchModule) RunWithSkip(ctx context.Context, kubeconfig string, skip string) (string, error)

RunWithSkip runs benchmark skipping specified checks

type KubeHunterModule added in v0.6.4 

type KubeHunterModule struct {
	// contains filtered or unexported fields
}

KubeHunterModule runs kube-hunter for Kubernetes penetration testing

func NewKubeHunterModule added in v0.6.4 

func NewKubeHunterModule(client *dagger.Client) *KubeHunterModule

NewKubeHunterModule creates a new kube-hunter module

func (*KubeHunterModule) GetVersion added in v0.6.4 

func (m *KubeHunterModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of kube-hunter

func (*KubeHunterModule) ListTests added in v0.8.0 

func (m *KubeHunterModule) ListTests(ctx context.Context, showActive bool) (string, error)

ListTests lists all available tests

func (*KubeHunterModule) RunCustomHunters added in v0.8.0 

func (m *KubeHunterModule) RunCustomHunters(ctx context.Context, target string, includeHunters []string, excludeHunters []string, active bool) (string, error)

RunCustomHunters runs kube-hunter with specific hunters enabled/disabled

func (*KubeHunterModule) ScanCIDR added in v0.6.4 

func (m *KubeHunterModule) ScanCIDR(ctx context.Context, cidr string, active bool, reportFormat string) (string, error)

ScanCIDR scans CIDR range for Kubernetes clusters

func (*KubeHunterModule) ScanInterface added in v0.6.4 

func (m *KubeHunterModule) ScanInterface(ctx context.Context, networkInterface string, active bool, reportFormat string) (string, error)

ScanInterface scans network interface

func (*KubeHunterModule) ScanPod added in v0.6.4 

func (m *KubeHunterModule) ScanPod(ctx context.Context, kubeconfig string, active bool, reportFormat string) (string, error)

ScanPod runs kube-hunter as pod in cluster

func (*KubeHunterModule) ScanRemote added in v0.6.4 

func (m *KubeHunterModule) ScanRemote(ctx context.Context, remote string, active bool, reportFormat string) (string, error)

ScanRemote scans remote Kubernetes cluster

type KubescapeConfig added in v0.6.4 

type KubescapeConfig struct {
	KubescapeVersion    string
	KubeconfigPath      string
	Framework           string
	Format              string
	Output              string
	SeverityThreshold   string
	ComplianceThreshold float64
	Namespace           string
	IncludeResources    []string
	IncludeKubeSystem   bool
	Verbose             bool
}

KubescapeConfig holds configuration options - no longer needed for simplified functions

type KubescapeModule added in v0.6.4 

type KubescapeModule struct {
	// contains filtered or unexported fields
}

func NewKubescapeModule added in v0.6.4 

func NewKubescapeModule(client *dagger.Client) *KubescapeModule

func (*KubescapeModule) DownloadArtifacts added in v0.8.0 

func (m *KubescapeModule) DownloadArtifacts(ctx context.Context, outputDir string) (string, error)

DownloadArtifacts downloads kubescape artifacts for offline use

func (*KubescapeModule) GetVersion added in v0.8.0 

func (m *KubescapeModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of kubescape

func (*KubescapeModule) ListControls added in v0.8.0 

func (m *KubescapeModule) ListControls(ctx context.Context, framework string) (string, error)

ListControls lists all available security controls

func (*KubescapeModule) ListFrameworks added in v0.8.0 

func (m *KubescapeModule) ListFrameworks(ctx context.Context) (string, error)

ListFrameworks lists all available security frameworks

func (*KubescapeModule) ScanCluster added in v0.6.4 

func (m *KubescapeModule) ScanCluster(ctx context.Context, kubeconfig string, framework string, format string, severityThreshold string) (string, error)

ScanCluster scans a Kubernetes cluster for security issues

func (*KubescapeModule) ScanHelm added in v0.6.4 

func (m *KubescapeModule) ScanHelm(ctx context.Context, chartPath string, framework string, format string) (string, error)

ScanHelm scans Helm charts for security issues

func (*KubescapeModule) ScanManifests added in v0.6.4 

func (m *KubescapeModule) ScanManifests(ctx context.Context, manifestsDir string, framework string, format string, severityThreshold string) (string, error)

ScanManifests scans Kubernetes manifest files

func (*KubescapeModule) ScanRepository added in v0.6.4 

func (m *KubescapeModule) ScanRepository(ctx context.Context, repoPath string, framework string, format string) (string, error)

ScanRepository scans a Git repository for Kubernetes manifests

type KubescapeOption added in v0.6.4 

type KubescapeOption func(*KubescapeConfig)

KubescapeOption is a function that modifies the KubescapeConfig - no longer needed for simplified functions

type KuttlModule added in v0.6.4 

type KuttlModule struct {
	// contains filtered or unexported fields
}

KuttlModule runs KUTTL for Kubernetes testing

func NewKuttlModule added in v0.6.4 

func NewKuttlModule(client *dagger.Client) *KuttlModule

NewKuttlModule creates a new KUTTL module

func (*KuttlModule) GetHelp added in v0.8.0 

func (m *KuttlModule) GetHelp(ctx context.Context, command string) (string, error)

GetHelp returns the help information for KUTTL

func (*KuttlModule) GetVersion added in v0.6.4 

func (m *KuttlModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of KUTTL

func (*KuttlModule) RunTest added in v0.6.4 

func (m *KuttlModule) RunTest(ctx context.Context, testPath string, kubeconfig string, parallel int, skipDelete bool) (string, error)

RunTest runs KUTTL tests

func (*KuttlModule) RunTestWithKind added in v0.8.0 

func (m *KuttlModule) RunTestWithKind(ctx context.Context, testPath string, kindConfig string, parallel int) (string, error)

RunTestWithKind runs KUTTL tests with kind cluster

func (*KuttlModule) ValidateTest added in v0.6.4 

func (m *KuttlModule) ValidateTest(ctx context.Context, testPath string) (string, error)

ValidateTest validates test configuration

type KyvernoModule added in v0.6.4 

type KyvernoModule struct {
	// contains filtered or unexported fields
}

KyvernoModule runs Kyverno for Kubernetes policy management

func NewKyvernoModule added in v0.6.4 

func NewKyvernoModule(client *dagger.Client) *KyvernoModule

NewKyvernoModule creates a new Kyverno module

func (*KyvernoModule) ApplyPolicies added in v0.6.4 

func (m *KyvernoModule) ApplyPolicies(ctx context.Context, policiesPath string, kubeconfig string) (string, error)

ApplyPolicies applies Kyverno policies to cluster

func (*KyvernoModule) ApplyPolicyFile added in v0.8.0 

func (m *KyvernoModule) ApplyPolicyFile(ctx context.Context, filePath string, namespace string, kubeconfig string, dryRun bool) (string, error)

ApplyPolicyFile applies a specific Kyverno policy YAML file using kubectl

func (*KyvernoModule) CreateClusterRole added in v0.7.0 

func (m *KyvernoModule) CreateClusterRole(ctx context.Context, kubeconfig string) (string, error)

CreateClusterRole creates necessary RBAC cluster role for Kyverno

func (*KyvernoModule) GetPolicyReports added in v0.7.0 

func (m *KyvernoModule) GetPolicyReports(ctx context.Context, namespace string, kubeconfig string) (string, error)

GetPolicyReports gets Kyverno policy reports

func (*KyvernoModule) GetStatus added in v0.7.0 

func (m *KyvernoModule) GetStatus(ctx context.Context, namespace string, kubeconfig string) (string, error)

GetStatus gets Kyverno installation status

func (*KyvernoModule) GetVersion added in v0.6.4 

func (m *KyvernoModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Kyverno CLI

func (*KyvernoModule) Install added in v0.7.0 

func (m *KyvernoModule) Install(ctx context.Context, namespace string, kubeconfig string) (string, error)

Install installs Kyverno using Helm

func (*KyvernoModule) ListPolicies added in v0.7.0 

func (m *KyvernoModule) ListPolicies(ctx context.Context, namespace string, kubeconfig string) (string, error)

ListPolicies lists Kyverno policies

func (*KyvernoModule) TestPolicies added in v0.6.4 

func (m *KyvernoModule) TestPolicies(ctx context.Context, policiesPath string, resourcesPath string) (string, error)

TestPolicies tests policies against resources

func (*KyvernoModule) ValidatePolicies added in v0.6.4 

func (m *KyvernoModule) ValidatePolicies(ctx context.Context, policiesPath string) (string, error)

ValidatePolicies validates Kyverno policy syntax

type KyvernoMultitenantModule added in v0.6.4 

type KyvernoMultitenantModule struct {
	// contains filtered or unexported fields
}

KyvernoMultitenantModule runs Kyverno for multi-tenant environments

func NewKyvernoMultitenantModule added in v0.6.4 

func NewKyvernoMultitenantModule(client *dagger.Client) *KyvernoMultitenantModule

NewKyvernoMultitenantModule creates a new Kyverno multitenant module

func (*KyvernoMultitenantModule) CreateResourceQuota added in v0.7.0 

func (m *KyvernoMultitenantModule) CreateResourceQuota(ctx context.Context, namespace string, cpuLimit string, memoryLimit string, kubeconfig string) (string, error)

CreateResourceQuota creates resource quota for a tenant

func (*KyvernoMultitenantModule) CreateTenantNamespace added in v0.7.0 

func (m *KyvernoMultitenantModule) CreateTenantNamespace(ctx context.Context, namespace string, kubeconfig string) (string, error)

CreateTenantNamespace creates a namespace for a tenant

func (*KyvernoMultitenantModule) CreateTenantPolicies added in v0.6.4 

func (m *KyvernoMultitenantModule) CreateTenantPolicies(ctx context.Context, tenantName string, kubeconfig string) (string, error)

CreateTenantPolicies creates tenant isolation policies

func (*KyvernoMultitenantModule) GetTenantPolicies added in v0.7.0 

func (m *KyvernoMultitenantModule) GetTenantPolicies(ctx context.Context, namespace string, kubeconfig string) (string, error)

GetTenantPolicies gets policies for a specific tenant

func (*KyvernoMultitenantModule) ListTenantNamespaces added in v0.7.0 

func (m *KyvernoMultitenantModule) ListTenantNamespaces(ctx context.Context, kubeconfig string) (string, error)

ListTenantNamespaces lists namespaces with tenant labels

func (*KyvernoMultitenantModule) ValidateMultitenantSetup added in v0.6.4 

func (m *KyvernoMultitenantModule) ValidateMultitenantSetup(ctx context.Context, tenantsConfig string, kubeconfig string) (string, error)

ValidateMultitenantSetup validates multi-tenant setup

type LLMWithServiceTools 

type LLMWithServiceTools struct {
	// contains filtered or unexported fields
}

LLMWithServiceTools creates an LLM that can call services as tools

func NewLLMWithServiceTools 

func NewLLMWithServiceTools(client *dagger.Client, model string) *LLMWithServiceTools

NewLLMWithServiceTools creates an LLM with access to tool services

func (*LLMWithServiceTools) InvestigateWithServices 

func (m *LLMWithServiceTools) InvestigateWithServices(ctx context.Context, task string) (*ServiceInvestigationReport, error)

InvestigateWithServices performs investigation using service-based tools

type LicenseDetectorModule added in v0.6.4 

type LicenseDetectorModule struct {
	// contains filtered or unexported fields
}

LicenseDetectorModule detects and analyzes software licenses

func NewLicenseDetectorModule added in v0.6.4 

func NewLicenseDetectorModule(client *dagger.Client) *LicenseDetectorModule

NewLicenseDetectorModule creates a new license detector module

func (*LicenseDetectorModule) AnalyzeDependencyLicenses added in v0.6.4 

func (m *LicenseDetectorModule) AnalyzeDependencyLicenses(ctx context.Context, packageFile string) (string, error)

AnalyzeDependencyLicenses analyzes dependency licenses

func (*LicenseDetectorModule) AskalonoCrawl added in v0.7.0 

func (m *LicenseDetectorModule) AskalonoCrawl(ctx context.Context, dir string) (string, error)

AskalonoCrawl crawls a directory for licenses using Askalono

func (*LicenseDetectorModule) AskalonoIdentify added in v0.7.0 

func (m *LicenseDetectorModule) AskalonoIdentify(ctx context.Context, filePath string, optimize bool) (string, error)

AskalonoIdentify identifies a license using Askalono

func (*LicenseDetectorModule) DetectLicenses added in v0.6.4 

func (m *LicenseDetectorModule) DetectLicenses(ctx context.Context, dir string) (string, error)

DetectLicenses detects licenses in a directory using multiple tools for comprehensive analysis

func (*LicenseDetectorModule) GetVersion added in v0.8.0 

func (m *LicenseDetectorModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns version info for the license detector module

func (*LicenseDetectorModule) GoLicenseDetector added in v0.7.0 

func (m *LicenseDetectorModule) GoLicenseDetector(ctx context.Context, projectPath string) (string, error)

GoLicenseDetector detects licenses for Go projects

func (*LicenseDetectorModule) LicenseFinderReport added in v0.7.0 

func (m *LicenseDetectorModule) LicenseFinderReport(ctx context.Context, projectPath string, format string) (string, error)

LicenseFinderReport generates a license report using license-finder

func (*LicenseDetectorModule) LicenseScannerDirectory added in v0.7.0 

func (m *LicenseDetectorModule) LicenseScannerDirectory(ctx context.Context, dir string, showCopyrights bool, showHash bool, quiet bool) (string, error)

LicenseScannerDirectory scans a directory for license information

func (*LicenseDetectorModule) LicenseScannerFile added in v0.7.0 

func (m *LicenseDetectorModule) LicenseScannerFile(ctx context.Context, filePath string, showCopyrights bool, showHash bool, showKeywords bool, debug bool) (string, error)

LicenseScannerFile scans a file for license information

func (*LicenseDetectorModule) ValidateLicenseCompliance added in v0.6.4 

func (m *LicenseDetectorModule) ValidateLicenseCompliance(ctx context.Context, dir string, allowedLicenses []string) (string, error)

ValidateLicenseCompliance validates license compliance for allowed licenses

type LitmusModule added in v0.6.4 

type LitmusModule struct {
	// contains filtered or unexported fields
}

LitmusModule runs Litmus for chaos engineering

func NewLitmusModule added in v0.6.4 

func NewLitmusModule(client *dagger.Client) *LitmusModule

NewLitmusModule creates a new Litmus module

func (*LitmusModule) ApplyChaosExperiment added in v0.7.0 

func (m *LitmusModule) ApplyChaosExperiment(ctx context.Context, manifestFile string, namespace string, kubeconfig string) (string, error)

ApplyChaosExperiment applies chaos experiment manifest using kubectl

func (*LitmusModule) ConfigSetAccount added in v0.7.0 

func (m *LitmusModule) ConfigSetAccount(ctx context.Context) (string, error)

ConfigSetAccount setup ChaosCenter account configuration using litmusctl

func (*LitmusModule) ConnectChaosInfra added in v0.7.0 

func (m *LitmusModule) ConnectChaosInfra(ctx context.Context, projectID string) (string, error)

ConnectChaosInfra connects chaos infrastructure using litmusctl

func (*LitmusModule) CreateChaosExperiment added in v0.7.0 

func (m *LitmusModule) CreateChaosExperiment(ctx context.Context, manifestFile string, projectID string, chaosInfraID string) (string, error)

CreateChaosExperiment creates chaos experiment using litmusctl

func (*LitmusModule) CreateExperiment added in v0.6.4 

func (m *LitmusModule) CreateExperiment(ctx context.Context, experimentPath string, kubeconfig string) (string, error)

CreateExperiment creates a chaos experiment

func (*LitmusModule) CreateProject added in v0.7.0 

func (m *LitmusModule) CreateProject(ctx context.Context) (string, error)

CreateProject creates a new project using litmusctl

func (*LitmusModule) GetChaosInfra added in v0.7.0 

func (m *LitmusModule) GetChaosInfra(ctx context.Context, projectID string) (string, error)

GetChaosInfra lists chaos infrastructure using litmusctl

func (*LitmusModule) GetChaosResults added in v0.6.4 

func (m *LitmusModule) GetChaosResults(ctx context.Context, experimentName string, kubeconfig string) (string, error)

GetChaosResults gets chaos experiment results

func (*LitmusModule) GetExperiments added in v0.6.4 

func (m *LitmusModule) GetExperiments(ctx context.Context, kubeconfig string) (string, error)

GetExperiments lists chaos experiments

func (*LitmusModule) GetProjects added in v0.7.0 

func (m *LitmusModule) GetProjects(ctx context.Context) (string, error)

GetProjects lists projects using litmusctl

func (*LitmusModule) GetVersion added in v0.6.4 

func (m *LitmusModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Litmus

func (*LitmusModule) Install added in v0.7.0 

func (m *LitmusModule) Install(ctx context.Context, namespace string, releaseName string, createNamespace bool) (string, error)

Install installs Litmus using Helm

func (*LitmusModule) RunChaosExperiment added in v0.7.0 

func (m *LitmusModule) RunChaosExperiment(ctx context.Context, experimentID string, projectID string) (string, error)

RunChaosExperiment runs chaos experiment using litmusctl

type NmapModule added in v0.8.0 

type NmapModule struct {
	// contains filtered or unexported fields
}

NmapModule runs Nmap for network scanning

func NewNmapModule added in v0.8.0 

func NewNmapModule(client *dagger.Client) *NmapModule

NewNmapModule creates a new Nmap module

func (*NmapModule) FirewallEvasion added in v0.8.0 

func (m *NmapModule) FirewallEvasion(ctx context.Context, target string, technique string) (string, error)

FirewallEvasion performs scans with firewall evasion techniques

func (*NmapModule) GetVersion added in v0.8.0 

func (m *NmapModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Nmap

func (*NmapModule) NetworkDiscovery added in v0.8.0 

func (m *NmapModule) NetworkDiscovery(ctx context.Context, network string) (string, error)

NetworkDiscovery performs network discovery scan

func (*NmapModule) OSDetection added in v0.8.0 

func (m *NmapModule) OSDetection(ctx context.Context, target string) (string, error)

OSDetection performs operating system detection

func (*NmapModule) PortScan added in v0.8.0 

func (m *NmapModule) PortScan(ctx context.Context, target string, ports string) (string, error)

PortScan scans specific ports on a host

func (*NmapModule) ScanHost added in v0.8.0 

func (m *NmapModule) ScanHost(ctx context.Context, target string, scanType string) (string, error)

ScanHost performs a basic host scan

func (*NmapModule) ScriptScan added in v0.8.0 

func (m *NmapModule) ScriptScan(ctx context.Context, target string, script string) (string, error)

ScriptScan runs specific NSE scripts

func (*NmapModule) ServiceDetection added in v0.8.0 

func (m *NmapModule) ServiceDetection(ctx context.Context, target string) (string, error)

ServiceDetection performs service and version detection

func (*NmapModule) TracerouteScan added in v0.8.0 

func (m *NmapModule) TracerouteScan(ctx context.Context, target string) (string, error)

TracerouteScan performs traceroute to target

func (*NmapModule) UDPScan added in v0.8.0 

func (m *NmapModule) UDPScan(ctx context.Context, target string, ports string) (string, error)

UDPScan performs UDP port scanning

func (*NmapModule) VulnerabilityScan added in v0.8.0 

func (m *NmapModule) VulnerabilityScan(ctx context.Context, target string, scriptCategory string) (string, error)

VulnerabilityScan performs vulnerability scanning using NSE scripts

type NucleiModule added in v0.8.0 

type NucleiModule struct {
	// contains filtered or unexported fields
}

NucleiModule runs Nuclei for vulnerability scanning

func NewNucleiModule added in v0.8.0 

func NewNucleiModule(client *dagger.Client) *NucleiModule

NewNucleiModule creates a new Nuclei module

func (*NucleiModule) GenerateReport added in v0.8.0 

func (m *NucleiModule) GenerateReport(ctx context.Context, targetURL string, reportType string) (string, error)

GenerateReport generates a scan report in various formats

func (*NucleiModule) GetVersion added in v0.8.0 

func (m *NucleiModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Nuclei

func (*NucleiModule) ListTemplates added in v0.8.0 

func (m *NucleiModule) ListTemplates(ctx context.Context) (string, error)

ListTemplates lists available templates

func (*NucleiModule) RateLimitedScan added in v0.8.0 

func (m *NucleiModule) RateLimitedScan(ctx context.Context, targetURL string, rateLimit int) (string, error)

RateLimitedScan performs scan with rate limiting

func (*NucleiModule) ScanURL added in v0.8.0 

func (m *NucleiModule) ScanURL(ctx context.Context, targetURL string, severity string) (string, error)

ScanURL scans a single URL for vulnerabilities

func (*NucleiModule) ScanURLList added in v0.8.0 

func (m *NucleiModule) ScanURLList(ctx context.Context, urlsFile string, severity string) (string, error)

ScanURLList scans multiple URLs from a file

func (*NucleiModule) ScanWithTags added in v0.8.0 

func (m *NucleiModule) ScanWithTags(ctx context.Context, targetURL string, tags string) (string, error)

ScanWithTags scans using specific tags

func (*NucleiModule) ScanWithTemplate added in v0.8.0 

func (m *NucleiModule) ScanWithTemplate(ctx context.Context, targetURL string, templatePath string) (string, error)

ScanWithTemplate scans using specific template(s)

func (*NucleiModule) ScanWithWorkflow added in v0.8.0 

func (m *NucleiModule) ScanWithWorkflow(ctx context.Context, targetURL string, workflowPath string) (string, error)

ScanWithWorkflow runs a workflow scan

func (*NucleiModule) UpdateTemplates added in v0.8.0 

func (m *NucleiModule) UpdateTemplates(ctx context.Context) (string, error)

UpdateTemplates updates Nuclei templates

func (*NucleiModule) ValidateTemplate added in v0.8.0 

func (m *NucleiModule) ValidateTemplate(ctx context.Context, templatePath string) (string, error)

ValidateTemplate validates a custom template

type OSSFScorecardModule added in v0.6.4 

type OSSFScorecardModule struct {
	// contains filtered or unexported fields
}

OSSFScorecardModule runs OSSF Scorecard for open source security scoring

func NewOSSFScorecardModule added in v0.6.4 

func NewOSSFScorecardModule(client *dagger.Client) *OSSFScorecardModule

NewOSSFScorecardModule creates a new OSSF Scorecard module

func (*OSSFScorecardModule) GetVersion added in v0.6.4 

func (m *OSSFScorecardModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of OSSF Scorecard

func (*OSSFScorecardModule) ListChecks added in v0.6.4 

func (m *OSSFScorecardModule) ListChecks(ctx context.Context) (string, error)

ListChecks lists available scorecard checks

func (*OSSFScorecardModule) ScoreRepository added in v0.6.4 

func (m *OSSFScorecardModule) ScoreRepository(ctx context.Context, repoURL string, githubToken string) (string, error)

ScoreRepository scores a repository's security posture

func (*OSSFScorecardModule) ScoreWithChecks added in v0.6.4 

func (m *OSSFScorecardModule) ScoreWithChecks(ctx context.Context, repoURL string, checks []string, githubToken string) (string, error)

ScoreWithChecks scores repository with specific checks

type OpenCodeModule added in v0.8.0 

type OpenCodeModule struct {
	// contains filtered or unexported fields
}

OpenCodeModule runs OpenCode AI coding agent in containers

func NewOpenCodeModule added in v0.8.0 

func NewOpenCodeModule(client *dagger.Client) *OpenCodeModule

NewOpenCodeModule creates a new OpenCode module

func (*OpenCodeModule) AnalyzeFile added in v0.8.0 

func (m *OpenCodeModule) AnalyzeFile(ctx context.Context, filePath string, question string) (string, error)

AnalyzeFile analyzes a specific file with OpenCode

func (*OpenCodeModule) BatchProcess added in v0.8.0 

func (m *OpenCodeModule) BatchProcess(ctx context.Context, workDir string, pattern string, operation string) (string, error)

BatchProcess processes multiple files with OpenCode

func (*OpenCodeModule) Chat added in v0.8.0 

func (m *OpenCodeModule) Chat(ctx context.Context, workDir string, message string) (string, error)

Chat starts an interactive chat session with OpenCode (files persist by default)

func (*OpenCodeModule) ChatWithOptions added in v0.8.0 

func (m *OpenCodeModule) ChatWithOptions(ctx context.Context, workDir string, message string, persistFiles bool) (string, error)

ChatWithOptions starts an interactive chat session with OpenCode with configurable file persistence

func (*OpenCodeModule) ChatWithSession added in v0.8.0 

func (m *OpenCodeModule) ChatWithSession(ctx context.Context, workDir string, message string, persistFiles bool, sessionID string, continueSession bool) (string, error)

ChatWithSession starts an interactive chat session with OpenCode with session support

func (*OpenCodeModule) ChatWithSessionAndModel added in v0.8.0 

func (m *OpenCodeModule) ChatWithSessionAndModel(ctx context.Context, workDir string, message string, persistFiles bool, sessionID string, continueSession bool, model string) (string, error)

ChatWithSessionAndModel starts an interactive chat session with OpenCode with session support and model selection

func (*OpenCodeModule) Document added in v0.8.0 

func (m *OpenCodeModule) Document(ctx context.Context, workDir string, format string, outputDir string) (string, error)

Document generates documentation for code

func (*OpenCodeModule) Generate added in v0.8.0 

func (m *OpenCodeModule) Generate(ctx context.Context, workDir string, prompt string, outputFile string) (string, error)

Generate generates code based on a prompt

func (*OpenCodeModule) GetVersion added in v0.8.0 

func (m *OpenCodeModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of OpenCode

func (*OpenCodeModule) Interactive added in v0.8.0 

func (m *OpenCodeModule) Interactive(ctx context.Context, workDir string, model string) (string, error)

Interactive starts an interactive OpenCode session

func (*OpenCodeModule) Refactor added in v0.8.0 

func (m *OpenCodeModule) Refactor(ctx context.Context, workDir string, instructions string, files []string) (string, error)

Refactor performs code refactoring based on instructions

func (*OpenCodeModule) Review added in v0.8.0 

func (m *OpenCodeModule) Review(ctx context.Context, workDir string, target string) (string, error)

Review performs code review on changes

func (*OpenCodeModule) Test added in v0.8.0 

func (m *OpenCodeModule) Test(ctx context.Context, workDir string, testType string, coverage bool) (string, error)

Test generates and runs tests for code

func (*OpenCodeModule) WithAuth added in v0.8.0 

func (m *OpenCodeModule) WithAuth(ctx context.Context, workDir string, provider string, apiKey string) (string, error)

WithAuth configures OpenCode with authentication credentials

type OpenInfraQuoteDiffOptions added in v0.8.0 

type OpenInfraQuoteDiffOptions struct {
	OutputFormat    string
	Currency        string
	ShowAllProjects bool
}

OpenInfraQuoteDiffOptions contains options for cost diff

type OpenInfraQuoteModule 

type OpenInfraQuoteModule struct {
	// contains filtered or unexported fields
}

OpenInfraQuoteModule runs OpenInfraQuote for infrastructure cost estimation

func NewOpenInfraQuoteModule 

func NewOpenInfraQuoteModule(client *dagger.Client) *OpenInfraQuoteModule

NewOpenInfraQuoteModule creates a new OpenInfraQuote module

func (*OpenInfraQuoteModule) Diff added in v0.8.0 

func (m *OpenInfraQuoteModule) Diff(ctx context.Context, path1, path2 string, opts OpenInfraQuoteDiffOptions) (string, error)

Diff shows cost difference between two Terraform configurations

func (*OpenInfraQuoteModule) Estimate added in v0.8.0 

func (m *OpenInfraQuoteModule) Estimate(ctx context.Context, terraformPath string, opts OpenInfraQuoteOptions) (string, error)

Estimate generates cost estimates for Terraform infrastructure

type OpenInfraQuoteOptions added in v0.8.0 

type OpenInfraQuoteOptions struct {
	OutputFormat      string
	OutputFile        string
	TerraformPlanFile string
	Currency          string
	Region            string
	ShowSkipped       bool
	SyncUsageFile     bool
	UsageFile         string
}

OpenInfraQuoteOptions contains options for cost estimation

type OpenSCAPModule added in v0.6.4 

type OpenSCAPModule struct {
	// contains filtered or unexported fields
}

OpenSCAPModule runs OpenSCAP for security compliance scanning

func NewOpenSCAPModule added in v0.6.4 

func NewOpenSCAPModule(client *dagger.Client) *OpenSCAPModule

NewOpenSCAPModule creates a new OpenSCAP module

func (*OpenSCAPModule) EvaluateProfile added in v0.6.4 

func (m *OpenSCAPModule) EvaluateProfile(ctx context.Context, contentPath string, profile string) (string, error)

EvaluateProfile evaluates a system against SCAP content

func (*OpenSCAPModule) GenerateGuide added in v0.7.0 

func (m *OpenSCAPModule) GenerateGuide(ctx context.Context, xccdfFile string, profile string, outputFile string) (string, error)

GenerateGuide generates HTML guide from XCCDF content

func (*OpenSCAPModule) GenerateOvalReport added in v0.7.0 

func (m *OpenSCAPModule) GenerateOvalReport(ctx context.Context, ovalResultsFile string, outputFile string) (string, error)

GenerateOvalReport generates report from OVAL results

func (*OpenSCAPModule) GenerateReport added in v0.6.4 

func (m *OpenSCAPModule) GenerateReport(ctx context.Context, resultsPath string) (string, error)

GenerateReport generates compliance report

func (*OpenSCAPModule) GetInfo added in v0.7.0 

func (m *OpenSCAPModule) GetInfo(ctx context.Context, contentFile string) (string, error)

GetInfo displays information about SCAP content

func (*OpenSCAPModule) OvalEvaluate added in v0.7.0 

func (m *OpenSCAPModule) OvalEvaluate(ctx context.Context, ovalFile string, resultsFile string, variablesFile string, definitionId string) (string, error)

OvalEvaluate evaluates OVAL definitions

func (*OpenSCAPModule) RemediateXCCDF added in v0.7.0 

func (m *OpenSCAPModule) RemediateXCCDF(ctx context.Context, resultsFile string) (string, error)

RemediateXCCDF applies remediation based on XCCDF results

func (*OpenSCAPModule) ScanImage added in v0.6.4 

func (m *OpenSCAPModule) ScanImage(ctx context.Context, imageName string, profile string) (string, error)

ScanImage scans a container image for compliance

func (*OpenSCAPModule) SplitDataStream added in v0.7.0 

func (m *OpenSCAPModule) SplitDataStream(ctx context.Context, datastreamFile string, outputDir string) (string, error)

SplitDataStream splits DataStream into component files

func (*OpenSCAPModule) ValidateContent added in v0.7.0 

func (m *OpenSCAPModule) ValidateContent(ctx context.Context, contentFile string, contentType string, schematron bool) (string, error)

ValidateContent validates SCAP content

func (*OpenSCAPModule) ValidateDataStream added in v0.7.0 

func (m *OpenSCAPModule) ValidateDataStream(ctx context.Context, datastreamFile string) (string, error)

ValidateDataStream validates Source DataStream file

type OpenVASModule added in v0.9.1 

type OpenVASModule struct {
	// contains filtered or unexported fields
}

OpenVASModule provides integration with OpenVAS/Greenbone Vulnerability Management This module requires a running GVM stack and connects via gvm-tools

func NewOpenVASModule added in v0.9.1 

func NewOpenVASModule(client *dagger.Client) *OpenVASModule

NewOpenVASModule creates a new OpenVAS module

func (*OpenVASModule) CreateScan added in v0.9.1 

func (m *OpenVASModule) CreateScan(ctx context.Context, socketPath string, username string, password string, scanName string, targetID string, configID string) (string, error)

CreateScan creates a new scan task

func (*OpenVASModule) CreateTarget added in v0.9.1 

func (m *OpenVASModule) CreateTarget(ctx context.Context, socketPath string, username string, password string, targetName string, hosts string, portList string) (string, error)

CreateTarget creates a new target for scanning

func (*OpenVASModule) DeleteScan added in v0.9.1 

func (m *OpenVASModule) DeleteScan(ctx context.Context, socketPath string, username string, password string, taskID string) (string, error)

DeleteScan deletes a scan task

func (*OpenVASModule) GetScanResults added in v0.9.1 

func (m *OpenVASModule) GetScanResults(ctx context.Context, socketPath string, username string, password string, reportID string, minSeverity string) (string, error)

GetScanResults gets the results of a completed scan

func (*OpenVASModule) GetScanStatus added in v0.9.1 

func (m *OpenVASModule) GetScanStatus(ctx context.Context, socketPath string, username string, password string, taskID string) (string, error)

GetScanStatus gets the status of a scan

func (*OpenVASModule) GetSystemStatus added in v0.9.1 

func (m *OpenVASModule) GetSystemStatus(ctx context.Context, socketPath string, username string, password string) (string, error)

GetSystemStatus gets the overall system status of the GVM instance

func (*OpenVASModule) GetVersion added in v0.9.1 

func (m *OpenVASModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of gvm-tools

func (*OpenVASModule) ListPortLists added in v0.9.1 

func (m *OpenVASModule) ListPortLists(ctx context.Context, socketPath string, username string, password string) (string, error)

ListPortLists lists available port lists

func (*OpenVASModule) ListScanConfigs added in v0.9.1 

func (m *OpenVASModule) ListScanConfigs(ctx context.Context, socketPath string, username string, password string) (string, error)

ListScanConfigs lists available scan configurations

func (*OpenVASModule) ListScans added in v0.9.1 

func (m *OpenVASModule) ListScans(ctx context.Context, socketPath string, username string, password string) (string, error)

ListScans lists all scans from a GVM instance Requires connection to a running GVM service

func (*OpenVASModule) ListTargets added in v0.9.1 

func (m *OpenVASModule) ListTargets(ctx context.Context, socketPath string, username string, password string) (string, error)

ListTargets lists all targets from a GVM instance

func (*OpenVASModule) StartScan added in v0.9.1 

func (m *OpenVASModule) StartScan(ctx context.Context, socketPath string, username string, password string, taskID string) (string, error)

StartScan starts an existing scan task

func (*OpenVASModule) StopScan added in v0.9.1 

func (m *OpenVASModule) StopScan(ctx context.Context, socketPath string, username string, password string, taskID string) (string, error)

StopScan stops a running scan

type PMapperModule added in v0.6.4 

type PMapperModule struct {
	// contains filtered or unexported fields
}

PMapperModule runs PMapper for AWS IAM privilege mapping

func NewPMapperModule added in v0.6.4 

func NewPMapperModule(client *dagger.Client) *PMapperModule

NewPMapperModule creates a new PMapper module

func (*PMapperModule) CheckAdminAccess added in v0.6.4 

func (m *PMapperModule) CheckAdminAccess(ctx context.Context, profile string, principal string) (string, error)

CheckAdminAccess checks if a principal has admin access

func (*PMapperModule) CreateGraph added in v0.6.4 

func (m *PMapperModule) CreateGraph(ctx context.Context, profile string) (string, error)

CreateGraph creates a privilege graph for an AWS account

func (*PMapperModule) FindPrivilegeEscalation added in v0.6.4 

func (m *PMapperModule) FindPrivilegeEscalation(ctx context.Context, profile string, principal string) (string, error)

FindPrivilegeEscalation finds privilege escalation paths

func (*PMapperModule) ListPrincipals added in v0.6.4 

func (m *PMapperModule) ListPrincipals(ctx context.Context, profile string) (string, error)

ListPrincipals lists all principals in the AWS account

func (*PMapperModule) QueryAccess added in v0.6.4 

func (m *PMapperModule) QueryAccess(ctx context.Context, profile string, principal string, action string, resource string) (string, error)

QueryAccess queries if a principal can access a specific action/resource

func (*PMapperModule) VisualizeGraph added in v0.6.4 

func (m *PMapperModule) VisualizeGraph(ctx context.Context, profile string, outputFormat string) (string, error)

VisualizeGraph creates a visual representation of the privilege graph

type PackerModule added in v0.6.4 

type PackerModule struct {
	// contains filtered or unexported fields
}

PackerModule runs Packer for image building

func NewPackerModule added in v0.6.4 

func NewPackerModule(client *dagger.Client) *PackerModule

NewPackerModule creates a new Packer module

func (*PackerModule) BuildImage added in v0.6.4 

func (m *PackerModule) BuildImage(ctx context.Context, templatePath string, varsFile string) (string, error)

BuildImage builds an image using Packer

func (*PackerModule) Console added in v0.7.0 

func (m *PackerModule) Console(ctx context.Context, templateFile string, vars string, varFile string) (string, error)

Console opens Packer console for template debugging

func (*PackerModule) FixTemplate added in v0.7.0 

func (m *PackerModule) FixTemplate(ctx context.Context, templatePath string, validate bool) (string, error)

FixTemplate fixes and upgrades Packer template to current version

func (*PackerModule) FormatTemplate added in v0.6.4 

func (m *PackerModule) FormatTemplate(ctx context.Context, templatePath string) (string, error)

FormatTemplate formats a Packer template

func (*PackerModule) GetVersion added in v0.6.4 

func (m *PackerModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Packer

func (*PackerModule) HCL2Upgrade added in v0.7.0 

func (m *PackerModule) HCL2Upgrade(ctx context.Context, templateFile string, outputFile string, withAnnotations bool) (string, error)

HCL2Upgrade upgrades JSON Packer template to HCL2

func (*PackerModule) InitConfiguration added in v0.7.0 

func (m *PackerModule) InitConfiguration(ctx context.Context, configFile string, upgrade bool) (string, error)

InitConfiguration initializes Packer configuration and installs required plugins

func (*PackerModule) InspectTemplate added in v0.7.0 

func (m *PackerModule) InspectTemplate(ctx context.Context, templatePath string, machineReadable bool) (string, error)

InspectTemplate inspects and analyzes Packer template configuration

func (*PackerModule) ManagePlugins added in v0.7.0 

func (m *PackerModule) ManagePlugins(ctx context.Context, subcommand string, pluginName string, version string, configFile string) (string, error)

ManagePlugins manages Packer plugins (install, remove, required)

func (*PackerModule) ValidateTemplate added in v0.6.4 

func (m *PackerModule) ValidateTemplate(ctx context.Context, templatePath string) (string, error)

ValidateTemplate validates a Packer template

type ParliamentModule added in v0.6.4 

type ParliamentModule struct {
	// contains filtered or unexported fields
}

ParliamentModule runs Parliament for AWS IAM policy linting

func NewParliamentModule added in v0.6.4 

func NewParliamentModule(client *dagger.Client) *ParliamentModule

NewParliamentModule creates a new Parliament module

func (*ParliamentModule) BatchDirectoryAnalysis added in v0.7.0 

func (m *ParliamentModule) BatchDirectoryAnalysis(ctx context.Context, baseDirectory string, config string, privateAuditors string, jsonOutput bool, includeExtension string, excludePattern string) (string, error)

BatchDirectoryAnalysis performs batch analysis of multiple policy directories

func (*ParliamentModule) ComprehensiveAnalysis added in v0.7.0 

func (m *ParliamentModule) ComprehensiveAnalysis(ctx context.Context, policyPath string, privateAuditors string, config string, jsonOutput bool) (string, error)

ComprehensiveAnalysis performs comprehensive IAM policy analysis with all auditors

func (*ParliamentModule) LintAWSManagedPolicies added in v0.7.0 

func (m *ParliamentModule) LintAWSManagedPolicies(ctx context.Context, config string, jsonOutput bool) (string, error)

LintAWSManagedPolicies lints AWS managed policies

func (*ParliamentModule) LintAuthDetailsFile added in v0.7.0 

func (m *ParliamentModule) LintAuthDetailsFile(ctx context.Context, authDetailsFile string, config string, jsonOutput bool) (string, error)

LintAuthDetailsFile lints AWS IAM authorization details file

func (*ParliamentModule) LintPolicyDirectory added in v0.6.4 

func (m *ParliamentModule) LintPolicyDirectory(ctx context.Context, dir string) (string, error)

LintPolicyDirectory lints all policy files in a directory

func (*ParliamentModule) LintPolicyFile added in v0.6.4 

func (m *ParliamentModule) LintPolicyFile(ctx context.Context, policyPath string) (string, error)

LintPolicyFile lints a specific IAM policy file

func (*ParliamentModule) LintPolicyString added in v0.6.4 

func (m *ParliamentModule) LintPolicyString(ctx context.Context, policyJSON string) (string, error)

LintPolicyString lints a policy provided as a string

func (*ParliamentModule) LintWithCommunityAuditors added in v0.6.4 

func (m *ParliamentModule) LintWithCommunityAuditors(ctx context.Context, policyPath string) (string, error)

LintWithCommunityAuditors lints using community auditors

func (*ParliamentModule) LintWithPrivateAuditors added in v0.6.4 

func (m *ParliamentModule) LintWithPrivateAuditors(ctx context.Context, policyPath string, auditorsPath string) (string, error)

LintWithPrivateAuditors lints using private auditors

func (*ParliamentModule) LintWithSeverityFilter added in v0.6.4 

func (m *ParliamentModule) LintWithSeverityFilter(ctx context.Context, policyPath string, minSeverity string) (string, error)

LintWithSeverityFilter lints and filters by severity level

type PolicySentryModule added in v0.6.4 

type PolicySentryModule struct {
	// contains filtered or unexported fields
}

PolicySentryModule runs Policy Sentry for AWS IAM policy generation

func NewPolicySentryModule added in v0.6.4 

func NewPolicySentryModule(client *dagger.Client) *PolicySentryModule

NewPolicySentryModule creates a new Policy Sentry module

func (*PolicySentryModule) CreateTemplate added in v0.6.4 

func (m *PolicySentryModule) CreateTemplate(ctx context.Context, templateType string, outputFile string) (string, error)

CreateTemplate creates a policy template

func (*PolicySentryModule) QueryActionTable added in v0.6.4 

func (m *PolicySentryModule) QueryActionTable(ctx context.Context, service string) (string, error)

QueryActionTable queries the action table for service information

func (*PolicySentryModule) QueryConditionTable added in v0.6.4 

func (m *PolicySentryModule) QueryConditionTable(ctx context.Context, service string) (string, error)

QueryConditionTable queries the condition table for service information

func (*PolicySentryModule) WritePolicy added in v0.6.4 

func (m *PolicySentryModule) WritePolicy(ctx context.Context, inputFile string) (string, error)

WritePolicy writes an IAM policy from a YAML template

func (*PolicySentryModule) WritePolicyFromTemplate added in v0.6.4 

func (m *PolicySentryModule) WritePolicyFromTemplate(ctx context.Context, templateYAML string) (string, error)

WritePolicyFromTemplate writes a policy from an inline template

func (*PolicySentryModule) WritePolicyWithActions added in v0.6.4 

func (m *PolicySentryModule) WritePolicyWithActions(ctx context.Context, actions []string, resourceArns []string) (string, error)

WritePolicyWithActions writes a policy based on specific actions

func (*PolicySentryModule) WritePolicyWithCRUD added in v0.6.4 

func (m *PolicySentryModule) WritePolicyWithCRUD(ctx context.Context, resourceArns []string, accessLevels []string) (string, error)

WritePolicyWithCRUD writes a policy based on CRUD operations

type PowerpipeModule added in v0.6.4 

type PowerpipeModule struct {
	// contains filtered or unexported fields
}

PowerpipeModule runs Powerpipe for security dashboards

func NewPowerpipeModule added in v0.6.4 

func NewPowerpipeModule(client *dagger.Client) *PowerpipeModule

NewPowerpipeModule creates a new Powerpipe module

func (*PowerpipeModule) GetVersion added in v0.6.4 

func (m *PowerpipeModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Powerpipe

func (*PowerpipeModule) ListBenchmarks added in v0.6.4 

func (m *PowerpipeModule) ListBenchmarks(ctx context.Context, modPath string) (string, error)

ListBenchmarks lists available benchmarks

func (*PowerpipeModule) ListDashboards added in v0.7.0 

func (m *PowerpipeModule) ListDashboards(ctx context.Context, modPath string) (string, error)

ListDashboards lists available dashboards

func (*PowerpipeModule) ListQueries added in v0.7.0 

func (m *PowerpipeModule) ListQueries(ctx context.Context, modPath string) (string, error)

ListQueries lists available queries

func (*PowerpipeModule) RunBenchmark added in v0.6.4 

func (m *PowerpipeModule) RunBenchmark(ctx context.Context, benchmark string, modPath string) (string, error)

RunBenchmark runs a security benchmark

func (*PowerpipeModule) RunControl added in v0.6.4 

func (m *PowerpipeModule) RunControl(ctx context.Context, control string, modPath string) (string, error)

RunControl runs a specific control

func (*PowerpipeModule) RunQuery added in v0.7.0 

func (m *PowerpipeModule) RunQuery(ctx context.Context, query string, modPath string) (string, error)

RunQuery executes a Powerpipe query

func (*PowerpipeModule) StartServer added in v0.7.0 

func (m *PowerpipeModule) StartServer(ctx context.Context, modPath string, port int) (string, error)

StartServer starts the Powerpipe server

type ProwlerModule added in v0.6.4 

type ProwlerModule struct {
	// contains filtered or unexported fields
}

ProwlerModule runs Prowler for cloud security assessment

func NewProwlerModule added in v0.6.4 

func NewProwlerModule(client *dagger.Client) *ProwlerModule

NewProwlerModule creates a new Prowler module

func (*ProwlerModule) GenerateDashboard added in v0.7.0 

func (m *ProwlerModule) GenerateDashboard(ctx context.Context, inputFile string, outputDir string) (string, error)

GenerateDashboard generates HTML dashboard from scan results

func (*ProwlerModule) ListChecks added in v0.7.0 

func (m *ProwlerModule) ListChecks(ctx context.Context, provider string) (string, error)

ListChecks lists available Prowler checks

func (*ProwlerModule) ListCompliance added in v0.7.0 

func (m *ProwlerModule) ListCompliance(ctx context.Context, provider string) (string, error)

ListCompliance lists available compliance frameworks

func (*ProwlerModule) ListServices added in v0.7.0 

func (m *ProwlerModule) ListServices(ctx context.Context, provider string) (string, error)

ListServices lists available services for a provider

func (*ProwlerModule) ScanAWS added in v0.6.4 

func (m *ProwlerModule) ScanAWS(ctx context.Context, provider string, region string) (string, error)

ScanAWS scans AWS infrastructure for security issues

func (*ProwlerModule) ScanAzure added in v0.6.4 

func (m *ProwlerModule) ScanAzure(ctx context.Context) (string, error)

ScanAzure scans Azure infrastructure for security issues

func (*ProwlerModule) ScanGCP added in v0.6.4 

func (m *ProwlerModule) ScanGCP(ctx context.Context, projectId string) (string, error)

ScanGCP scans Google Cloud Platform for security issues

func (*ProwlerModule) ScanKubernetes added in v0.6.4 

func (m *ProwlerModule) ScanKubernetes(ctx context.Context, kubeconfigPath string) (string, error)

ScanKubernetes scans Kubernetes cluster for security issues

func (*ProwlerModule) ScanSpecificServices added in v0.6.4 

func (m *ProwlerModule) ScanSpecificServices(ctx context.Context, provider string, services string, region string) (string, error)

ScanSpecificServices scans specific cloud services

func (*ProwlerModule) ScanWithCompliance added in v0.6.4 

func (m *ProwlerModule) ScanWithCompliance(ctx context.Context, provider string, compliance string, region string) (string, error)

ScanWithCompliance scans with specific compliance frameworks

type SOPSModule added in v0.6.4 

type SOPSModule struct {
	// contains filtered or unexported fields
}

func NewSOPSModule added in v0.6.4 

func NewSOPSModule(client *dagger.Client) *SOPSModule

func (*SOPSModule) DecryptFile added in v0.6.4 

func (m *SOPSModule) DecryptFile(ctx context.Context, filePath string, outputFile string) (string, error)

DecryptFile decrypts a SOPS-encrypted file

func (*SOPSModule) EditFile added in v0.6.4 

func (m *SOPSModule) EditFile(ctx context.Context, filePath string) (string, error)

EditFile shows decrypted content for editing (interactive editing not supported in containers)

func (*SOPSModule) EncryptFile added in v0.6.4 

func (m *SOPSModule) EncryptFile(ctx context.Context, filePath string, kmsArn string, pgpFingerprint string, agePublicKey string, outputFile string, inPlace bool) (string, error)

EncryptFile encrypts a file using SOPS

func (*SOPSModule) GetVersion added in v0.8.0 

func (m *SOPSModule) GetVersion(ctx context.Context) (string, error)

GetVersion gets the SOPS version

func (*SOPSModule) PublishKeys added in v0.8.0 

func (m *SOPSModule) PublishKeys(ctx context.Context, keyType string, keyPath string) (string, error)

PublishKeys publishes/exports keys for sharing (shows public key info)

func (*SOPSModule) UpdateKeys added in v0.8.0 

func (m *SOPSModule) UpdateKeys(ctx context.Context, filePath string, addKms string, addPgp string, addAge string, inPlace bool) (string, error)

UpdateKeys rotates/updates encryption keys for SOPS files

type ScoutSuiteModule added in v0.6.4 

type ScoutSuiteModule struct {
	// contains filtered or unexported fields
}

ScoutSuiteModule runs Scout Suite for multi-cloud security auditing

func NewScoutSuiteModule added in v0.6.4 

func NewScoutSuiteModule(client *dagger.Client) *ScoutSuiteModule

NewScoutSuiteModule creates a new Scout Suite module

func (*ScoutSuiteModule) GetVersion added in v0.6.4 

func (m *ScoutSuiteModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Scout Suite

func (*ScoutSuiteModule) Help added in v0.8.0 

func (m *ScoutSuiteModule) Help(ctx context.Context, provider string) (string, error)

Help returns Scout Suite help information

func (*ScoutSuiteModule) ScanAWS added in v0.6.4 

func (m *ScoutSuiteModule) ScanAWS(ctx context.Context, profile string) (string, error)

ScanAWS scans AWS environment

func (*ScoutSuiteModule) ScanAzure added in v0.6.4 

func (m *ScoutSuiteModule) ScanAzure(ctx context.Context) (string, error)

ScanAzure scans Azure environment

func (*ScoutSuiteModule) ScanGCP added in v0.6.4 

func (m *ScoutSuiteModule) ScanGCP(ctx context.Context, projectID string) (string, error)

ScanGCP scans Google Cloud Platform environment

func (*ScoutSuiteModule) ServeReport added in v0.8.0 

func (m *ScoutSuiteModule) ServeReport(ctx context.Context, provider string, reportName string, host string, port string) (string, error)

ServeReport serves Scout Suite report via web server

type SemgrepModule added in v0.6.4 

type SemgrepModule struct {
	// contains filtered or unexported fields
}

SemgrepModule runs Semgrep for static analysis

func NewSemgrepModule added in v0.6.4 

func NewSemgrepModule(client *dagger.Client) *SemgrepModule

NewSemgrepModule creates a new Semgrep module

func (*SemgrepModule) CICDIntegrationScan added in v0.7.0 

func (m *SemgrepModule) CICDIntegrationScan(ctx context.Context, target string, baselineRef string, outputFormat string, outputFile string, configPolicy string, diffAware bool, failOpen bool, timeout string, quiet bool) (string, error)

CICDIntegrationScan performs optimized scan for CI/CD pipelines

func (*SemgrepModule) ComplianceScanning added in v0.7.0 

func (m *SemgrepModule) ComplianceScanning(ctx context.Context, target string, complianceFramework string, industryFocus string, outputFormat string, outputFile string, includeRemediation bool, severityThreshold string) (string, error)

ComplianceScanning performs compliance-focused security scanning

func (*SemgrepModule) ComprehensiveReporting added in v0.8.0 

func (m *SemgrepModule) ComprehensiveReporting(ctx context.Context, target string, reportType string, outputFormats []string, outputDirectory string, includeMetrics bool, includeTrends bool, baselineComparison string) (string, error)

ComprehensiveReporting generates comprehensive security analysis reports

func (*SemgrepModule) CustomRuleManagement added in v0.7.0 

func (m *SemgrepModule) CustomRuleManagement(ctx context.Context, action string, rulesPath string, target string, testFiles []string, outputFormat string, strict bool) (string, error)

CustomRuleManagement manages and validates custom Semgrep rules

func (*SemgrepModule) GetVersion added in v0.6.4 

func (m *SemgrepModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Semgrep

func (*SemgrepModule) LanguageSpecificScan added in v0.7.0 

func (m *SemgrepModule) LanguageSpecificScan(ctx context.Context, target string, language string, securityCategory string, outputFormat string, includeExperimental bool, confidence string) (string, error)

LanguageSpecificScan performs language-specific security analysis

func (*SemgrepModule) PerformanceOptimizedScan added in v0.7.0 

func (m *SemgrepModule) PerformanceOptimizedScan(ctx context.Context, target string, configPolicy string, maxMemory string, maxTargetBytes string, jobs string, timeout string, enableMetrics bool, optimizations bool, excludePatterns []string) (string, error)

PerformanceOptimizedScan performs high-performance scan with optimization features

func (*SemgrepModule) ScanDirectory added in v0.6.4 

func (m *SemgrepModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory with Semgrep rules

func (*SemgrepModule) ScanFile added in v0.6.4 

func (m *SemgrepModule) ScanFile(ctx context.Context, filePath string) (string, error)

ScanFile scans a specific file

func (*SemgrepModule) ScanOWASPTop10 added in v0.7.0 

func (m *SemgrepModule) ScanOWASPTop10(ctx context.Context, directory string, outputFormat string, languageFocus string) (string, error)

ScanOWASPTop10 scans for OWASP Top 10 vulnerabilities

func (*SemgrepModule) ScanSecrets added in v0.7.0 

func (m *SemgrepModule) ScanSecrets(ctx context.Context, directory string, outputFormat string, excludePatterns []string) (string, error)

ScanSecrets performs specialized secrets scanning

func (*SemgrepModule) ScanWithRuleset added in v0.6.4 

func (m *SemgrepModule) ScanWithRuleset(ctx context.Context, dir string, ruleset string) (string, error)

ScanWithRuleset scans with specific ruleset

func (*SemgrepModule) SecurityAuditScan added in v0.8.0 

func (m *SemgrepModule) SecurityAuditScan(ctx context.Context, target string, ruleset string, severity string, outputFormat string, outputFile string, excludePaths []string, verbose bool, failOnFindings bool) (string, error)

SecurityAuditScan performs comprehensive security audit scan

func (*SemgrepModule) VulnerabilityResearch added in v0.7.0 

func (m *SemgrepModule) VulnerabilityResearch(ctx context.Context, target string, researchMode string, languageFocus string, vulnerabilityTypes []string, includeExperimental bool, outputFormat string) (string, error)

VulnerabilityResearch performs advanced vulnerability research and pattern discovery

type ServiceInvestigationReport 

type ServiceInvestigationReport struct {
	Task         string
	ServicesUsed []string
	Results      string
}

ServiceInvestigationReport contains results from service-based investigation

type SteampipeModule 

type SteampipeModule struct {
	// contains filtered or unexported fields
}

SteampipeModule runs Steampipe for cloud asset querying

func NewSteampipeModule 

func NewSteampipeModule(client *dagger.Client) *SteampipeModule

NewSteampipeModule creates a new Steampipe module

func (*SteampipeModule) GetServiceStatus added in v0.7.0 

func (m *SteampipeModule) GetServiceStatus(ctx context.Context) (string, error)

GetServiceStatus gets the status of the Steampipe service

func (*SteampipeModule) GetVersion 

func (m *SteampipeModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Steampipe

func (*SteampipeModule) InstallPlugin added in v0.7.0 

func (m *SteampipeModule) InstallPlugin(ctx context.Context, plugin string) (string, error)

InstallPlugin installs a Steampipe plugin

func (*SteampipeModule) ListPlugins added in v0.6.4 

func (m *SteampipeModule) ListPlugins(ctx context.Context) (string, error)

ListPlugins lists available plugins

func (*SteampipeModule) Query added in v0.6.4 

func (m *SteampipeModule) Query(ctx context.Context, query string, plugin string) (string, error)

Query executes a SQL query against cloud resources

func (*SteampipeModule) QueryFromFile added in v0.6.4 

func (m *SteampipeModule) QueryFromFile(ctx context.Context, queryFile string, plugin string) (string, error)

QueryFromFile executes queries from a file

func (*SteampipeModule) QueryInteractive added in v0.7.0 

func (m *SteampipeModule) QueryInteractive(ctx context.Context, plugin string) (string, error)

QueryInteractive starts an interactive query session

func (*SteampipeModule) StartService added in v0.7.0 

func (m *SteampipeModule) StartService(ctx context.Context, port int) (string, error)

StartService starts the Steampipe service

func (*SteampipeModule) StopService added in v0.7.0 

func (m *SteampipeModule) StopService(ctx context.Context) (string, error)

StopService stops the Steampipe service

func (*SteampipeModule) UninstallPlugin added in v0.7.0 

func (m *SteampipeModule) UninstallPlugin(ctx context.Context, plugin string) (string, error)

UninstallPlugin uninstalls a Steampipe plugin

func (*SteampipeModule) UpdatePlugin added in v0.7.0 

func (m *SteampipeModule) UpdatePlugin(ctx context.Context, plugin string) (string, error)

UpdatePlugin updates a Steampipe plugin

type SyftModule added in v0.6.4 

type SyftModule struct {
	// contains filtered or unexported fields
}

SyftModule runs Syft for SBOM generation

func NewSyftModule added in v0.6.4 

func NewSyftModule(client *dagger.Client) *SyftModule

NewSyftModule creates a new Syft module

func (*SyftModule) ArchiveAnalysis added in v0.7.0 

func (m *SyftModule) ArchiveAnalysis(ctx context.Context, archivePath string, archiveType string, outputFormat string, extractNested bool, includeMetadata bool, extractionDepth string) (string, error)

ArchiveAnalysis analyzes archives, packages, and compressed files for SBOM generation

func (*SyftModule) CICDPipelineIntegration added in v0.7.0 

func (m *SyftModule) CICDPipelineIntegration(ctx context.Context, target string, pipelineStage string, artifactName string, outputFormats []string, outputDirectory string, failOnError bool, quietMode bool, timeout string) (string, error)

CICDPipelineIntegration performs optimized SBOM generation for CI/CD pipelines

func (*SyftModule) ComplianceAttestation added in v0.7.0 

func (m *SyftModule) ComplianceAttestation(ctx context.Context, target string, complianceFramework string, outputFormat string, attestationFormat string, outputFile string, includeSupplierInfo bool, includeHashes bool, validateCompleteness bool) (string, error)

ComplianceAttestation generates compliance-focused SBOMs with attestation features

func (*SyftModule) GenerateAttestations added in v0.6.4 

func (m *SyftModule) GenerateAttestations(ctx context.Context, target string, format string) (string, error)

GenerateAttestations generates SBOM with attestations

func (*SyftModule) GenerateSBOMFromDirectory added in v0.6.4 

func (m *SyftModule) GenerateSBOMFromDirectory(ctx context.Context, dir string, format string) (string, error)

GenerateSBOMFromDirectory generates SBOM from a directory

func (*SyftModule) GenerateSBOMFromImage added in v0.6.4 

func (m *SyftModule) GenerateSBOMFromImage(ctx context.Context, imageName string, format string) (string, error)

GenerateSBOMFromImage generates SBOM from a container image

func (*SyftModule) GenerateSBOMFromPackage added in v0.6.4 

func (m *SyftModule) GenerateSBOMFromPackage(ctx context.Context, dir string, packageType string, format string) (string, error)

GenerateSBOMFromPackage generates SBOM from a specific package manager

func (*SyftModule) LanguageSpecificCataloging added in v0.7.0 

func (m *SyftModule) LanguageSpecificCataloging(ctx context.Context, target string, languages []string, outputFormat string, packageManagers string, includeDevDeps bool, includeTestDeps bool, depthLimit string) (string, error)

LanguageSpecificCataloging generates SBOM with focus on specific programming languages

func (*SyftModule) MetadataExtraction added in v0.7.0 

func (m *SyftModule) MetadataExtraction(ctx context.Context, target string, metadataTypes []string, outputFormat string, includeFileMetadata bool, includeChecksums bool, includeCertificates bool, includeSignatures bool, customAnnotations string) (string, error)

MetadataExtraction extracts and enriches metadata for comprehensive SBOM generation

func (*SyftModule) SBOMComparison added in v0.7.0 

func (m *SyftModule) SBOMComparison(ctx context.Context, baselineTarget string, comparisonTarget string, comparisonType string, outputFormat string, diffOutputFile string, showAddedOnly bool, showRemovedOnly bool, includeVersionChanges bool) (string, error)

SBOMComparison compares SBOMs and generates difference analysis

func (*SyftModule) SupplyChainAnalysis added in v0.7.0 

func (m *SyftModule) SupplyChainAnalysis(ctx context.Context, target string, analysisDepth string, outputFormats []string, outputDirectory string, includeTransitiveDeps bool, includeLicenseAnalysis bool, includeProvenance bool, riskAssessment string) (string, error)

SupplyChainAnalysis performs comprehensive supply chain analysis and SBOM generation

type TFLintInitOptions added in v0.8.0 

type TFLintInitOptions struct {
	ConfigFile string
	Upgrade    bool
}

TFLintInitOptions contains options for TFLint initialization

type TFLintModule 

type TFLintModule struct {
	// contains filtered or unexported fields
}

TFLintModule runs TFLint for Terraform configuration linting

func NewTFLintModule 

func NewTFLintModule(client *dagger.Client) *TFLintModule

NewTFLintModule creates a new TFLint module

func (*TFLintModule) Check added in v0.8.0 

func (m *TFLintModule) Check(ctx context.Context, sourcePath string, opts TFLintOptions) (string, error)

Check runs TFLint check on the provided Terraform configuration

func (*TFLintModule) Init added in v0.8.0 

func (m *TFLintModule) Init(ctx context.Context, sourcePath string, opts TFLintInitOptions) (string, error)

Init initializes TFLint in a Terraform configuration directory

type TFLintOptions added in v0.8.0 

type TFLintOptions struct {
	ConfigFile  string
	Format      string
	Recursive   bool
	EnableRule  string
	DisableRule string
	Only        string
	VarFile     string
	Var         string
	Fix         bool
}

TFLintOptions contains options for TFLint checking

type TerraformDocsModule 

type TerraformDocsModule struct {
	// contains filtered or unexported fields
}

TerraformDocsModule runs terraform-docs for documentation generation

func NewTerraformDocsModule 

func NewTerraformDocsModule(client *dagger.Client) *TerraformDocsModule

NewTerraformDocsModule creates a new terraform-docs module

func (*TerraformDocsModule) Generate added in v0.8.0 

func (m *TerraformDocsModule) Generate(ctx context.Context, modulePath string, opts TerraformDocsOptions) (string, error)

Generate runs terraform-docs generate on the provided module

func (*TerraformDocsModule) Validate added in v0.8.0 

func (m *TerraformDocsModule) Validate(ctx context.Context, modulePath string, opts TerraformDocsValidateOptions) (string, error)

Validate checks if terraform-docs output is up to date

type TerraformDocsOptions added in v0.8.0 

type TerraformDocsOptions struct {
	OutputFormat string
	OutputFile   string
	ConfigFile   string
	Recursive    bool
	Sort         bool
	HeaderFrom   string
	FooterFrom   string
}

TerraformDocsOptions contains options for terraform-docs generation

type TerraformDocsValidateOptions added in v0.8.0 

type TerraformDocsValidateOptions struct {
	ConfigFile string
	Recursive  bool
}

TerraformDocsValidateOptions contains options for terraform-docs validation

type TerraformerModule added in v0.6.4 

type TerraformerModule struct {
	// contains filtered or unexported fields
}

TerraformerModule runs Terraformer for infrastructure discovery

func NewTerraformerModule added in v0.6.4 

func NewTerraformerModule(client *dagger.Client) *TerraformerModule

NewTerraformerModule creates a new Terraformer module

func (*TerraformerModule) GetVersion added in v0.8.0 

func (m *TerraformerModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of terraformer

func (*TerraformerModule) Import added in v0.8.0 

func (m *TerraformerModule) Import(ctx context.Context, provider string, region string, resources []string, extraArgs map[string]string) (string, error)

Import imports resources from any supported provider

func (*TerraformerModule) ImportAWS added in v0.6.4 

func (m *TerraformerModule) ImportAWS(ctx context.Context, region string, services []string) (string, error)

ImportAWS imports AWS resources

func (*TerraformerModule) ImportAzure added in v0.6.4 

func (m *TerraformerModule) ImportAzure(ctx context.Context, subscription string, services []string) (string, error)

ImportAzure imports Azure resources

func (*TerraformerModule) ImportGCP added in v0.6.4 

func (m *TerraformerModule) ImportGCP(ctx context.Context, project string, services []string) (string, error)

ImportGCP imports GCP resources

func (*TerraformerModule) ListResources added in v0.8.0 

func (m *TerraformerModule) ListResources(ctx context.Context, provider string) (string, error)

ListResources lists available resources for a provider

func (*TerraformerModule) Plan added in v0.8.0 

func (m *TerraformerModule) Plan(ctx context.Context, provider string, region string, resources []string) (string, error)

Plan shows what resources would be imported without actually importing

type TerrascanModule added in v0.6.4 

type TerrascanModule struct {
	// contains filtered or unexported fields
}

TerrascanModule runs Terrascan for IaC security scanning

func NewTerrascanModule added in v0.6.4 

func NewTerrascanModule(client *dagger.Client) *TerrascanModule

NewTerrascanModule creates a new Terrascan module

func (*TerrascanModule) CICDPipelineIntegration added in v0.7.0 

func (m *TerrascanModule) CICDPipelineIntegration(ctx context.Context, target string, iacType string, pipelineStage string, gatePolicy string, outputFormat string, outputFile string, failOnViolations bool, baselineFile string, quietMode bool) (string, error)

CICDPipelineIntegration performs optimized IaC security scanning for CI/CD pipelines

func (*TerrascanModule) CloudProviderScan added in v0.8.0 

func (m *TerrascanModule) CloudProviderScan(ctx context.Context, target string, cloudProvider string, iacType string, securityCategories string, serviceFocus string, includeBestPractices bool, outputFormat string) (string, error)

CloudProviderScan performs cloud provider specific security scanning

func (*TerrascanModule) ComplianceFrameworkScan added in v0.7.0 

func (m *TerrascanModule) ComplianceFrameworkScan(ctx context.Context, target string, complianceFramework string, iacType string, outputFormat string, outputFile string, includeSeverityDetails bool) (string, error)

ComplianceFrameworkScan scans against compliance frameworks

func (*TerrascanModule) ComprehensiveIaCScan added in v0.7.0 

func (m *TerrascanModule) ComprehensiveIaCScan(ctx context.Context, target string, iacType string, outputFormat string, outputFile string, severityThreshold string, policyTypes string, excludeRules string, verbose bool, showPassed bool) (string, error)

ComprehensiveIaCScan performs comprehensive Infrastructure as Code security scanning

func (*TerrascanModule) ComprehensiveReporting added in v0.8.0 

func (m *TerrascanModule) ComprehensiveReporting(ctx context.Context, target string, iacType string, reportType string, outputFormats string, outputDirectory string, includeRemediation bool, includeTrends bool, baselineComparison string, includePolicyDetails bool) (string, error)

ComprehensiveReporting generates comprehensive IaC security reports with analytics

func (*TerrascanModule) CustomPolicyManagement added in v0.7.0 

func (m *TerrascanModule) CustomPolicyManagement(ctx context.Context, action string, policyPath string, target string, iacType string, testDataPath string) (string, error)

CustomPolicyManagement manages and validates custom Terrascan policies

func (*TerrascanModule) GetVersion added in v0.7.0 

func (m *TerrascanModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Terrascan

func (*TerrascanModule) PerformanceOptimization added in v0.8.0 

func (m *TerrascanModule) PerformanceOptimization(ctx context.Context, target string, iacType string, scanMode string, parallelWorkers string, maxFileSize string, skipLargeFiles bool, enableCaching bool, excludeDirs string, enableMetrics bool) (string, error)

PerformanceOptimization performs high-performance IaC scanning with optimization features

func (*TerrascanModule) RemoteRepositoryScan added in v0.7.0 

func (m *TerrascanModule) RemoteRepositoryScan(ctx context.Context, repoURL string, repoType string, iacType string, branch string, sshKeyPath string, accessToken string, configPath string, outputFormat string) (string, error)

