rego

package
v0.0.0-...-8c4efc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 11, 2023 License: MIT Imports: 29 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildSchemaSetFromPolicies

func BuildSchemaSetFromPolicies(policies map[string]*ast.Module, paths []string, fsys fs.FS) (*ast.SchemaSet, bool, error)

func GetInputsContents

func GetInputsContents(inputs []Input) []any

func IsDotFile

func IsDotFile(name string) bool

func IsJSONFile

func IsJSONFile(name string) bool

func IsRegoFile

func IsRegoFile(name string) bool

func LoadEmbeddedLibraries

func LoadEmbeddedLibraries() (map[string]*ast.Module, error)

func LoadEmbeddedPolicies

func LoadEmbeddedPolicies() (map[string]*ast.Module, error)

func LoadPoliciesFromDirs

func LoadPoliciesFromDirs(target fs.FS, paths ...string) (map[string]*ast.Module, error)

func NewEngineMetadata

func NewEngineMetadata(schema string, meta map[string]interface{}) (*scan.EngineMetadata, error)

func RegisterRegoRules

func RegisterRegoRules(modules map[string]*ast.Module)

Types

type DynamicMetadata

type DynamicMetadata struct {
	Warning   bool
	Filepath  string
	Message   string
	StartLine int
	EndLine   int
}

type Input

type Input struct {
	Path     string      `json:"path"`
	FS       fs.FS       `json:"-"`
	Contents interface{} `json:"contents"`
}

type InputOptions

type InputOptions struct {
	Combined  bool
	Selectors []Selector
}

type MetadataRetriever

type MetadataRetriever struct {
	// contains filtered or unexported fields
}

func NewMetadataRetriever

func NewMetadataRetriever(compiler *ast.Compiler) *MetadataRetriever

func (*MetadataRetriever) RetrieveMetadata

func (m *MetadataRetriever) RetrieveMetadata(ctx context.Context, module *ast.Module, contents ...any) (*StaticMetadata, error)

type Scanner

type Scanner struct {
	// contains filtered or unexported fields
}

func NewScanner

func NewScanner(source types.Source, options ...options.ScannerOption) *Scanner

func (*Scanner) LoadPolicies

func (s *Scanner) LoadPolicies(enableEmbeddedLibraries, enableEmbeddedPolicies bool, srcFS fs.FS, paths []string, readers []io.Reader) error

func (*Scanner) ScanInput

func (s *Scanner) ScanInput(ctx context.Context, inputs ...Input) (scan.Results, error)

func (*Scanner) SetDataDirs

func (s *Scanner) SetDataDirs(dirs ...string)

func (*Scanner) SetDataFilesystem

func (s *Scanner) SetDataFilesystem(fs fs.FS)

func (*Scanner) SetDebugWriter

func (s *Scanner) SetDebugWriter(writer io.Writer)

func (*Scanner) SetFrameworks

func (s *Scanner) SetFrameworks(frameworks []framework.Framework)

func (*Scanner) SetParentDebugLogger

func (s *Scanner) SetParentDebugLogger(l debug.Logger)

func (*Scanner) SetPerResultTracingEnabled

func (s *Scanner) SetPerResultTracingEnabled(b bool)

func (*Scanner) SetPolicyDirs

func (s *Scanner) SetPolicyDirs(_ ...string)

func (*Scanner) SetPolicyFilesystem

func (s *Scanner) SetPolicyFilesystem(fs fs.FS)

func (*Scanner) SetPolicyNamespaces

func (s *Scanner) SetPolicyNamespaces(namespaces ...string)

func (*Scanner) SetPolicyReaders

func (s *Scanner) SetPolicyReaders(_ []io.Reader)

func (*Scanner) SetRegoErrorLimit

func (s *Scanner) SetRegoErrorLimit(limit int)

func (*Scanner) SetRegoOnly

func (s *Scanner) SetRegoOnly(bool)

func (*Scanner) SetSkipRequiredCheck

func (s *Scanner) SetSkipRequiredCheck(_ bool)

func (*Scanner) SetSpec

func (s *Scanner) SetSpec(spec string)

func (*Scanner) SetTraceWriter

func (s *Scanner) SetTraceWriter(writer io.Writer)

func (*Scanner) SetUseEmbeddedLibraries

func (s *Scanner) SetUseEmbeddedLibraries(b bool)

func (*Scanner) SetUseEmbeddedPolicies

func (s *Scanner) SetUseEmbeddedPolicies(b bool)

type Selector

type Selector struct {
	Type     string
	Subtypes []SubType
}

type StaticMetadata

type StaticMetadata struct {
	ID                 string
	AVDID              string
	Title              string
	ShortCode          string
	Description        string
	Severity           string
	RecommendedActions string
	PrimaryURL         string
	References         []string
	InputOptions       InputOptions
	Package            string
	Frameworks         map[framework.Framework][]string
	Provider           string
	Service            string
	Library            bool
	CloudFormation     *scan.EngineMetadata
	Terraform          *scan.EngineMetadata
}

func NewStaticMetadata

func NewStaticMetadata(pkgPath string, inputOpt InputOptions) *StaticMetadata

func (*StaticMetadata) FromAnnotations

func (sm *StaticMetadata) FromAnnotations(annotations *ast.Annotations) error

func (StaticMetadata) ToRule

func (m StaticMetadata) ToRule() scan.Rule

func (*StaticMetadata) Update

func (sm *StaticMetadata) Update(meta map[string]any) error

type SubType

type SubType struct {
	Group     string
	Version   string
	Kind      string
	Namespace string
	Service   string // only for cloud
	Provider  string // only for cloud
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL