ruledownload

package

v1.0.3 Latest Latest Go to latest Published: Apr 5, 2024 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/airbnb/rudolph

Links

Open Source Insights

Documentation ¶

Index ¶

type PostRuledownloadHandler
type RuledownloadRequest
type RuledownloadResponse
type RuledownloadRule
- func DDBRulesToResponseRules(rulesList []rules.SantaRule) (responseRules []RuledownloadRule)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PostRuledownloadHandler ¶

type PostRuledownloadHandler struct {
	// contains filtered or unexported fields
}

RuleDownloadHandler handles requests to the /ruledownload and /ruledownload/{machine_id} API endpoints

During every sync, Santa sensors make successive POST requests to the /ruledownload endpoint to paginate
through all rules.
When given a blank postbody (e.g. {}), it indicates the very first request in a sequence. If the
API returns a "cursor" in the response body, this cursor will be sent back verbatim in a subsequent postbody.
When a response does not return a "cursor" in the body, it signals that there are no more items to page
through, and the sensor will stop sending requests.

func (*PostRuledownloadHandler) Boot ¶

func (h *PostRuledownloadHandler) Boot() (err error)

func (*PostRuledownloadHandler) Handle ¶

func (h *PostRuledownloadHandler) Handle(request events.APIGatewayProxyRequest) (*events.APIGatewayProxyResponse, error)

func (*PostRuledownloadHandler) Handles ¶

func (h *PostRuledownloadHandler) Handles(request events.APIGatewayProxyRequest) bool

type RuledownloadRequest ¶

type RuledownloadRequest struct {
	// Cursor is, verbatim, the Cursor that is returned to a sensor in a previous RuledownloadResponse
	// On the very first rule download request in a flight sequence, there will be no cursor provided.
	Cursor *ruledownloadCursor `json:"cursor,omitempty"`
}

RuledownloadRequest is the postbody submitted to /ruledownload endpoints

type RuledownloadResponse ¶

type RuledownloadResponse struct {
	Rules []RuledownloadRule `json:"rules"`
	// When a cursor is returned by the server, it is an indicator to the Santa sensor that there are
	// additional rules to be paginated through. This cursor is passed to the next request.
	Cursor *ruledownloadCursor `json:"cursor,omitempty"`
}

RuledownloadResponse is the response body returned by /ruledownload endpoints

type RuledownloadRule ¶

type RuledownloadRule struct {
	RuleType      types.RuleType `json:"rule_type"`
	Policy        types.Policy   `json:"policy"`
	SHA256        string         `json:"sha256,omitempty"`
	Identifier    string         `json:"identifier"`
	CustomMessage string         `json:"custom_msg,omitempty"`
}

RuledownloadRule is a single rule returned in a RuledownloadResponse It duck-types to/from the SantaRule struct type Documentation: https://santa.dev/development/sync-protocol.html#rules-objects

func DDBRulesToResponseRules ¶

func DDBRulesToResponseRules(rulesList []rules.SantaRule) (responseRules []RuledownloadRule)

DDBRulesToResponseRules type converts the DynamoDB representation of a rule to an API representation of a Rule, which is returned in an API response.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL