engine

package
v0.0.53 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 26, 2024 License: Apache-2.0 Imports: 35 Imported by: 0

Documentation

Overview

Package engine provides an implementation of the profile-engine-related objects, interfaces and functionality.

Index

Constants

View Source 
const (
	// DefaultExecutionTimeout is the timeout for execution of a set
	// of profiles on an entity.
	DefaultExecutionTimeout = 5 * time.Minute
	// ArtifactSignatureWaitPeriod is the waiting period for potential artifact signature to be available
	// before proceeding with evaluation.
	ArtifactSignatureWaitPeriod = 10 * time.Second
)

Variables

This section is empty.

Functions

func GetRulesFromProfileOfType 

func GetRulesFromProfileOfType(p *minderv1.Profile, rt *minderv1.RuleType) ([]*minderv1.Profile_Rule, error)

GetRulesFromProfileOfType returns the rules from the profile of the given type

Types

type Executor 

type Executor struct {
	// contains filtered or unexported fields
}

Executor is the engine that executes the rules for a given event

func NewExecutor 

func NewExecutor(
	ctx context.Context,
	querier db.Store,
	evt events.Publisher,
	providerManager manager.ProviderManager,
	handlerMiddleware []message.HandlerMiddleware,
	metrics *ExecutorMetrics,
	historyService history.EvaluationHistoryService,
	featureFlags openfeature.IClient,
) *Executor

NewExecutor creates a new executor

func (*Executor) HandleEntityEvent 

func (e *Executor) HandleEntityEvent(msg *message.Message) error

HandleEntityEvent handles events coming from webhooks/signals as well as the init event.

func (*Executor) Register 

func (e *Executor) Register(r events.Registrar)

Register implements the Consumer interface.

func (*Executor) Wait added in v0.0.17 

func (e *Executor) Wait()

Wait waits for all the entity executions to finish.

type ExecutorMetrics added in v0.0.53 

type ExecutorMetrics struct {
	// contains filtered or unexported fields
}

ExecutorMetrics encapsulates metrics operations for the executor

func NewExecutorMetrics added in v0.0.53 

func NewExecutorMetrics(meterFactory meters.MeterFactory) (*ExecutorMetrics, error)

NewExecutorMetrics instantiates the ExecutorMetrics struct.

func (*ExecutorMetrics) CountAlertStatus added in v0.0.53 

func (e *ExecutorMetrics) CountAlertStatus(
	ctx context.Context,
	status db.AlertStatusTypes,
)

CountAlertStatus counts alert events by status.

func (*ExecutorMetrics) CountEvalStatus added in v0.0.53 

func (e *ExecutorMetrics) CountEvalStatus(
	ctx context.Context,
	status db.EvalStatusTypes,
	entityType db.Entities,
)

CountEvalStatus counts evaluation events by status.

func (*ExecutorMetrics) CountRemediationStatus added in v0.0.53 

func (e *ExecutorMetrics) CountRemediationStatus(
	ctx context.Context,
	status db.RemediationStatusTypes,
)

CountRemediationStatus counts remediation events by status.

type RuleMeta 

type RuleMeta struct {
	// Name is the name of the rule
	Name string
	// Organization is the ID of the organization that this rule is for
	Organization *string
	// Project is the ID of the project that this rule is for
	Project *string
}

RuleMeta is the metadata for a rule TODO: We probably should care about a version

func (*RuleMeta) String 

func (r *RuleMeta) String() string

String returns a string representation of the rule meta

type RuleTypeEngine 

type RuleTypeEngine struct {
	Meta RuleMeta
	// contains filtered or unexported fields
}

RuleTypeEngine is the engine for a rule type. It builds the multiple sections of the rule type and instantiates the needed drivers for them.

func NewRuleTypeEngine 

func NewRuleTypeEngine(
	ctx context.Context,
	ruletype *minderv1.RuleType,
	provider provinfv1.Provider,
) (*RuleTypeEngine, error)

NewRuleTypeEngine creates a new rule type engine

func (*RuleTypeEngine) Eval 

func (r *RuleTypeEngine) Eval(
	ctx context.Context,
	inf *entities.EntityInfoWrapper,
	params engif.EvalParamsReadWriter,
) (finalErr error)

Eval runs the rule type engine against the given entity

func (*RuleTypeEngine) GetID 

func (r *RuleTypeEngine) GetID() string

GetID returns the ID of the rule type. The ID is meant to be a serializable unique identifier for the rule type.

