-
Notifications
You must be signed in to change notification settings - Fork 24
/
datastructuresv1.go
140 lines (125 loc) · 6.37 KB
/
datastructuresv1.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
package reporthandling
import (
"time"
ik8s "github.com/kubescape/k8s-interface/workloadinterface"
"github.com/armosec/armoapi-go/armotypes"
rbacutils "github.com/kubescape/rbac-utils/rbacutils"
"k8s.io/apimachinery/pkg/version"
)
type AlertScore float32
const (
StatusPassed string = "success"
StatusWarning string = "warning"
StatusIgnore string = "ignore"
StatusFailed string = "failed"
)
// RegoResponse the expected response of single run of rego policy
type RuleResponse struct {
AlertMessage string `json:"alertMessage"`
AssistedRemediation `json:",inline"`
RuleStatus string `json:"ruleStatus"`
PackageName string `json:"packagename"`
AlertScore AlertScore `json:"alertScore"`
AlertObject AlertObject `json:"alertObject"`
RelatedObjects []RelatedObject `json:"relatedObjects,omitempty"`
Context []string `json:"context,omitempty"` // TODO - Remove
Rulename string `json:"rulename,omitempty"` // TODO - Remove
Exception *armotypes.PostureExceptionPolicy `json:"exception,omitempty"`
}
// RelatedObjects - resource that is related to the failure of the main resource
type RelatedObject struct {
Object map[string]interface{} `json:"object"`
AssistedRemediation `json:",inline"`
}
type AssistedRemediation struct {
FailedPaths []string `json:"failedPaths"` // path in yaml that led to failure of this resource TODO - deprecate
ReviewPaths []string `json:"reviewPaths"` // path in yaml that led to failure of this resource
DeletePaths []string `json:"deletePaths"` // path in yaml to be deleted to remediate this resource
FixPaths []armotypes.FixPath `json:"fixPaths"` // path in yaml to be added to fix this resource
FixCommand string `json:"fixCommand,omitempty"` // command to fix this resource
}
type AlertObject struct {
K8SApiObjects []map[string]interface{} `json:"k8sApiObjects,omitempty"`
ExternalObjects map[string]interface{} `json:"externalObjects,omitempty"`
}
type ResourceUniqueCounter struct {
TotalResources int `json:"totalResources"`
FailedResources int `json:"failedResources"`
WarningResources int `json:"warningResources"`
}
type FrameworkReport struct {
Name string `json:"name"`
ControlReports []ControlReport `json:"controlReports"`
Score float32 `json:"score,omitempty"`
ARMOImprovement float32 `json:"ARMOImprovement,omitempty"`
WCSScore float32 `json:"wcsScore,omitempty"`
ResourceUniqueCounter `json:",inline"`
}
type ControlReport struct {
armotypes.PortalBase `json:",inline"`
Control_ID string `json:"id,omitempty"` // to be Deprecated
ControlID string `json:"controlID"`
Name string `json:"name"`
RuleReports []RuleReport `json:"ruleReports"`
Remediation string `json:"remediation"`
Description string `json:"description"`
Score float32 `json:"score"`
BaseScore float32 `json:"baseScore,omitempty"`
ARMOImprovement float32 `json:"ARMOImprovement,omitempty"`
ResourceUniqueCounter `json:",inline"`
}
type RuleReport struct {
Name string `json:"name"`
Remediation string `json:"remediation"`
RuleStatus RuleStatus `json:"ruleStatus"` // did we run the rule or not (if there where compile errors, the value will be failed)
RuleResponses []RuleResponse `json:"ruleResponses"`
ListInputKinds []string `json:"listInputIDs"`
ResourceUniqueCounter `json:",inline"`
}
type RuleStatus struct {
Status string `json:"status"`
Message string `json:"message"`
}
// PostureReport
type PostureReport struct {
CustomerGUID string `json:"customerGUID"`
ClusterName string `json:"clusterName"`
ClusterAPIServerInfo *version.Info `json:"clusterAPIServerInfo"`
ClusterCloudProvider string `json:"clusterCloudProvider"`
ReportID string `json:"reportID"`
JobID string `json:"jobID"`
ReportGenerationTime time.Time `json:"generationTime"`
FrameworkReports []FrameworkReport `json:"frameworks"` // DEPRECATED
RBACObjects rbacutils.RbacObjects `json:"rbacObjects,omitempty"` // all rbac objects in cluster - roles, clusterroles, rolebindings, clusterrolebindings
Resources []Resource `json:"resource,omitempty"`
}
const (
SourceTypeJson string = "JSON"
SourceTypeYaml string = "YAML"
SourceTypeHelmChart string = "Helm Chart"
SourceTypeKustomizeDirectory string = "Kustomize Directory"
)
// Source - File source metadata
type Source struct {
Path string `json:"path,omitempty"`
RelativePath string `json:"relativePath,omitempty"` // relative path from the repo base
HelmPath string `json:"helmPath,omitempty"` // relative path to helm chart
FileType string `json:"fileType,omitempty"` // file type
HelmChartName string `json:"helmChartName,omitempty"` // helm chart name (if FileType is "Helm Chart")
KustomizeDirectoryName string `json:"kustomizeDirectoryName,omitempty"` //Kustomize Directory name if File is from Kustomize Directory
LastCommit LastCommit `json:"lastCommit,omitempty"`
}
// LastCommit - file in git repo last commit metadata
type LastCommit struct {
Hash string `json:"hash,omitempty"` // commit hash
Date time.Time `json:"date,omitempty"` // commit date
CommitterName string `json:"committerName,omitempty"` // committer name
CommitterEmail string `json:"committerEmail,omitempty"` // committer email
Message string `json:"message,omitempty"` // commit message
}
type Resource struct {
ResourceID string `json:"resourceID"`
Object interface{} `json:"object"`
IMetadata ik8s.IMetadata `json:"-"`
Source *Source `json:"source,omitempty"`
}