gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 07:40:48 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a19e0aa1ba0350198c898fd57c9405fbf38fa432
trivy/pkg/iac/rego/options.go
Matthieu MOREL 6562082e28 fix: unused-parameter rule from revive (#8794) 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2025-04-30 09:17:24 +00:00

133 lines
3.1 KiB
Go
Raw Blame History

package rego
import (
"io"
"io/fs"
"github.com/aquasecurity/trivy/pkg/iac/framework"
"github.com/aquasecurity/trivy/pkg/iac/scanners/options"
)
func WithPolicyReader(readers ...io.Reader) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.policyReaders = readers
}
}
}
func WithEmbeddedPolicies(include bool) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.includeEmbeddedPolicies = include
}
}
}
func WithEmbeddedLibraries(include bool) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.includeEmbeddedLibraries = include
}
}
}
// WithTrace specifies an io.Writer for trace logs (mainly rego tracing) - if not set, they are discarded
func WithTrace(w io.Writer) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.traceWriter = w
}
}
}
func WithPerResultTracing(enabled bool) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.tracePerResult = enabled
}
}
}
func WithPolicyDirs(paths ...string) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.policyDirs = paths
}
}
}
func WithDataDirs(paths ...string) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.dataDirs = paths
}
}
}
// WithPolicyNamespaces - namespaces which indicate rego policies containing enforced rules
func WithPolicyNamespaces(namespaces ...string) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.ruleNamespaces.Append(namespaces...)
}
}
}
func WithPolicyFilesystem(fsys fs.FS) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.policyFS = fsys
}
}
}
func WithDataFilesystem(fsys fs.FS) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.dataFS = fsys
}
}
}
func WithRegoErrorLimits(limit int) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.regoErrorLimit = limit
}
}
}
func WithCustomSchemas(schemas map[string][]byte) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.customSchemas = schemas
}
}
}
// WithDisabledCheckIDs disables checks by their ID (ID field in metadata)
func WithDisabledCheckIDs(ids ...string) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.disabledCheckIDs.Append(ids...)
}
}
}
func WithIncludeDeprecatedChecks(_ bool) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.includeDeprecatedChecks = true
}
}
}
func WithFrameworks(frameworks ...framework.Framework) options.ScannerOption {
return func(s options.ConfigurableScanner) {
if ss, ok := s.(*Scanner); ok {
ss.frameworks = frameworks
}
}
}
Reference in New Issue View Git Blame Copy Permalink