func (*RuleTypeEngine) GetRuleInstanceValidator 

func (r *RuleTypeEngine) GetRuleInstanceValidator() *profiles.RuleValidator

GetRuleInstanceValidator returns the rule instance validator for this rule type. By instance we mean a rule that has been instantiated in a profile from a given rule type.

func (*RuleTypeEngine) WithIngesterCache 

func (r *RuleTypeEngine) WithIngesterCache(ingestCache ingestcache.Cache) *RuleTypeEngine

WithIngesterCache sets the ingester cache for the rule type engine

Source Files

View all Source files

Directories

Path Synopsis
Package actions provide necessary interfaces and implementations for processing actions, such as remediation and alerts.
 Package actions provide necessary interfaces and implementations for processing actions, such as remediation and alerts.
alert
Package alert provides necessary interfaces and implementations for processing alerts.
 Package alert provides necessary interfaces and implementations for processing alerts.
alert/noop
Package noop provides a fallback alert engine for cases where no alert is set.
 Package noop provides a fallback alert engine for cases where no alert is set.
alert/security_advisory
Package security_advisory provides necessary interfaces and implementations for creating alerts of type security advisory.
 Package security_advisory provides necessary interfaces and implementations for creating alerts of type security advisory.
remediate
Package remediate provides necessary interfaces and implementations for remediating rules.
 Package remediate provides necessary interfaces and implementations for remediating rules.
remediate/gh_branch_protect
Package gh_branch_protect provides the github branch protection remediation engine
 Package gh_branch_protect provides the github branch protection remediation engine
remediate/noop
Package noop provides a fallback remediation engine for cases where no remediation is set.
 Package noop provides a fallback remediation engine for cases where no remediation is set.
remediate/pull_request
Package pull_request provides the pull request remediation engine
 Package pull_request provides the pull request remediation engine
remediate/rest
Package rest provides the REST remediation engine
 Package rest provides the REST remediation engine
Package engcontext defines the EngineContext type.
 Package engcontext defines the EngineContext type.
Package entities contains internal helper functions to deal with, validate and print the Entity protobuf enum.
 Package entities contains internal helper functions to deal with, validate and print the Entity protobuf enum.
Package errors provides errors for the evaluator engine
 Package errors provides errors for the evaluator engine
Package eval provides necessary interfaces and implementations for evaluating rules.
 Package eval provides necessary interfaces and implementations for evaluating rules.
homoglyphs/application
Package application contains the application logic for the homoglyphs rule type
 Package application contains the application logic for the homoglyphs rule type
homoglyphs/communication
Package communication contains the communication logic for the homoglyphs rule type
 Package communication contains the communication logic for the homoglyphs rule type
homoglyphs/domain
Package domain contains the domain logic for the homoglyphs rule type
 Package domain contains the domain logic for the homoglyphs rule type
homoglyphs/domain/resources
Package resources contains resources used by the homoglyphs evaluators.
 Package resources contains resources used by the homoglyphs evaluators.
homoglyphs/util
Package util contains utility functions for the homoglyphs evaluation engine
 Package util contains utility functions for the homoglyphs evaluation engine
jq
Package jq provides the jq profile evaluator
 Package jq provides the jq profile evaluator
pr_actions
Package pr_actions contains shared code to take on PRs
 Package pr_actions contains shared code to take on PRs
rego
Package rego provides the rego rule evaluator
 Package rego provides the rego rule evaluator
trusty
Package trusty provides an evaluator that uses the trusty API
 Package trusty provides an evaluator that uses the trusty API
vulncheck
Package vulncheck provides the vulnerability check evaluator
 Package vulncheck provides the vulnerability check evaluator
Package ingestcache a cache that is used to cache the results of ingesting data.
 Package ingestcache a cache that is used to cache the results of ingesting data.
Package ingester provides necessary interfaces and implementations for ingesting data for rules.
 Package ingester provides necessary interfaces and implementations for ingesting data for rules.
artifact
Package artifact provides the artifact ingestion engine
 Package artifact provides the artifact ingestion engine
builtin
Package builtin provides the builtin ingestion engine
 Package builtin provides the builtin ingestion engine
diff
Package diff provides the diff rule data ingest engine
 Package diff provides the diff rule data ingest engine
git
Package git provides the git rule data ingest engine
 Package git provides the git rule data ingest engine
rest
Package rest provides the REST rule data ingest engine
 Package rest provides the REST rule data ingest engine
Package interfaces provides necessary interfaces and implementations for implementing engine plugins
 Package interfaces provides necessary interfaces and implementations for implementing engine plugins

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.