RemoteRepositoryScan performs advanced remote repository scanning

func (*TerrascanModule) ScanCloudFormation added in v0.6.4 

func (m *TerrascanModule) ScanCloudFormation(ctx context.Context, dir string) (string, error)

ScanCloudFormation scans CloudFormation templates

func (*TerrascanModule) ScanDirectory added in v0.6.4 

func (m *TerrascanModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory for IaC security issues using Terrascan

func (*TerrascanModule) ScanDockerfiles added in v0.6.4 

func (m *TerrascanModule) ScanDockerfiles(ctx context.Context, dir string) (string, error)

ScanDockerfiles scans Dockerfile for security issues

func (*TerrascanModule) ScanKubernetes added in v0.6.4 

func (m *TerrascanModule) ScanKubernetes(ctx context.Context, dir string) (string, error)

ScanKubernetes scans Kubernetes manifests

func (*TerrascanModule) ScanRemote added in v0.7.0 

func (m *TerrascanModule) ScanRemote(ctx context.Context, repoURL string, repoType string, outputFormat string) (string, error)

ScanRemote scans remote repository

func (*TerrascanModule) ScanTerraform added in v0.6.4 

func (m *TerrascanModule) ScanTerraform(ctx context.Context, dir string) (string, error)

ScanTerraform scans Terraform files specifically

func (*TerrascanModule) ScanWithPolicy added in v0.7.0 

func (m *TerrascanModule) ScanWithPolicy(ctx context.Context, dir string, policyPath string, outputFormat string) (string, error)

ScanWithPolicy scans using custom policy path

func (*TerrascanModule) ScanWithSeverity added in v0.6.4 

func (m *TerrascanModule) ScanWithSeverity(ctx context.Context, dir string, severity string, iacType string) (string, error)

ScanWithSeverity scans with a specific severity threshold

type TfsecModule added in v0.8.0 

type TfsecModule struct {
	// contains filtered or unexported fields
}

TfsecModule runs tfsec for Terraform security scanning

func NewTfsecModule added in v0.8.0 

func NewTfsecModule(client *dagger.Client) *TfsecModule

NewTfsecModule creates a new tfsec module

func (*TfsecModule) GenerateMetrics added in v0.8.0 

func (m *TfsecModule) GenerateMetrics(ctx context.Context, dir string) (string, error)

GenerateMetrics generates metrics in various formats

func (*TfsecModule) GenerateReport added in v0.8.0 

func (m *TfsecModule) GenerateReport(ctx context.Context, dir string, reportType string) (string, error)

GenerateReport generates a detailed HTML report

func (*TfsecModule) GetVersion added in v0.8.0 

func (m *TfsecModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of tfsec

func (*TfsecModule) RunWithCustomChecks added in v0.8.0 

func (m *TfsecModule) RunWithCustomChecks(ctx context.Context, dir string, customChecksDir string) (string, error)

RunWithCustomChecks runs tfsec with custom check definitions

func (*TfsecModule) ScanDirectory added in v0.8.0 

func (m *TfsecModule) ScanDirectory(ctx context.Context, dir string, format string) (string, error)

ScanDirectory scans a Terraform directory for security issues

func (*TfsecModule) ScanWithConfig added in v0.8.0 

func (m *TfsecModule) ScanWithConfig(ctx context.Context, dir string, configPath string) (string, error)

ScanWithConfig scans using a config file

func (*TfsecModule) ScanWithExcludes added in v0.8.0 

func (m *TfsecModule) ScanWithExcludes(ctx context.Context, dir string, excludes []string) (string, error)

ScanWithExcludes scans with excluded checks

func (*TfsecModule) ScanWithIgnores added in v0.8.0 

func (m *TfsecModule) ScanWithIgnores(ctx context.Context, dir string, showIgnored bool) (string, error)

ScanWithIgnores scans with inline comment ignores

func (*TfsecModule) ScanWithSeverity added in v0.8.0 

func (m *TfsecModule) ScanWithSeverity(ctx context.Context, dir string, severity string) (string, error)

ScanWithSeverity scans with minimum severity threshold

func (*TfsecModule) UpdateChecks added in v0.8.0 

func (m *TfsecModule) UpdateChecks(ctx context.Context) (string, error)

UpdateChecks updates tfsec check definitions

func (*TfsecModule) ValidateTfvars added in v0.8.0 

func (m *TfsecModule) ValidateTfvars(ctx context.Context, dir string, tfvarsFile string) (string, error)

ValidateTfvars validates terraform variable files

type TfstateReaderModule added in v0.6.4 

type TfstateReaderModule struct {
	// contains filtered or unexported fields
}

TfstateReaderModule reads and analyzes Terraform state files

func NewTfstateReaderModule added in v0.6.4 

func NewTfstateReaderModule(client *dagger.Client) *TfstateReaderModule

NewTfstateReaderModule creates a new Terraform state reader module

func (*TfstateReaderModule) AnalyzeState added in v0.6.4 

func (m *TfstateReaderModule) AnalyzeState(ctx context.Context, statePath string) (string, error)

AnalyzeState analyzes a Terraform state file

func (*TfstateReaderModule) DumpAllResources added in v0.8.0 

func (m *TfstateReaderModule) DumpAllResources(ctx context.Context, statePath string) (string, error)

DumpAllResources dumps all resources (simulated tfstate-lookup -dump)

func (*TfstateReaderModule) ExtractOutputs added in v0.6.4 

func (m *TfstateReaderModule) ExtractOutputs(ctx context.Context, statePath string) (string, error)

ExtractOutputs extracts outputs from state file

func (*TfstateReaderModule) GetResourceByType added in v0.6.4 

func (m *TfstateReaderModule) GetResourceByType(ctx context.Context, statePath string, resourceType string) (string, error)

GetResourceByType gets resources by type

func (*TfstateReaderModule) InteractiveExplorer added in v0.7.0 

func (m *TfstateReaderModule) InteractiveExplorer(ctx context.Context, statePath string) (string, error)

InteractiveExplorer provides interactive state exploration

func (*TfstateReaderModule) ListResources added in v0.6.4 

func (m *TfstateReaderModule) ListResources(ctx context.Context, statePath string) (string, error)

ListResources lists resources in state file

func (*TfstateReaderModule) LookupResource added in v0.8.0 

func (m *TfstateReaderModule) LookupResource(ctx context.Context, statePath string, resourceAddress string) (string, error)

LookupResource looks up resource using tfstate-lookup functionality (simulated with jq)

func (*TfstateReaderModule) PullRemoteState added in v0.7.0 

func (m *TfstateReaderModule) PullRemoteState(ctx context.Context, workdir string) (string, error)

PullRemoteState pulls state from remote backend

func (*TfstateReaderModule) ShowState added in v0.7.0 

func (m *TfstateReaderModule) ShowState(ctx context.Context, statePath string) (string, error)

ShowState shows state information using terraform show

func (*TfstateReaderModule) StateListResources added in v0.8.0 

func (m *TfstateReaderModule) StateListResources(ctx context.Context, statePath string, resourceId string) (string, error)

StateListResources lists resources using terraform state list

func (*TfstateReaderModule) StateShowResource added in v0.8.0 

func (m *TfstateReaderModule) StateShowResource(ctx context.Context, statePath string, resourceAddress string) (string, error)

StateShowResource shows a specific resource using terraform state show

type ToolService 

type ToolService struct {
	// contains filtered or unexported fields
}

ToolService wraps a module as an HTTP service that the LLM can call

type TrivyModule added in v0.6.4 

type TrivyModule struct {
	// contains filtered or unexported fields
}

TrivyModule runs Trivy for comprehensive vulnerability scanning

func NewTrivyModule added in v0.6.4 

func NewTrivyModule(client *dagger.Client) *TrivyModule

NewTrivyModule creates a new Trivy module

func (*TrivyModule) ClientScan added in v0.7.0 

func (m *TrivyModule) ClientScan(ctx context.Context, target string, targetType string, serverURL string, token string, outputFormat string) (string, error)

ClientScan scans using client mode

func (*TrivyModule) ConvertSBOM added in v0.7.0 

func (m *TrivyModule) ConvertSBOM(ctx context.Context, inputSBOM string, outputFormat string, outputFile string) (string, error)

ConvertSBOM converts SBOM between different formats

func (*TrivyModule) DatabaseUpdate added in v0.7.0 

func (m *TrivyModule) DatabaseUpdate(ctx context.Context, operation string, skipUpdate bool, cacheDir string) (string, error)

DatabaseUpdate performs database operations

func (*TrivyModule) GenerateSBOM added in v0.7.0 

func (m *TrivyModule) GenerateSBOM(ctx context.Context, target string, targetType string, sbomFormat string, outputFile string, includeDevDeps bool) (string, error)

GenerateSBOM generates Software Bill of Materials

func (*TrivyModule) GetVersion added in v0.6.4 

func (m *TrivyModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Trivy

func (*TrivyModule) PluginManagement added in v0.7.0 

func (m *TrivyModule) PluginManagement(ctx context.Context, action string, pluginName string) (string, error)

PluginManagement manages Trivy plugins

func (*TrivyModule) ScanConfig added in v0.6.4 

func (m *TrivyModule) ScanConfig(ctx context.Context, dir string) (string, error)

ScanConfig scans configuration files for misconfigurations

func (*TrivyModule) ScanFilesystem added in v0.6.4 

func (m *TrivyModule) ScanFilesystem(ctx context.Context, dir string) (string, error)

ScanFilesystem scans a filesystem for vulnerabilities

func (*TrivyModule) ScanImage added in v0.6.4 

func (m *TrivyModule) ScanImage(ctx context.Context, imageName string) (string, error)

ScanImage scans a container image for vulnerabilities

func (*TrivyModule) ScanKubernetes added in v0.7.0 

func (m *TrivyModule) ScanKubernetes(ctx context.Context, target string, clusterContext string, namespace string, severity string, outputFormat string, scanners string, includeImages bool) (string, error)

ScanKubernetes scans Kubernetes cluster for vulnerabilities

func (*TrivyModule) ScanRepository added in v0.6.4 

func (m *TrivyModule) ScanRepository(ctx context.Context, repoURL string) (string, error)

ScanRepository scans a git repository

func (*TrivyModule) ScanSBOM added in v0.7.0 

func (m *TrivyModule) ScanSBOM(ctx context.Context, sbomPath string, severity string, outputFormat string, outputFile string, ignoreUnfixed bool) (string, error)

ScanSBOM scans SBOM file for vulnerabilities

func (*TrivyModule) ScanWithFilters added in v0.7.0 

func (m *TrivyModule) ScanWithFilters(ctx context.Context, target string, targetType string, severity string, vulnType string, ignoreFile string, ignoreUnfixed bool, exitCode string) (string, error)

ScanWithFilters scans with advanced filtering options

func (*TrivyModule) ServerMode added in v0.7.0 

func (m *TrivyModule) ServerMode(ctx context.Context, listenPort string, listenAddress string, debug bool, token string) (string, error)

ServerMode runs Trivy in server mode

type TruffleHogModule added in v0.6.4 

type TruffleHogModule struct {
	// contains filtered or unexported fields
}

TruffleHogModule runs TruffleHog for verified secret detection

func NewTruffleHogModule added in v0.6.4 

func NewTruffleHogModule(client *dagger.Client) *TruffleHogModule

NewTruffleHogModule creates a new TruffleHog module

func (*TruffleHogModule) CICDPipelineIntegration added in v0.7.0 

func (m *TruffleHogModule) CICDPipelineIntegration(ctx context.Context, scanTarget string, scanType string, baselineFile string, outputFormat string, outputFile string, failOnVerified bool, failOnUnverified bool, quietMode bool, timeout string) (string, error)

