diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 732843f8..b267132c 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -1,31 +1,42 @@ --- -name: Bug report -about: Create a report to help us improve +name: "๐Ÿž Bug report" +about: Please create a bug report if you encouter any project specific issue. +labels: bug --- + **Describe the bug** -A clear and concise description of what the bug is. + **To Reproduce** + **Expected behavior** -A clear and concise description of what you expected to happen. + **System (please complete the following information):** + **Screenshots / Logs** -If applicable, add screenshots to help explain your problem. + **Additional context** -Add any other context about the problem here. + diff --git a/.github/ISSUE_TEMPLATE/documentation_issue.md b/.github/ISSUE_TEMPLATE/documentation_issue.md new file mode 100644 index 00000000..dbdca92c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/documentation_issue.md @@ -0,0 +1,20 @@ +--- +name: "๐Ÿ“š Documentation Issue" +about: "Did you come across parts of our documentation that should be fixed?" +labels: documentation + +--- + + +## Where to find the issue + + +## Describe the issue + + +## Suggested change + \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 066b2d92..a893c739 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -1,17 +1,22 @@ --- -name: Feature request -about: Suggest an idea for this project +name: "โžน Feature request" +about: "Suggest an idea for this project" --- + **Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + **Describe the solution you'd like** -A clear and concise description of what you want to happen. + **Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. + **Additional context** -Add any other context or screenshots about the feature request here. + diff --git a/.github/ISSUE_TEMPLATE/new_hook.md b/.github/ISSUE_TEMPLATE/new_hook.md new file mode 100644 index 00000000..af32549e --- /dev/null +++ b/.github/ISSUE_TEMPLATE/new_hook.md @@ -0,0 +1,38 @@ +--- +name: 'โš“๏ธ New Hook request' +about: 'Suggest an idea for a new data processing or integration hook in this project.' +labels: 'hook' +--- + + + +## New Hook implementation request + +**Is your feature request related to a problem? Please describe.** + + +**Describe the solution you'd like** + + +**Describe alternatives you've considered** + + +**Additional context** + + +## Steps to implement a new Hook + + +- [ ] Create a new folder with the name of the [hook here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/hooks) +- [ ] Add a README and give a brief overview of the scanner and its configuration options. +- [ ] Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub +- [ ] Use the [Hook-SDK](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/hook-sdk) to implement a new hook (currently based on NodeJS) +- [ ] Add unit tests with at minimum 80% test coverage +- [ ] Add some example scan.yaml and finding.yaml files in the example folder +- [ ] Implement a new integration test for the hook [here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/tests/integration) diff --git a/.github/ISSUE_TEMPLATE/new_security_scanner.md b/.github/ISSUE_TEMPLATE/new_security_scanner.md index 4209c8d8..c86a2968 100644 --- a/.github/ISSUE_TEMPLATE/new_security_scanner.md +++ b/.github/ISSUE_TEMPLATE/new_security_scanner.md @@ -1,35 +1,39 @@ --- -name: 'New Security Scanner request' +name: '๐Ÿš“ New Security Scanner request' about: 'Suggest an idea for a new security scanner to integrate in this project.' -labels: 'security scanner' +labels: 'scanner' --- + + + ## New Scanner implementation request **Is your feature request related to a problem? Please describe.** -- _A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]_ + **Describe the solution you'd like** -- _A clear and concise description of what you want to happen._ + **Describe alternatives you've considered** -- _A clear and concise description of any alternative solutions or features you've considered._ + **Additional context** -- _Add any other context or screenshots about the feature request here._ + ## Steps to implement a new scanner -> Hint: A general guide how to implement a new scanner is documented [here]( https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#developing-own-processes) - -### Must have -- [ ] Create a [new public secureCodeBox repository](https://github.com/organizations/secureCodeBox/repositories/new) for the scanner implementation -- [ ] Implement a new scanner microservice an reuse some of the existing stuff, if possible -- [ ] Check if there is a [healthcheck](https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#healthchecks-for-scanner-microservices) for the microservice implemented -- [ ] Implement a [new basic security process](https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#developing-a-process-model) for the scanner -- [ ] Update the [docker-compose](https://github.com/secureCodeBox/secureCodeBox/blob/master/docker-compose.yml) files and integrate your new scanner there -- [ ] Update the [user guide](https://github.com/secureCodeBox/secureCodeBox/tree/master/docs/user-guide) and [developer guide](https://github.com/secureCodeBox/secureCodeBox/tree/master/docs/developer-guide) -- [ ] Implement a integration test for the scanner [here](https://github.com/secureCodeBox/secureCodeBox/tree/master/test) - -### Should have -- [ ] Update the [CLI examples](https://github.com/secureCodeBox/secureCodeBox/tree/master/cli) -- [ ] Update the [Jenkins Pipeline](https://github.com/secureCodeBox/integration-pipeline-jenkins-examples) examples -- [ ] Update the [OpenShift Container Setup](https://github.com/secureCodeBox/ansible-role-securecodebox-openshift) + + +- [ ] Create a new folder with the name of the [scanner here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/scanners) +- [ ] Add a README.md and give a brief overview of the scanner and its configuration options. +- [ ] Implement a new scanner specific scan-type.yaml +- [ ] Implement a new scanner specific parse-definition.yaml +- [ ] Add (optional) some cascading-rules.yaml +- [ ] Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub +- [ ] Use the [parser-SDK](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/parser-sdk) to implement a new findings parser (currently based on NodeJS) +- [ ] Add unit tests with at minimum 80% test coverage diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md new file mode 100644 index 00000000..aeafc6e6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/question.md @@ -0,0 +1,14 @@ +--- +name: "๐Ÿคจ Question" +about: "If you have *specific* questions about the project, please post them here." +labels: question + +--- + + +## Your Question + \ No newline at end of file diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..75373f85 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,20 @@ + + +## Checklist + +* [ ] Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests. +* [ ] Make sure `npm test` runs for the whole project. + +## Description + + \ No newline at end of file diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 572c987c..36de5616 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -47,7 +47,7 @@ jobs: - name: "Run tests & publish code coverage" uses: paambaati/codeclimate-action@v2.6.0 env: - CC_TEST_REPORTER_ID: 80b305e484240da8cecbd1d017dfb365d3ee7f4508b5ed8fd9e9348efd286406 + CC_TEST_REPORTER_ID: 545b7af20f13dc58a3284275828532a26d89a8e90c8f276fb54a23d78bae7a19 with: coverageCommand: npm test -- --ci --colors --coverage operator: @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@master - uses: actions/setup-go@v2-beta with: - go-version: "1.13" + go-version: "1.15" - name: "Lint Operator Go Code" run: | cd operator/ @@ -68,7 +68,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/operator + repository: securecodebox/operator tag_with_ref: true tag_with_sha: true path: ./operator/ @@ -79,7 +79,7 @@ jobs: - uses: actions/checkout@master - uses: actions/setup-go@v2-beta with: - go-version: "1.13" + go-version: "1.15" - name: "Lint Lurcher Go Code" run: | cd lurcher/ @@ -90,7 +90,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/lurcher + repository: securecodebox/lurcher tag_with_ref: true tag_with_sha: true path: ./lurcher/ @@ -105,7 +105,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-sdk-nodejs + repository: securecodebox/parser-sdk-nodejs path: ./parser-sdk/nodejs/ tag_with_ref: true tag_with_sha: true @@ -116,7 +116,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-amass + repository: securecodebox/parser-amass path: ./scanners/amass/parser/ tag_with_ref: true tag_with_sha: true @@ -126,17 +126,27 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-kube-hunter + repository: securecodebox/parser-kube-hunter path: ./scanners/kube-hunter/parser/ tag_with_ref: true tag_with_sha: true build_args: baseImageTag=ci-local + - uses: docker/build-push-action@v1 + name: "Build & Push Ncrack Parser Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: securecodebox/parser-ncrack + path: ./scanners/ncrack/parser/ + tag_with_ref: true + tag_with_sha: true + build_args: baseImageTag=ci-local - uses: docker/build-push-action@v1 name: "Build & Push Nikto Parser Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-nikto + repository: securecodebox/parser-nikto path: ./scanners/nikto/parser/ tag_with_ref: true tag_with_sha: true @@ -146,7 +156,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-nmap + repository: securecodebox/parser-nmap path: ./scanners/nmap/parser/ tag_with_ref: true tag_with_sha: true @@ -156,7 +166,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-ssh-scan + repository: securecodebox/parser-ssh-scan path: ./scanners/ssh_scan/parser/ tag_with_ref: true tag_with_sha: true @@ -166,7 +176,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-sslyze + repository: securecodebox/parser-sslyze path: ./scanners/sslyze/parser/ tag_with_ref: true tag_with_sha: true @@ -176,7 +186,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-test-scan + repository: securecodebox/parser-test-scan path: ./scanners/test-scan/parser/ tag_with_ref: true tag_with_sha: true @@ -186,7 +196,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-trivy + repository: securecodebox/parser-trivy path: ./scanners/trivy/parser/ tag_with_ref: true tag_with_sha: true @@ -196,11 +206,22 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/parser-zap + repository: securecodebox/parser-zap path: ./scanners/zap/parser/ tag_with_ref: true tag_with_sha: true build_args: baseImageTag=ci-local + - uses: docker/build-push-action@v1 + name: "Build & Push wpscan Parser Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: securecodebox/parser-wpscan + path: ./scanners/wpscan/parser/ + tag_with_ref: true + tag_with_sha: true + build_args: baseImageTag=ci-local + hookImages: name: "Build / Hooks" runs-on: ubuntu-latest @@ -212,7 +233,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/hook-sdk-nodejs + repository: securecodebox/hook-sdk-nodejs path: ./hook-sdk/nodejs/ tag_with_ref: true tags: "ci-local" @@ -222,7 +243,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/persistence-elastic + repository: securecodebox/persistence-elastic path: ./hooks/persistence-elastic/ tag_with_ref: true build_args: baseImageTag=ci-local @@ -231,7 +252,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/persistence-elastic-dashboard-importer + repository: securecodebox/persistence-elastic-dashboard-importer path: ./hooks/persistence-elastic/dashboardImporter/ tag_with_ref: true - uses: docker/build-push-action@v1 @@ -239,25 +260,17 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/generic-webhook + repository: securecodebox/generic-webhook path: ./hooks/generic-webhook/ tag_with_ref: true - build_args: baseImageTag=ci-local - - uses: docker/build-push-action@v1 - name: "Build & Push ImperativeSubsequentScans Hook Image" - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/hook-imperative-subsequent-scans - path: ./hooks/imperative-subsequent-scans/ - tag_with_ref: true + tag_with_sha: true build_args: baseImageTag=ci-local - uses: docker/build-push-action@v1 name: "Build & Push DeclarativeSubsequentScans Hook Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/hook-declarative-subsequent-scans + repository: securecodebox/hook-declarative-subsequent-scans path: ./hooks/declarative-subsequent-scans/ tag_with_ref: true tag_with_sha: true @@ -267,7 +280,7 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/update-field + repository: securecodebox/update-field path: ./hooks/update-field/ tag_with_ref: true tag_with_sha: true @@ -278,21 +291,30 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@master + - uses: docker/build-push-action@v1 + name: "Build & Push Ncrack Scanner Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: securecodebox/scanner-ncrack + path: ./scanners/ncrack/scanner/ + # Note: not prefixed with a "v" as this seems to match ncrack versioning standards + tags: "0.7,latest" - uses: docker/build-push-action@v1 name: "Build & Push Nmap Scanner Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/nmap + repository: securecodebox/scanner-nmap path: ./scanners/nmap/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards - tags: "7.80,7.80-2,latest" + tags: "7.80,7.80-r2,latest" - uses: docker/build-push-action@v1 name: "Build & Push kube-hunter Scanner Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/kube-hunter + repository: securecodebox/scanner-kube-hunter path: ./scanners/kube-hunter/scanner/ # Note: not prefixed with a "v" as this matches the aquasec/kube-hunter tags tags: "0.3.0,latest" @@ -301,10 +323,11 @@ jobs: with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/test-scan + repository: securecodebox/scanner-test-scan path: ./scanners/test-scan/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards - tags: "latest" + tag_with_ref: true + tag_with_sha: true integrationTests: name: "Test / Integration / k8s ${{ matrix.k8sVersion }}" needs: @@ -316,7 +339,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - k8sVersion: ["1.18.6", "1.17.5", "1.16.9", "1.15.11"] + k8sVersion: ["1.19.0", "1.18.8", "1.17.5", "1.16.9"] steps: - uses: actions/checkout@master - name: "Start kind cluster" @@ -336,9 +359,7 @@ jobs: # Install Operator using the images of the current commit helm -n securecodebox-system install securecodebox-operator ./operator/ --wait \ --set="image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="image.digest=null" \ --set="lurcher.image.tag=sha-$(git rev-parse --short HEAD)" \ - --set="lurcher.image.digest=null" - name: "Inspect Operator" run: | echo "Deployment in namespace 'securecodebox-system'" @@ -368,35 +389,87 @@ jobs: --set="image.tag=sha-$(git rev-parse --short HEAD)" \ --set="attribute.name=severity" \ --set="attribute.value=high" - helm -n integration-tests install test-scan ./scanners/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install test-scan ./scanners/test-scan/ \ + --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \ + --set="image.