xray

package
v1.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 25, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Version = "0.0.1"

Version for some reason isn't getting updated by the linker

Functions

func Float64Ptr 

func Float64Ptr(v float64) *float64

func Provider 

func Provider() *schema.Provider

Provider Xray provider that supports configuration via username+password or a token Supported resources are policies and watches

func StringPtr 

func StringPtr(v string) *string

Types

type AllOtherArtifacts added in v1.7.0 

type AllOtherArtifacts struct {
	IndexNewArtifacts bool `json:"index_new_artifacts"`
	RetentionInDays   int  `json:"retention_in_days"`
}

type BlockDownloadSettings 

type BlockDownloadSettings struct {
	Unscanned bool `json:"unscanned"`
	Active    bool `json:"active"`
}

type Builds added in v1.9.0 

type Builds struct {
	Names                  []string `json:"names,omitempty"`
	IncludePatterns        []string `json:"include_patterns,omitempty"`
	ExcludePatterns        []string `json:"exclude_patterns,omitempty"`
	NumberOfLatestVersions int      `json:"number_of_latest_versions,omitempty"`
}

type Component added in v1.17.0 

type Component struct {
	Id                 string            `json:"id"`
	VulnerableVersions []string          `json:"vulnerable_versions"`
	FixedVersions      []string          `json:"fixed_versions"`
	VulnerableRanges   []VulnerableRange `json:"vulnerable_ranges"`
}

type CustomIssue added in v1.17.0 

type CustomIssue struct {
	Id          string      `json:"id"`
	Description string      `json:"description"`
	Summary     string      `json:"summary"`
	Type        string      `json:"type"`
	Provider    string      `json:"provider"`
	PackageType string      `json:"package_type"`
	Severity    string      `json:"severity"`
	Components  []Component `json:"components"`
	Cves        []Cve       `json:"cves"`
	Sources     []Source    `json:"sources"`
}

type Cve added in v1.17.0 

type Cve struct {
	Cve    string `json:"cve"`
	CvssV2 string `json:"cvss_v2"`
	CvssV3 string `json:"cvss_v3"`
}

type CvssScore added in v1.9.0 

type CvssScore struct {
	MinScore float64 `json:"min_score,omitempty"`
	MaxScore float64 `json:"max_score,omitempty"`
}

type DbSyncDailyUpdatesTime added in v1.0.0 

type DbSyncDailyUpdatesTime struct {
	DbSyncTime string `json:"db_sync_updates_time"`
}

type Exposures added in v1.15.0 

type Exposures struct {
	ScannersCategory map[string]bool `json:"scanners_category"`
}

type Filters added in v1.9.0 

type Filters struct {
	VulnerableComponent string           `json:"vulnerable_component,omitempty"` // Vulnerability report filter
	ImpactedArtifact    string           `json:"impacted_artifact,omitempty"`
	HasRemediation      bool             `json:"has_remediation,omitempty"`
	Cve                 string           `json:"cve,omitempty"`
	IssueId             string           `json:"issue_id,omitempty"`
	CvssScore           *CvssScore       `json:"cvss_score,omitempty"`
	Published           *StartAndEndDate `json:"published,omitempty"`
	Unknown             bool             `json:"unknown"` // Licenses report filter
	Unrecognized        bool             `json:"unrecognized"`
	LicenseNames        []string         `json:"license_names,omitempty"`
	LicensePatterns     []string         `json:"license_patterns"`
	Type                string           `json:"type,omitempty"` // Violations report filter
	WatchNames          []string         `json:"watch_names,omitempty"`
	WatchPatterns       []string         `json:"watch_patterns,omitempty"`
	PolicyNames         []string         `json:"policy_names,omitempty"`
	Updated             *StartAndEndDate `json:"updated"`
	SecurityFilters     *SecurityFilter  `json:"security_filters"`
	LicenseFilters      *LicenseFilter   `json:"license_filters"`
	Risks               []string         `json:"risks,omitempty"`     // Operational risks filter
	ScanDate            *StartAndEndDate `json:"scan_date,omitempty"` // Common attributes
	Component           string           `json:"component,omitempty"`
	Artifact            string           `json:"artifact,omitempty"`
	Severities          []string         `json:"severities,omitempty"`
}