CICDPipelineIntegration performs optimized secret scanning for CI/CD pipelines

func (*TruffleHogModule) CloudStorageScanning added in v0.7.0 

func (m *TruffleHogModule) CloudStorageScanning(ctx context.Context, cloudProvider string, resourceIdentifier string, credentialsProfile string, region string, recursive bool, filePatterns string, onlyVerified bool, maxFileSize string) (string, error)

CloudStorageScanning scans cloud storage for secrets

func (*TruffleHogModule) ComprehensiveReporting added in v0.8.0 

func (m *TruffleHogModule) ComprehensiveReporting(ctx context.Context, target string, sourceType string, reportType string, outputFormats string, outputDirectory string, includeVerificationStatus bool, includeRiskAssessment bool, baselineComparison string, includeTrends bool) (string, error)

ComprehensiveReporting generates comprehensive secret scanning reports with analytics

func (*TruffleHogModule) ComprehensiveSecretDetection added in v0.7.0 

func (m *TruffleHogModule) ComprehensiveSecretDetection(ctx context.Context, target string, sourceType string, outputFormat string, outputFile string, onlyVerified bool, includeDetectors bool, confidenceLevel string, excludePaths []string, includePaths []string) (string, error)

ComprehensiveSecretDetection performs comprehensive secret detection with advanced filtering

func (*TruffleHogModule) CustomDetectorManagement added in v0.7.0 

func (m *TruffleHogModule) CustomDetectorManagement(ctx context.Context, action string, detectorConfig string, target string, detectorPattern string, includeBuiltin bool) (string, error)

CustomDetectorManagement manages and uses custom secret detectors

func (*TruffleHogModule) EnterpriseGitScanning added in v0.7.0 

func (m *TruffleHogModule) EnterpriseGitScanning(ctx context.Context, gitSource string, repository string, authentication string, scanMode string, commitRange string, branches string, includeForks bool, includeIssues bool, includePullRequests bool, outputFormat string) (string, error)

EnterpriseGitScanning performs enterprise-grade git repository scanning

func (*TruffleHogModule) GetVersion added in v0.7.0 

func (m *TruffleHogModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of TruffleHog

func (*TruffleHogModule) PerformanceOptimization added in v0.8.0 

func (m *TruffleHogModule) PerformanceOptimization(ctx context.Context, target string, sourceType string, concurrency string, maxFileSize string, bufferSize string, skipBinaries bool, enableSampling bool, memoryLimit string, enableMetrics bool) (string, error)

PerformanceOptimization performs high-performance secret scanning with optimization features

func (*TruffleHogModule) ScanDirectory added in v0.6.4 

func (m *TruffleHogModule) ScanDirectory(ctx context.Context, dir string) (string, error)

ScanDirectory scans a directory for secrets using TruffleHog

func (*TruffleHogModule) ScanDockerAdvanced added in v0.7.0 

func (m *TruffleHogModule) ScanDockerAdvanced(ctx context.Context, image string, onlyVerified bool, outputFormat string, layers string) (string, error)

ScanDockerAdvanced scans Docker image with advanced verification options

func (*TruffleHogModule) ScanDockerImage added in v0.6.4 

func (m *TruffleHogModule) ScanDockerImage(ctx context.Context, imageName string) (string, error)

ScanDockerImage scans a Docker image for secrets

func (*TruffleHogModule) ScanFilesystemAdvanced added in v0.7.0 

func (m *TruffleHogModule) ScanFilesystemAdvanced(ctx context.Context, path string, onlyVerified bool, excludePaths []string, outputFormat string, maxDepth string) (string, error)

ScanFilesystemAdvanced scans filesystem with advanced options and exclusions

func (*TruffleHogModule) ScanGitAdvanced added in v0.7.0 

func (m *TruffleHogModule) ScanGitAdvanced(ctx context.Context, repoURL string, branch string, sinceDate string, untilDate string, onlyVerified bool, outputFormat string, excludePaths []string) (string, error)

ScanGitAdvanced scans git repository with advanced filtering options

func (*TruffleHogModule) ScanGitHub added in v0.6.4 

func (m *TruffleHogModule) ScanGitHub(ctx context.Context, repo string, token string) (string, error)

ScanGitHub scans a GitHub repository for secrets

func (*TruffleHogModule) ScanGitHubOrg added in v0.6.4 

func (m *TruffleHogModule) ScanGitHubOrg(ctx context.Context, org string, token string) (string, error)

ScanGitHubOrg scans an entire GitHub organization for secrets

func (*TruffleHogModule) ScanGitRepo added in v0.6.4 

func (m *TruffleHogModule) ScanGitRepo(ctx context.Context, repoURL string) (string, error)

ScanGitRepo scans a Git repository for secrets

func (*TruffleHogModule) ScanS3 added in v0.6.4 

func (m *TruffleHogModule) ScanS3(ctx context.Context, bucket string) (string, error)

ScanS3 scans an S3 bucket for secrets

func (*TruffleHogModule) ScanWithVerification added in v0.6.4 

func (m *TruffleHogModule) ScanWithVerification(ctx context.Context, target string, targetType string) (string, error)

ScanWithVerification scans with verification enabled for found secrets

type VeleroModule added in v0.6.4 

type VeleroModule struct {
	// contains filtered or unexported fields
}

VeleroModule runs Velero for Kubernetes backup and restore

func NewVeleroModule added in v0.6.4 

func NewVeleroModule(client *dagger.Client) *VeleroModule

NewVeleroModule creates a new Velero module

func (*VeleroModule) CreateBackup added in v0.6.4 

func (m *VeleroModule) CreateBackup(ctx context.Context, backupName string, kubeconfig string) (string, error)

CreateBackup creates a backup of Kubernetes resources

func (*VeleroModule) CreateBackupAdvanced added in v0.7.0 

func (m *VeleroModule) CreateBackupAdvanced(ctx context.Context, name string, fromSchedule string, includeNamespaces string, excludeNamespaces string, labels string, wait bool, kubeconfig string) (string, error)

CreateBackupAdvanced creates an on-demand backup with advanced options

func (*VeleroModule) CreateBackupLocation added in v0.7.0 

func (m *VeleroModule) CreateBackupLocation(ctx context.Context, name string, provider string, bucket string, config string, kubeconfig string) (string, error)

CreateBackupLocation creates backup storage location

func (*VeleroModule) CreateRestoreAdvanced added in v0.7.0 

func (m *VeleroModule) CreateRestoreAdvanced(ctx context.Context, name string, fromBackup string, namespaceMappings string, includeNamespaces string, excludeNamespaces string, restorePVs bool, wait bool, kubeconfig string) (string, error)

CreateRestoreAdvanced creates a restore from backup with advanced options

func (*VeleroModule) CreateSchedule added in v0.7.0 

func (m *VeleroModule) CreateSchedule(ctx context.Context, name string, schedule string, includeNamespaces string, excludeNamespaces string, ttl string, labels string, kubeconfig string) (string, error)

CreateSchedule creates a backup schedule

func (*VeleroModule) DeleteBackup added in v0.7.0 

func (m *VeleroModule) DeleteBackup(ctx context.Context, name string, confirm bool, kubeconfig string) (string, error)

DeleteBackup deletes a backup

func (*VeleroModule) DeleteSchedule added in v0.7.0 

func (m *VeleroModule) DeleteSchedule(ctx context.Context, name string, confirm bool, kubeconfig string) (string, error)

DeleteSchedule deletes a backup schedule

func (*VeleroModule) DescribeBackup added in v0.7.0 

func (m *VeleroModule) DescribeBackup(ctx context.Context, name string, kubeconfig string) (string, error)

DescribeBackup describes a specific backup

func (*VeleroModule) DescribeRestore added in v0.7.0 

func (m *VeleroModule) DescribeRestore(ctx context.Context, name string, kubeconfig string) (string, error)

DescribeRestore describes a specific restore

func (*VeleroModule) GetBackupLocations added in v0.7.0 

func (m *VeleroModule) GetBackupLocations(ctx context.Context, output string, kubeconfig string) (string, error)

GetBackupLocations gets backup storage locations

func (*VeleroModule) GetBackupLogs added in v0.7.0 

func (m *VeleroModule) GetBackupLogs(ctx context.Context, name string, kubeconfig string) (string, error)

GetBackupLogs gets backup logs

func (*VeleroModule) GetBackups added in v0.7.0 

func (m *VeleroModule) GetBackups(ctx context.Context, output string, kubeconfig string) (string, error)

GetBackups gets list of backups

func (*VeleroModule) GetRestoreLogs added in v0.7.0 

func (m *VeleroModule) GetRestoreLogs(ctx context.Context, name string, kubeconfig string) (string, error)

GetRestoreLogs gets restore logs

func (*VeleroModule) GetRestores added in v0.7.0 

func (m *VeleroModule) GetRestores(ctx context.Context, output string, kubeconfig string) (string, error)

GetRestores gets list of restores

func (*VeleroModule) GetSchedules added in v0.7.0 

func (m *VeleroModule) GetSchedules(ctx context.Context, output string, kubeconfig string) (string, error)

GetSchedules gets list of backup schedules

func (*VeleroModule) GetVersion added in v0.6.4 

func (m *VeleroModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of Velero

func (*VeleroModule) Install added in v0.7.0 

func (m *VeleroModule) Install(ctx context.Context, provider string, bucket string, region string, secretFile string, useNodeAgent bool, namespace string, noSecret bool, plugins string) (string, error)

Install installs Velero with storage provider configuration

func (*VeleroModule) ListBackups added in v0.6.4 

func (m *VeleroModule) ListBackups(ctx context.Context, kubeconfig string) (string, error)

ListBackups lists all backups

func (*VeleroModule) RestoreBackup added in v0.6.4 

func (m *VeleroModule) RestoreBackup(ctx context.Context, backupName string, restoreName string, kubeconfig string) (string, error)

RestoreBackup restores from a backup

type ZapModule added in v0.6.4 

type ZapModule struct {
	// contains filtered or unexported fields
}

ZapModule runs OWASP ZAP for web application security testing

func NewZapModule added in v0.6.4 

func NewZapModule(client *dagger.Client) *ZapModule

NewZapModule creates a new ZAP module

func (*ZapModule) ApiScan added in v0.6.4 

func (m *ZapModule) ApiScan(ctx context.Context, target string, apiSpecPath string) (string, error)

ApiScan performs an API scan using OpenAPI/Swagger spec

func (*ZapModule) BaselineScan added in v0.6.4 

func (m *ZapModule) BaselineScan(ctx context.Context, target string) (string, error)

BaselineScan performs a baseline scan

func (*ZapModule) FullScan added in v0.6.4 

func (m *ZapModule) FullScan(ctx context.Context, target string, maxDuration int) (string, error)

FullScan performs a full scan

func (*ZapModule) GetVersion added in v0.6.4 

func (m *ZapModule) GetVersion(ctx context.Context) (string, error)

GetVersion returns the version of ZAP

func (*ZapModule) ScanWithContext added in v0.6.4 

func (m *ZapModule) ScanWithContext(ctx context.Context, target string, contextPath string) (string, error)

ScanWithContext performs a scan with context file

func (*ZapModule) SpiderScan added in v0.8.0 

func (m *ZapModule) SpiderScan(ctx context.Context, target string, maxDepth int, outputFormat string) (string, error)

SpiderScan performs a spider crawl and scan

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.