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color read-write-hook helm -n integration-tests uninstall test-scan update-category update-severity - name: "Hooks (ReadOnly) Integration Tests" run: | - helm -n integration-tests install test-scan ./scanners/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install test-scan ./scanners/test-scan/ \ + --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \ + --set="image.tag=sha-$(git rev-parse --short HEAD)" helm -n integration-tests install http-webhook ./demo-apps/http-webhook - helm -n integration-tests install ro-hook ./hooks/generic-webhook/ --set="webhookUrl=http://http-webhook/hallo-welt" + helm -n integration-tests install ro-hook ./hooks/generic-webhook/ \ + --set="webhookUrl=http://http-webhook/hallo-welt" \ + --set="image.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color read-only-hook helm -n integration-tests uninstall test-scan http-webhook ro-hook + - name: "Install Demo Apps" + run: | + # Install dummy-ssh app + helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait + # Install plain nginx server + kubectl create deployment --image nginx:alpine nginx --namespace demo-apps + kubectl expose deployment nginx --port 80 --namespace demo-apps - name: "nmap Integration Tests" run: | - helm -n integration-tests install nmap ./scanners/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install nmap ./scanners/nmap/ \ + --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \ + --set="image.tag=7.80" cd tests/integration/ npx jest --ci --color nmap + - name: "ncrack Integration Tests" + run: | + helm -n integration-tests install ncrack ./scanners/ncrack/ \ + --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \ + --set="image.tag=0.7" + cd tests/integration/ + npx jest --ci --color ncrack - name: "kube-hunter Integration Tests" run: | - helm -n integration-tests install kube-hunter ./scanners/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install kube-hunter ./scanners/kube-hunter/ \ + --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \ + --set="image.tag=0.3.0" cd tests/integration/ npx jest --ci --color kube-hunter - name: "ssh-scan Integration Tests" run: | helm -n integration-tests install ssh-scan ./scanners/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" - # Install dummy-ssh app - helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait cd tests/integration/ npx jest --ci --color ssh-scan + - name: "zap Integration Tests" + run: | + helm -n integration-tests install zap ./scanners/zap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + cd tests/integration/ + npx jest --ci --color zap + - name: "cascading Scans Integration Tests" + run: | + # We'll run these in a separate namespace so that only the cascadingRules we want to test will be used + kubectl create namespace cascading-tests + # Install declarative-subsequent-scans hook + helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ -n cascading-tests + # Install nmap + helm -n cascading-tests install nmap ./scanners/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + # Install ncrack + printf "root\nadmin\n" > users.txt + printf "THEPASSWORDYOUCREATED\n123456\npassword\n" > passwords.txt + kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists -n cascading-tests + cat < +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1\. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2\. Warning + +**Community Impact**: A violation through a single incident or series +of actions. + +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or +permanent ban. + +### 3\. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4\. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within +the community. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.0, available at +. + +Community Impact Guidelines were inspired by [Mozilla's code of conduct +enforcement ladder](https://github.com/mozilla/diversity). + +[homepage]: + +For answers to common questions about this code of conduct, see the FAQ at +. Translations are available at +. + diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..3d9ebb73 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,70 @@ +# Contributing + +- [Contributing](#contributing) + - [GitHub Flow](#github-flow) + - [How to work with GitHub Flow](#how-to-work-with-github-flow) + - [Working with Forks and Pull Requests](#working-with-forks-and-pull-requests) + - [Working with Issues / How to Contribute in Issues](#working-with-issues--how-to-contribute-in-issues) + - [How to Write Commit Messages](#how-to-write-commit-messages) + - [Code of Conduct](#code-of-conduct) + +## GitHub Flow + +For more information see [GitHub Flow](https://githubflow.github.io/) + +GitHub Flow is very lightweight (especially compared to GitFlow). +This workflow uses only two kinds of branches: + +- Feature branch +- Main branch (previously called master) + +The _feature_ branches are used to develop new features as well as fixes. +These branches are usually created out of main. + +Anything in the _main_ branch is deployable. +The _main_ branch is expected to be deployed regularly and is considered stable. + +### How to work with GitHub Flow + +For more information see [GitHub Flow](https://githubflow.github.io/) + +TL;DR + +1. anything in the _main_ branch is deployable +2. create descriptive branches off of main +3. push to named branches constantly +4. open a pull request at any time +5. merge only after pull request review +6. deploy immediately after review + +## Working with Forks and Pull Requests + +Our current continuous integration workflow makes it very hard to work on own forks of the _secureCodeBox_ because CI tests cannot be executed outside of our repository. We are aware of that problem and are working on a solution. + +Generally the _secureCodeBox_ project follows the standard [GitHub Pull request process](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests). + +## Working with Issues/How to Contribute in Issues + +It is mandatory to open an issue, if the task takes longer than one hour. +Before you open an issue please verify there is no existing one covering your issue. + +## How to Write Commit Messages + +For more information see [here](https://chris.beams.io/posts/git-commit/). + +TL;DR + +1. Separate subject from body with a blank line +2. Limit the subject line to 50 characters +3. Capitalize the subject line +4. Do not end the subject line with a period +5. Use the imperative mood in the subject line +6. Wrap the body at 72 characters +7. Use the body to explain what and why vs. how + +NOTE: Make sure you don't include `@mentions` or `fixes` keywords in your git commit messages. These should be included in the PR body instead. + +## Code of Conduct + +Please have a look at our [Code of Conduct](./CODE_OF_CONDUCT.md) before you write an Issue or make a PR. + diff --git a/README.md b/README.md index c7b32327..175d9050 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,6 @@ -# secureCodeBox โ€“ v2 ALPHA +This Repo has been archived. The code for the secureCodeBox v2 is now located in the primary https://github.com/secureCodeBox/secureCodeBox repository ๐ŸŽ‰. + +# secureCodeBox โ€“ v2 Beta

secureCodeBox Logo @@ -7,17 +9,22 @@

License Apache-2.0 - Latest GitHub Release + Preview GitHub Release OWASP Incubator Project Twitter Follower

- Build + Build + Maintainability Test Coverage - Known Vulnerabilities + Known Vulnerabilities +