type IgnoreFilterNameVersion added in v1.6.0 

type IgnoreFilterNameVersion struct {
	Name    string `json:"name"`
	Version string `json:"version,omitempty"`
}

type IgnoreFilterNameVersionPath added in v1.6.0 

type IgnoreFilterNameVersionPath struct {
	IgnoreFilterNameVersion
	Path string `json:"path,omitempty"`
}

type IgnoreFilters added in v1.6.0 

type IgnoreFilters struct {
	Vulnerabilities  []string                      `json:"vulnerabilities,omitempty"`
	Licenses         []string                      `json:"licenses,omitempty"`
	CVEs             []string                      `json:"cves,omitempty"`
	Policies         []string                      `json:"policies,omitempty"`
	Watches          []string                      `json:"watches,omitempty"`
	DockerLayers     []string                      `json:"docker-layers,omitempty"`
	OperationalRisks []string                      `json:"operational_risk,omitempty"`
	ReleaseBundles   []IgnoreFilterNameVersion     `json:"release_bundles,omitempty"`
	Builds           []IgnoreFilterNameVersion     `json:"builds,omitempty"`
	Components       []IgnoreFilterNameVersion     `json:"components,omitempty"`
	Artifacts        []IgnoreFilterNameVersionPath `json:"artifacts,omitempty"`
}

type IgnoreRule added in v1.6.0 

type IgnoreRule struct {
	Id            string        `json:"id,omitempty"`
	ProjectKey    string        `json:"-"`
	Author        string        `json:"author,omitempty"`
	Created       *time.Time    `json:"created,omitempty"`
	IsExpired     bool          `json:"is_expired,omitempty"`
	Notes         string        `json:"notes"`
	ExpiresAt     *time.Time    `json:"expires_at,omitempty"`
	IgnoreFilters IgnoreFilters `json:"ignore_filters"`
}

type LicenseFilter added in v1.9.0 

type LicenseFilter struct {
	Unknown         bool     `json:"unknown"`
	Unrecognized    bool     `json:"unrecognized"`
	LicenseNames    []string `json:"license_names,omitempty"`
	LicensePatterns []string `json:"license_patterns"`
}

type OperationalRiskCriteria added in v1.4.0 

type OperationalRiskCriteria struct {
	UseAndCondition               bool   `json:"use_and_condition"`
	IsEOL                         bool   `json:"is_eol"`
	ReleaseDateGreaterThanMonths  int    `json:"release_date_greater_than_months"`
	NewerVersionsGreaterThan      int    `json:"newer_versions_greater_than"`
	ReleaseCadencePerYearLessThan int    `json:"release_cadence_per_year_less_than"`
	CommitsLessThan               int    `json:"commits_less_than"`
	CommittersLessThan            int    `json:"committers_less_than"`
	Risk                          string `json:"risk"`
}

type PackFilterFunc added in v1.2.0 

type PackFilterFunc func(filter WatchFilter) (map[string]interface{}, error)

type PathsConfiguration added in v1.7.0 

type PathsConfiguration struct {
	Patterns       []Pattern         `json:"patterns,omitempty"`
	OtherArtifacts AllOtherArtifacts `json:"all_other_artifacts,omitempty"`
}

type Pattern added in v1.7.0 

type Pattern struct {
	Include           string `json:"include"`
	Exclude           string `json:"exclude"`
	IndexNewArtifacts bool   `json:"index_new_artifacts"`
	RetentionInDays   int    `json:"retention_in_days"`
}

type Policy 

type Policy struct {
	Name        string        `json:"name"`
	Type        string        `json:"type"`
	ProjectKey  string        `json:"-"`
	Author      string        `json:"author,omitempty"` // Omitempty is used because the field is computed
	Description string        `json:"description"`
	Rules       *[]PolicyRule `json:"rules"`
	Created     string        `json:"created,omitempty"`  // Omitempty is used because the field is computed
	Modified    string        `json:"modified,omitempty"` // Omitempty is used because the field is computed
}

type PolicyCVSSRange 

type PolicyCVSSRange struct {
	To   *float64 `json:"to,omitempty"`
	From *float64 `json:"from,omitempty"`
}

