From ee9558d904972ca47111933a3166f06fb3d8507f Mon Sep 17 00:00:00 2001 From: neuvector bot Date: Sun, 15 Mar 2026 03:06:55 +0000 Subject: [PATCH] chore: Update neuvector dependency to main Signed-off-by: neuvector bot --- go.mod | 4 +- go.sum | 4 +- .../neuvector/controller/api/apis.go | 92 + .../neuvector/controller/api/apis.yaml | 1979 +++++++++-------- .../neuvector/share/cluster/consul.go | 13 +- .../neuvector/neuvector/share/cluster/grpc.go | 5 +- .../neuvector/share/cluster/intfs.go | 6 +- .../neuvector/share/container/crio.go | 6 +- .../neuvector/share/container/stub.go | 2 +- .../neuvector/neuvector/share/criteria.go | 14 +- .../neuvector/share/k8sutils/k8sutils.go | 5 +- .../neuvector/share/osutil/user_linux.go | 4 +- .../neuvector/neuvector/share/scan/apps.go | 9 +- .../neuvector/share/scan/compliance.go | 18 +- .../neuvector/neuvector/share/scan/golang.go | 7 +- .../neuvector/neuvector/share/scan/quote.go | 2 +- .../neuvector/share/scan/scan_report.go | 21 +- .../neuvector/share/scan/scan_utils.go | 9 +- .../share/system/sidekick/net_linux.go | 2 +- .../neuvector/neuvector/share/system/stats.go | 4 +- .../neuvector/share/utils/extract.go | 2 +- .../neuvector/neuvector/share/utils/utils.go | 22 +- vendor/modules.txt | 4 +- 23 files changed, 1286 insertions(+), 948 deletions(-) diff --git a/go.mod b/go.mod index 7c022162..1f12d30e 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/neuvector/scanner -go 1.24.0 +go 1.25.0 toolchain go1.25.8 @@ -10,7 +10,7 @@ require ( github.com/docker/docker v28.1.1+incompatible github.com/google/uuid v1.6.0 github.com/jedib0t/go-pretty/v6 v6.6.7 - github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 + github.com/neuvector/neuvector v0.0.0-20260313164804-4733fdf63792 github.com/opencontainers/go-digest v1.0.0 github.com/quay/clair/v2 v2.1.8 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index a80acf37..1f41ae59 100644 --- a/go.sum +++ b/go.sum @@ -210,8 +210,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/neuvector/go-rpmdb v0.0.0-20240605184921-0db4de14c27a h1:lmvuJ3uQVRk14exDRLu1Oq78iz8dLE7CJo+QodD+tos= github.com/neuvector/go-rpmdb v0.0.0-20240605184921-0db4de14c27a/go.mod h1:tQW+vmxLXFPfI1HuRjoiIxOh8A7JudpfWl8xmezEGSs= -github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 h1:Woeh/pgIRGKFvxaCBHE4SPhbRzvKz7E5Es3JPjO0dKI= -github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4/go.mod h1:NA53DA2APMLJa9Pdk3cuVlL+6hrjEsgfB5oJHEYljdI= +github.com/neuvector/neuvector v0.0.0-20260313164804-4733fdf63792 h1:19Sh4RXATQcCbkJtBqm2WWn5r1XpzhobGfPOBwH0h+U= +github.com/neuvector/neuvector v0.0.0-20260313164804-4733fdf63792/go.mod h1:AjxaP76B9z90Ibyk3avGvbbnVLCsEyZ1cueYcU+7Luw= github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= diff --git a/vendor/github.com/neuvector/neuvector/controller/api/apis.go b/vendor/github.com/neuvector/neuvector/controller/api/apis.go index fe0701a7..e9cf70ca 100644 --- a/vendor/github.com/neuvector/neuvector/controller/api/apis.go +++ b/vendor/github.com/neuvector/neuvector/controller/api/apis.go @@ -97,6 +97,7 @@ const QueryDuration string = "token_duration" const OPeq string = "eq" const OPneq string = "neq" const OPin string = "in" +const OPnotin string = "notin" const OPgt string = "gt" const OPgte string = "gte" const OPlt string = "lt" @@ -2533,6 +2534,53 @@ type RESTScanReportData struct { Report *RESTScanReport `json:"report"` } +type RESTAssetsScanReportFilter struct { + Name string `json:"name"` + Op string `json:"op"` + Value []string `json:"value"` +} + +type RESTVulScoreFilter struct { + ScoreVersion string `json:"score_version"` + ScoreBottom float32 `json:"score_bottom"` + ScoreTop float32 `json:"score_top"` +} + +type RESTScanReportCursor struct { + Name string `json:"name"` + HostName string `json:"host_name"` + Domain string `json:"domain"` + CVEName string `json:"cve_name"` + CVEPackage string `json:"cve_package"` +} + +func (a *RESTScanReportCursor) String() string { + return a.HostName + "###" + a.Domain + "###" + a.Name + "###" + a.CVEName + "###" + a.CVEPackage +} + +type RESTAssetsScanReportQuery struct { + ShowAccepted bool `json:"show_accepted"` + MaxCveRecords int `json:"max_cve_records"` // one cve per-record + Cursor RESTScanReportCursor `json:"cursor"` // last query stopped + ViewPod *string `json:"view_pod,omitempty"` // for workloads only + VulScoreFilter *RESTVulScoreFilter `json:"vul_score_filter,omitempty"` + Filters []RESTAssetsScanReportFilter `json:"filters,omitempty"` +} + +type RESTAssetScanData struct { + HostName string `json:"host_name"` + WorkloadName string `json:"workload_name"` + WorkloadDomain string `json:"workload_domain"` + WorkloadImage string `json:"workload_image"` + WorkloadImageID string `json:"workload_image_id"` + RESTVulnerability +} + +type RESTAssetScanReportData struct { + Cursor RESTScanReportCursor `json:"cursor"` + ScanData []*RESTAssetScanData `json:"scan_data"` // each cve for each asset has an entry +} + type RESTScanReport struct { Vuls []*RESTVulnerability `json:"vulnerabilities"` Modules []*RESTScanModule `json:"modules,omitempty"` @@ -4320,3 +4368,47 @@ type AssetCVECount struct { type RESTAssetIDList struct { IDs []string `json:"ids"` } + +type AssetScanReportInterface interface { + GetID() string + GetCursor() RESTScanReportCursor + GetScanData() RESTAssetScanData +} + +func (a *RESTWorkload) GetID() string { + return a.ID +} + +func (a *RESTWorkload) GetCursor() RESTScanReportCursor { + return RESTScanReportCursor{ + Name: a.Name, + Domain: a.Domain, + HostName: a.HostName, + } +} + +func (a *RESTWorkload) GetScanData() RESTAssetScanData { + return RESTAssetScanData{ + HostName: a.HostName, + WorkloadName: a.Name, + WorkloadDomain: a.Domain, + WorkloadImage: a.Image, + WorkloadImageID: a.ImageID, + } +} + +func (h *RESTHost) GetID() string { + return h.ID +} + +func (h *RESTHost) GetCursor() RESTScanReportCursor { + return RESTScanReportCursor{ + Name: h.Name, + } +} + +func (h *RESTHost) GetScanData() RESTAssetScanData { + return RESTAssetScanData{ + HostName: h.Name, + } +} diff --git a/vendor/github.com/neuvector/neuvector/controller/api/apis.yaml b/vendor/github.com/neuvector/neuvector/controller/api/apis.yaml index 748ffc4a..6d63f73a 100644 --- a/vendor/github.com/neuvector/neuvector/controller/api/apis.yaml +++ b/vendor/github.com/neuvector/neuvector/controller/api/apis.yaml @@ -1,11 +1,11 @@ -swagger: '2.0' +swagger: "2.0" ################################################################################ # API Information # ################################################################################ info: description: Secure Docker and Kubernetes based container deployments with the NeuVector run-time security solution. - version: '5.4.8' + version: "5.5.0" license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html @@ -16,7 +16,7 @@ schemes: - https externalDocs: description: Find out more about NeuVector - url: 'https://www.suse.com/products/neuvector/' + url: "https://www.suse.com/products/neuvector/" ################################################################################ # Tags # @@ -92,10 +92,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionConfigData' + $ref: "#/definitions/RESTAdmissionConfigData" /v1/admission/rule/{id}: get: tags: @@ -113,10 +113,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionRuleData' + $ref: "#/definitions/RESTAdmissionRuleData" delete: tags: - Admission @@ -131,7 +131,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/admission/rule: post: @@ -149,12 +149,12 @@ paths: description: Admission rule data required: true schema: - $ref: '#/definitions/RESTAdmissionRuleConfigData' + $ref: "#/definitions/RESTAdmissionRuleConfigData" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionRuleData' + $ref: "#/definitions/RESTAdmissionRuleData" patch: tags: - Admission @@ -170,9 +170,9 @@ paths: description: Admission rule data required: true schema: - $ref: '#/definitions/RESTAdmissionRuleConfigData' + $ref: "#/definitions/RESTAdmissionRuleConfigData" responses: - '200': + "200": description: Success /v1/admission/rule/promote: post: @@ -190,9 +190,9 @@ paths: description: Admission control rule data required: true schema: - $ref: '#/definitions/RESTAdmCtrlPromoteRequestData' + $ref: "#/definitions/RESTAdmCtrlPromoteRequestData" responses: - '200': + "200": description: Success /v1/admission/rules: get: @@ -214,10 +214,10 @@ paths: - local description: "When set to fed, returned fed admission rules. When set to local, returned local admission rules. If there is no query string 'scope', all admission rules will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionRulesData' + $ref: "#/definitions/RESTAdmissionRulesData" delete: tags: - Admission @@ -235,7 +235,7 @@ paths: - local description: "When set to fed, fed admission rules get removed. When set to local or no query string, local admission rules will be removed." responses: - '200': + "200": description: Success /v1/admission/state: get: @@ -248,14 +248,14 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionConfigData' - '404': + $ref: "#/definitions/RESTAdmissionConfigData" + "404": description: Operation not allowed schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" patch: tags: - Admission @@ -271,14 +271,14 @@ paths: description: Admission config state data required: true schema: - $ref: '#/definitions/RESTAdmissionConfigData' + $ref: "#/definitions/RESTAdmissionConfigData" responses: - '200': + "200": description: Success - '404': + "404": description: Operation not allowed schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" /v1/admission/stats: get: tags: @@ -290,10 +290,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmissionStatsData' + $ref: "#/definitions/RESTAdmissionStatsData" /v1/assess/admission/rule: post: tags: @@ -304,7 +304,7 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'text/plain; charset=utf-8' + - "text/plain; charset=utf-8" parameters: - in: body name: body @@ -335,10 +335,10 @@ paths: ports: - containerPort: 80 responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAdmCtrlRulesTestResults' + $ref: "#/definitions/RESTAdmCtrlRulesTestResults" /v1/auth: post: tags: @@ -354,16 +354,16 @@ paths: description: User login data required: true schema: - $ref: '#/definitions/RESTAuthData' + $ref: "#/definitions/RESTAuthData" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTTokenData' - '401': + $ref: "#/definitions/RESTTokenData" + "401": description: Authentication failed schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" patch: tags: - Authentication @@ -372,7 +372,7 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] responses: - '200': + "200": description: Success delete: tags: @@ -382,12 +382,12 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] responses: - '200': + "200": description: Success - '408': + "408": description: Authentication failed schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" /v1/auth/{server}: post: tags: @@ -409,9 +409,9 @@ paths: description: User login data required: true schema: - $ref: '#/definitions/RESTAuthData' + $ref: "#/definitions/RESTAuthData" responses: - '200': + "200": description: Success /v1/bench/host/{id}/docker: get: @@ -430,10 +430,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTBenchReport' + $ref: "#/definitions/RESTBenchReport" post: tags: - Compliance @@ -448,7 +448,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/bench/host/{id}/kubernetes: get: @@ -467,10 +467,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTBenchReport' + $ref: "#/definitions/RESTBenchReport" post: tags: - Compliance @@ -485,7 +485,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/compliance/profile: get: @@ -498,10 +498,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTComplianceProfilesData' + $ref: "#/definitions/RESTComplianceProfilesData" /v1/compliance/profile/{name}: get: tags: @@ -519,10 +519,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTComplianceProfileData' + $ref: "#/definitions/RESTComplianceProfileData" patch: tags: - Compliance @@ -543,9 +543,9 @@ paths: description: Compliance profile config data required: true schema: - $ref: '#/definitions/RESTComplianceProfileConfigData' + $ref: "#/definitions/RESTComplianceProfileConfigData" responses: - '200': + "200": description: Success /v1/compliance/profile/{name}/entry/{check}: patch: @@ -573,9 +573,9 @@ paths: description: Compliance profile entry data required: true schema: - $ref: '#/definitions/RESTComplianceProfileEntryConfigData' + $ref: "#/definitions/RESTComplianceProfileEntryConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -596,7 +596,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/file/compliance/profile: post: @@ -617,12 +617,12 @@ paths: name: body description: Names of profiles to export schema: - $ref: '#/definitions/RESTCompProfilesExport' + $ref: "#/definitions/RESTCompProfilesExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/compliance/profile/config: post: tags: @@ -632,8 +632,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Auth-Token @@ -650,7 +650,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/controller: get: @@ -663,10 +663,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTController' + $ref: "#/definitions/RESTController" /v1/controller/{id}: get: tags: @@ -684,10 +684,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTControllerData' + $ref: "#/definitions/RESTControllerData" patch: tags: - Controller @@ -708,9 +708,9 @@ paths: description: Controller update data required: true schema: - $ref: '#/definitions/RESTControllerConfigData' + $ref: "#/definitions/RESTControllerConfigData" responses: - '200': + "200": description: Success /v1/controller/{id}/stats: get: @@ -729,10 +729,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadStatsData' + $ref: "#/definitions/RESTWorkloadStatsData" /v1/controller/{id}/config: get: tags: @@ -750,10 +750,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTControllerConfigData' + $ref: "#/definitions/RESTControllerConfigData" /v1/custom_check: get: tags: @@ -765,10 +765,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTCustomCheckListData' + $ref: "#/definitions/RESTCustomCheckListData" /v1/custom_check/{group}: get: tags: @@ -786,10 +786,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTCustomCheckData' + $ref: "#/definitions/RESTCustomCheckData" patch: tags: - Compliance @@ -810,9 +810,9 @@ paths: description: Script config data required: true schema: - $ref: '#/definitions/RESTCustomCheckConfigData' + $ref: "#/definitions/RESTCustomCheckConfigData" responses: - '200': + "200": description: Success /v1/dlp/sensor: get: @@ -825,10 +825,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpSensorsData' + $ref: "#/definitions/RESTDlpSensorsData" post: tags: - DLP @@ -844,9 +844,9 @@ paths: description: Sensor data required: true schema: - $ref: '#/definitions/RESTDlpSensorConfigData' + $ref: "#/definitions/RESTDlpSensorConfigData" responses: - '200': + "200": description: Success /v1/dlp/sensor/{name}: get: @@ -865,10 +865,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpSensorData' + $ref: "#/definitions/RESTDlpSensorData" patch: tags: - DLP @@ -889,9 +889,9 @@ paths: description: Sensor data required: true schema: - $ref: '#/definitions/RESTDlpSensorConfigData' + $ref: "#/definitions/RESTDlpSensorConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -907,7 +907,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/dlp/group: get: @@ -920,10 +920,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpGroupsData' + $ref: "#/definitions/RESTDlpGroupsData" /v1/dlp/group/{name}: get: tags: @@ -941,10 +941,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpGroupData' + $ref: "#/definitions/RESTDlpGroupData" patch: tags: - DLP @@ -965,9 +965,9 @@ paths: description: DLP group data required: true schema: - $ref: '#/definitions/RESTDlpGroupConfigData' + $ref: "#/definitions/RESTDlpGroupConfigData" responses: - '200': + "200": description: Success /v1/dlp/rule: get: @@ -980,10 +980,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpRulesData' + $ref: "#/definitions/RESTDlpRulesData" /v1/dlp/rule/{name}: get: tags: @@ -1001,10 +1001,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDlpRuleData' + $ref: "#/definitions/RESTDlpRuleData" /v1/domain: get: tags: @@ -1016,10 +1016,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTDomainsData' + $ref: "#/definitions/RESTDomainsData" patch: tags: - Namespace @@ -1035,9 +1035,9 @@ paths: description: Namespace update data required: true schema: - $ref: '#/definitions/RESTDomainConfigData' + $ref: "#/definitions/RESTDomainConfigData" responses: - '200': + "200": description: Success /v1/domain/{name}: patch: @@ -1060,9 +1060,9 @@ paths: description: Namespace update data required: true schema: - $ref: '#/definitions/RESTDomainEntryConfigData' + $ref: "#/definitions/RESTDomainEntryConfigData" responses: - '200': + "200": description: Success /v1/enforcer: get: @@ -1075,10 +1075,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAgentsData' + $ref: "#/definitions/RESTAgentsData" /v1/enforcer/{id}: get: tags: @@ -1096,10 +1096,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAgentData' + $ref: "#/definitions/RESTAgentData" patch: tags: - Enforcer @@ -1120,9 +1120,9 @@ paths: description: Enforcer update data required: true schema: - $ref: '#/definitions/RESTAgentConfigData' + $ref: "#/definitions/RESTAgentConfigData" responses: - '200': + "200": description: Success /v1/enforcer/{id}/stats: get: @@ -1141,10 +1141,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAgentStatsData' + $ref: "#/definitions/RESTAgentStatsData" /v1/enforcer/{id}/config: get: tags: @@ -1162,10 +1162,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAgentConfigData' + $ref: "#/definitions/RESTAgentConfigData" /v1/eula: get: tags: @@ -1174,10 +1174,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTEULAData' + $ref: "#/definitions/RESTEULAData" post: tags: - EULA @@ -1193,9 +1193,9 @@ paths: description: EULA data required: true schema: - $ref: '#/definitions/RESTEULAData' + $ref: "#/definitions/RESTEULAData" responses: - '200': + "200": description: Success /v1/file/admission: post: @@ -1221,12 +1221,12 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTAdmCtrlRulesExport' + $ref: "#/definitions/RESTAdmCtrlRulesExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/admission/config: post: tags: @@ -1237,8 +1237,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Transaction-ID @@ -1259,7 +1259,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file/response/rule: post: @@ -1285,12 +1285,12 @@ paths: description: Non-group-dependent response rules yaml file required: true schema: - $ref: '#/definitions/RESTResponseRulesExport' + $ref: "#/definitions/RESTResponseRulesExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/response/rule/config: post: tags: @@ -1301,8 +1301,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Transaction-ID @@ -1323,7 +1323,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file/config: get: @@ -1336,7 +1336,7 @@ paths: produces: - application/json responses: - '200': + "200": description: Success. Get a configure file. post: tags: @@ -1365,7 +1365,7 @@ paths: name: configuration description: a yaml configure file responses: - '200': + "200": description: Success. Upload a configure file. /v1/file/fed_config: post: @@ -1387,12 +1387,12 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTFedConfigExport' + $ref: "#/definitions/RESTFedConfigExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/dlp: post: tags: @@ -1417,12 +1417,12 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTDlpSensorExport' + $ref: "#/definitions/RESTDlpSensorExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/dlp/config: post: tags: @@ -1433,8 +1433,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Transaction-ID @@ -1455,7 +1455,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file/vulnerability/profile: post: @@ -1476,12 +1476,12 @@ paths: name: body description: Names of profiles to export schema: - $ref: '#/definitions/RESTVulnProfilesExport' + $ref: "#/definitions/RESTVulnProfilesExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/vulnerability/profile/config: post: tags: @@ -1491,8 +1491,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Auth-Token @@ -1509,7 +1509,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file/waf: post: @@ -1535,12 +1535,12 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTWafSensorExport' + $ref: "#/definitions/RESTWafSensorExport" responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/waf/config: post: tags: @@ -1551,8 +1551,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Transaction-ID @@ -1573,7 +1573,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file/group: get: @@ -1591,9 +1591,9 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTGroupExport' + $ref: "#/definitions/RESTGroupExport" responses: - '200': + "200": description: Success. Get a yaml file. post: tags: @@ -1610,7 +1610,7 @@ paths: description: Configuration data required: true schema: - $ref: '#/definitions/RESTGroupExport' + $ref: "#/definitions/RESTGroupExport" - in: query name: scope type: string @@ -1620,10 +1620,10 @@ paths: - fed description: "It exports the federated group configurations when the scope is fed. Otherwise it's for exporting local group configurations." responses: - '200': + "200": description: Success. (1) Get a yaml file when export to local. (2) Get RESTRemoteExportData payload when export to remote repository. schema: - $ref: '#/definitions/RESTRemoteExportData' + $ref: "#/definitions/RESTRemoteExportData" /v1/file/group/config: get: tags: @@ -1635,10 +1635,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTImportTaskData' + $ref: "#/definitions/RESTImportTaskData" post: tags: - File @@ -1648,8 +1648,8 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] consumes: - - 'application/json' - - 'text/plain; charset=utf-8' + - "application/json" + - "text/plain; charset=utf-8" parameters: - in: header name: X-Transaction-ID @@ -1670,7 +1670,7 @@ paths: schema: type: string responses: - '200': + "200": description: Success /v1/file_monitor: get: @@ -1692,10 +1692,10 @@ paths: - local description: "When set to fed, returned fed file monitor list. When set to local, returned local file monitor list. If there is no query string 'scope', all file monitor list will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTFileMonitorFileData' + $ref: "#/definitions/RESTFileMonitorFileData" /v1/file_monitor/{name}: get: tags: @@ -1713,10 +1713,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTFileMonitorFile' + $ref: "#/definitions/RESTFileMonitorFile" patch: tags: - File Monitor @@ -1737,9 +1737,9 @@ paths: description: File monitor update data required: true schema: - $ref: '#/definitions/RESTFileMonitorConfigData' + $ref: "#/definitions/RESTFileMonitorConfigData" responses: - '200': + "200": description: Success /v1/group: get: @@ -1761,10 +1761,10 @@ paths: - local description: "When set to fed, returned fed groups. When set to local, returned local groups. If there is no query string 'scope', all groups will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTGroupsData' + $ref: "#/definitions/RESTGroupsData" post: tags: - Group @@ -1780,14 +1780,14 @@ paths: description: Group data required: true schema: - $ref: '#/definitions/RESTGroupConfigData' + $ref: "#/definitions/RESTGroupConfigData" responses: - '200': + "200": description: Success - '400': + "400": description: Error schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" /v1/group/{name}: get: tags: @@ -1805,10 +1805,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTGroupData' + $ref: "#/definitions/RESTGroupData" patch: tags: - Group @@ -1829,9 +1829,9 @@ paths: description: Group update data required: true schema: - $ref: '#/definitions/RESTGroupConfigData' + $ref: "#/definitions/RESTGroupConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -1847,7 +1847,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/host: get: @@ -1860,10 +1860,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTHostsData' + $ref: "#/definitions/RESTHostsData" /v1/host/{id}: get: tags: @@ -1881,10 +1881,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTHostData' + $ref: "#/definitions/RESTHostData" /v1/host/{id}/compliance: get: tags: @@ -1902,10 +1902,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTComplianceData' + $ref: "#/definitions/RESTComplianceData" /v1/log/activity: get: tags: @@ -1917,10 +1917,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTEventsData' + $ref: "#/definitions/RESTEventsData" /v1/log/audit: get: tags: @@ -1932,10 +1932,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTAuditsData' + $ref: "#/definitions/RESTAuditsData" /v1/log/event: get: tags: @@ -1947,10 +1947,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTEventsData' + $ref: "#/definitions/RESTEventsData" /v1/log/incident: get: tags: @@ -1962,10 +1962,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTIncidentsData' + $ref: "#/definitions/RESTIncidentsData" /v1/log/threat: get: tags: @@ -1977,10 +1977,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTThreatsData' + $ref: "#/definitions/RESTThreatsData" /v1/log/threat/{id}: get: tags: @@ -1998,10 +1998,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTThreatData' + $ref: "#/definitions/RESTThreatData" /v1/log/violation: get: tags: @@ -2013,10 +2013,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPolicyViolationsData' + $ref: "#/definitions/RESTPolicyViolationsData" /v1/log/violation/workload: get: tags: @@ -2028,10 +2028,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPolicyViolationsWLData' + $ref: "#/definitions/RESTPolicyViolationsWLData" /v1/log/security: get: tags: @@ -2043,10 +2043,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSecurityData' + $ref: "#/definitions/RESTSecurityData" /v1/password_profile: get: tags: @@ -2058,10 +2058,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPwdProfilesData' + $ref: "#/definitions/RESTPwdProfilesData" /v1/password_profile/{name}: get: tags: @@ -2079,10 +2079,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPwdProfileData' + $ref: "#/definitions/RESTPwdProfileData" patch: tags: - User @@ -2103,9 +2103,9 @@ paths: description: Password profile data required: true schema: - $ref: '#/definitions/RESTPwdProfileConfigData' + $ref: "#/definitions/RESTPwdProfileConfigData" responses: - '200': + "200": description: Success /v1/policy/rule: get: @@ -2127,10 +2127,10 @@ paths: - local description: "When set to fed, returned fed policy rules. When set to local, returned local policy rules. If there is no query string 'scope', all policy rules will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPolicyRulesData' + $ref: "#/definitions/RESTPolicyRulesData" patch: tags: - Policy @@ -2146,7 +2146,7 @@ paths: description: Policy rule action data required: true schema: - $ref: '#/definitions/RESTPolicyRuleActionData' + $ref: "#/definitions/RESTPolicyRuleActionData" - in: query name: scope type: string @@ -2156,7 +2156,7 @@ paths: - local description: "When set to fed, fed policy rules get created. When set to local or no query string, local policy rules get created." responses: - '200': + "200": description: Success delete: tags: @@ -2175,7 +2175,7 @@ paths: - local description: "When set to fed, fed policy rules get removed. When set to local or no query string, local policy rules get removed." responses: - '200': + "200": description: Success /v1/policy/rule/{id}: get: @@ -2195,18 +2195,18 @@ paths: type: integer format: uint32 responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTPolicyRuleData' - '400': + $ref: "#/definitions/RESTPolicyRuleData" + "400": description: Error schema: - $ref: '#/definitions/RESTError' - '404': + $ref: "#/definitions/RESTError" + "404": description: Error schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" patch: tags: - Policy @@ -2228,9 +2228,9 @@ paths: description: Policy rule update data required: true schema: - $ref: '#/definitions/RESTPolicyRuleConfigData' + $ref: "#/definitions/RESTPolicyRuleConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -2247,7 +2247,7 @@ paths: type: integer format: uint32 responses: - '200': + "200": description: Success /v1/policy/rules/promote: post: @@ -2265,9 +2265,9 @@ paths: description: Policy promote data required: true schema: - $ref: '#/definitions/RESTPolicyPromoteRequestData' + $ref: "#/definitions/RESTPolicyPromoteRequestData" responses: - '200': + "200": description: Success /v1/process_profile: get: @@ -2289,10 +2289,10 @@ paths: - local description: "When set to fed, returned fed process profiles. When set to local, returned local process profiles. If there is no query string 'scope', all process profiles will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTProcessProfilesData' + $ref: "#/definitions/RESTProcessProfilesData" /v1/process_profile/{name}: get: tags: @@ -2310,10 +2310,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTProcessProfileData' + $ref: "#/definitions/RESTProcessProfileData" patch: tags: - Process @@ -2334,9 +2334,9 @@ paths: description: Process profile configure data required: true schema: - $ref: '#/definitions/RESTProcessProfileConfigData' + $ref: "#/definitions/RESTProcessProfileConfigData" responses: - '200': + "200": description: Success /v1/process_rules/{uuid}: get: @@ -2355,10 +2355,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTProcessRulesResp' + $ref: "#/definitions/RESTProcessRulesResp" /v1/response/rule: get: tags: @@ -2379,10 +2379,10 @@ paths: - local description: "When set to fed, returned fed response rules. When set to local, returned local response rules. If there is no query string 'scope', all response rules will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTResponseRulesData' + $ref: "#/definitions/RESTResponseRulesData" patch: tags: - Response Rule @@ -2398,9 +2398,9 @@ paths: description: Response rule action data required: true schema: - $ref: '#/definitions/RESTResponseRuleActionData' + $ref: "#/definitions/RESTResponseRuleActionData" responses: - '200': + "200": description: Success delete: tags: @@ -2419,7 +2419,7 @@ paths: - local description: "When set to fed, all fed response rules get removed. When set to local or no query string, local response rules will be removed." responses: - '200': + "200": description: Success /v1/response/rule/{id}: get: @@ -2438,10 +2438,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTResponseRuleData' + $ref: "#/definitions/RESTResponseRuleData" patch: tags: - Response Rule @@ -2462,9 +2462,9 @@ paths: description: Response rule data required: true schema: - $ref: '#/definitions/RESTResponseRuleConfigData' + $ref: "#/definitions/RESTResponseRuleConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -2480,7 +2480,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/response/workload_rules/{id}: get: @@ -2499,10 +2499,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTResponseRulesData' + $ref: "#/definitions/RESTResponseRulesData" /v1/scan/scanner: get: tags: @@ -2514,10 +2514,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScannerData' + $ref: "#/definitions/RESTScannerData" /v1/scan/config: get: tags: @@ -2529,10 +2529,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanConfigResp' + $ref: "#/definitions/RESTScanConfigResp" patch: tags: - Scan @@ -2548,10 +2548,32 @@ paths: description: Scan configure data required: true schema: - $ref: '#/definitions/RESTScanConfigData' + $ref: "#/definitions/RESTScanConfigData" responses: - '200': + "200": description: Success + /v1/scan/hosts/scan_report: + post: + tags: + - Scan + summary: Get hosts scan report + security: + - ApiKeyAuth: [] + - TokenAuth: [] + consumes: + - application/json + parameters: + - in: body + name: body + description: Filter data + required: true + schema: + $ref: "#/definitions/RESTAssetsScanReportQuery" + responses: + "200": + description: Success + schema: + $ref: "#/definitions/RESTAssetScanReportData" /v1/scan/host/{id}: get: tags: @@ -2569,10 +2591,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanReportData' + $ref: "#/definitions/RESTScanReportData" post: tags: - Scan @@ -2589,7 +2611,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/scan/image: get: @@ -2602,10 +2624,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanImageSummaryData' + $ref: "#/definitions/RESTScanImageSummaryData" /v1/scan/image/{id}: get: tags: @@ -2623,10 +2645,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanReportData' + $ref: "#/definitions/RESTScanReportData" /v1/scan/platform: get: tags: @@ -2638,10 +2660,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanPlatformSummaryData' + $ref: "#/definitions/RESTScanPlatformSummaryData" /v1/scan/platform/platform: get: tags: @@ -2653,10 +2675,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanReportData' + $ref: "#/definitions/RESTScanReportData" post: tags: - Scan @@ -2665,7 +2687,7 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] responses: - '200': + "200": description: Success /v1/scan/registry: get: @@ -2687,10 +2709,10 @@ paths: - local description: "When set to fed, returned fed registries. When set to local, returned local-defined registries. If there is no query string 'scope', all registries will be returned." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTRegistrySummaryListData' + $ref: "#/definitions/RESTRegistrySummaryListData" post: tags: - Scan @@ -2706,9 +2728,9 @@ paths: description: Registry data required: true schema: - $ref: '#/definitions/RESTRegistryConfigData' + $ref: "#/definitions/RESTRegistryConfigData" responses: - '200': + "200": description: Success /v2/scan/registry: post: @@ -2726,9 +2748,9 @@ paths: description: Registry data required: true schema: - $ref: '#/definitions/RESTRegistryConfigDataV2' + $ref: "#/definitions/RESTRegistryConfigDataV2" responses: - '200': + "200": description: Success /v1/scan/registry/{name}: get: @@ -2747,10 +2769,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTRegistrySummaryData' + $ref: "#/definitions/RESTRegistrySummaryData" patch: tags: - Scan @@ -2771,9 +2793,9 @@ paths: description: Registry data required: true schema: - $ref: '#/definitions/RESTRegistryConfigData' + $ref: "#/definitions/RESTRegistryConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -2789,7 +2811,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v2/scan/registry/{name}: patch: @@ -2812,9 +2834,9 @@ paths: description: Registry data required: true schema: - $ref: '#/definitions/RESTRegistryConfigDataV2' + $ref: "#/definitions/RESTRegistryConfigDataV2" responses: - '200': + "200": description: Success /v1/scan/registry/{name}/images: get: @@ -2833,10 +2855,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTRegistryImageSummaryData' + $ref: "#/definitions/RESTRegistryImageSummaryData" /v1/scan/registry/{name}/image/{id}: get: tags: @@ -2859,10 +2881,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanReportData' + $ref: "#/definitions/RESTScanReportData" /v1/scan/registry/{name}/layers/{id}: get: tags: @@ -2885,10 +2907,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanLayersReportData' + $ref: "#/definitions/RESTScanLayersReportData" /v1/scan/registry/{name}/scan: post: tags: @@ -2904,7 +2926,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success delete: tags: @@ -2920,7 +2942,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/scan/repository: post: @@ -2940,12 +2962,12 @@ paths: description: Repository data required: true schema: - $ref: '#/definitions/RESTScanRepoReqData' + $ref: "#/definitions/RESTScanRepoReqData" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanRepoReportData' + $ref: "#/definitions/RESTScanRepoReportData" /v1/scan/status: get: tags: @@ -2957,10 +2979,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanStatusData' + $ref: "#/definitions/RESTScanStatusData" /v1/scan/cache_stat/{id}: get: tags: @@ -2978,10 +3000,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanCacheStat' + $ref: "#/definitions/RESTScanCacheStat" /v1/scan/cache_data/{id}: get: tags: @@ -2999,10 +3021,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanCacheData' + $ref: "#/definitions/RESTScanCacheData" /v1/scan/workload/{id}: get: tags: @@ -3020,10 +3042,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScanReportData' + $ref: "#/definitions/RESTScanReportData" post: tags: - Scan @@ -3040,8 +3062,30 @@ paths: required: true type: string responses: - '200': + "200": + description: Success + /v1/scan/workloads/scan_report: + post: + tags: + - Scan + summary: Get containers scan report + security: + - ApiKeyAuth: [] + - TokenAuth: [] + consumes: + - application/json + parameters: + - in: body + name: body + description: Filter data + required: true + schema: + $ref: "#/definitions/RESTAssetsScanReportQuery" + responses: + "200": description: Success + schema: + $ref: "#/definitions/RESTAssetScanReportData" /v1/scan/sigstore/root_of_trust: get: tags: @@ -3053,10 +3097,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/REST_SigstoreRootOfTrustCollection' + $ref: "#/definitions/REST_SigstoreRootOfTrustCollection" post: tags: - Scan @@ -3072,9 +3116,9 @@ paths: description: Root of Trust Data required: true schema: - $ref: '#/definitions/REST_SigstoreRootOfTrust_POST' + $ref: "#/definitions/REST_SigstoreRootOfTrust_POST" responses: - '200': + "200": description: Success /v1/scan/sigstore/root_of_trust/{root_name}: get: @@ -3093,10 +3137,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/REST_SigstoreRootOfTrust_GET' + $ref: "#/definitions/REST_SigstoreRootOfTrust_GET" patch: tags: - Scan @@ -3117,9 +3161,9 @@ paths: description: Root of Trust Data required: true schema: - $ref: '#/definitions/REST_SigstoreRootOfTrust_PATCH' + $ref: "#/definitions/REST_SigstoreRootOfTrust_PATCH" responses: - '200': + "200": description: Success delete: tags: @@ -3135,7 +3179,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/scan/sigstore/root_of_trust/{root_name}/verifier: get: @@ -3154,10 +3198,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/REST_SigstoreVerifierCollection' + $ref: "#/definitions/REST_SigstoreVerifierCollection" post: tags: - Scan @@ -3178,9 +3222,9 @@ paths: description: Root of Trust Data required: true schema: - $ref: '#/definitions/REST_SigstoreVerifier' + $ref: "#/definitions/REST_SigstoreVerifier" responses: - '200': + "200": description: Success /v1/scan/sigstore/root_of_trust/{root_name}/verifier/{verifier_name}: get: @@ -3204,10 +3248,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/REST_SigstoreVerifier' + $ref: "#/definitions/REST_SigstoreVerifier" patch: tags: - Scan @@ -3233,9 +3277,9 @@ paths: description: Verifier patch data required: true schema: - $ref: '#/definitions/REST_SigstoreVerifier_PATCH' + $ref: "#/definitions/REST_SigstoreVerifier_PATCH" responses: - '200': + "200": description: Success delete: tags: @@ -3256,7 +3300,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/server: get: @@ -3269,10 +3313,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTServersData' + $ref: "#/definitions/RESTServersData" post: tags: - Server @@ -3288,9 +3332,9 @@ paths: description: Server data required: true schema: - $ref: '#/definitions/RESTServerConfigData' + $ref: "#/definitions/RESTServerConfigData" responses: - '200': + "200": description: Success /v1/server/{name}: get: @@ -3309,10 +3353,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTServerData' + $ref: "#/definitions/RESTServerData" patch: tags: - Server @@ -3333,9 +3377,9 @@ paths: description: Server data required: true schema: - $ref: '#/definitions/RESTServerConfigData' + $ref: "#/definitions/RESTServerConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -3351,7 +3395,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/server/{name}/role/{role}: patch: @@ -3379,9 +3423,9 @@ paths: description: Server role groups update data required: true schema: - $ref: '#/definitions/RESTServerRoleGroupsConfigData' + $ref: "#/definitions/RESTServerRoleGroupsConfigData" responses: - '200': + "200": description: Success /v1/server/{name}/user: get: @@ -3400,10 +3444,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTUsersData' + $ref: "#/definitions/RESTUsersData" /v1/service: get: tags: @@ -3415,10 +3459,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTServicesData' + $ref: "#/definitions/RESTServicesData" post: tags: - Service @@ -3434,9 +3478,9 @@ paths: description: Service data required: true schema: - $ref: '#/definitions/RESTServiceConfigData' + $ref: "#/definitions/RESTServiceConfigData" responses: - '200': + "200": description: Success /v1/service/{name}: get: @@ -3455,10 +3499,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTServiceData' + $ref: "#/definitions/RESTServiceData" /v1/service/config: patch: tags: @@ -3475,9 +3519,9 @@ paths: description: Service configure data required: true schema: - $ref: '#/definitions/RESTServiceBatchConfigData' + $ref: "#/definitions/RESTServiceBatchConfigData" responses: - '200': + "200": description: Success /v1/service/config/network: patch: @@ -3495,9 +3539,9 @@ paths: description: Service configure data required: true schema: - $ref: '#/definitions/RESTServiceBatchConfigData' + $ref: "#/definitions/RESTServiceBatchConfigData" responses: - '200': + "200": description: Success /v1/service/config/profile: patch: @@ -3515,9 +3559,9 @@ paths: description: Service configure data required: true schema: - $ref: '#/definitions/RESTServiceBatchConfigData' + $ref: "#/definitions/RESTServiceBatchConfigData" responses: - '200': + "200": description: Success /v1/sniffer: get: @@ -3536,10 +3580,10 @@ paths: type: string description: Workload ID responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSniffersData' + $ref: "#/definitions/RESTSniffersData" post: tags: - Sniffer @@ -3560,9 +3604,9 @@ paths: description: Sniffer args data required: true schema: - $ref: '#/definitions/RESTSnifferArgsData' + $ref: "#/definitions/RESTSnifferArgsData" responses: - '200': + "200": description: Success /v1/sniffer/{id}: get: @@ -3581,10 +3625,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSnifferData' + $ref: "#/definitions/RESTSnifferData" delete: tags: - Sniffer @@ -3599,7 +3643,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/sniffer/stop/{id}: patch: @@ -3616,7 +3660,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/sniffer/{id}/pcap: get: @@ -3633,7 +3677,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success. Get pcap file. /v1/system/summary: get: @@ -3646,10 +3690,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSystemSummaryData' + $ref: "#/definitions/RESTSystemSummaryData" /v1/system/config: get: tags: @@ -3670,10 +3714,10 @@ paths: - local description: "When set the scope to be fed, it will return the fed system configures. When set the scope to be local, it will return the local system configures. If there is no query string 'scope', it will return all system configures." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSystemConfigData' + $ref: "#/definitions/RESTSystemConfigData" patch: tags: - System @@ -3689,9 +3733,9 @@ paths: description: System configure data required: true schema: - $ref: '#/definitions/RESTSystemConfigConfigData' + $ref: "#/definitions/RESTSystemConfigConfigData" responses: - '200': + "200": description: Success /v2/system/config: get: @@ -3713,10 +3757,10 @@ paths: - local description: "When set the scope to be fed, it will return the fed system configures. When set the scope to be local, it will return the local system configures. If there is no query string 'scope', it will return all system configures." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTSystemConfigDataV2' + $ref: "#/definitions/RESTSystemConfigDataV2" patch: tags: - System @@ -3732,9 +3776,9 @@ paths: description: System configure data required: true schema: - $ref: '#/definitions/RESTSystemConfigConfigDataV2' + $ref: "#/definitions/RESTSystemConfigConfigDataV2" responses: - '200': + "200": description: Success /v1/system/alerts: get: @@ -3747,10 +3791,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTNvAlerts' + $ref: "#/definitions/RESTNvAlerts" /v1/system/config/webhook: post: tags: @@ -3767,9 +3811,9 @@ paths: description: System configure data required: true schema: - $ref: '#/definitions/RESTSystemWebhookConfigData' + $ref: "#/definitions/RESTSystemWebhookConfigData" responses: - '200': + "200": description: Success /v1/system/config/webhook/{name}: patch: @@ -3800,9 +3844,9 @@ paths: description: System configure data required: true schema: - $ref: '#/definitions/RESTSystemWebhookConfigData' + $ref: "#/definitions/RESTSystemWebhookConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -3826,7 +3870,7 @@ paths: - local description: "When set the scope to be fed, it will delete the fed level webhook. When set the scope to be local, it will delete the local webhook. If there is no query string 'scope', it will use 'local' as the default value." responses: - '200': + "200": description: Success /v1/system/request: post: @@ -3844,9 +3888,9 @@ paths: description: System request data required: true schema: - $ref: '#/definitions/RESTSystemRequestData' + $ref: "#/definitions/RESTSystemRequestData" responses: - '200': + "200": description: Success /v1/system/score/metrics: get: @@ -3859,10 +3903,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTScoreMetricsData' + $ref: "#/definitions/RESTScoreMetricsData" /v1/user: get: tags: @@ -3874,10 +3918,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTUsersData' + $ref: "#/definitions/RESTUsersData" post: tags: - User @@ -3893,9 +3937,9 @@ paths: description: User information required: true schema: - $ref: '#/definitions/RESTUserData' + $ref: "#/definitions/RESTUserData" responses: - '200': + "200": description: Success /v1/user/{fullname}: get: @@ -3914,10 +3958,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTUserData' + $ref: "#/definitions/RESTUserData" patch: tags: - User @@ -3938,14 +3982,14 @@ paths: description: User update data required: true schema: - $ref: '#/definitions/RESTUserConfigData' + $ref: "#/definitions/RESTUserConfigData" responses: - '200': + "200": description: Success - '403': + "403": description: Error schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" delete: tags: - User @@ -3960,7 +4004,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/user/{fullname}/password: post: @@ -3983,9 +4027,9 @@ paths: description: User password configuration data required: true schema: - $ref: '#/definitions/RESTUserPwdConfigData' + $ref: "#/definitions/RESTUserPwdConfigData" responses: - '200': + "200": description: Success /v1/user/{fullname}/role/{role}: patch: @@ -4013,9 +4057,9 @@ paths: description: User role domain update data required: true schema: - $ref: '#/definitions/RESTUserRoleDomainsConfigData' + $ref: "#/definitions/RESTUserRoleDomainsConfigData" responses: - '200': + "200": description: Success /v1/user_role: get: @@ -4028,10 +4072,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTUserRolesData' + $ref: "#/definitions/RESTUserRolesData" post: tags: - User @@ -4047,9 +4091,9 @@ paths: description: Role information required: true schema: - $ref: '#/definitions/RESTUserRoleConfigData' + $ref: "#/definitions/RESTUserRoleConfigData" responses: - '200': + "200": description: Success /v1/user_role/{name}: get: @@ -4068,10 +4112,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTUserRoleData' + $ref: "#/definitions/RESTUserRoleData" patch: tags: - User @@ -4092,9 +4136,9 @@ paths: description: User role update data required: true schema: - $ref: '#/definitions/RESTUserRoleConfigData' + $ref: "#/definitions/RESTUserRoleConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -4110,7 +4154,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/vulnerability/profile: get: @@ -4123,10 +4167,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTVulnerabilityProfilesData' + $ref: "#/definitions/RESTVulnerabilityProfilesData" /v1/vulnerability/profile/{name}: get: tags: @@ -4144,10 +4188,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTVulnerabilityProfileData' + $ref: "#/definitions/RESTVulnerabilityProfileData" patch: tags: - Vulnerability @@ -4168,9 +4212,9 @@ paths: description: Vulnerability profile config data required: true schema: - $ref: '#/definitions/RESTVulnerabilityProfileConfigData' + $ref: "#/definitions/RESTVulnerabilityProfileConfigData" responses: - '200': + "200": description: Success /v1/vulnerability/profile/{name}/entry: post: @@ -4191,12 +4235,12 @@ paths: description: Vulnerability profile entry data required: true schema: - $ref: '#/definitions/RESTVulnerabilityProfileEntryConfigData' + $ref: "#/definitions/RESTVulnerabilityProfileEntryConfigData" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTVulnerabilityProfileEntryConfigData' + $ref: "#/definitions/RESTVulnerabilityProfileEntryConfigData" /v1/vulnerability/profile/{name}/entry/{id}: patch: tags: @@ -4224,9 +4268,9 @@ paths: description: Vulnerability profile entry data required: true schema: - $ref: '#/definitions/RESTVulnerabilityProfileEntryConfigData' + $ref: "#/definitions/RESTVulnerabilityProfileEntryConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -4248,7 +4292,7 @@ paths: type: integer format: uint32 responses: - '200': + "200": description: Success /v1/waf/sensor: get: @@ -4269,10 +4313,10 @@ paths: - local description: "The default value is local which returns local waf rule list." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafSensorsData' + $ref: "#/definitions/RESTWafSensorsData" post: tags: - WAF Rule @@ -4288,9 +4332,9 @@ paths: description: Sensor data required: true schema: - $ref: '#/definitions/RESTDlpSensorConfigData' + $ref: "#/definitions/RESTDlpSensorConfigData" responses: - '200': + "200": description: Success /v1/waf/sensor/{name}: get: @@ -4309,10 +4353,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafSensorData' + $ref: "#/definitions/RESTWafSensorData" patch: tags: - WAF Rule @@ -4333,9 +4377,9 @@ paths: description: waf sensor data required: true schema: - $ref: '#/definitions/RESTWafSensorConfigData' + $ref: "#/definitions/RESTWafSensorConfigData" responses: - '200': + "200": description: Success delete: tags: @@ -4351,7 +4395,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/waf/group: get: @@ -4372,10 +4416,10 @@ paths: - local description: "The default value is local. It returns local waf group list." responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafGroupsData' + $ref: "#/definitions/RESTWafGroupsData" /v1/waf/group/{name}: get: tags: @@ -4393,10 +4437,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafGroupData' + $ref: "#/definitions/RESTWafGroupData" patch: tags: - WAF Rule @@ -4417,9 +4461,9 @@ paths: description: waf group data required: true schema: - $ref: '#/definitions/RESTWafGroupConfigData' + $ref: "#/definitions/RESTWafGroupConfigData" responses: - '200': + "200": description: Success /v1/waf/rule: get: @@ -4432,10 +4476,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafRulesData' + $ref: "#/definitions/RESTWafRulesData" /v1/waf/rule/{name}: get: tags: @@ -4453,10 +4497,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWafRuleData' + $ref: "#/definitions/RESTWafRuleData" /v1/workload: get: tags: @@ -4468,10 +4512,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadsData' + $ref: "#/definitions/RESTWorkloadsData" /v2/workload: get: tags: @@ -4483,10 +4527,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadsDataV2' + $ref: "#/definitions/RESTWorkloadsDataV2" post: tags: - Container @@ -4502,12 +4546,12 @@ paths: description: Container ID list required: true schema: - $ref: '#/definitions/RESTAssetIDList' + $ref: "#/definitions/RESTAssetIDList" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadsDataV2' + $ref: "#/definitions/RESTWorkloadsDataV2" /v1/workload/{id}: get: tags: @@ -4525,10 +4569,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadDetailData' + $ref: "#/definitions/RESTWorkloadDetailData" patch: tags: - Container @@ -4549,9 +4593,9 @@ paths: description: Container update data required: true schema: - $ref: '#/definitions/RESTWorkloadConfigData' + $ref: "#/definitions/RESTWorkloadConfigData" responses: - '200': + "200": description: Success /v2/workload/{id}: get: @@ -4570,10 +4614,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadDetailDataV2' + $ref: "#/definitions/RESTWorkloadDetailDataV2" /v1/workload/{id}/stats: get: tags: @@ -4591,10 +4635,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadStatsData' + $ref: "#/definitions/RESTWorkloadStatsData" /v1/workload/{id}/config: get: tags: @@ -4612,10 +4656,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTWorkloadConfigData' + $ref: "#/definitions/RESTWorkloadConfigData" /v1/workload/{id}/process: get: tags: @@ -4633,14 +4677,14 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTProcessList' - '400': + $ref: "#/definitions/RESTProcessList" + "400": description: Container not running schema: - $ref: '#/definitions/RESTError' + $ref: "#/definitions/RESTError" /v1/workload/{id}/process_history: get: tags: @@ -4658,10 +4702,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTProcessProfileEntry' + $ref: "#/definitions/RESTProcessProfileEntry" /v1/workload/{id}/compliance: get: tags: @@ -4679,10 +4723,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTComplianceData' + $ref: "#/definitions/RESTComplianceData" /v1/workload/request/{id}: post: tags: @@ -4704,9 +4748,9 @@ paths: description: Container request data required: true schema: - $ref: '#/definitions/RESTWorkloadRequestData' + $ref: "#/definitions/RESTWorkloadRequestData" responses: - '200': + "200": description: Success /v1/csp/file/support: post: @@ -4717,7 +4761,7 @@ paths: - ApiKeyAuth: [] - TokenAuth: [] responses: - '200': + "200": description: Success. Get a tarball gz file. /v1/fed/healthcheck: get: @@ -4725,7 +4769,7 @@ paths: - Federation summary: Health Check of Federate Primary REST server responses: - '200': + "200": description: Success /v1/api_key: get: @@ -4738,10 +4782,10 @@ paths: produces: - application/json responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTApikeysData' + $ref: "#/definitions/RESTApikeysData" post: tags: - Apikey @@ -4757,12 +4801,12 @@ paths: description: Apikey information required: true schema: - $ref: '#/definitions/RESTApikeyCreationData' + $ref: "#/definitions/RESTApikeyCreationData" responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTApikeyGeneratedData' + $ref: "#/definitions/RESTApikeyGeneratedData" /v1/api_key/{accesskey}: get: tags: @@ -4780,10 +4824,10 @@ paths: required: true type: string responses: - '200': + "200": description: Success schema: - $ref: '#/definitions/RESTApikeyData' + $ref: "#/definitions/RESTApikeyData" delete: tags: - Apikey @@ -4798,7 +4842,7 @@ paths: required: true type: string responses: - '200': + "200": description: Success /v1/system/config/remote_repository: post: @@ -4816,9 +4860,9 @@ paths: description: Initial Configuration required: true schema: - $ref: '#/definitions/RESTRemoteRepository' + $ref: "#/definitions/RESTRemoteRepository" responses: - '200': + "200": description: Created the remote repository. /v1/system/config/remote_repository/{alias}: patch: @@ -4841,9 +4885,9 @@ paths: description: Configuration fields to update required: true schema: - $ref: '#/definitions/RESTRemoteRepositoryConfigData' + $ref: "#/definitions/RESTRemoteRepositoryConfigData" responses: - '200': + "200": description: Updated the remote repository. delete: tags: @@ -4861,7 +4905,7 @@ paths: required: true type: string responses: - '200': + "200": description: Deleted the remote repository. ################################################################################ @@ -5396,7 +5440,7 @@ definitions: type: object properties: k8s_options: - $ref: '#/definitions/RESTAdmRuleOptions' + $ref: "#/definitions/RESTAdmRuleOptions" RESTAdmCtrlPromoteRequest: type: object required: @@ -5414,7 +5458,7 @@ definitions: - request properties: request: - $ref: '#/definitions/RESTAdmCtrlPromoteRequest' + $ref: "#/definitions/RESTAdmCtrlPromoteRequest" RESTAdmCtrlRulesExport: type: object properties: @@ -5428,7 +5472,7 @@ definitions: format: uint32 example: 12 remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTAdmCtrlTestRuleInfo: type: object required: @@ -5456,7 +5500,7 @@ definitions: mode: type: string description: per-rule mode - enum: ["monitor","protect",""] + enum: ["monitor", "protect", ""] rule_details: type: string example: "It matches deny rule id 1000 with criteria: (allow privilege escalation = true)" @@ -5488,7 +5532,7 @@ definitions: matched_rules: type: array items: - $ref: '#/definitions/RESTAdmCtrlTestRuleInfo' + $ref: "#/definitions/RESTAdmCtrlTestRuleInfo" allowed: type: boolean example: false @@ -5502,27 +5546,27 @@ definitions: example: ["user", "userGroups"] global_mode: type: string - enum: ["monitor","protect", ""] + enum: ["monitor", "protect", ""] results: type: array items: - $ref: '#/definitions/RESTAdmCtrlRulesTestResult' + $ref: "#/definitions/RESTAdmCtrlRulesTestResult" RESTAdmissionConfigData: type: object required: - k8s_env properties: state: - $ref: '#/definitions/RESTAdmissionState' + $ref: "#/definitions/RESTAdmissionState" admission_options: - $ref: '#/definitions/RESTAdmRuleTypeOptions' + $ref: "#/definitions/RESTAdmRuleTypeOptions" k8s_env: type: boolean example: false admission_custom_criteria_options: - $ref: '#/definitions/RESTAdminCustomCriteriaOptions' + $ref: "#/definitions/RESTAdminCustomCriteriaOptions" admission_custom_criteria_templates: - $ref: '#/definitions/RESTAdminCriteriaTemplate' + $ref: "#/definitions/RESTAdminCriteriaTemplate" predefined_risky_roles: type: array items: @@ -5555,7 +5599,7 @@ definitions: criteria: type: array items: - $ref: '#/definitions/RESTAdmRuleCriterion' + $ref: "#/definitions/RESTAdmRuleCriterion" disable: type: boolean example: false @@ -5598,7 +5642,7 @@ definitions: criteria: type: array items: - $ref: '#/definitions/RESTAdmRuleCriterion' + $ref: "#/definitions/RESTAdmRuleCriterion" disable: type: boolean example: true @@ -5627,14 +5671,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTAdmissionRuleConfig' + $ref: "#/definitions/RESTAdmissionRuleConfig" RESTAdmissionRuleData: type: object required: - rule properties: rule: - $ref: '#/definitions/RESTAdmissionRule' + $ref: "#/definitions/RESTAdmissionRule" RESTAdmissionRulesData: type: object required: @@ -5643,7 +5687,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTAdmissionRule' + $ref: "#/definitions/RESTAdmissionRule" RESTAdmissionRuleOption: type: object required: @@ -5679,7 +5723,7 @@ definitions: type: string example: criterion_name options: - $ref: '#/definitions/RESTAdmissionRuleOption' + $ref: "#/definitions/RESTAdmissionRuleOption" RESTAdmRuleCriterion: type: object required: @@ -5699,7 +5743,7 @@ definitions: sub_criteria: type: array items: - $ref: '#/definitions/RESTAdmRuleCriterion' + $ref: "#/definitions/RESTAdmRuleCriterion" type: type: string example: customPath @@ -5724,7 +5768,7 @@ definitions: type: string example: criterion_name options: - $ref: '#/definitions/RESTAdmissionRuleOption' + $ref: "#/definitions/RESTAdmissionRuleOption" RESTAdmRuleTypeOptions: type: object required: @@ -5732,13 +5776,13 @@ definitions: - exception_options properties: deny_options: - $ref: '#/definitions/RESTAdmCatOptions' + $ref: "#/definitions/RESTAdmCatOptions" exception_options: - $ref: '#/definitions/RESTAdmCatOptions' + $ref: "#/definitions/RESTAdmCatOptions" psp_collection: type: array items: - $ref: '#/definitions/RESTAdmRuleCriterion' + $ref: "#/definitions/RESTAdmRuleCriterion" pss_collections: type: object description: map key is domain(string type) @@ -5747,13 +5791,19 @@ definitions: items: type: string example: - restricted: ["Uses illegal volume type.", "Allows running as root user."] - baseline: ["Sets HostNetwork, HostPID, or HostIPC to true.", "Allows privileged container(s)."] + restricted: + ["Uses illegal volume type.", "Allows running as root user."] + baseline: + [ + "Sets HostNetwork, HostPID, or HostIPC to true.", + "Allows privileged container(s).", + ] sigstore_verifiers: type: array items: type: string - example: ["public/verifier1", "private1/verifier1", "private1/verifier2"] + example: + ["public/verifier1", "private1/verifier1", "private1/verifier2"] RESTAdmissionState: type: object properties: @@ -5835,7 +5885,7 @@ definitions: - stats properties: stats: - $ref: '#/definitions/RESTAdmissionStats' + $ref: "#/definitions/RESTAdmissionStats" RESTAgent: type: object required: @@ -5926,7 +5976,7 @@ definitions: - enforcer properties: enforcer: - $ref: '#/definitions/RESTAgent' + $ref: "#/definitions/RESTAgent" RESTAgentsData: type: object required: @@ -5935,7 +5985,7 @@ definitions: enforcers: type: array items: - $ref: '#/definitions/RESTAgent' + $ref: "#/definitions/RESTAgent" RESTAgentConfig: type: object properties: @@ -5963,7 +6013,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTAgentConfig' + $ref: "#/definitions/RESTAgentConfig" RESTAgentStatsData: type: object required: @@ -5979,7 +6029,7 @@ definitions: format: date-time example: 2018-01-18T07:20:15Z stats: - $ref: '#/definitions/RESTStats' + $ref: "#/definitions/RESTStats" RESTAuditsData: type: object required: @@ -5988,7 +6038,7 @@ definitions: audits: type: array items: - $ref: '#/definitions/Audit' + $ref: "#/definitions/Audit" RESTAuthData: type: object required: @@ -5998,9 +6048,9 @@ definitions: type: string example: "" password: - $ref: '#/definitions/RESTAuthPassword' + $ref: "#/definitions/RESTAuthPassword" Token: - $ref: '#/definitions/RESTAuthToken' + $ref: "#/definitions/RESTAuthToken" RESTAuthPassword: type: object required: @@ -6072,7 +6122,7 @@ definitions: - us-west-1 - us-west-2 aws_lambda_resource: - $ref: '#/definitions/RESTAwsLambdaRes' + $ref: "#/definitions/RESTAwsLambdaRes" RESTAwsFuncPermission: type: object required: @@ -6091,7 +6141,11 @@ definitions: type: array items: type: string - example: ["Full Access policy AWSLambdaFullAccess", "In policy AWSLambdaFullAccess : Full Access to dynamodb "] + example: + [ + "Full Access policy AWSLambdaFullAccess", + "In policy AWSLambdaFullAccess : Full Access to dynamodb ", + ] allowed_detail: type: object properties: @@ -6101,7 +6155,7 @@ definitions: value: type: array items: - $ref: '#/definitions/RESTAwsResDetail' + $ref: "#/definitions/RESTAwsResDetail" RESTAwsFunction: type: object required: @@ -6117,7 +6171,7 @@ definitions: report: type: array items: - $ref: '#/definitions/RESTScanAwsFuncReport' + $ref: "#/definitions/RESTScanAwsFuncReport" RESTAwsFuncSummary: type: object required: @@ -6166,7 +6220,7 @@ definitions: func_list: type: array items: - $ref: '#/definitions/RESTAwsFuncSummary' + $ref: "#/definitions/RESTAwsFuncSummary" RESTAwsLambdaRes: type: object required: @@ -6183,7 +6237,7 @@ definitions: type: string example: "" value: - $ref: '#/definitions/RESTAwsLambdaResDetail' + $ref: "#/definitions/RESTAwsLambdaResDetail" RESTAwsResDetail: type: object required: @@ -6224,7 +6278,7 @@ definitions: - us-east-1 - us-east-2 aws_lambda_resource: - $ref: '#/definitions/RESTAwsLambdaRes' + $ref: "#/definitions/RESTAwsLambdaRes" RESTAwsResourceConfig: type: object required: @@ -6341,7 +6395,7 @@ definitions: items: type: array items: - $ref: '#/definitions/RESTBenchItem' + $ref: "#/definitions/RESTBenchItem" RESTCloudResList: type: object required: @@ -6350,7 +6404,7 @@ definitions: cloud_resources: type: array items: - $ref: '#/definitions/RESTAwsCloudRes' + $ref: "#/definitions/RESTAwsCloudRes" RESTCLUSEventCondition: type: object properties: @@ -6390,7 +6444,7 @@ definitions: items: type: array items: - $ref: '#/definitions/RESTBenchItem' + $ref: "#/definitions/RESTBenchItem" RESTComplianceProfile: type: object required: @@ -6407,7 +6461,7 @@ definitions: entries: type: array items: - $ref: '#/definitions/RESTComplianceProfileEntry' + $ref: "#/definitions/RESTComplianceProfileEntry" cfg_type: type: string enum: [user_created, ground] @@ -6425,14 +6479,14 @@ definitions: entries: type: array items: - $ref: '#/definitions/RESTComplianceProfileEntry' + $ref: "#/definitions/RESTComplianceProfileEntry" RESTComplianceProfileConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTComplianceProfileConfig' + $ref: "#/definitions/RESTComplianceProfileConfig" RESTComplianceProfileEntry: type: object required: @@ -6453,14 +6507,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTComplianceProfileEntry' + $ref: "#/definitions/RESTComplianceProfileEntry" RESTComplianceProfileData: type: object required: - profile properties: profile: - $ref: '#/definitions/RESTComplianceProfile' + $ref: "#/definitions/RESTComplianceProfile" RESTComplianceProfilesData: type: object required: @@ -6469,7 +6523,7 @@ definitions: profiles: type: array items: - $ref: '#/definitions/RESTComplianceProfile' + $ref: "#/definitions/RESTComplianceProfile" RESTCompProfilesExport: type: object properties: @@ -6479,7 +6533,7 @@ definitions: type: string example: ["default"] remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTController: type: object required: @@ -6574,7 +6628,7 @@ definitions: - controller properties: controller: - $ref: '#/definitions/RESTController' + $ref: "#/definitions/RESTController" RESTControllerConfig: type: object properties: @@ -6594,7 +6648,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTControllerConfig' + $ref: "#/definitions/RESTControllerConfig" RESTCriteriaEntry: type: object required: @@ -6631,25 +6685,25 @@ definitions: - update properties: add: - $ref: '#/definitions/RESTCustomChecks' + $ref: "#/definitions/RESTCustomChecks" delete: - $ref: '#/definitions/RESTCustomChecks' + $ref: "#/definitions/RESTCustomChecks" update: - $ref: '#/definitions/RESTCustomChecks' + $ref: "#/definitions/RESTCustomChecks" RESTCustomCheckConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTCustomCheckConfig' + $ref: "#/definitions/RESTCustomCheckConfig" RESTCustomCheckData: type: object required: - config properties: config: - $ref: '#/definitions/RESTCustomChecks' + $ref: "#/definitions/RESTCustomChecks" RESTCustomCheckListData: type: object required: @@ -6658,7 +6712,7 @@ definitions: configs: type: array items: - $ref: '#/definitions/RESTCustomChecks' + $ref: "#/definitions/RESTCustomChecks" RESTCustomChecks: type: object required: @@ -6677,7 +6731,7 @@ definitions: scripts: type: array items: - $ref: '#/definitions/RESTCustomCheck' + $ref: "#/definitions/RESTCustomCheck" RESTDlpGroup: type: object required: @@ -6694,7 +6748,7 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTDlpSetting' + $ref: "#/definitions/RESTDlpSetting" RESTDlpGroupConfig: type: object required: @@ -6714,25 +6768,25 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTDlpSetting' + $ref: "#/definitions/RESTDlpSetting" replace: type: array items: - $ref: '#/definitions/RESTDlpSetting' + $ref: "#/definitions/RESTDlpSetting" RESTDlpGroupConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTDlpGroupConfig' + $ref: "#/definitions/RESTDlpGroupConfig" RESTDlpGroupData: type: object required: - dlp_group properties: dlp_group: - $ref: '#/definitions/RESTDlpGroup' + $ref: "#/definitions/RESTDlpGroup" RESTDlpGroupsData: type: object required: @@ -6741,7 +6795,7 @@ definitions: dlp_groups: type: array items: - $ref: '#/definitions/RESTDlpGroup' + $ref: "#/definitions/RESTDlpGroup" RESTDlpRule: type: object required: @@ -6760,7 +6814,7 @@ definitions: patterns: type: array items: - $ref: '#/definitions/RESTCriteriaEntry' + $ref: "#/definitions/RESTCriteriaEntry" cfg_type: type: string enum: [user_created, ground] @@ -6770,7 +6824,7 @@ definitions: - rule properties: rule: - $ref: '#/definitions/RESTDlpRuleDetail' + $ref: "#/definitions/RESTDlpRuleDetail" RESTDlpRuleDetail: type: object required: @@ -6787,7 +6841,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" RESTDlpRulesData: type: object required: @@ -6796,7 +6850,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" RESTDlpSensor: type: object required: @@ -6818,7 +6872,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" comment: type: string example: "Sensor for SSN detection" @@ -6839,15 +6893,15 @@ definitions: change: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" delete: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" rules: type: array items: - $ref: '#/definitions/RESTDlpRule' + $ref: "#/definitions/RESTDlpRule" comment: type: string example: "Sensor for Credit Card detection" @@ -6857,14 +6911,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTDlpSensorConfig' + $ref: "#/definitions/RESTDlpSensorConfig" RESTDlpSensorData: type: object required: - sensor properties: sensor: - $ref: '#/definitions/RESTDlpSensor' + $ref: "#/definitions/RESTDlpSensor" RESTDlpSensorExport: type: object required: @@ -6876,7 +6930,7 @@ definitions: type: string example: [""] remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTDlpSensorsData: type: object required: @@ -6885,7 +6939,7 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTDlpSensor' + $ref: "#/definitions/RESTDlpSensor" RESTDlpSetting: type: object required: @@ -6951,7 +7005,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTDomainConfig' + $ref: "#/definitions/RESTDomainConfig" RESTDomainsData: type: object required: @@ -6961,7 +7015,7 @@ definitions: domains: type: array items: - $ref: '#/definitions/RESTDomain' + $ref: "#/definitions/RESTDomain" tag_per_domain: type: boolean example: false @@ -6984,7 +7038,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTDomainEntryConfig' + $ref: "#/definitions/RESTDomainEntryConfig" RESTError: type: object required: @@ -7002,9 +7056,9 @@ definitions: type: string example: Invalid format password_profile_basic: - $ref: '#/definitions/RESTPwdProfileBasic' + $ref: "#/definitions/RESTPwdProfileBasic" import_task_data: - $ref: '#/definitions/RESTImportTaskData' + $ref: "#/definitions/RESTImportTaskData" RESTEULA: type: object required: @@ -7018,7 +7072,7 @@ definitions: - eula properties: eula: - $ref: '#/definitions/RESTEULA' + $ref: "#/definitions/RESTEULA" bootstrap_password_command: type: string description: kubectl command for retrieving bootstrap password of default admin user @@ -7033,36 +7087,36 @@ definitions: events: type: array items: - $ref: '#/definitions/Event' + $ref: "#/definitions/Event" RESTFedSystemConfig: type: object required: - webhooks properties: webhooks: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" RESTFileMonitorConfig: type: object properties: add_filters: type: array items: - $ref: '#/definitions/RESTFileMonitorFilterConfig' + $ref: "#/definitions/RESTFileMonitorFilterConfig" delete_filters: type: array items: - $ref: '#/definitions/RESTFileMonitorFilterConfig' + $ref: "#/definitions/RESTFileMonitorFilterConfig" update_filters: type: array items: - $ref: '#/definitions/RESTFileMonitorFilterConfig' + $ref: "#/definitions/RESTFileMonitorFilterConfig" RESTFileMonitorConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTFileMonitorConfig' + $ref: "#/definitions/RESTFileMonitorConfig" RESTFileMonitorFile: type: object required: @@ -7098,7 +7152,7 @@ definitions: files: type: array items: - $ref: '#/definitions/RESTFileMonitorFile' + $ref: "#/definitions/RESTFileMonitorFile" RESTFileMonitorFilterConfig: type: object required: @@ -7185,11 +7239,11 @@ definitions: criteria: type: array items: - $ref: '#/definitions/RESTCriteriaEntry' + $ref: "#/definitions/RESTCriteriaEntry" members: type: array items: - $ref: '#/definitions/RESTWorkloadBrief' + $ref: "#/definitions/RESTWorkloadBrief" policy_rules: type: array items: @@ -7299,7 +7353,7 @@ definitions: - group properties: group: - $ref: '#/definitions/RESTGroupDetail' + $ref: "#/definitions/RESTGroupDetail" RESTGroupDetail: type: object required: @@ -7371,19 +7425,19 @@ definitions: criteria: type: array items: - $ref: '#/definitions/RESTCriteriaEntry' + $ref: "#/definitions/RESTCriteriaEntry" members: type: array items: - $ref: '#/definitions/RESTWorkloadBrief' + $ref: "#/definitions/RESTWorkloadBrief" policy_rules: type: array items: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" response_rules: type: array items: - $ref: '#/definitions/RESTResponseRule' + $ref: "#/definitions/RESTResponseRule" RESTGroupsData: type: object required: @@ -7392,7 +7446,7 @@ definitions: groups: type: array items: - $ref: '#/definitions/RESTGroup' + $ref: "#/definitions/RESTGroup" RESTGroupConfig: type: object required: @@ -7405,7 +7459,7 @@ definitions: criteria: type: array items: - $ref: '#/definitions/RESTCriteriaEntry' + $ref: "#/definitions/RESTCriteriaEntry" cfg_type: type: string enum: [learned, user_created, ground, federal] @@ -7415,7 +7469,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTGroupConfig' + $ref: "#/definitions/RESTGroupConfig" RESTGroupExport: type: object required: @@ -7439,7 +7493,7 @@ definitions: example: Monitor enum: [Learn, Monitor, Protect] remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTHost: type: object required: @@ -7510,7 +7564,7 @@ definitions: additionalProperties: type: array items: - $ref: '#/definitions/RESTIPAddr' + $ref: "#/definitions/RESTIPAddr" state: type: string example: "" @@ -7533,7 +7587,7 @@ definitions: type: string example: Discover scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" storage_driver: type: string example: aufs @@ -7559,14 +7613,14 @@ definitions: hosts: type: array items: - $ref: '#/definitions/RESTHost' + $ref: "#/definitions/RESTHost" RESTHostData: type: object required: - host properties: host: - $ref: '#/definitions/RESTHost' + $ref: "#/definitions/RESTHost" RESTIDName: type: object required: @@ -7632,7 +7686,7 @@ definitions: - data properties: data: - $ref: '#/definitions/RESTImportTask' + $ref: "#/definitions/RESTImportTask" RESTIncidentsData: type: object required: @@ -7641,7 +7695,7 @@ definitions: incidents: type: array items: - $ref: '#/definitions/Incident' + $ref: "#/definitions/Incident" RESTIPAddr: type: object required: @@ -7816,7 +7870,7 @@ definitions: - request properties: request: - $ref: '#/definitions/RESTPolicyPromoteRequest' + $ref: "#/definitions/RESTPolicyPromoteRequest" RESTPolicyRule: type: object required: @@ -7896,13 +7950,13 @@ definitions: type: object properties: move: - $ref: '#/definitions/RESTPolicyRuleMove' + $ref: "#/definitions/RESTPolicyRuleMove" insert: - $ref: '#/definitions/RESTPolicyRuleInsert' + $ref: "#/definitions/RESTPolicyRuleInsert" rules: type: array items: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" delete: type: array items: @@ -7958,7 +8012,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTPolicyRuleConfig' + $ref: "#/definitions/RESTPolicyRuleConfig" replicate: type: boolean example: true @@ -7968,7 +8022,7 @@ definitions: - rule properties: rule: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" RESTPolicyRulesData: type: object required: @@ -7977,7 +8031,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" RESTPolicyRuleInsert: type: object required: @@ -7989,7 +8043,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" RESTPolicyRuleMove: type: object required: @@ -8010,7 +8064,7 @@ definitions: violations: type: array items: - $ref: '#/definitions/Violation' + $ref: "#/definitions/Violation" RESTPolicyViolationsWLData: type: object required: @@ -8019,7 +8073,7 @@ definitions: violation_workloads: type: array items: - $ref: '#/definitions/RESTViolationWorkload' + $ref: "#/definitions/RESTViolationWorkload" RESTProcessInfo: type: object required: @@ -8081,7 +8135,7 @@ definitions: processes: type: array items: - $ref: '#/definitions/RESTProcessInfo' + $ref: "#/definitions/RESTProcessInfo" RESTProcessProfileEntry: type: object required: @@ -8148,14 +8202,14 @@ definitions: process_list: type: array items: - $ref: '#/definitions/RESTProcessProfileEntry' + $ref: "#/definitions/RESTProcessProfileEntry" RESTProcessProfileData: type: object required: - process_profile properties: process_profile: - $ref: '#/definitions/RESTProcessProfile' + $ref: "#/definitions/RESTProcessProfile" RESTProcessProfilesData: type: object required: @@ -8164,7 +8218,7 @@ definitions: process_profiles: type: array items: - $ref: '#/definitions/RESTProcessProfile' + $ref: "#/definitions/RESTProcessProfile" RESTProcessProfileConfig: type: object required: @@ -8182,25 +8236,25 @@ definitions: process_change_list: type: array items: - $ref: '#/definitions/RESTProcessProfileEntryConfig' + $ref: "#/definitions/RESTProcessProfileEntryConfig" process_delete_list: type: array items: - $ref: '#/definitions/RESTProcessProfileEntryConfig' + $ref: "#/definitions/RESTProcessProfileEntryConfig" RESTProcessProfileConfigData: type: object required: - process_profile_config properties: process_profile_config: - $ref: '#/definitions/RESTProcessProfileConfig' + $ref: "#/definitions/RESTProcessProfileConfig" RESTProcessRulesResp: type: object properties: process_rules: type: array items: - $ref: '#/definitions/RESTProcessUuidEntry' + $ref: "#/definitions/RESTProcessUuidEntry" RESTProcessUuidEntry: type: object properties: @@ -8211,7 +8265,7 @@ definitions: type: string example: nodes rule: - $ref: '#/definitions/RESTProcessProfileEntry' + $ref: "#/definitions/RESTProcessProfileEntry" RESTAWSAccountKey: type: object required: @@ -8296,13 +8350,13 @@ definitions: type: integer example: 1 schedule: - $ref: '#/definitions/RESTScanSchedule' + $ref: "#/definitions/RESTScanSchedule" aws_key: - $ref: '#/definitions/RESTAWSAccountKeyConfig' + $ref: "#/definitions/RESTAWSAccountKeyConfig" jfrog_xray: - $ref: '#/definitions/RESTJfrogXrayConfig' + $ref: "#/definitions/RESTJfrogXrayConfig" gcr_key: - $ref: '#/definitions/RESTGCRKeyConfig' + $ref: "#/definitions/RESTGCRKeyConfig" jfrog_mode: type: string example: "" @@ -8330,7 +8384,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTRegistryConfig' + $ref: "#/definitions/RESTRegistryConfig" RESTRegistryImageSummary: type: object required: @@ -8384,7 +8438,8 @@ definitions: type: array items: type: string - example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] + example: + ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type @@ -8442,7 +8497,7 @@ definitions: images: type: array items: - $ref: '#/definitions/RESTRegistryImageSummary' + $ref: "#/definitions/RESTRegistryImageSummary" RESTRegistryConfigAuth: type: object properties: @@ -8460,9 +8515,9 @@ definitions: type: boolean example: true aws_key: - $ref: '#/definitions/RESTAWSAccountKeyConfig' + $ref: "#/definitions/RESTAWSAccountKeyConfig" gcr_key: - $ref: '#/definitions/RESTGCRKeyConfig' + $ref: "#/definitions/RESTGCRKeyConfig" RESTRegistryConfigScan: type: object properties: @@ -8479,7 +8534,7 @@ definitions: type: integer example: 1 schedule: - $ref: '#/definitions/RESTScanSchedule' + $ref: "#/definitions/RESTScanSchedule" ignore_proxy: type: boolean example: false @@ -8530,18 +8585,18 @@ definitions: type: string example: neuvector/*:* auth: - $ref: '#/definitions/RESTRegistryConfigAuth' + $ref: "#/definitions/RESTRegistryConfigAuth" scan: - $ref: '#/definitions/RESTRegistryConfigScan' + $ref: "#/definitions/RESTRegistryConfigScan" integrations: - $ref: '#/definitions/RESTRegistryConfigIntegrations' + $ref: "#/definitions/RESTRegistryConfigIntegrations" RESTRegistryConfigDataV2: type: object required: - config properties: config: - $ref: '#/definitions/RESTRegistryConfigV2' + $ref: "#/definitions/RESTRegistryConfigV2" RESTProxy: type: object required: @@ -8604,7 +8659,8 @@ definitions: type: array items: type: string - example: ["-----BEGIN CERTIFICATE-----...", "-----BEGIN CERTIFICATE-----..."] + example: + ["-----BEGIN CERTIFICATE-----...", "-----BEGIN CERTIFICATE-----..."] RESTSystemConfigAutoscaleConfig: type: object properties: @@ -8692,13 +8748,13 @@ definitions: type: boolean example: false registry_http_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_https_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_http_proxy_cfg: - $ref: '#/definitions/RESTProxyConfig' + $ref: "#/definitions/RESTProxyConfig" registry_https_proxy_cfg: - $ref: '#/definitions/RESTProxyConfig' + $ref: "#/definitions/RESTProxyConfig" RESTSystemConfigIBMSAVCfg2: type: object properties: @@ -8885,14 +8941,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTPwdProfileConfig' + $ref: "#/definitions/RESTPwdProfileConfig" RESTPwdProfileData: type: object required: - pwd_profile properties: pwd_profile: - $ref: '#/definitions/RESTPwdProfile' + $ref: "#/definitions/RESTPwdProfile" RESTPwdProfilesData: type: object @@ -8903,7 +8959,7 @@ definitions: pwd_profiles: type: array items: - $ref: '#/definitions/RESTPwdProfile' + $ref: "#/definitions/RESTPwdProfile" active_profile_name: type: string example: default @@ -8976,13 +9032,13 @@ definitions: type: integer example: 1 schedule: - $ref: '#/definitions/RESTScanSchedule' + $ref: "#/definitions/RESTScanSchedule" aws_key: - $ref: '#/definitions/RESTAWSAccountKey' + $ref: "#/definitions/RESTAWSAccountKey" jfrog_xray: - $ref: '#/definitions/RESTJfrogXray' + $ref: "#/definitions/RESTJfrogXray" gcr_key: - $ref: '#/definitions/RESTGCRKey' + $ref: "#/definitions/RESTGCRKey" jfrog_mode: type: string example: "" @@ -9043,7 +9099,7 @@ definitions: - summary properties: summary: - $ref: '#/definitions/RESTRegistrySummary' + $ref: "#/definitions/RESTRegistrySummary" RESTRegistrySummaryListData: type: object required: @@ -9052,7 +9108,7 @@ definitions: summarys: type: array items: - $ref: '#/definitions/RESTRegistrySummary' + $ref: "#/definitions/RESTRegistrySummary" RESTResponseRule: type: object required: @@ -9082,7 +9138,7 @@ definitions: conditions: type: array items: - $ref: '#/definitions/RESTCLUSEventCondition' + $ref: "#/definitions/RESTCLUSEventCondition" actions: type: array items: @@ -9105,7 +9161,7 @@ definitions: - rule properties: rule: - $ref: '#/definitions/RESTResponseRule' + $ref: "#/definitions/RESTResponseRule" RESTResponseRulesData: type: object required: @@ -9114,7 +9170,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTResponseRule' + $ref: "#/definitions/RESTResponseRule" RESTResponseRuleConfig: type: object required: @@ -9137,7 +9193,7 @@ definitions: conditions: type: array items: - $ref: '#/definitions/RESTCLUSEventCondition' + $ref: "#/definitions/RESTCLUSEventCondition" actions: type: array items: @@ -9160,7 +9216,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTResponseRuleConfig' + $ref: "#/definitions/RESTResponseRuleConfig" RESTResponseRuleInsert: type: object required: @@ -9172,12 +9228,12 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTResponseRule' + $ref: "#/definitions/RESTResponseRule" RESTResponseRuleActionData: type: object properties: insert: - $ref: '#/definitions/RESTResponseRuleInsert' + $ref: "#/definitions/RESTResponseRuleInsert" RESTResponseRulesExport: type: object properties: @@ -9188,7 +9244,7 @@ definitions: format: uint32 example: 12 remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTRolePermission: type: object required: @@ -9232,9 +9288,9 @@ definitions: - scan_report properties: scan_brief: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" scan_report: - $ref: '#/definitions/RESTScanReport' + $ref: "#/definitions/RESTScanReport" RESTScanAwsFuncReport: type: object required: @@ -9255,7 +9311,7 @@ definitions: type: string example: "1" scan_result: - $ref: '#/definitions/RESTScanAwsFuncDetail' + $ref: "#/definitions/RESTScanAwsFuncDetail" allowed_resources: type: object properties: @@ -9263,7 +9319,7 @@ definitions: type: string example: AWSLambdaFullAccess value: - $ref: '#/definitions/RESTAwsFuncPermission' + $ref: "#/definitions/RESTAwsFuncPermission" req_resources: type: object properties: @@ -9271,7 +9327,7 @@ definitions: type: string example: value: - $ref: '#/definitions/RESTAwsFuncPermission' + $ref: "#/definitions/RESTAwsFuncPermission" RESTScanBrief: type: object required: @@ -9354,14 +9410,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTScanConfigConfig' + $ref: "#/definitions/RESTScanConfigConfig" RESTScanConfigResp: type: object required: - config properties: config: - $ref: '#/definitions/RESTScanConfig' + $ref: "#/definitions/RESTScanConfig" RESTScanImageSummaryData: type: object required: @@ -9370,7 +9426,7 @@ definitions: images: type: array items: - $ref: '#/definitions/RESTScanImageSummary' + $ref: "#/definitions/RESTScanImageSummary" RESTScanImageSummary: type: object required: @@ -9445,7 +9501,7 @@ definitions: vulnerabilities: type: array items: - $ref: '#/definitions/RESTVulnerability' + $ref: "#/definitions/RESTVulnerability" size: type: integer format: int64 @@ -9458,14 +9514,14 @@ definitions: layers: type: array items: - $ref: '#/definitions/RESTScanLayer' + $ref: "#/definitions/RESTScanLayer" RESTScanLayersReportData: type: object required: - report properties: report: - $ref: '#/definitions/RESTScanLayersReport' + $ref: "#/definitions/RESTScanLayersReport" RESTScanMeta: type: object required: @@ -9506,7 +9562,7 @@ definitions: example: openssl file: type: string - example: example.jar + example: example.jar version: type: string example: "1.011" @@ -9516,7 +9572,7 @@ definitions: cves: type: array items: - $ref: '#/definitions/RESTModuleCve' + $ref: "#/definitions/RESTModuleCve" cpes: type: array items: @@ -9556,7 +9612,7 @@ definitions: scanners: type: array items: - $ref: '#/definitions/RESTScanner' + $ref: "#/definitions/RESTScanner" RESTScanPackageReqData: type: object required: @@ -9589,7 +9645,7 @@ definitions: application_packages: type: array items: - $ref: '#/definitions/RESTScanAppPackage' + $ref: "#/definitions/RESTScanAppPackage" RESTScanPkgReport: type: object required: @@ -9615,14 +9671,14 @@ definitions: vulnerabilities: type: array items: - $ref: '#/definitions/RESTVulnerability' + $ref: "#/definitions/RESTVulnerability" RESTScanPkgReportData: type: object required: - report properties: report: - $ref: '#/definitions/RESTScanPkgReport' + $ref: "#/definitions/RESTScanPkgReport" RESTScanPlatformSummary: type: object required: @@ -9693,28 +9749,29 @@ definitions: vulnerabilities: type: array items: - $ref: '#/definitions/RESTVulnerability' + $ref: "#/definitions/RESTVulnerability" modules: type: array items: - $ref: '#/definitions/RESTScanModule' + $ref: "#/definitions/RESTScanModule" checks: type: array items: - $ref: '#/definitions/RESTBenchItem' + $ref: "#/definitions/RESTBenchItem" secrets: type: array items: - $ref: '#/definitions/RESTScanSecret' + $ref: "#/definitions/RESTScanSecret" setid_perms: type: array items: - $ref: '#/definitions/RESTScanSetIdPerm' + $ref: "#/definitions/RESTScanSetIdPerm" envs: type: array items: type: string - example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] + example: + ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type @@ -9728,13 +9785,184 @@ definitions: items: type: string example: "" + RESTScanReportCursor: + type: object + properties: + name: + type: string + host_name: + type: string + domain: + type: string + cve_name: + type: string + cve_package: + type: string + RESTVulScoreFilter: + type: object + required: + - score_version + - score_bottom + - score_top + properties: + score_version: + type: string + score_bottom: + type: number + score_top: + type: number + RESTAssetsScanReportFilter: + type: object + required: + - name + - op + - value + properties: + name: + type: string + op: + type: string + value: + type: array + items: + type: string + RESTAssetsScanReportQuery: + type: object + properties: + show_accepted: + type: boolean + max_cve_records: + type: integer + cursor: + $ref: "#/definitions/RESTScanReportCursor" + view_pod: + type: string + vul_score_filter: + $ref: "#/definitions/RESTVulScoreFilter" + filters: + type: array + items: + $ref: "#/definitions/RESTAssetsScanReportFilter" + RESTAssetScanData: + type: object + required: + - workload_name + - workload_domain + - workload_image + - workload_image_id + - host_name + - name + - score + - severity + - vectors + - description + - file_name + - package_name + - package_version + - fixed_version + - link + - score_v3 + - vectors_v3 + - published_timestamp + - last_modified_timestamp + - feed_rating + - in_base_image + properties: + workload_name: + type: string + workload_domain: + type: string + workload_host_name: + type: string + workload_image: + type: string + workload_image_id: + type: string + host_name: + type: string + name: + type: string + example: CVE-2015-8356 + score: + type: number + format: float32 + example: 7.2 + severity: + type: string + example: High + vectors: + type: string + example: "" + description: + type: string + example: "The setup_env function in group.c in sshd in OpenSSH allows local users to gain privileges." + file_name: + type: string + example: "usr/lib/python3.9" + package_name: + type: string + example: openssh + package_version: + type: string + example: 7.2_p2-r0 + fixed_version: + type: string + example: 1:7.2p2-3 + link: + type: string + example: https://security-tracker.debian.org/tracker/CVE-2015-8356 + score_v3: + type: number + format: float32 + example: 7.3 + vectors_v3: + type: string + example: "" + published_timestamp: + type: integer + format: int64 + example: 1516561260 + last_modified_timestamp: + type: integer + format: int64 + example: 1516561253 + cpes: + type: array + items: + type: string + example: "" + cves: + type: array + items: + type: string + example: "" + feed_rating: + type: string + example: "" + in_base_image: + type: boolean + example: true + tags: + type: array + items: + type: string + example: "" + RESTAssetScanReportData: + type: object + properties: + cursor: + $ref: "#/definitions/RESTScanReportCursor" + scan_data: + type: array + items: + $ref: "#/definitions/RESTAssetScanData" RESTScanReportData: type: object required: - report properties: report: - $ref: '#/definitions/RESTScanReport' + $ref: "#/definitions/RESTScanReport" RESTScanRepoReport: type: object required: @@ -9797,20 +10025,21 @@ definitions: layers: type: array items: - $ref: '#/definitions/RESTScanLayer' + $ref: "#/definitions/RESTScanLayer" vulnerabilities: type: array items: - $ref: '#/definitions/RESTVulnerability' + $ref: "#/definitions/RESTVulnerability" modules: type: array items: - $ref: '#/definitions/RESTScanModule' + $ref: "#/definitions/RESTScanModule" envs: type: array items: type: string - example: ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] + example: + ["PATH=/usr/local/sbin", "GOSU_VERSION=1.12", "REDIS_VERSION=6.0.2"] labels: type: object description: map key is string type @@ -9825,7 +10054,7 @@ definitions: - report properties: report: - $ref: '#/definitions/RESTScanRepoReport' + $ref: "#/definitions/RESTScanRepoReport" RESTScanRepoReq: type: object required: @@ -9837,7 +10066,7 @@ definitions: - base_image properties: metadata: - $ref: '#/definitions/RESTScanMeta' + $ref: "#/definitions/RESTScanMeta" registry: type: string example: https://registry.hub.docker.com/ @@ -9866,7 +10095,7 @@ definitions: - request properties: request: - $ref: '#/definitions/RESTScanRepoReq' + $ref: "#/definitions/RESTScanRepoReq" RESTScanSchedule: type: object required: @@ -10018,7 +10247,7 @@ definitions: type: string example: Discover scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" quarantine_reason: type: string example: violation @@ -10066,14 +10295,14 @@ definitions: children: type: array items: - $ref: '#/definitions/RESTScanSummary' + $ref: "#/definitions/RESTScanSummary" RESTScanStatusData: type: object required: - status properties: status: - $ref: '#/definitions/RESTScanStatus' + $ref: "#/definitions/RESTScanStatus" RESTScanCacheStat: type: object required: @@ -10109,7 +10338,7 @@ definitions: cache_records: type: array items: - $ref: '#/definitions/RESTScanCacheRecord' + $ref: "#/definitions/RESTScanCacheRecord" record_total_size: type: integer format: uint64 @@ -10155,15 +10384,15 @@ definitions: threats: type: array items: - $ref: '#/definitions/Threat' + $ref: "#/definitions/Threat" incidents: type: array items: - $ref: '#/definitions/Incident' + $ref: "#/definitions/Incident" violations: type: array items: - $ref: '#/definitions/Violation' + $ref: "#/definitions/Violation" RESTServerLDAP: type: object required: @@ -10230,7 +10459,7 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" RESTServerOIDC: type: object required: @@ -10293,7 +10522,7 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" RESTServerOIDCConfig: type: object required: @@ -10343,7 +10572,7 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" RESTServerSAML: type: object required: @@ -10385,11 +10614,11 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" x509_certs: type: array items: - $ref: '#/definitions/RESTX509CertInfo' + $ref: "#/definitions/RESTX509CertInfo" slo_enabled: type: boolean example: true @@ -10412,18 +10641,18 @@ definitions: type: string example: ldap ldap: - $ref: '#/definitions/RESTServerLDAP' + $ref: "#/definitions/RESTServerLDAP" saml: - $ref: '#/definitions/RESTServerSAML' + $ref: "#/definitions/RESTServerSAML" oidc: - $ref: '#/definitions/RESTServerOIDC' + $ref: "#/definitions/RESTServerOIDC" RESTServerData: type: object required: - server properties: server: - $ref: '#/definitions/RESTServer' + $ref: "#/definitions/RESTServer" RESTServersData: type: object required: @@ -10432,9 +10661,9 @@ definitions: servers: type: array items: - $ref: '#/definitions/RESTServer' + $ref: "#/definitions/RESTServer" mappable_role: - $ref: '#/definitions/RESTMappableRoles' + $ref: "#/definitions/RESTMappableRoles" RESTServerLDAPConfig: type: object properties: @@ -10489,7 +10718,7 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" RESTServerSAMLConfig: type: object required: @@ -10529,12 +10758,16 @@ definitions: group_mapped_roles: type: array items: - $ref: '#/definitions/GroupRoleMapping' + $ref: "#/definitions/GroupRoleMapping" x509_cert_extra: type: array items: type: string - example: ["E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF", "E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF"] + example: + [ + "E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF", + "E7B0OS/N3KMVCL6KNMZ2+LOV90S7854NSD84P0BF", + ] slo_enabled: type: boolean example: true @@ -10556,18 +10789,18 @@ definitions: type: string example: ad ldap: - $ref: '#/definitions/RESTServerLDAPConfig' + $ref: "#/definitions/RESTServerLDAPConfig" saml: - $ref: '#/definitions/RESTServerSAMLConfig' + $ref: "#/definitions/RESTServerSAMLConfig" oidc: - $ref: '#/definitions/RESTServerOIDCConfig' + $ref: "#/definitions/RESTServerOIDCConfig" RESTServerConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTServerConfig' + $ref: "#/definitions/RESTServerConfig" RESTServerRoleGroupsConfig: type: object required: @@ -10592,7 +10825,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTServerRoleGroupsConfig' + $ref: "#/definitions/RESTServerRoleGroupsConfig" RESTService: type: object required: @@ -10634,17 +10867,17 @@ definitions: members: type: array items: - $ref: '#/definitions/RESTWorkloadBrief' + $ref: "#/definitions/RESTWorkloadBrief" policy_rules: type: array items: - $ref: '#/definitions/RESTPolicyRule' + $ref: "#/definitions/RESTPolicyRule" response_rules: type: array items: - $ref: '#/definitions/RESTResponseRule' + $ref: "#/definitions/RESTResponseRule" service_addr: - $ref: '#/definitions/RESTIPPort' + $ref: "#/definitions/RESTIPPort" ingress_exposure: type: boolean example: true @@ -10666,7 +10899,7 @@ definitions: - service properties: service: - $ref: '#/definitions/RESTService' + $ref: "#/definitions/RESTService" RESTServicesData: type: object required: @@ -10675,7 +10908,7 @@ definitions: services: type: array items: - $ref: '#/definitions/RESTService' + $ref: "#/definitions/RESTService" RESTServiceConfig: type: object required: @@ -10707,7 +10940,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTServiceConfig' + $ref: "#/definitions/RESTServiceConfig" RESTServiceBatchConfig: type: object properties: @@ -10731,7 +10964,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTServiceBatchConfig' + $ref: "#/definitions/RESTServiceBatchConfig" RESTSnifferArgs: type: object properties: @@ -10752,14 +10985,14 @@ definitions: - sniffer properties: sniffer: - $ref: '#/definitions/RESTSnifferArgs' + $ref: "#/definitions/RESTSnifferArgs" RESTSnifferData: type: object required: - sniffer properties: sniffer: - $ref: '#/definitions/RESTSnifferInfo' + $ref: "#/definitions/RESTSnifferInfo" RESTSniffersData: type: object required: @@ -10768,7 +11001,7 @@ definitions: sniffers: type: array items: - $ref: '#/definitions/RESTSnifferInfo' + $ref: "#/definitions/RESTSnifferInfo" RESTSnifferInfo: type: object required: @@ -10827,13 +11060,13 @@ definitions: format: uint32 example: 5 total: - $ref: '#/definitions/RESTMetry' + $ref: "#/definitions/RESTMetry" span_1: - $ref: '#/definitions/RESTMetry' + $ref: "#/definitions/RESTMetry" span_12: - $ref: '#/definitions/RESTMetry' + $ref: "#/definitions/RESTMetry" span_60: - $ref: '#/definitions/RESTMetry' + $ref: "#/definitions/RESTMetry" RESTSysAtmoConfigConfig: type: object properties: @@ -10976,7 +11209,7 @@ definitions: webhooks: type: array items: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" cluster_name: type: string example: cluster1 @@ -11005,9 +11238,9 @@ definitions: type: boolean example: false registry_http_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_https_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" ibmsa_ep_enabled: type: boolean example: false @@ -11045,7 +11278,7 @@ definitions: format: int64 example: 1505755716 scanner_autoscale: - $ref: '#/definitions/RESTSystemConfigAutoscale' + $ref: "#/definitions/RESTSystemConfigAutoscale" no_telemetry_report: type: boolean example: false @@ -11211,13 +11444,13 @@ definitions: type: boolean example: false registry_http_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_https_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_http_proxy_cfg: - $ref: '#/definitions/RESTProxyConfig' + $ref: "#/definitions/RESTProxyConfig" registry_https_proxy_cfg: - $ref: '#/definitions/RESTProxyConfig' + $ref: "#/definitions/RESTProxyConfig" RESTSystemConfigSyslogV2: type: object required: @@ -11285,43 +11518,43 @@ definitions: - scanner_autoscale properties: new_svc: - $ref: '#/definitions/RESTSystemConfigNewSvcV2' + $ref: "#/definitions/RESTSystemConfigNewSvcV2" syslog: - $ref: '#/definitions/RESTSystemConfigSyslogV2' + $ref: "#/definitions/RESTSystemConfigSyslogV2" auth: - $ref: '#/definitions/RESTSystemConfigAuthV2' + $ref: "#/definitions/RESTSystemConfigAuthV2" misc: - $ref: '#/definitions/RESTSystemConfigMiscV2' + $ref: "#/definitions/RESTSystemConfigMiscV2" webhooks: type: array items: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" proxy: - $ref: '#/definitions/RESTSystemConfigProxyV2' + $ref: "#/definitions/RESTSystemConfigProxyV2" ibmsa: - $ref: '#/definitions/RESTSystemConfigIBMSAV2' + $ref: "#/definitions/RESTSystemConfigIBMSAV2" net_svc: - $ref: '#/definitions/RESTSystemConfigNetSvcV2' + $ref: "#/definitions/RESTSystemConfigNetSvcV2" mode_auto: - $ref: '#/definitions/RESTSystemConfigModeAutoV2' + $ref: "#/definitions/RESTSystemConfigModeAutoV2" scanner_autoscale: - $ref: '#/definitions/RESTSystemConfigAutoscale' + $ref: "#/definitions/RESTSystemConfigAutoscale" tls_cfg: - $ref: '#/definitions/RESTSystemConfigTls' + $ref: "#/definitions/RESTSystemConfigTls" RESTSystemConfigData: type: object properties: config: - $ref: '#/definitions/RESTSystemConfig' + $ref: "#/definitions/RESTSystemConfig" fed_config: - $ref: '#/definitions/RESTFedSystemConfig' + $ref: "#/definitions/RESTFedSystemConfig" RESTSystemConfigDataV2: type: object properties: config: - $ref: '#/definitions/RESTSystemConfigV2' + $ref: "#/definitions/RESTSystemConfigV2" fed_config: - $ref: '#/definitions/RESTFedSystemConfig' + $ref: "#/definitions/RESTFedSystemConfig" RESTUpgradeInfo: type: object properties: @@ -11338,9 +11571,9 @@ definitions: type: object properties: min_upgrade_version: - $ref: '#/definitions/RESTUpgradeInfo' + $ref: "#/definitions/RESTUpgradeInfo" max_upgrade_version: - $ref: '#/definitions/RESTUpgradeInfo' + $ref: "#/definitions/RESTUpgradeInfo" RESTNvAlert: type: object properties: @@ -11359,36 +11592,40 @@ definitions: data: type: array items: - $ref: '#/definitions/RESTNvAlert' + $ref: "#/definitions/RESTNvAlert" RESTNvAcceptableAlerts: type: object properties: clusterrole_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" clusterrolebinding_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" role_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" rolebinding_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" neuvector_crd_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" certificate_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" other_alerts: - $ref: '#/definitions/RESTNvAlertGroup' + $ref: "#/definitions/RESTNvAlertGroup" RESTNvAlerts: type: object properties: neuvector_upgrade_info: - $ref: '#/definitions/RESTCheckUpgradeInfo' + $ref: "#/definitions/RESTCheckUpgradeInfo" acceptable_alerts: - $ref: '#/definitions/RESTNvAcceptableAlerts' + $ref: "#/definitions/RESTNvAcceptableAlerts" accepted_alerts: type: array items: type: string - example: ["Managed cluster cluster.local-42 is disconnected from primary cluster", "Internal CA certificate will be expired in 180 days"] + example: + [ + "Managed cluster cluster.local-42 is disconnected from primary cluster", + "Internal CA certificate will be expired in 180 days", + ] RESTSystemConfigConfig: type: object properties: @@ -11453,7 +11690,7 @@ definitions: webhooks: type: array items: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" cluster_name: type: string example: cluster1 @@ -11479,9 +11716,9 @@ definitions: type: boolean example: false registry_http_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" registry_https_proxy: - $ref: '#/definitions/RESTProxy' + $ref: "#/definitions/RESTProxy" ibmsa_ep_enabled: type: boolean example: false @@ -11492,72 +11729,72 @@ definitions: type: boolean example: false scanner_autoscale: - $ref: '#/definitions/RESTSystemConfigAutoscale' + $ref: "#/definitions/RESTSystemConfigAutoscale" no_telemetry_report: type: boolean example: false remote_repositories: type: array items: - $ref: '#/definitions/RESTRemoteRepository' + $ref: "#/definitions/RESTRemoteRepository" RESTSystemConfigConfigV2: type: object properties: svc_cfg: - $ref: '#/definitions/RESTSystemConfigSvcCfgV2' + $ref: "#/definitions/RESTSystemConfigSvcCfgV2" syslog_cfg: - $ref: '#/definitions/RESTSystemConfigSyslogCfgV2' + $ref: "#/definitions/RESTSystemConfigSyslogCfgV2" auth_cfg: - $ref: '#/definitions/RESTSystemConfigAuthCfgV2' + $ref: "#/definitions/RESTSystemConfigAuthCfgV2" proxy_cfg: - $ref: '#/definitions/RESTSystemConfigProxyCfgV2' + $ref: "#/definitions/RESTSystemConfigProxyCfgV2" webhooks: type: array items: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" ibmsa_cfg: - $ref: '#/definitions/RESTSystemConfigIBMSAVCfg2' + $ref: "#/definitions/RESTSystemConfigIBMSAVCfg2" scanner_autoscale_cfg: - $ref: '#/definitions/RESTSystemConfigAutoscaleConfig' + $ref: "#/definitions/RESTSystemConfigAutoscaleConfig" remote_repositories: type: array items: - $ref: '#/definitions/RESTRemoteRepository' + $ref: "#/definitions/RESTRemoteRepository" misc_cfg: - $ref: '#/definitions/RESTSystemConfigMiscCfgV2' + $ref: "#/definitions/RESTSystemConfigMiscCfgV2" tls_cfg: - $ref: '#/definitions/RESTSystemConfigTls' + $ref: "#/definitions/RESTSystemConfigTls" RESTFedSystemConfigConfig: type: object properties: webhooks: type: array items: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" RESTSystemConfigConfigData: type: object description: it leverages RESTSystemConfigConfigData in apis.go properties: config: - $ref: '#/definitions/RESTSystemConfigConfig' + $ref: "#/definitions/RESTSystemConfigConfig" fed_config: - $ref: '#/definitions/RESTFedSystemConfigConfig' + $ref: "#/definitions/RESTFedSystemConfigConfig" net_config: - $ref: '#/definitions/RESTSysNetConfigConfig' + $ref: "#/definitions/RESTSysNetConfigConfig" atmo_config: - $ref: '#/definitions/RESTSysAtmoConfigConfig' + $ref: "#/definitions/RESTSysAtmoConfigConfig" RESTSystemConfigConfigDataV2: type: object description: it leverages RESTSystemConfigConfigData in apis.go properties: config_v2: - $ref: '#/definitions/RESTSystemConfigConfigV2' + $ref: "#/definitions/RESTSystemConfigConfigV2" fed_config: - $ref: '#/definitions/RESTFedSystemConfigConfig' + $ref: "#/definitions/RESTFedSystemConfigConfig" net_config: - $ref: '#/definitions/RESTSysNetConfigConfig' + $ref: "#/definitions/RESTSysNetConfigConfig" atmo_config: - $ref: '#/definitions/RESTSysAtmoConfigConfig' + $ref: "#/definitions/RESTSysAtmoConfigConfig" RESTSystemSummary: type: object required: @@ -11635,7 +11872,7 @@ definitions: - summary properties: summary: - $ref: '#/definitions/RESTSystemSummary' + $ref: "#/definitions/RESTSystemSummary" RESTSystemRequest: type: object properties: @@ -11646,28 +11883,28 @@ definitions: type: string example: Discover unquarantine: - $ref: '#/definitions/RESTUnquarReq' + $ref: "#/definitions/RESTUnquarReq" RESTSystemRequestData: type: object required: - request properties: request: - $ref: '#/definitions/RESTSystemRequest' + $ref: "#/definitions/RESTSystemRequest" RESTSystemWebhookConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTWebhook' + $ref: "#/definitions/RESTWebhook" RESTThreatData: type: object required: - threat properties: threat: - $ref: '#/definitions/Threat' + $ref: "#/definitions/Threat" RESTThreatsData: type: object required: @@ -11676,7 +11913,7 @@ definitions: threats: type: array items: - $ref: '#/definitions/Threat' + $ref: "#/definitions/Threat" RESTToken: type: object required: @@ -11721,7 +11958,7 @@ definitions: description: permissions on global domain. only for Rancher SSO type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" timeout: type: integer format: uint32 @@ -11746,23 +11983,23 @@ definitions: type: array description: permissions on namespaces. only for Rancher SSO items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" extra_permissions: description: extra permissions(other than 'role') on global domain. only for Rancher SSO type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" extra_permissions_domains: type: array description: list of extra permissions(other than specified in 'role_domains') on namespaces. only for Rancher SSO items: - $ref: '#/definitions/RESTPermitsAssigned' + $ref: "#/definitions/RESTPermitsAssigned" remote_role_permissions: type: object description: role/permissions on managed clusters in fed. only for Rancher SSO properties: user: - $ref: '#/definitions/RESTRemoteRolePermits' + $ref: "#/definitions/RESTRemoteRolePermits" last_login_timestamp: type: integer format: int64 @@ -11782,7 +12019,7 @@ definitions: - password_hours_until_expire properties: token: - $ref: '#/definitions/RESTToken' + $ref: "#/definitions/RESTToken" password_days_until_expire: type: integer example: @@ -11847,7 +12084,7 @@ definitions: description: extra permissions(other than 'role') extra permissions(other than 'Role') on global domain. only for Rancher SSO type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" timeout: type: integer format: uint32 @@ -11881,13 +12118,13 @@ definitions: type: array description: list of extra permissions(other than 'role_domains') for namespaces on managed clusters in fed. only for Rancher SSO items: - $ref: '#/definitions/RESTPermitsAssigned' + $ref: "#/definitions/RESTPermitsAssigned" remote_role_permissions: type: object description: role/permissions on managed clusters in fed. only for Rancher SSO properties: user: - $ref: '#/definitions/RESTRemoteRolePermits' + $ref: "#/definitions/RESTRemoteRolePermits" last_login_timestamp: type: integer format: int64 @@ -11916,7 +12153,7 @@ definitions: type: array description: array of permissions items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" domains: type: array description: array of domains that have the same permissions @@ -11951,19 +12188,19 @@ definitions: description: extra permissions(other than 'role') for global domain on managed clusters in fed. only for Rancher SSO type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" extra_permissions_domains: type: array description: list of extra permissions(other than 'role_domains') for namespaces on managed clusters in fed. only for Rancher SSO items: - $ref: '#/definitions/RESTPermitsAssigned' + $ref: "#/definitions/RESTPermitsAssigned" RESTUserData: type: object required: - user properties: user: - $ref: '#/definitions/RESTUser' + $ref: "#/definitions/RESTUser" RESTUserPwdConfig: type: object required: @@ -11992,7 +12229,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTUserPwdConfig' + $ref: "#/definitions/RESTUserPwdConfig" RESTUserRole: type: object required: @@ -12013,7 +12250,7 @@ definitions: permissions: type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" RESTUserRoleConfig: type: object required: @@ -12030,21 +12267,21 @@ definitions: permissions: type: array items: - $ref: '#/definitions/RESTRolePermission' + $ref: "#/definitions/RESTRolePermission" RESTUserRoleConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTUserRoleConfig' + $ref: "#/definitions/RESTUserRoleConfig" RESTUserRoleData: type: object required: - role properties: role: - $ref: '#/definitions/RESTUserRole' + $ref: "#/definitions/RESTUserRole" RESTUserRolesData: type: object required: @@ -12053,7 +12290,7 @@ definitions: roles: type: array items: - $ref: '#/definitions/RESTUserRole' + $ref: "#/definitions/RESTUserRole" RESTUsersData: type: object required: @@ -12064,7 +12301,7 @@ definitions: users: type: array items: - $ref: '#/definitions/RESTUser' + $ref: "#/definitions/RESTUser" global_roles: type: array items: @@ -12122,7 +12359,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTUserConfig' + $ref: "#/definitions/RESTUserConfig" RESTUserRoleDomainsConfig: type: object required: @@ -12147,7 +12384,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTUserRoleDomainsConfig' + $ref: "#/definitions/RESTUserRoleDomainsConfig" RESTViolationWorkload: type: object required: @@ -12155,7 +12392,7 @@ definitions: - count properties: workload: - $ref: '#/definitions/RESTWorkloadBrief' + $ref: "#/definitions/RESTWorkloadBrief" count: type: integer example: 2 @@ -12197,7 +12434,7 @@ definitions: example: "The setup_env function in group.c in sshd in OpenSSH allows local users to gain privileges." file_name: type: string - example: "usr/lib/python3.9" + example: "usr/lib/python3.9" package_name: type: string example: openssh @@ -12280,7 +12517,7 @@ definitions: additionalProperties: type: array items: - $ref: '#/definitions/RESTVulnPackageVersion' + $ref: "#/definitions/RESTVulnPackageVersion" package_name: type: string example: "" @@ -12341,7 +12578,7 @@ definitions: entries: type: array items: - $ref: '#/definitions/RESTVulnerabilityProfileEntry' + $ref: "#/definitions/RESTVulnerabilityProfileEntry" cfg_type: type: string enum: [user_created, ground] @@ -12356,28 +12593,28 @@ definitions: entries: type: array items: - $ref: '#/definitions/RESTVulnerabilityProfileEntry' + $ref: "#/definitions/RESTVulnerabilityProfileEntry" RESTVulnerabilityProfileConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTVulnerabilityProfileConfig' + $ref: "#/definitions/RESTVulnerabilityProfileConfig" RESTVulnerabilityProfileEntryConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTVulnerabilityProfileEntry' + $ref: "#/definitions/RESTVulnerabilityProfileEntry" RESTVulnerabilityProfileData: type: object required: - profile properties: profile: - $ref: '#/definitions/RESTVulnerabilityProfile' + $ref: "#/definitions/RESTVulnerabilityProfile" RESTVulnerabilityProfilesData: type: object required: @@ -12386,7 +12623,7 @@ definitions: profiles: type: array items: - $ref: '#/definitions/RESTVulnerabilityProfile' + $ref: "#/definitions/RESTVulnerabilityProfile" RESTVulnerabilityProfileEntry: type: object required: @@ -12430,7 +12667,7 @@ definitions: type: string example: ["default"] remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTVulnPackageVersion: type: object required: @@ -12447,7 +12684,7 @@ definitions: type: object properties: remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTWafConfig: type: object required: @@ -12501,18 +12738,18 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTWafConfig' + $ref: "#/definitions/RESTWafConfig" replace: type: array items: - $ref: '#/definitions/RESTWafConfig' + $ref: "#/definitions/RESTWafConfig" RESTWafGroupConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTWafGroupConfig' + $ref: "#/definitions/RESTWafGroupConfig" RESTWafGroup: type: object required: @@ -12530,7 +12767,7 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTWafSetting' + $ref: "#/definitions/RESTWafSetting" cfg_type: type: string enum: [user_created, ground] @@ -12540,7 +12777,7 @@ definitions: - waf_group properties: waf_group: - $ref: '#/definitions/RESTWafGroup' + $ref: "#/definitions/RESTWafGroup" RESTWafGroupsData: type: object required: @@ -12549,7 +12786,7 @@ definitions: waf_groups: type: array items: - $ref: '#/definitions/RESTWafGroup' + $ref: "#/definitions/RESTWafGroup" RESTWafRule: type: object required: @@ -12568,7 +12805,7 @@ definitions: patterns: type: array items: - $ref: '#/definitions/RESTWafCriteriaEntry' + $ref: "#/definitions/RESTWafCriteriaEntry" cfg_type: type: string enum: [user_created, ground] @@ -12578,7 +12815,7 @@ definitions: - rule properties: rule: - $ref: '#/definitions/RESTWafRuleDetail' + $ref: "#/definitions/RESTWafRuleDetail" RESTWafRuleDetail: type: object required: @@ -12593,7 +12830,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" RESTWafRulesData: type: object required: @@ -12602,7 +12839,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" RESTWafSensor: type: object required: @@ -12624,7 +12861,7 @@ definitions: rules: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" comment: type: string example: "" @@ -12645,15 +12882,15 @@ definitions: change: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" delete: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" rules: type: array items: - $ref: '#/definitions/RESTWafRule' + $ref: "#/definitions/RESTWafRule" comment: type: string example: "" @@ -12663,14 +12900,14 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTWafSensorConfig' + $ref: "#/definitions/RESTWafSensorConfig" RESTWafSensorData: type: object required: - sensor properties: sensor: - $ref: '#/definitions/RESTWafSensor' + $ref: "#/definitions/RESTWafSensor" RESTWafSensorExport: type: object required: @@ -12682,7 +12919,7 @@ definitions: type: string example: test4321546242574254672462572452615362453 remote_export_options: - $ref: '#/definitions/RESTRemoteExportOptions' + $ref: "#/definitions/RESTRemoteExportOptions" RESTWafSensorsData: type: object required: @@ -12691,7 +12928,7 @@ definitions: sensors: type: array items: - $ref: '#/definitions/RESTWafSensor' + $ref: "#/definitions/RESTWafSensor" RESTWafSetting: type: object required: @@ -12838,7 +13075,7 @@ definitions: type: string example: Discover scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" quarantine_reason: type: string example: "" @@ -12897,11 +13134,11 @@ definitions: additionalProperties: type: array items: - $ref: '#/definitions/RESTIPAddr' + $ref: "#/definitions/RESTIPAddr" ports: type: array items: - $ref: '#/definitions/RESTWorkloadPorts' + $ref: "#/definitions/RESTWorkloadPorts" labels: type: object description: map key is string type @@ -12927,7 +13164,7 @@ definitions: children: type: array items: - $ref: '#/definitions/RESTWorkload' + $ref: "#/definitions/RESTWorkload" RESTWorkloadV2: type: object required: @@ -12946,15 +13183,15 @@ definitions: - exit_code properties: brief: - $ref: '#/definitions/RESTWorkloadBriefV2' + $ref: "#/definitions/RESTWorkloadBriefV2" security: - $ref: '#/definitions/RESTWorkloadSecurityV2' + $ref: "#/definitions/RESTWorkloadSecurityV2" rt_attributes: - $ref: '#/definitions/RESTWorkloadRtAttribesV2' + $ref: "#/definitions/RESTWorkloadRtAttribesV2" children: type: array items: - $ref: '#/definitions/RESTWorkloadV2' + $ref: "#/definitions/RESTWorkloadV2" enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe @@ -12994,7 +13231,7 @@ definitions: workloads: type: array items: - $ref: '#/definitions/RESTWorkload' + $ref: "#/definitions/RESTWorkload" RESTWorkloadsDataV2: type: object required: @@ -13003,7 +13240,7 @@ definitions: workloads: type: array items: - $ref: '#/definitions/RESTWorkloadV2' + $ref: "#/definitions/RESTWorkloadV2" RESTWorkloadRtAttribesV2: type: object required: @@ -13057,11 +13294,11 @@ definitions: additionalProperties: type: array items: - $ref: '#/definitions/RESTIPAddr' + $ref: "#/definitions/RESTIPAddr" ports: type: array items: - $ref: '#/definitions/RESTWorkloadPorts' + $ref: "#/definitions/RESTWorkloadPorts" applications: type: array items: @@ -13108,7 +13345,7 @@ definitions: type: string example: violation scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" RESTWorkloadBrief: type: object required: @@ -13200,11 +13437,11 @@ definitions: type: string example: Discover scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" children: type: array items: - $ref: '#/definitions/RESTWorkloadBrief' + $ref: "#/definitions/RESTWorkloadBrief" quarantine_reason: type: string example: violation @@ -13303,7 +13540,7 @@ definitions: - config properties: config: - $ref: '#/definitions/RESTWorkloadConfig' + $ref: "#/definitions/RESTWorkloadConfig" RESTWorkloadDetail: type: object required: @@ -13369,7 +13606,7 @@ definitions: type: string example: Discover scan_summary: - $ref: '#/definitions/RESTScanBrief' + $ref: "#/definitions/RESTScanBrief" host_name: type: string example: ubuntu1604-k8worker1-calico @@ -13419,11 +13656,11 @@ definitions: additionalProperties: type: array items: - $ref: '#/definitions/RESTIPAddr' + $ref: "#/definitions/RESTIPAddr" ports: type: array items: - $ref: '#/definitions/RESTWorkloadPorts' + $ref: "#/definitions/RESTWorkloadPorts" labels: type: object description: map key is string type @@ -13458,7 +13695,7 @@ definitions: children: type: array items: - $ref: '#/definitions/RESTWorkloadDetail' + $ref: "#/definitions/RESTWorkloadDetail" RESTWorkloadDetailV2: type: object required: @@ -13478,15 +13715,15 @@ definitions: - misc properties: brief: - $ref: '#/definitions/RESTWorkloadBriefV2' + $ref: "#/definitions/RESTWorkloadBriefV2" security: - $ref: '#/definitions/RESTWorkloadSecurityV2' + $ref: "#/definitions/RESTWorkloadSecurityV2" rt_attributes: - $ref: '#/definitions/RESTWorkloadRtAttribesV2' + $ref: "#/definitions/RESTWorkloadRtAttribesV2" children: type: array items: - $ref: '#/definitions/RESTWorkloadV2' + $ref: "#/definitions/RESTWorkloadV2" enforcer_id: type: string example: 002a4f71d9dbdb40db81c31484ac25564fe80574dfbe @@ -13519,21 +13756,21 @@ definitions: type: integer example: 0 misc: - $ref: '#/definitions/RESTWorkloadDetailMiscV2' + $ref: "#/definitions/RESTWorkloadDetailMiscV2" RESTWorkloadDetailData: type: object required: - workload properties: workload: - $ref: '#/definitions/RESTWorkloadDetail' + $ref: "#/definitions/RESTWorkloadDetail" RESTWorkloadDetailDataV2: type: object required: - workload properties: workload: - $ref: '#/definitions/RESTWorkloadDetailV2' + $ref: "#/definitions/RESTWorkloadDetailV2" RESTWorkloadDetailMiscV2: type: object required: @@ -13556,7 +13793,7 @@ definitions: children: type: array items: - $ref: '#/definitions/RESTWorkloadDetailV2' + $ref: "#/definitions/RESTWorkloadDetailV2" RESTWorkloadPorts: type: object required: @@ -13592,7 +13829,7 @@ definitions: - request properties: request: - $ref: '#/definitions/RESTWorkloadRequest' + $ref: "#/definitions/RESTWorkloadRequest" RESTWorkloadStatsData: type: object required: @@ -13608,7 +13845,7 @@ definitions: format: date-time example: 2018-01-21T06:25:15Z stats: - $ref: '#/definitions/RESTStats' + $ref: "#/definitions/RESTStats" Threat: type: object required: @@ -13922,7 +14159,7 @@ definitions: type: array items: type: string - example: ["exist","notExist"] + example: ["exist", "notExist"] values: type: array items: @@ -13942,7 +14179,7 @@ definitions: example: podTemplate rawjson: type: string - example: "{\"key\": \"value\"}" + example: '{"key": "value"}' RESTX509CertInfo: type: object properties: @@ -14010,7 +14247,7 @@ definitions: - apikey properties: apikey: - $ref: '#/definitions/RESTApikey' + $ref: "#/definitions/RESTApikey" RESTApikeysData: type: object required: @@ -14021,7 +14258,7 @@ definitions: apikeys: type: array items: - $ref: '#/definitions/RESTApikey' + $ref: "#/definitions/RESTApikey" global_roles: type: array items: @@ -14038,7 +14275,7 @@ definitions: - apikey properties: apikey: - $ref: '#/definitions/RESTApikeyCreation' + $ref: "#/definitions/RESTApikeyCreation" RESTApikeyCreation: type: object required: @@ -14076,7 +14313,7 @@ definitions: - apikey properties: apikey: - $ref: '#/definitions/RESTApikeyGenerated' + $ref: "#/definitions/RESTApikeyGenerated" RESTApikeyGenerated: type: object required: @@ -14092,7 +14329,7 @@ definitions: REST_SigstoreRootOfTrustCollection: type: array items: - $ref: '#/definitions/REST_SigstoreRootOfTrust_GET' + $ref: "#/definitions/REST_SigstoreRootOfTrust_GET" REST_SigstoreRootOfTrust_GET: type: object properties: @@ -14118,7 +14355,7 @@ definitions: verifiers: type: array items: - $ref: '#/definitions/REST_SigstoreVerifier' + $ref: "#/definitions/REST_SigstoreVerifier" cfg_type: type: string enum: [user_created, ground, federal] @@ -14128,7 +14365,7 @@ definitions: REST_SigstoreRootOfTrust_POST: type: object required: - - name + - name properties: name: type: string @@ -14170,12 +14407,12 @@ definitions: REST_SigstoreVerifierCollection: type: array items: - $ref: '#/definitions/REST_SigstoreVerifier' + $ref: "#/definitions/REST_SigstoreVerifier" REST_SigstoreVerifier: type: object required: - - name - - verifier_type + - name + - verifier_type properties: name: type: string @@ -14261,7 +14498,7 @@ definitions: type: boolean example: true github_configuration: - $ref: '#/definitions/RESTRemoteRepo_GitHubConfig' + $ref: "#/definitions/RESTRemoteRepo_GitHubConfig" RESTRemoteRepository_GitHubConfigConfig: type: object properties: @@ -14297,14 +14534,14 @@ definitions: type: boolean example: true github_configuration: - $ref: '#/definitions/RESTRemoteRepository_GitHubConfigConfig' + $ref: "#/definitions/RESTRemoteRepository_GitHubConfigConfig" RESTRemoteRepositoryConfigData: type: object required: - config properties: config: - $ref: '#/definitions/RESTRemoteRepositoryConfig' + $ref: "#/definitions/RESTRemoteRepositoryConfig" RESTRemoteExportOptions: type: object required: @@ -14413,11 +14650,11 @@ definitions: hosts: type: integer workloads: - $ref: '#/definitions/RESTRiskScoreMetricsWL' + $ref: "#/definitions/RESTRiskScoreMetricsWL" groups: - $ref: '#/definitions/RESTRiskScoreMetricsGroup' + $ref: "#/definitions/RESTRiskScoreMetricsGroup" cves: - $ref: '#/definitions/RESTRiskScoreMetricsCVE' + $ref: "#/definitions/RESTRiskScoreMetricsCVE" RESTExposedEndpoint: type: object properties: @@ -14458,7 +14695,7 @@ definitions: entries: type: array items: - $ref: '#/definitions/RESTConversationReportEntry' + $ref: "#/definitions/RESTConversationReportEntry" RESTConversationReportEntry: type: object properties: @@ -14514,14 +14751,14 @@ definitions: metrics: type: array items: - $ref: '#/definitions/RESTComplianceProfileConfig' + $ref: "#/definitions/RESTComplianceProfileConfig" ingress: type: array items: - $ref: '#/definitions/RESTExposedEndpoint' + $ref: "#/definitions/RESTExposedEndpoint" egress: type: array items: - $ref: '#/definitions/RESTExposedEndpoint' + $ref: "#/definitions/RESTExposedEndpoint" security_scores: - $ref: '#/definitions/RESTSecurityScores' \ No newline at end of file + $ref: "#/definitions/RESTSecurityScores" diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/consul.go b/vendor/github.com/neuvector/neuvector/share/cluster/consul.go index 17710618..c48ed27d 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/consul.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/consul.go @@ -284,7 +284,7 @@ func (m *consulMethod) Start(cc *ClusterConfig, eCh chan error, recover bool) { if isBootstrap(cc) { args = append(args, "-bootstrap") } else { - var haveSelf bool = false + var haveSelf = false for _, ip := range cc.joinAddrList { if ip == cc.AdvertiseAddr { haveSelf = true @@ -965,7 +965,7 @@ func (m *consulMethod) GetAllMembers() []ClusterMemberInfo { return nil } - var nodes []ClusterMemberInfo = make([]ClusterMemberInfo, len(curMembers)) + var nodes = make([]ClusterMemberInfo, len(curMembers)) for i, mem := range curMembers { nodes[i].Name = mem.Name if mem.Tags["role"] == "consul" { @@ -1201,11 +1201,12 @@ func stateUpdateCallback(checks []*api.HealthCheck) { } log.WithFields(log.Fields{"Node": check.Node, "Status": check.Status}).Debug("") - if check.Status == "passing" { + switch check.Status { + case "passing": notif = ClusterNotifyStateOnline - } else if check.Status == "critical" { + case "critical": notif = ClusterNotifyStateOffline - } else { + default: continue } for _, watcher := range stateWatchers { @@ -1308,7 +1309,7 @@ func storeUpdateCallback(idx uint64, store string, data interface{}) { // Found new or modified key/value pairs for _, kv := range kvs { - var notify bool = false + var notify = false _, ok = cache[kv.Key] if !ok { diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go b/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go index ab43831e..a34bf8c0 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go @@ -246,10 +246,11 @@ func (c *GRPCClient) monitorGRPCConnectivity(ctx context.Context) { log.WithFields(log.Fields{"state": s}).Debug("grpc connection state") // Even when server shutdown, client grpc channel is in TransientFailure state. - if s == connectivity.Shutdown { + switch s { + case connectivity.Shutdown: c.shutdown() return - } else if s == connectivity.TransientFailure { + case connectivity.TransientFailure: // In case the connection is in transient state, wait a second and check state again. time.Sleep(time.Second) s = c.conn.GetState() diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go b/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go index 17ee9373..7c4c0ecb 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go @@ -144,7 +144,7 @@ func StartCluster(cc *ClusterConfig) (string, error) { log.WithFields(log.Fields{"lead": lead}).Info() // Monitor cluster lead - var noLeadChan chan interface{} = make(chan interface{}, 1) + var noLeadChan = make(chan interface{}, 1) RegisterLeadChangeWatcher(func(newLead, oldLead string) { log.WithFields(log.Fields{"newLead": newLead, "oldLead": oldLead}).Info() if newLead == "" { @@ -351,7 +351,7 @@ Wait: type LeadChangeCallback func(string, string) func RegisterLeadChangeWatcher(fn LeadChangeCallback, lead string) { - var leaveChan chan string = make(chan string, 1) + var leaveChan = make(chan string, 1) RegisterNodeWatcher(func(nType ClusterNotifyType, memberAddr string, member string) { if nType == ClusterNotifyDelete { @@ -360,7 +360,7 @@ func RegisterLeadChangeWatcher(fn