-**NOTE**: This Repository contains a **work in progress** preview of the planned next major secureCodeBox Release. You can find the current **stable release** here [https://github.com/secureCodeBox/secureCodeBox](https://github.com/secureCodeBox/secureCodeBox). The release of version 2.0 is still at least some month away but you can already get a sneak peak here ๐Ÿ˜€. The release will contain a major architecture change which will not be backward compatible. More details will follow soon in a series of blog articles. +**NOTE**: This Repository contains the stable beta preview of the next major secureCodeBox (SCB) Release v2. +You can find the current **stable release** here [https://github.com/secureCodeBox/secureCodeBox](https://github.com/secureCodeBox/secureCodeBox). + +_The major release of SCB version 2.0 will be available in the next weeks._ The release will contain a major architecture change which will not be backward compatible. More details will follow soon in a series of blog articles. > _secureCodeBox_ is a kubernetes based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate and easily automate a bunch of security-testing tools out of the box. @@ -25,7 +32,7 @@ -- [secureCodeBox โ€“ v2 ALPHA](#securecodebox--v2-alpha) +- [secureCodeBox โ€“ v2 Beta](#securecodebox--v2-beta) - [Overview](#overview) - [Purpose of this Project](#purpose-of-this-project) - [Quickstart](#quickstart) @@ -35,7 +42,7 @@ - [Local Scan Examples](#local-scan-examples) - [Public Scan Examples](#public-scan-examples) - [Then get the current State of the Scan by running:](#then-get-the-current-state-of-the-scan-by-running) - - [To delete a scan, use ```kubectl delete```, e.g. for localhost nmap scan:](#to-delete-a-scan-use-kubectl-delete-eg-for-localhost-nmap-scan) + - [To delete a scan, use `kubectl delete`, e.g. for localhost nmap scan:](#to-delete-a-scan-use-kubectl-delete-eg-for-localhost-nmap-scan) - [Access Services](#access-services) - [How does it work?](#how-does-it-work) - [Architecture](#architecture) @@ -56,10 +63,12 @@ For additional documentation aspects please have a look at our: The typical way to ensure application security is to hire a security specialist (aka penetration tester) at some point in your project to check the application for security bugs and vulnerabilities. Usually, this check is done at a later stage of the project and has two major drawbacks: 1. Nowadays, a lot of projects do continuous delivery, which means the developers deploy new versions multiple times each day. The penetration tester is only able to check a single snapshot, but some further commits could introduce new security issues. To ensure ongoing application security, the penetration tester should also continuously test the application. Unfortunately, such an approach is rarely financially feasible. -2. Due to a typically time boxed analysis, the penetration tester has to focus on trivial security issues (low-hanging fruits) and therefore will not address the serious, non-obvious ones. +2. Due to a typically time boxed analysis, the penetration tester has to focus on trivial security issues (low-hanging fruit) and therefore will probably not address the serious, non-obvious ones. With the _secureCodeBox_ we provide a toolchain for continuous scanning of applications to find the low-hanging fruit issues early in the development process and free the resources of the penetration tester to concentrate on the major security issues. +![secureCodeBox Architecture](./docs/resources/macbook_kibana.jpg) + The purpose of _secureCodeBox_ **is not** to replace the penetration testers or make them obsolete. We strongly recommend to run extensive tests by experienced penetration testers on all your applications. **Important note**: The _secureCodeBox_ is no simple one-button-click-solution! You must have a deep understanding of security and how to configure the scanners. Furthermore, an understanding of the scan results and how to interpret them is also necessary. @@ -70,11 +79,12 @@ There is a German article about [Security DevOps โ€“ Angreifern (immer) einen Sc ### Prerequisites -- kubernetes (last 4 major releases supported: `1.15`, `1.16`, `1.17` & `1.18`) +- kubernetes (last 4 major releases supported: `1.16`, `1.17`, `1.18` & `1.19`) ### Deployment (based on Helm) -There are shorthand scripts to un-/install everything in the `bin` directory. +> The install instructions require you to have the repository cloned and to have your terminal located in the folder of repository. +> There are shorthand scripts to un-/install everything in the `bin` directory. Deploy the secureCodeBox operator first: @@ -112,7 +122,6 @@ Deploy secureCodeBox Hooks: ```bash helm upgrade --install ufh ./hooks/update-field/ helm upgrade --install gwh ./hooks/generic-webhook/ -helm upgrade --install issh ./hooks/imperative-subsequent-scans/ helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ ``` @@ -146,7 +155,8 @@ kubectl apply -f scanners/nmap/examples/scan.nmap.org/scan.yaml kubectl get scans ``` -#### To delete a scan, use ```kubectl delete```, e.g. for localhost nmap scan: +#### To delete a scan, use `kubectl delete`, e.g. for localhost nmap scan: + ``` kubectl delete -f scanners/nmap/examples/localhost/scan.yaml ``` @@ -195,5 +205,5 @@ Sponsored by [iteratec GmbH](https://www.iteratec.de/) - [secureCodeBox.io](http [scb-github]: https://github.com/secureCodeBox/ [scb-engine]: https://github.com/secureCodeBox/engine [scb-twitter]: https://twitter.com/secureCodeBox -[scb-slack]: https://join.slack.com/t/securecodebox/shared_invite/enQtNDU3MTUyOTM0NTMwLTJiNzg3MmU2ZDY2NDFiMGI0Y2FkM2I5Mzc2ZmEzYTcyN2FlN2Y2NDFiZDE5NjAxMjg1M2IxNDViNzE3OTIxMGU +[scb-slack]: https://join.slack.com/t/securecodebox/shared_invite/enQtNDU3MTUyOTM0NTMwLTBjOWRjNjVkNGEyMjQ0ZGMyNDdlYTQxYWQ4MzNiNGY3MDMxNThkZjJmMzY2NDRhMTk3ZWM3OWFkYmY1YzUxNTU [scb-license]: https://github.com/secureCodeBox/secureCodeBox/blob/master/LICENSE diff --git a/auto-discovery/kubernetes/.gitignore b/auto-discovery/kubernetes/.gitignore deleted file mode 100644 index d97ffc51..00000000 --- a/auto-discovery/kubernetes/.gitignore +++ /dev/null @@ -1,24 +0,0 @@ - -# Binaries for programs and plugins -*.exe -*.exe~ -*.dll -*.so -*.dylib -bin - -# Test binary, build with `go test -c` -*.test - -# Output of the go coverage tool, specifically when used with LiteIDE -*.out - -# Kubernetes Generated files - skip generated files, except for vendored files - -!vendor/**/zz_generated.* - -# editor and IDE paraphernalia -.idea -*.swp -*.swo -*~ diff --git a/auto-discovery/kubernetes/Dockerfile b/auto-discovery/kubernetes/Dockerfile deleted file mode 100644 index 74eb9d74..00000000 --- a/auto-discovery/kubernetes/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -# Build the manager binary -FROM golang:1.13 as builder - -WORKDIR /workspace -# Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer -RUN go mod download - -# Copy the go source -COPY main.go main.go -COPY api/ api/ -COPY controllers/ controllers/ - -# Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go - -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM gcr.io/distroless/static:nonroot -WORKDIR / -COPY --from=builder /workspace/manager . -USER nonroot:nonroot - -ENTRYPOINT ["/manager"] diff --git a/auto-discovery/kubernetes/Makefile b/auto-discovery/kubernetes/Makefile deleted file mode 100644 index 5da22b5b..00000000 --- a/auto-discovery/kubernetes/Makefile +++ /dev/null @@ -1,80 +0,0 @@ - -# Image URL to use all building/pushing image targets -IMG ?= controller:latest -# Produce CRDs that work back to Kubernetes 1.11 (no version conversion) -CRD_OPTIONS ?= "crd:trivialVersions=true" - -# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) -ifeq (,$(shell go env GOBIN)) -GOBIN=$(shell go env GOPATH)/bin -else -GOBIN=$(shell go env GOBIN) -endif - -all: manager - -# Run tests -test: generate fmt vet manifests - go test ./... -coverprofile cover.out - -# Build manager binary -manager: generate fmt vet - go build -o bin/manager main.go - -# Run against the configured Kubernetes cluster in ~/.kube/config -run: generate fmt vet manifests - go run ./main.go - -# Install CRDs into a cluster -install: manifests - kustomize build config/crd | kubectl apply -f - - -# Uninstall CRDs from a cluster -uninstall: manifests - kustomize build config/crd | kubectl delete -f - - -# Deploy controller in the configured Kubernetes cluster in ~/.kube/config -deploy: manifests - cd config/manager && kustomize edit set image controller=${IMG} - kustomize build config/default | kubectl apply -f - - -# Generate manifests e.g. CRD, RBAC etc. -manifests: controller-gen - $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases - -# Run go fmt against code -fmt: - go fmt ./... - -# Run go vet against code -vet: - go vet ./... - -# Generate code -generate: controller-gen - $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." - -# Build the docker image -docker-build: test - docker build . -t ${IMG} - -# Push the docker image -docker-push: - docker push ${IMG} - -# find or download controller-gen -# download controller-gen if necessary -controller-gen: -ifeq (, $(shell which controller-gen)) - @{ \ - set -e ;\ - CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\ - cd $$CONTROLLER_GEN_TMP_DIR ;\ - go mod init tmp ;\ - go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.2.5 ;\ - rm -rf $$CONTROLLER_GEN_TMP_DIR ;\ - } -CONTROLLER_GEN=$(GOBIN)/controller-gen -else -CONTROLLER_GEN=$(shell which controller-gen) -endif diff --git a/auto-discovery/kubernetes/PROJECT b/auto-discovery/kubernetes/PROJECT deleted file mode 100644 index 12d65693..00000000 --- a/auto-discovery/kubernetes/PROJECT +++ /dev/null @@ -1,3 +0,0 @@ -domain: securecodebox.io -repo: github.com/secureCodeBox/secureCodeBox-v2-alpha/cloud-integrations/kubernetes -version: "2" diff --git a/auto-discovery/kubernetes/config/certmanager/certificate.yaml b/auto-discovery/kubernetes/config/certmanager/certificate.yaml deleted file mode 100644 index 58db114f..00000000 --- a/auto-discovery/kubernetes/config/certmanager/certificate.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# The following manifests contain a self-signed issuer CR and a certificate CR. -# More document can be found at https://docs.cert-manager.io -# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for -# breaking changes -apiVersion: cert-manager.io/v1alpha2 -kind: Issuer -metadata: - name: selfsigned-issuer - namespace: system -spec: - selfSigned: {} ---- -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml - namespace: system -spec: - # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize - dnsNames: - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local - issuerRef: - kind: Issuer - name: selfsigned-issuer - secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/auto-discovery/kubernetes/config/certmanager/kustomization.yaml b/auto-discovery/kubernetes/config/certmanager/kustomization.yaml deleted file mode 100644 index bebea5a5..00000000 --- a/auto-discovery/kubernetes/config/certmanager/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -resources: -- certificate.yaml - -configurations: -- kustomizeconfig.yaml diff --git a/auto-discovery/kubernetes/config/certmanager/kustomizeconfig.yaml b/auto-discovery/kubernetes/config/certmanager/kustomizeconfig.yaml deleted file mode 100644 index 90d7c313..00000000 --- a/auto-discovery/kubernetes/config/certmanager/kustomizeconfig.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# This configuration is for teaching kustomize how to update name ref and var substitution -nameReference: -- kind: Issuer - group: cert-manager.io - fieldSpecs: - - kind: Certificate - group: cert-manager.io - path: spec/issuerRef/name - -varReference: -- kind: Certificate - group: cert-manager.io - path: spec/commonName -- kind: Certificate - group: cert-manager.io - path: spec/dnsNames diff --git a/auto-discovery/kubernetes/config/default/kustomization.yaml b/auto-discovery/kubernetes/config/default/kustomization.yaml deleted file mode 100644 index 4d371fdb..00000000 --- a/auto-discovery/kubernetes/config/default/kustomization.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# Adds namespace to all resources. -namespace: kubernetes-system - -# Value of this field is prepended to the -# names of all resources, e.g. a deployment named -# "wordpress" becomes "alices-wordpress". -# Note that it should also match with the prefix (text before '-') of the namespace -# field above. -namePrefix: kubernetes- - -# Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue - -bases: -- ../crd -- ../rbac -- ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- ../webhook -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -#- ../certmanager -# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. -#- ../prometheus - -patchesStrategicMerge: - # Protect the /metrics endpoint by putting it behind auth. - # If you want your controller-manager to expose the /metrics - # endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml - -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- manager_webhook_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -#- webhookcainjection_patch.yaml - -# the following config is for teaching kustomize how to do var substitution -vars: -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1alpha2 -# name: serving-cert # this name should match the one in certificate.yaml -# fieldref: -# fieldpath: metadata.namespace -#- name: CERTIFICATE_NAME -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1alpha2 -# name: serving-cert # this name should match the one in certificate.yaml -#- name: SERVICE_NAMESPACE # namespace of the service -# objref: -# kind: Service -# version: v1 -# name: webhook-service -# fieldref: -# fieldpath: metadata.namespace -#- name: SERVICE_NAME -# objref: -# kind: Service -# version: v1 -# name: webhook-service diff --git a/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml b/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 77e743d1..00000000 --- a/auto-discovery/kubernetes/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=10" - ports: - - containerPort: 8443 - name: https - - name: manager - args: - - "--metrics-addr=127.0.0.1:8080" - - "--enable-leader-election" diff --git a/auto-discovery/kubernetes/config/default/manager_webhook_patch.yaml b/auto-discovery/kubernetes/config/default/manager_webhook_patch.yaml deleted file mode 100644 index 738de350..00000000 --- a/auto-discovery/kubernetes/config/default/manager_webhook_patch.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert diff --git a/auto-discovery/kubernetes/config/default/webhookcainjection_patch.yaml b/auto-discovery/kubernetes/config/default/webhookcainjection_patch.yaml deleted file mode 100644 index 7e79bf99..00000000 --- a/auto-discovery/kubernetes/config/default/webhookcainjection_patch.