type PolicyExposures added in v1.13.0 

type PolicyExposures struct {
	MinSeverity  *string `json:"min_severity,omitempty"`
	Secrets      *bool   `json:"secrets,omitempty"`
	Applications *bool   `json:"applications,omitempty"`
	Services     *bool   `json:"services,omitempty"`
	Iac          *bool   `json:"iac,omitempty"`
}

type PolicyRule 

type PolicyRule struct {
	Name     string              `json:"name"`
	Priority int                 `json:"priority"`
	Criteria *PolicyRuleCriteria `json:"criteria"`
	Actions  PolicyRuleActions   `json:"actions"`
}

type PolicyRuleActions 

type PolicyRuleActions struct {
	Webhooks                []string              `json:"webhooks,omitempty"`
	Mails                   []string              `json:"mails,omitempty"`
	FailBuild               bool                  `json:"fail_build"`
	BlockDownload           BlockDownloadSettings `json:"block_download"`
	BlockReleaseBundle      bool                  `json:"block_release_bundle_distribution"`
	NotifyWatchRecipients   bool                  `json:"notify_watch_recipients"`
	NotifyDeployer          bool                  `json:"notify_deployer"`
	CreateJiraTicketEnabled bool                  `json:"create_ticket_enabled"`
	FailureGracePeriodDays  int                   `json:"build_failure_grace_period_in_days,omitempty"`
	// License Actions
	CustomSeverity string `json:"custom_severity,omitempty"`
}

type PolicyRuleCriteria 

type PolicyRuleCriteria struct {
	// Security Criteria
	MinimumSeverity string           `json:"min_severity,omitempty"` // Omitempty is used because the empty field is conflicting with CVSSRange
	CVSSRange       *PolicyCVSSRange `json:"cvss_range,omitempty"`
	// Omitempty is used in FixVersionDependant because an empty field throws an error in Xray below 3.44.3
	FixVersionDependant bool             `json:"fix_version_dependant,omitempty"`
	MaliciousPackage    bool             `json:"malicious_package,omitempty"`
	VulnerabilityIds    []string         `json:"vulnerability_ids,omitempty"`
	Exposures           *PolicyExposures `json:"exposures,omitempty"`

	// License Criteria
	AllowUnknown           *bool    `json:"allow_unknown,omitempty"`            // Omitempty is used because the empty field is conflicting with MultiLicensePermissive
	MultiLicensePermissive *bool    `json:"multi_license_permissive,omitempty"` // Omitempty is used because the empty field is conflicting with AllowUnknown
	BannedLicenses         []string `json:"banned_licenses,omitempty"`
	AllowedLicenses        []string `json:"allowed_licenses,omitempty"`

	// Operational Risk custom criteria
	OperationalRiskCustom  *OperationalRiskCriteria `json:"op_risk_custom,omitempty"`
	OperationalRiskMinRisk string                   `json:"op_risk_min_risk,omitempty"`
}

type Projects added in v1.9.0 

type Projects struct {
	Names                  []string `json:"names,omitempty"`
	IncludeKeyPatterns     []string `json:"include_key_patterns,omitempty"`
	NumberOfLatestVersions int      `json:"number_of_latest_versions,omitempty"`
}

type ReleaseBundles added in v1.9.0 

type ReleaseBundles struct {
	Names                  []string `json:"names,omitempty"`
	IncludePatterns        []string `json:"include_patterns,omitempty"`
	ExcludePatterns        []string `json:"exclude_patterns,omitempty"`
	NumberOfLatestVersions int      `json:"number_of_latest_versions,omitempty"`
}

type RepoConfiguration added in v1.7.0 

type RepoConfiguration struct {
	// Omitempty is used because 'vuln_contextual_analysis' is not supported by self-hosted Xray installation.
	VulnContextualAnalysis *bool      `json:"vuln_contextual_analysis,omitempty"`
	RetentionInDays        int        `json:"retention_in_days,omitempty"`
	Exposures              *Exposures `json:"exposures,omitempty"`
}

type Report added in v1.9.0 

type Report struct {
	ReportId   int        `json:"report_id,omitempty"`
	Name       string     `json:"name"`
	ProjectKey string     `json:"-"`
	Resources  *Resources `json:"resources,omitempty"`
	Filters    *Filters   `json:"filters"`
}

type Repository added in v1.9.0 

type Repository struct {
	Name                string   `json:"name,omitempty"`
	IncludePathPatterns []string `json:"include_path_patterns,omitempty"`
	ExcludePathPatterns []string `json:"exclude_path_patterns,omitempty"`
}

type RepositoryConfiguration added in v1.7.0 

type RepositoryConfiguration struct {
	RepoName string `json:"repo_name"`
	// Pointer is used to be able to verify if the RepoConfig or PathsConfiguration struct is nil
	RepoConfig      *RepoConfiguration  `json:"repo_config,omitempty"`
	RepoPathsConfig *PathsConfiguration `json:"repo_paths_config,omitempty"`
}

type Resources added in v1.9.0 

type Resources struct {
	Repositories   *[]Repository   `json:"repositories,omitempty"`
	Builds         *Builds         `json:"builds,omitempty"`
	ReleaseBundles *ReleaseBundles `json:"release_bundles,omitempty"`
	Projects       *Projects       `json:"projects,omitempty"`
}

type SecurityFilter added in v1.9.0 

type SecurityFilter struct {
	Cve             string     `json:"cve,omitempty"`
	IssueId         string     `json:"issue_id,omitempty"`
	CvssScore       *CvssScore `json:"cvss_score,omitempty"`
	SummaryContains string     `json:"summary_contains"`
	HasRemediation  bool       `json:"has_remediation,omitempty"`
}

type Source added in v1.17.0 

type Source struct {
	Id   string `json:"source_id"`
	Name string `json:"name,omitempty"`
	Url  string `json:"url,omitempty"`
}

type StartAndEndDate added in v1.9.0 

type StartAndEndDate struct {
	Start string `json:"start,omitempty"`
	End   string `json:"end,omitempty"`
}

type VulnerableRange added in v1.17.0 

type VulnerableRange struct {
	VulnerableVersions []string `json:"vulnerable_versions"`
	FixedVersions      []string `json:"fixed_versions"`
}

type Watch 

type Watch struct {
	ProjectKey       string                `json:"-"`
	GeneralData      WatchGeneralData      `json:"general_data"`
	ProjectResources WatchProjectResources `json:"project_resources"`
	AssignedPolicies []WatchAssignedPolicy `json:"assigned_policies"`
	WatchRecipients  []string              `json:"watch_recipients"`
}

type WatchAssignedPolicy 

type WatchAssignedPolicy struct {
	Name string `json:"name"`
	Type string `json:"type"`
}

type WatchFilter 

type WatchFilter struct {
	Type  string          `json:"type"`
	Value json.RawMessage `json:"value"`
}

type WatchFilterAntValue added in v1.2.0 

type WatchFilterAntValue struct {
	ExcludePatterns []string `json:"ExcludePatterns"`
	IncludePatterns []string `json:"IncludePatterns"`
}

type WatchFilterKvValue added in v1.10.0 

type WatchFilterKvValue struct {
	Key   string `json:"key"`
	Value string `json:"value"`
}

type WatchGeneralData 

type WatchGeneralData struct {
	Name        string `json:"name"`
	Description string `json:"description"`
	Active      bool   `json:"active"`
}

type WatchProjectResource 

type WatchProjectResource struct {
	Type            string        `json:"type"`
	BinaryManagerId string        `json:"bin_mgr_id"`
	Filters         []WatchFilter `json:"filters,omitempty"`
	Name            string        `json:"name,omitempty"`
	BuildRepo       string        `json:"build_repo,omitempty"`
	RepoType        string        `json:"repo_type,omitempty"`
}

type WatchProjectResources 

type WatchProjectResources struct {
	Resources []WatchProjectResource `json:"resources"`
}

type Webhook added in v1.18.0 

type Webhook struct {
	Name        string            `json:"name"`
	URL         string            `json:"url"`
	Description string            `json:"description"`
	UseProxy    bool              `json:"use_proxy"`
	UserName    string            `json:"user_name"`
	Password    string            `json:"password"`
	Headers     map[string]string `json:"headers"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.