LeadChangeCallback, lead string) { }) go func() { - //nolint:staticcheck // SA1015 + leadMonitorTicker := time.Tick(time.Second * 5) for { select { diff --git a/vendor/github.com/neuvector/neuvector/share/container/crio.go b/vendor/github.com/neuvector/neuvector/share/container/crio.go index 8fdea495..12bde601 100644 --- a/vendor/github.com/neuvector/neuvector/share/container/crio.go +++ b/vendor/github.com/neuvector/neuvector/share/container/crio.go @@ -63,11 +63,11 @@ func getPauseImageRepoDigests(sys *system.SystemTools) (string, error) { scanner := bufio.NewScanner(strings.NewReader(string(dat))) for scanner.Scan() { // removing whitespaces, tabs and quote - line := strings.Replace(scanner.Text(), " ", "", -1) - line = strings.Replace(line, "\t", "", -1) + line := strings.ReplaceAll(scanner.Text(), " ", "") + line = strings.ReplaceAll(line, "\t", "") // log.WithFields(log.Fields{"line": line}).Debug("CRIO:") if strings.HasPrefix(line, "pause_image=") { - line = strings.Replace(line, "\"", "", -1) + line = strings.ReplaceAll(line, "\"", "") return line[len("pause_image="):], nil } } diff --git a/vendor/github.com/neuvector/neuvector/share/container/stub.go b/vendor/github.com/neuvector/neuvector/share/container/stub.go index 6fe58c3e..d6cb72ce 100644 --- a/vendor/github.com/neuvector/neuvector/share/container/stub.go +++ b/vendor/github.com/neuvector/neuvector/share/container/stub.go @@ -66,7 +66,7 @@ func InitStubRtDriver(sys *system.SystemTools) (Runtime, error) { podname = strings.TrimSpace(string(dat)) if dat, err = os.ReadFile("/etc/hosts"); err == nil { for _, line := range strings.Split(strings.Trim(string(dat), " \t\r\n"), "\n") { - line = strings.Replace(strings.Trim(line, " \t"), "\t", " ", -1) + line = strings.ReplaceAll(strings.Trim(line, " \t"), "\t", " ") if len(line) == 0 || line[0] == ';' || line[0] == '#' { continue } diff --git a/vendor/github.com/neuvector/neuvector/share/criteria.go b/vendor/github.com/neuvector/neuvector/share/criteria.go index b04c22ab..1c62d440 100644 --- a/vendor/github.com/neuvector/neuvector/share/criteria.go +++ b/vendor/github.com/neuvector/neuvector/share/criteria.go @@ -123,8 +123,8 @@ func IsSvcIpGroupMember(usergroup *CLUSGroup, svcipgroup *CLUSGroup) bool { func IsSvcIpGroupSelected(svcipgroup *CLUSGroup, selector []CLUSCriteriaEntry) bool { var ret, positive bool - var rets map[string]bool = make(map[string]bool) - var poss map[string]bool = make(map[string]bool) + var rets = make(map[string]bool) + var poss = make(map[string]bool) for _, crt := range selector { key := crt.Key @@ -185,8 +185,8 @@ func IsGroupMember(group *CLUSGroup, workload *CLUSWorkload, domain *CLUSDomain) // For different criteria type, apply 'and' func IsWorkloadSelected(workload *CLUSWorkload, selector []CLUSCriteriaEntry, domain *CLUSDomain) bool { var ret, positive bool - var rets map[string]bool = make(map[string]bool) - var poss map[string]bool = make(map[string]bool) + var rets = make(map[string]bool) + var poss = make(map[string]bool) for _, crt := range selector { key := crt.Key switch key { @@ -252,9 +252,9 @@ func EqualMatch(match, value string) bool { return match == value } - re := strings.Replace(match, ".", "\\.", -1) - re = strings.Replace(re, "?", ".", -1) - re = strings.Replace(re, "*", ".*", -1) + re := strings.ReplaceAll(match, ".", "\\.") + re = strings.ReplaceAll(re, "?", ".") + re = strings.ReplaceAll(re, "*", ".*") re = fmt.Sprintf("^%s$", re) if regex, err := regexp.Compile(re); err != nil { diff --git a/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go b/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go index 395bfa8e..0d3aa282 100644 --- a/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go +++ b/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go @@ -15,9 +15,10 @@ const ALL_NAMESPACE = "{all_namespace}" func CanI(clientset *kubernetes.Clientset, ra authorizationv1.ResourceAttributes, namespace string) (bool, error) { - if ra.Namespace == NV_NAMESPACE { + switch ra.Namespace { + case NV_NAMESPACE: ra.Namespace = namespace - } else if ra.Namespace == ALL_NAMESPACE { + case ALL_NAMESPACE: ra.Namespace = "" } diff --git a/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go b/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go index c49540d1..20e0056a 100644 --- a/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go +++ b/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go @@ -65,7 +65,7 @@ func CheckUidAuthority(user string, pid int) (bool, error) { // get the non-privileged user uid start value func getUserStartUid(pid int) int { - var uidStart int = UserUidMin + var uidStart = UserUidMin dat, err := global.SYS.ReadContainerFile("/etc/login.defs", pid, 0, 0) if err != nil { //log.WithFields(log.Fields{"err": err, "pid": pid}).Debug("Get login.defs fail") @@ -75,7 +75,7 @@ func getUserStartUid(pid int) int { scanner := bufio.NewScanner(strings.NewReader(string(dat))) for scanner.Scan() { line := scanner.Text() - line = strings.Replace(line, "\t", " ", -1) + line = strings.ReplaceAll(line, "\t", " ") fields := strings.Split(line, " ") if len(fields) > 1 && strings.HasPrefix(fields[0], "UID_MIN") { for _, field := range fields[1:] { diff --git a/vendor/github.com/neuvector/neuvector/share/scan/apps.go b/vendor/github.com/neuvector/neuvector/share/scan/apps.go index 4038e7b3..6fb6d60e 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/apps.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/apps.go @@ -162,13 +162,13 @@ func (s *ScanApps) marshal() []byte { // write by 64-entry chunk, so we don't hit the scanner limit when reading it for len(pkg) > 64 { if b, err := json.Marshal(pkg[:64]); err == nil { - buf.WriteString(fmt.Sprintf("%s\n", string(b))) + fmt.Fprintf(buf, "%s\n", string(b)) } pkg = pkg[64:] } if len(pkg) > 0 { if b, err := json.Marshal(pkg); err == nil { - buf.WriteString(fmt.Sprintf("%s\n", string(b))) + fmt.Fprintf(buf, "%s\n", string(b)) } } } @@ -419,9 +419,10 @@ func parseJarManifestFile(path string, rc io.Reader) (*AppPackage, error) { } // NVSHAS-9942 - if title == "org.elasticsearch#server" { + switch title { + case "org.elasticsearch#server": title = "elasticsearch" - } else if title == "Spring Boot" { + case "Spring Boot": title = "spring-boot" } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/compliance.go b/vendor/github.com/neuvector/neuvector/share/scan/compliance.go index fc4f9cc8..9d516c3f 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/compliance.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/compliance.go @@ -2952,19 +2952,19 @@ func updateComplianceMetasFromMap(metas *[]api.RESTBenchMeta, metaMap map[string for id, item := range metaMapV2 { *metasV2 = append(*metasV2, item) var tags []string - for compliance := range item.RESTBenchCheck.TagsV2 { + for compliance := range item.TagsV2 { tags = append(tags, compliance) } benchMeta = api.RESTBenchMeta{ RESTBenchCheck: api.RESTBenchCheck{ - TestNum: item.RESTBenchCheck.TestNum, - Type: item.RESTBenchCheck.Type, - Category: item.RESTBenchCheck.Category, - Scored: item.RESTBenchCheck.Scored, - Profile: item.RESTBenchCheck.Profile, - Automated: item.RESTBenchCheck.Automated, - Description: item.RESTBenchCheck.Description, - Remediation: item.RESTBenchCheck.Remediation, + TestNum: item.TestNum, + Type: item.Type, + Category: item.Category, + Scored: item.Scored, + Profile: item.Profile, + Automated: item.Automated, + Description: item.Description, + Remediation: item.Remediation, Tags: tags, }, } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/golang.go b/vendor/github.com/neuvector/neuvector/share/scan/golang.go index 353b1c78..e2ddbc36 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/golang.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/golang.go @@ -108,11 +108,12 @@ func readRawBuildInfo(x exe, checkOnly bool) (string, string, error) { bo = binary.LittleEndian } var readPtr func([]byte) uint64 - if ptrSize == 4 { + switch ptrSize { + case 4: readPtr = func(b []byte) uint64 { return uint64(bo.Uint32(b)) } - } else if ptrSize == 8 { + case 8: readPtr = bo.Uint64 - } else { + default: return "", "", errNotGoExe } vers = readString(x, ptrSize, readPtr, readPtr(data[16:])) diff --git a/vendor/github.com/neuvector/neuvector/share/scan/quote.go b/vendor/github.com/neuvector/neuvector/share/scan/quote.go index 101a3c83..a69da060 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/quote.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/quote.go @@ -117,7 +117,7 @@ func unquote(in string, unescape bool) (out, rem string, err error) { } // Verify that the string ends with a terminating quote. - if !(len(in) > 0 && in[0] == quote) { + if len(in) <= 0 || in[0] != quote { return "", in0, strconv.ErrSyntax } in = in[1:] // skip terminating quote diff --git a/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go b/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go index 87fe432e..eb8dca42 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go @@ -357,12 +357,12 @@ func ScanRepoResult2REST(result *share.ScanResult, tagMap map[string][]string) * }, } if result.SignatureInfo != nil { - report.RESTScanReport.SignatureInfo = &api.RESTScanSignatureInfo{ + report.SignatureInfo = &api.RESTScanSignatureInfo{ Verifiers: result.SignatureInfo.Verifiers, VerificationTimestamp: result.SignatureInfo.VerificationTimestamp, } } else { - report.RESTScanReport.SignatureInfo = &api.RESTScanSignatureInfo{} + report.SignatureInfo = &api.RESTScanSignatureInfo{} } return report @@ -409,15 +409,16 @@ func fillVulFields(vr *share.ScanVulnerability, v *api.RESTVulnerability) { func normalizeBaseOS(baseOS string) string { if a := strings.Index(baseOS, ":"); a > 0 { baseOS = baseOS[:a] - if baseOS == "rhel" || baseOS == "server" || baseOS == "centos" { + switch baseOS { + case "rhel", "server", "centos": baseOS = "centos" - } else if baseOS == "rhcos" { + case "rhcos": baseOS = "" - } else if baseOS == "ol" { + case "ol": baseOS = "oracle" - } else if baseOS == "amzn" { + case "amzn": baseOS = "amazon" - } else if baseOS == "sles" { + case "sles": baseOS = "suse" } } @@ -619,14 +620,14 @@ func MakeVulnerabilityProfileFilter(vf *api.RESTVulnerabilityProfile) VPFInterfa if f.isNameRegexp = strings.Contains(e.Name, "*"); f.isNameRegexp { // case insensitive - f.name = regexp.MustCompile("(?i)" + strings.Replace(e.Name, "*", ".*", -1)) + f.name = regexp.MustCompile("(?i)" + strings.ReplaceAll(e.Name, "*", ".*")) } f.isDomainRegexp = make([]bool, len(e.Domains)) f.domains = make([]*regexp.Regexp, len(e.Domains)) for j, domain := range e.Domains { if f.isDomainRegexp[j] = strings.Contains(domain, "*"); f.isDomainRegexp[j] { - f.domains[j] = regexp.MustCompile(strings.Replace(domain, "*", ".*", -1)) + f.domains[j] = regexp.MustCompile(strings.ReplaceAll(domain, "*", ".*")) } } @@ -634,7 +635,7 @@ func MakeVulnerabilityProfileFilter(vf *api.RESTVulnerabilityProfile) VPFInterfa f.images = make([]*regexp.Regexp, len(e.Images)) for j, image := range e.Images { if f.isImageRegexp[j] = strings.Contains(image, "*"); f.isImageRegexp[j] { - f.images[j] = regexp.MustCompile(strings.Replace(image, "*", ".*", -1)) + f.images[j] = regexp.MustCompile(strings.ReplaceAll(image, "*", ".*")) } } } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go b/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go index de40f8fa..620d7049 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go @@ -413,11 +413,12 @@ func GetDpkgStatus(fullpath, kernel string) ([]byte, error) { // filter kernels that are not running if strings.HasPrefix(line, "Package: ") && kernel != "" { kpkg := isDpkgKernelPackage(line) - if kpkg == "" { + switch kpkg { + case "": skipPackage = false - } else if kpkg == kernel { + case kernel: skipPackage = false - } else { + default: skipPackage = true continue } @@ -639,7 +640,7 @@ func GetAwsFuncPackages(fileName string) ([]*share.ScanAppPackage, error) { for _, v := range apps.pkgs { for _, vt := range v { - filename := strings.Replace(vt.FileName, "/package.json", "", -1) + filename := strings.ReplaceAll(vt.FileName, "/package.json", "") pckg := &share.ScanAppPackage{ AppName: vt.AppName, ModuleName: vt.ModuleName, diff --git a/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go b/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go index c6c525f1..7c972f40 100644 --- a/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go +++ b/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go @@ -60,7 +60,7 @@ func GetGlobalAddrs() map[string]NetIface { for _, addr := range addrs { // Don't check addr.flags, such as PERMANENT, interface flags on vagrant VM maybe different - if addr.Scope == syscall.RT_SCOPE_UNIVERSE || (addr.Scope == syscall.RT_SCOPE_LINK && utils.IsIPv4(addr.IPNet.IP)) { + if addr.Scope == syscall.RT_SCOPE_UNIVERSE || (addr.Scope == syscall.RT_SCOPE_LINK && utils.IsIPv4(addr.IP)) { iface.Addrs = append(iface.Addrs, NetAddr{IPNet: *addr.IPNet, Scope: addr.Scope}) //log.WithFields(log.Fields{"link": attrs.Name, "ip": addr.IP}).Debug("Add") } diff --git a/vendor/github.com/neuvector/neuvector/share/system/stats.go b/vendor/github.com/neuvector/neuvector/share/system/stats.go index 4e0c2fba..3cb1540c 100644 --- a/vendor/github.com/neuvector/neuvector/share/system/stats.go +++ b/vendor/github.com/neuvector/neuvector/share/system/stats.go @@ -7,8 +7,8 @@ import ( ) func calculateCPU(prevCPU, prevCPUSystem uint64, cpu, cpuSystem uint64) float64 { - var cDelta float64 = float64(cpu - prevCPU) - var sDelta float64 = float64(cpuSystem - prevCPUSystem) + var cDelta = float64(cpu - prevCPU) + var sDelta = float64(cpuSystem - prevCPUSystem) if sDelta > 0.0 { if cDelta > sDelta { diff --git a/vendor/github.com/neuvector/neuvector/share/utils/extract.go b/vendor/github.com/neuvector/neuvector/share/utils/extract.go index f5f5e27d..28826c91 100644 --- a/vendor/github.com/neuvector/neuvector/share/utils/extract.go +++ b/vendor/github.com/neuvector/neuvector/share/utils/extract.go @@ -221,7 +221,7 @@ func SelectivelyExtractToFile(r io.Reader, selected func(string) bool, dir strin files := make(map[string]string) extract := func(filename string, size int64, reader io.ReadCloser) error { - fpath := dir + "/" + strings.Replace(filename, "/", "_", -1) + fpath := dir + "/" + strings.ReplaceAll(filename, "/", "_") f, err := os.Create(fpath) if err != nil { return ErrCouldNotWriteToDisk diff --git a/vendor/github.com/neuvector/neuvector/share/utils/utils.go b/vendor/github.com/neuvector/neuvector/share/utils/utils.go index c0c6882a..478eccb0 100644 --- a/vendor/github.com/neuvector/neuvector/share/utils/utils.go +++ b/vendor/github.com/neuvector/neuvector/share/utils/utils.go @@ -114,7 +114,7 @@ func ResolveAddrList(addr string, skipLoopback bool) ([]string, bool) { if skipLoopback && ips[i].IsLoopback() { continue } - var dup bool = false + var dup = false for _, exist := range ipList { if exist == ips[i].String() { dup = true @@ -151,7 +151,7 @@ func GzipBytes(buf []byte) []byte { } func GetGuid() (string, error) { - return strings.Replace(uuid.NewString(), "-", "", -1), nil + return strings.ReplaceAll(uuid.NewString(), "-", ""), nil } func GetTimeUUID(t time.Time) string { @@ -309,7 +309,7 @@ func NewEnvironParser(envs []string) *EnvironParser { tokens := strings.Split(v, ";") for _, t := range tokens { t = strings.TrimSpace(t) - t = strings.Replace(t, "*", ".*", -1) + t = strings.ReplaceAll(t, "*", ".*") if r, err := regexp.Compile(fmt.Sprintf("^%s$", t)); err != nil { log.WithFields(log.Fields{"value": v}).Error("Failed to parse system group") } else { @@ -765,10 +765,11 @@ func MergeSubnet(subnets map[string]share.CLUSSubnet, snet share.CLUSSubnet) boo // such as 172.16.60.0/24, 172.16.14.0/24; and flannel IP has a bigger subnets, // 172.16.0.0/16. Here, we check if new subnet and existing subnets containers each other. if inc, v := SubnetContains(&sn.Subnet, &snet.Subnet); inc { - if v == 1 { + switch v { + case 1: // existing subnet is bigger, ignore new one return false - } else if v == -1 { + case -1: // new subnet is bigger, remove the existing one delete(subnets, key) } @@ -785,10 +786,11 @@ func MergeSpecialSubnet(subnets map[string]share.CLUSSpecSubnet, snet share.CLUS // such as 172.16.60.0/24, 172.16.14.0/24; and flannel IP has a bigger subnets, // 172.16.0.0/16. Here, we check if new subnet and existing subnets containers each other. if inc, v := SubnetContains(&sn.Subnet, &snet.Subnet); inc { - if v == 1 { + switch v { + case 1: // existing subnet is bigger, ignore new one return false - } else if v == -1 { + case -1: // new subnet is bigger, remove the existing one delete(subnets, key) } @@ -872,7 +874,7 @@ func (f *LogFormatter) Format(entry *log.Entry) ([]byte, error) { // Skip 2, 0: callers(), 1: GetCaller, 2: LogFormatter() fn := GetCaller(3, []string{"logrus"}) - var keys []string = make([]string, 0, len(entry.Data)) + var keys = make([]string, 0, len(entry.Data)) for k := range entry.Data { keys = append(keys, k) } @@ -1381,7 +1383,7 @@ func Dns1123NameChg(name string) string { name = replaceAtIndex(name, '0', i) } else if !regDns1122.MatchString(string(char)) { fmt.Println("char:", string(char), "failed regex") - name = strings.Replace(name, string(char), "-", -1) + name = strings.ReplaceAll(name, string(char), "-") } } } @@ -1391,7 +1393,7 @@ func Dns1123NameChg(name string) string { func RandomString(length int) string { const charset = "abcdefghijklmnopqrstuvwxyz" - var seededRand *mathrand.Rand = mathrand.New( + var seededRand = mathrand.New( mathrand.NewSource(time.Now().UnixNano())) b := make([]byte, length) diff --git a/vendor/modules.txt b/vendor/modules.txt index 416c69b5..2daeef18 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -391,8 +391,8 @@ github.com/neuvector/go-rpmdb/pkg/bdb github.com/neuvector/go-rpmdb/pkg/db github.com/neuvector/go-rpmdb/pkg/ndb github.com/neuvector/go-rpmdb/pkg/sqlite3 -# github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 -## explicit; go 1.24.0 +# github.com/neuvector/neuvector v0.0.0-20260313164804-4733fdf63792 +## explicit; go 1.25.0 github.com/neuvector/neuvector/controller/api github.com/neuvector/neuvector/share github.com/neuvector/neuvector/share/cluster