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# This patch add annotation to admission webhook config and -# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. -apiVersion: admissionregistration.k8s.io/v1beta1 -kind: MutatingWebhookConfiguration -metadata: - name: mutating-webhook-configuration - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) ---- -apiVersion: admissionregistration.k8s.io/v1beta1 -kind: ValidatingWebhookConfiguration -metadata: - name: validating-webhook-configuration - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) diff --git a/auto-discovery/kubernetes/config/manager/kustomization.yaml b/auto-discovery/kubernetes/config/manager/kustomization.yaml deleted file mode 100644 index 5c5f0b84..00000000 --- a/auto-discovery/kubernetes/config/manager/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- manager.yaml diff --git a/auto-discovery/kubernetes/config/manager/manager.yaml b/auto-discovery/kubernetes/config/manager/manager.yaml deleted file mode 100644 index b6c85a52..00000000 --- a/auto-discovery/kubernetes/config/manager/manager.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - control-plane: controller-manager - name: system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system - labels: - control-plane: controller-manager -spec: - selector: - matchLabels: - control-plane: controller-manager - replicas: 1 - template: - metadata: - labels: - control-plane: controller-manager - spec: - containers: - - command: - - /manager - args: - - --enable-leader-election - image: controller:latest - name: manager - resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi - terminationGracePeriodSeconds: 10 diff --git a/auto-discovery/kubernetes/config/prometheus/kustomization.yaml b/auto-discovery/kubernetes/config/prometheus/kustomization.yaml deleted file mode 100644 index ed137168..00000000 --- a/auto-discovery/kubernetes/config/prometheus/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- monitor.yaml diff --git a/auto-discovery/kubernetes/config/prometheus/monitor.yaml b/auto-discovery/kubernetes/config/prometheus/monitor.yaml deleted file mode 100644 index 9b8047b7..00000000 --- a/auto-discovery/kubernetes/config/prometheus/monitor.yaml +++ /dev/null @@ -1,16 +0,0 @@ - -# Prometheus Monitor Service (Metrics) -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - control-plane: controller-manager - name: controller-manager-metrics-monitor - namespace: system -spec: - endpoints: - - path: /metrics - port: https - selector: - matchLabels: - control-plane: controller-manager diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 7d62534c..00000000 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: ["/metrics"] - verbs: ["get"] diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 618f5e41..00000000 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: proxy-role -rules: -- apiGroups: ["authentication.k8s.io"] - resources: - - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] - resources: - - subjectaccessreviews - verbs: ["create"] diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index 48ed1e4b..00000000 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: default - namespace: system diff --git a/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml b/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index 6cf656be..00000000 --- a/auto-discovery/kubernetes/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - name: controller-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - targetPort: https - selector: - control-plane: controller-manager diff --git a/auto-discovery/kubernetes/config/rbac/kustomization.yaml b/auto-discovery/kubernetes/config/rbac/kustomization.yaml deleted file mode 100644 index 66c28338..00000000 --- a/auto-discovery/kubernetes/config/rbac/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ -resources: -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml diff --git a/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml b/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml deleted file mode 100644 index eaa79158..00000000 --- a/auto-discovery/kubernetes/config/rbac/leader_election_role.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# permissions to do leader election. -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: leader-election-role -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create diff --git a/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml b/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml deleted file mode 100644 index eed16906..00000000 --- a/auto-discovery/kubernetes/config/rbac/leader_election_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: leader-election-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election-role -subjects: -- kind: ServiceAccount - name: default - namespace: system diff --git a/auto-discovery/kubernetes/config/rbac/role.yaml b/auto-discovery/kubernetes/config/rbac/role.yaml deleted file mode 100644 index 62af5353..00000000 --- a/auto-discovery/kubernetes/config/rbac/role.yaml +++ /dev/null @@ -1,22 +0,0 @@ - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: manager-role -rules: -- apiGroups: - - networking - resources: - - ingress - verbs: - - get - - list - - watch -- apiGroups: - - networking - resources: - - ingress/status - verbs: - - get diff --git a/auto-discovery/kubernetes/config/rbac/role_binding.yaml b/auto-discovery/kubernetes/config/rbac/role_binding.yaml deleted file mode 100644 index 8f265870..00000000 --- a/auto-discovery/kubernetes/config/rbac/role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: manager-role -subjects: -- kind: ServiceAccount - name: default - namespace: system diff --git a/auto-discovery/kubernetes/config/webhook/kustomization.yaml b/auto-discovery/kubernetes/config/webhook/kustomization.yaml deleted file mode 100644 index 9cf26134..00000000 --- a/auto-discovery/kubernetes/config/webhook/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -resources: -- manifests.yaml -- service.yaml - -configurations: -- kustomizeconfig.yaml diff --git a/auto-discovery/kubernetes/config/webhook/kustomizeconfig.yaml b/auto-discovery/kubernetes/config/webhook/kustomizeconfig.yaml deleted file mode 100644 index 25e21e3c..00000000 --- a/auto-discovery/kubernetes/config/webhook/kustomizeconfig.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# the following config is for teaching kustomize where to look at when substituting vars. -# It requires kustomize v2.1.0 or newer to work properly. -nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: MutatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/name - - kind: ValidatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/name - -namespace: -- kind: MutatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/namespace - create: true -- kind: ValidatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/namespace - create: true - -varReference: -- path: metadata/annotations diff --git a/auto-discovery/kubernetes/config/webhook/service.yaml b/auto-discovery/kubernetes/config/webhook/service.yaml deleted file mode 100644 index 31e0f829..00000000 --- a/auto-discovery/kubernetes/config/webhook/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ - -apiVersion: v1 -kind: Service -metadata: - name: webhook-service - namespace: system -spec: - ports: - - port: 443 - targetPort: 9443 - selector: - control-plane: controller-manager diff --git a/auto-discovery/kubernetes/controllers/ingress_scan_controller.go b/auto-discovery/kubernetes/controllers/ingress_scan_controller.go deleted file mode 100644 index 76c3dd4d..00000000 --- a/auto-discovery/kubernetes/controllers/ingress_scan_controller.go +++ /dev/null @@ -1,202 +0,0 @@ -/* - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controllers - -import ( - "context" - "fmt" - - "github.com/go-logr/logr" - targetsv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/targets/v1" - - networking "k8s.io/api/networking/v1beta1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/event" - "sigs.k8s.io/controller-runtime/pkg/predicate" -) - -// IngressScanReconciler reconciles a DeleteMe object -type IngressScanReconciler struct { - client.Client - Log logr.Logger - Scheme *runtime.Scheme -} - -var ( - ownerKey = ".metadata.controller" - apiGVStr = targetsv1.GroupVersion.String() -) - -// +kubebuilder:rbac:groups=networking,resources=ingress,verbs=get;list;watch -// +kubebuilder:rbac:groups=networking,resources=ingress/status,verbs=get - -// Reconcile compares the Ingress object against the state of the cluster and updates both if needed -func (r *IngressScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { - ctx := context.Background() - log := r.Log - - log.Info("Something happened to a ingress", "ingress", req.Name, "namespace", req.Namespace) - - var ingress networking.Ingress - if err := r.Get(ctx, req.NamespacedName, &ingress); err != nil { - // we'll ignore not-found errors, since they can't be fixed by an immediate - // requeue (we'll need to wait for a new notification), and we can get them - // on deleted requests. - log.V(7).Info("Unable to fetch Ingress") - return ctrl.Result{}, client.IgnoreNotFound(err) - } - - err := r.CreateOrUpdateTlsForHosts(ingress) - if err != nil { - return ctrl.Result{}, err - } - - return ctrl.Result{}, nil -} - -func (r *IngressScanReconciler) CreateOrUpdateTlsForHosts(ingress networking.Ingress) error { - if ingress.Spec.TLS == nil { - return nil - } - - for _, tlsConfig := range ingress.Spec.TLS { - for _, hostname := range tlsConfig.Hosts { - - var hostTargets targetsv1.HostList - - // Check if there is a target already, or create one - r.List( - context.Background(), - &hostTargets, - client.InNamespace(ingress.Namespace), - client.MatchingField(ownerKey, ingress.Name), - ) - r.Log.Info("Listed hosts", "Length", len(hostTargets.Items)) - - host := targetsv1.Host{} - - found := false - // Check if the ingress has a child Host with a matching Hostname - for _, hostItem := range hostTargets.Items { - r.Log.Info("Comparing Hostnames", "LoopyHostname", hostItem.Spec.Hostname, "IngressHostname", hostname) - if hostItem.Spec.Hostname == hostname { - r.Log.Info("Found Host") - found = true - host = hostItem - } - } - if found == false { - host.GenerateName = fmt.Sprintf("%s-", ingress.Name) - host.Namespace = ingress.Namespace - host.Spec.Hostname = hostname - host.Spec.Ports = make([]targetsv1.HostPort, 0) - - if err := ctrl.SetControllerReference(&ingress, &host, r.Scheme); err != nil { - return err - } - - err := r.Create(context.Background(), &host) - if err != nil { - r.Log.Error(err, "unable to create host") - return err - } - } - - containsHTTPSPort := false - if host.Spec.Ports == nil { - host.Spec.Ports = make([]targetsv1.HostPort, 0) - } - for _, port := range host.Spec.Ports { - if port.Port == 443 { - containsHTTPSPort = true - break - } - } - - if containsHTTPSPort == false { - httpsPort := targetsv1.HostPort{ - Type: "https", - Port: 443, - } - host.Spec.Ports = append(host.Spec.Ports, httpsPort) - - err := r.Update(context.Background(), &host) - if err != nil { - r.Log.Error(err, "Failed to add https port to target") - return err - } - } - } - } - - return nil -} - -// SetupWithManager sets up the controller and initializes every thing it needs -func (r *IngressScanReconciler) SetupWithManager(mgr ctrl.Manager) error { - if err := mgr.GetFieldIndexer().IndexField(&targetsv1.Host{}, ownerKey, func(rawObj runtime.Object) []string { - // grab the job object, extract the owner... - host := rawObj.(*targetsv1.Host) - owner := metav1.GetControllerOf(host) - if owner == nil { - return nil - } - // ...make sure it's a Host... - if owner.APIVersion != "networking.k8s.io/v1beta1" || owner.Kind != "Ingress" { - return nil - } - - // ...and if so, return it - return []string{owner.Name} - }); err != nil { - return err - } - - isInDemoNamespaceFilter := predicate.Funcs{ - CreateFunc: func(event event.CreateEvent) bool { - if val, ok := event.Meta.GetAnnotations()["auto-discovery.experimental.securecodebox.io/ignore"]; ok && val == "true" { - return false - } - return event.Meta.GetNamespace() == "juice-shop" || event.Meta.GetNamespace() == "bodgeit" - }, - DeleteFunc: func(event event.DeleteEvent) bool { - if val, ok := event.Meta.GetAnnotations()["auto-discovery.experimental.securecodebox.io/ignore"]; ok && val == "true" { - return false - } - return event.Meta.GetNamespace() == "juice-shop" || event.Meta.GetNamespace() == "bodgeit" - }, - UpdateFunc: func(event event.UpdateEvent) bool { - if val, ok := event.MetaNew.GetAnnotations()["auto-discovery.experimental.securecodebox.io/ignore"]; ok && val == "true" { - return false - } - return event.MetaNew.GetNamespace() == "juice-shop" || event.MetaNew.GetNamespace() == "bodgeit" - }, - GenericFunc: func(event event.GenericEvent) bool { - if val, ok := event.Meta.GetAnnotations()["auto-discovery.experimental.securecodebox.io/ignore"]; ok && val == "true" { - return false - } - return event.Meta.GetNamespace() == "juice-shop" || event.Meta.GetNamespace() == "bodgeit" - }, - } - - return ctrl.NewControllerManagedBy(mgr). - For(&networking.Ingress{}).WithEventFilter(isInDemoNamespaceFilter). - Complete(r) -} diff --git a/auto-discovery/kubernetes/controllers/suite_test.go b/auto-discovery/kubernetes/controllers/suite_test.go deleted file mode 100644 index e3184e08..00000000 --- a/auto-discovery/kubernetes/controllers/suite_test.go +++ /dev/null @@ -1,76 +0,0 @@ -/* - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controllers - -import ( - "path/filepath" - "testing" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" - "k8s.io/client-go/kubernetes/scheme" - "k8s.io/client-go/rest" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/envtest" - "sigs.k8s.io/controller-runtime/pkg/envtest/printer" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - // +kubebuilder:scaffold:imports -) - -// These tests use Ginkgo (BDD-style Go testing framework). Refer to -// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. - -var cfg *rest.Config -var k8sClient client.Client -var testEnv *envtest.Environment - -func TestAPIs(t *testing.T) { - RegisterFailHandler(Fail) - - RunSpecsWithDefaultAndCustomReporters(t, - "Controller Suite", - []Reporter{printer.NewlineReporter{}}) -} - -var _ = BeforeSuite(func(done Done) { - logf.SetLogger(zap.LoggerTo(GinkgoWriter, true)) - - By("bootstrapping test environment") - testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, - } - - var err error - cfg, err = testEnv.Start() - Expect(err).ToNot(HaveOccurred()) - Expect(cfg).ToNot(BeNil()) - - // +kubebuilder:scaffold:scheme - - k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) - Expect(err).ToNot(HaveOccurred()) - Expect(k8sClient).ToNot(BeNil()) - - close(done) -}, 60) - -var _ = AfterSuite(func() { - By("tearing down the test environment") - err := testEnv.Stop() - Expect(err).ToNot(HaveOccurred()) -}) diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod deleted file mode 100644 index cd684be0..00000000 --- a/auto-discovery/kubernetes/go.mod +++ /dev/null @@ -1,16 +0,0 @@ -module github.com/secureCodeBox/secureCodeBox-v2-alpha/auto-discovery/kubernetes - -go 1.13 - -require ( - github.com/go-logr/logr v0.1.0 - github.com/onsi/ginkgo v1.11.0 - github.com/onsi/gomega v1.8.1 - github.com/secureCodeBox/secureCodeBox-v2-alpha/operator v0.0.0 - k8s.io/api v0.17.2 - k8s.io/apimachinery v0.17.2 - k8s.io/client-go v0.17.2 - sigs.k8s.io/controller-runtime v0.5.2 -) - -replace github.com/secureCodeBox/secureCodeBox-v2-alpha/operator => ../../operator diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum deleted file mode 100644 index b063e04c..00000000 --- a/auto-discovery/kubernetes/go.sum +++ /dev/null @@ -1,470 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0 h1:ROfEUZz+Gh5pa62DJWXSaonyu3StP6EA6lPEXPI6mCo= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= -github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= -github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logr/logr v0.1.0 h1:M1Tv3VzNlEHg6uyACnRdtrploV2P7wZqH8BoQMtz0cg= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/zapr v0.1.0 h1:h+WVe9j6HAA01niTJPA/kKH0i7e0rLZBCwauQFcRE54= -github.com/go-logr/zapr v0.1.