Documentation
¶
Overview ¶
Package scorecard implements the generic OpenSSF Scorecard policy
Index ¶
- func NewScorecard() policydef.Policy
- type OrgConfig
- type RepoConfig
- type Scorecard
- func (b Scorecard) Check(ctx context.Context, c *github.Client, owner, repo string) (*policydef.Result, error)
- func (b Scorecard) Fix(ctx context.Context, c *github.Client, owner, repo string) error
- func (b Scorecard) GetAction(ctx context.Context, c *github.Client, owner, repo string) string
- func (b Scorecard) IsEnabled(ctx context.Context, c *github.Client, owner, repo string) (bool, error)
- func (b Scorecard) Name() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewScorecard ¶
NewScorecard returns a new Scorecard policy.
Types ¶
type OrgConfig ¶
type OrgConfig struct {
// OptConfig is the standard org-level opt in/out config, RepoOverride
// applies to all config.
OptConfig config.OrgOptConfig `json:"optConfig"`
// Action defines which action to take, default log, other: issue...
Action string `json:"action"`
// Checks is a list of check names to run from OpenSSF Scorecard. These
// must match the name that the check uses in its call to "registerCheck".
// For example, the name for the Signed Releases check is "Signed-Releases".
//
// See the checks code for each name:
// https://github.com/ossf/scorecard/tree/main/checks
Checks []string `json:"checks"`
// Threshold is the score threshold that checks must meet to pass the
// policy. If all checks score equal or above the threshold, the Allstar
// policy will pass. The default is checker.MaxResultScore:
// https://pkg.go.dev/github.com/ossf/scorecard/v5/checker#pkg-constants
Threshold int `json:"threshold"`
}
OrgConfig is the org-level config definition for this policy.
type RepoConfig ¶
type RepoConfig struct {
// OptConfig is the standard repo-level opt in/out config.
OptConfig config.RepoOptConfig `json:"optConfig"`
// Action overrides the same setting in org-level, only if present.
Action *string `json:"action"`
// Checks overrides the same setting in org-level, only if present.
Checks *[]string `json:"checks"`
// Threshold overrides the same setting in org-level, only if present.
Threshold *int `json:"threshold"`
}
RepoConfig is the repo-level config for this policy.
type Scorecard ¶
type Scorecard bool
Scorecard is the Security Scorecard policy object, implements policydef.Policy.
func (Scorecard) Check ¶
func (b Scorecard) Check(ctx context.Context, c *github.Client, owner, repo string, ) (*policydef.Result, error)
Check performs the policy check for this policy based on the configuration stored in the org/repo, implementing policydef.Policy.Check().
func (Scorecard) Fix ¶
Fix implementing policydef.Policy.Fix(). Scorecard checks will not have a Fix option.
func (Scorecard) GetAction ¶
GetAction returns the configured action from this policy's configuration stored in the org-level repo, default log. Implementing policydef.Policy.GetAction().
Source Files
Click to show internal directories.
Click to hide internal directories.