Documentation ¶
Overview ¶
Package Gasp is a library for creating AppSec Pipelines in Golang
Index ¶
- Variables
- func InitLogs(traceHandle io.Writer, infoHandle io.Writer, warningHandle io.Writer, ...) map[string]*log.Logger
- func SetupLogging(name string, logPath string, timestamp bool) map[string]*log.Logger
- type Config
- type ConfigOpts
- type Deploy
- type Deps
- type Event
- type EventArgs
- type Gconf
- type Images
- type LocalConfigs
- type LocalDeps
- type M
- type PMeta
- type Prereq
- type Profiles
- type S
- type SecTool
- type Tools
Constants ¶
This section is empty.
Variables ¶
Logging items
Functions ¶
Types ¶
type Config ¶
type Config interface { ReadMaster(mstr *M, c ConfigOpts) // Read main configuration ReadSecPipe(sec *S, c ConfigOpts) // Read tools configuration }
Interface for reading configs
type ConfigOpts ¶
type Event ¶
type Event interface { ReadArgs(a *[]string, evArgs *EventArgs) GetId() Startup() Pipeline() Final() Cleanup() }
Interface for handling event imput (command-line or otherwise)
type EventArgs ¶
type EventArgs struct { Profile string // Required - named pipeline from master.yaml, appsec.pipeline or [app name]-pipeline.yaml AppName string // Required - The name of the app the application that is the target of this pipeline run Target string // Required - The target to use for this pipeline run, generally a repo URL for SAST or URL for DAST DryRun bool // default = false - Run he pipeline without actually launching containers, basically loging only Keep bool // default = false - If true, keep any containers used during the pipeline run, default is to delete them Vol string // default = "none" - The full path to a local directory to use for all pipeline run files instead of an ephemeral data container Src string // default = "none" - The full path to a local directory which contains code for SAST pipeline runs Rpt string // default = "none" - The full path to a local directory where tool ouput/reports will be written AppProfile string // default = "none" - The application specific named pipeline (profile) to use for this run set in [app-name]-pipeline.yaml AppToolProf string // default = "none" - The custom tool profile to override the default tool profile as defined in [app-name]-tool.yaml Loc string // default = "/opt/appsecpipeline/source" - Path to where the sourcecode is on the container ParamsRaw string // default = "" - Required parametetrs for the pipeline tools in this run ToolConf map[string]string // calculated - map["name of tool":"string that contains parameters for tool] }
Struct for event arguments
type Images ¶
type Images interface {
SyncImages(sec *S) // Ensure needed images are available in the image repo
}
Interface for listing images
type LocalConfigs ¶
Read configuration yaml files from local disk
func (*LocalConfigs) ReadMaster ¶
func (l *LocalConfigs) ReadMaster(mstr *M, c ConfigOpts)
func (*LocalConfigs) ReadSecPipe ¶
func (l *LocalConfigs) ReadSecPipe(sec *S, c ConfigOpts)
type LocalDeps ¶
type LocalDeps struct { }
Check dependencies required for the implemented version of Gasp
func (*LocalDeps) VerifyPrereqs ¶
type M ¶
type M struct { Version string `yaml:"version"` Global Gconf `yaml:"global"` Prof map[string]Profiles `yaml:"profiles"` Deployment Deploy `yaml:"deployment"` }
Sturct for master.yaml aka main configuration
type Prereq ¶
type Prereq interface {
VerifyPrereqs(d Deps)
}
Interface for checking for prerequisites
type SecTool ¶
type SecTool struct { Version string `yaml:"version"` ToolVer string `yaml:"tool-version"` Tags []string `yaml:"tags"` ToolType string `yaml:"type"` ScanType string `yaml:"scan_type"` IconSm string `yaml:"icon-sm"` IconLg string `yaml:"icon-lg"` Description string `yaml:"description"` Url string `yaml:"url"` Documentation string `yaml:"documentation"` Docker string `yaml:"docker"` Parameters map[string]PMeta `yaml:"parameters"` Cmds map[string]string `yaml:"commands"` Pfls map[string]string `yaml:"profiles"` }
Click to show internal directories.
Click to hide internal directories.