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= -github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= -github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= -github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= -github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= -github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= -github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= -github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= -github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= -github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= -github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= -github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= -github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= -github.com/go-openapi/validate v0.19.5/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20180513044358-24b0969c4cb7 h1:u4bArs140e9+AfE52mFHOXVFnOSBJBRlzTHrOPLOIhE= -github.com/golang/groupcache v0.0.0-20180513044358-24b0969c4cb7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef h1:veQD95Isof8w9/WXiA+pa3tz3fJXkt5B7QaRBrM62gk= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= -github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.3.1 h1:WeAefnSUHlBb0iJKwxFDZdbfGwkd7xRNuV+IpXMJhYk= -github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= -github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= -github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/minio/minio-go/v6 v6.0.50/go.mod h1:qD0lajrGW49lKZLtXKtCB4X/qkMf0a5tBvN2PaZg7Gg= -github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0 h1:JAKSXpt1YjtLA7YpPiqO9ss6sNXEsPfSGdwN0UHqzrw= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.8.1 h1:C5Dqfs/LeauYDX0jJXIe2SWmwCbGzx9yF8C8xy3Lh34= -github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v1.0.0 h1:vrDKnkGzuGvhNAL56c7DBz29ZL+KxnoR0x7enabFceM= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 h1:S/YWwWx/RA8rT8tKFRuGUZhuA90OyIBpPCXkcbwU8DE= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.4.1 h1:K0MGApIoQvMw27RTdJkPbr3JZ7DNbtxQNyi5STVM6Kw= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.2 h1:6LJUbpNm42llc4HRCuvApCSWB/WfhuNo9K98Q9sNGfs= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/secureCodeBox/secureCodeBox-v2-alpha v0.0.0-20200421122123-57178734d6e9 h1:S/FoesxDuE1/lj2iYpCgPdJXj4Gqe81BfuzTao+kIng= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= -go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586 h1:7KByu05hhLed2MO29w7p1XfZvZ13m8mub3shuVftRs0= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190922100055-0a153f010e69 h1:rOhMmluY6kLMhdnrivzec6lLgaVbMHMn2ISQXJeJ5EM= -golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.0.1 h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0= -gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= -gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= -gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= -gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.7 h1:VUgggvou5XRW9mHwD/yXxIYSMtY0zoKQf/v226p2nyo= -gopkg.in/yaml.v2 v2.2.7/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.17.2 h1:NF1UFXcKN7/OOv1uxdRz3qfra8AHsPav5M93hlV9+Dc= -k8s.io/api v0.17.2/go.mod h1:BS9fjjLc4CMuqfSO8vgbHPKMt5+SF0ET6u/RVDihTo4= -k8s.io/apiextensions-apiserver v0.17.2 h1:cP579D2hSZNuO/rZj9XFRzwJNYb41DbNANJb6Kolpss= -k8s.io/apiextensions-apiserver v0.17.2/go.mod h1:4KdMpjkEjjDI2pPfBA15OscyNldHWdBCfsWMDWAmSTs= -k8s.io/apimachinery v0.17.2 h1:hwDQQFbdRlpnnsR64Asdi55GyCaIP/3WQpMmbNBeWr4= -k8s.io/apimachinery v0.17.2/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= -k8s.io/apiserver v0.17.2/go.mod h1:lBmw/TtQdtxvrTk0e2cgtOxHizXI+d0mmGQURIHQZlo= -k8s.io/client-go v0.17.2 h1:ndIfkfXEGrNhLIgkr0+qhRguSD3u6DCmonepn1O6NYc= -k8s.io/client-go v0.17.2/go.mod h1:QAzRgsa0C2xl4/eVpeVAZMvikCn8Nm81yqVx3Kk9XYI= -k8s.io/code-generator v0.17.2/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= -k8s.io/component-base v0.17.2/go.mod h1:zMPW3g5aH7cHJpKYQ/ZsGMcgbsA/VyhEugF3QT1awLs= -k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= -k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= -k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a h1:UcxjrRMyNx/i/y8G7kPvLyy7rfbeuf1PYyBf973pgyU= -k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= -k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo= -k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= -modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= -modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= -modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= -modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= -sigs.k8s.io/controller-runtime v0.5.0 h1:CbqIy5fbUX+4E9bpnBFd204YAzRYlM9SWW77BbrcDQo= -sigs.k8s.io/controller-runtime v0.5.0/go.mod h1:REiJzC7Y00U+2YkMbT8wxgrsX5USpXKGhb2sCtAXiT8= -sigs.k8s.io/controller-runtime v0.5.2 h1:pyXbUfoTo+HA3jeIfr0vgi+1WtmNh0CwlcnQGLXwsSw= -sigs.k8s.io/controller-runtime v0.5.2/go.mod h1:JZUwSMVbxDupo0lTJSSFP5pimEyxGynROImSsqIOx1A= -sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= -sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= -sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/auto-discovery/kubernetes/hack/boilerplate.go.txt b/auto-discovery/kubernetes/hack/boilerplate.go.txt deleted file mode 100644 index 767efde9..00000000 --- a/auto-discovery/kubernetes/hack/boilerplate.go.txt +++ /dev/null @@ -1,15 +0,0 @@ -/* - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ \ No newline at end of file diff --git a/auto-discovery/kubernetes/main.go b/auto-discovery/kubernetes/main.go deleted file mode 100644 index c34bd899..00000000 --- a/auto-discovery/kubernetes/main.go +++ /dev/null @@ -1,86 +0,0 @@ -/* - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package main - -import ( - "flag" - "os" - - "k8s.io/apimachinery/pkg/runtime" - clientgoscheme "k8s.io/client-go/kubernetes/scheme" - _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - - "github.com/secureCodeBox/secureCodeBox-v2-alpha/auto-discovery/kubernetes/controllers" - - targetsv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/targets/v1" - // +kubebuilder:scaffold:imports -) - -var ( - scheme = runtime.NewScheme() - setupLog = ctrl.Log.WithName("setup") -) - -func init() { - _ = clientgoscheme.AddToScheme(scheme) - - _ = targetsv1.AddToScheme(scheme) - - // +kubebuilder:scaffold:scheme -} - -func main() { - var metricsAddr string - var enableLeaderElection bool - flag.StringVar(&metricsAddr, "metrics-addr", ":8081", "The address the metric endpoint binds to.") - flag.BoolVar(&enableLeaderElection, "enable-leader-election", false, - "Enable leader election for controller manager. "+ - "Enabling this will ensure there is only one active controller manager.") - flag.Parse() - - ctrl.SetLogger(zap.New(zap.UseDevMode(true))) - - mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ - Scheme: scheme, - MetricsBindAddress: metricsAddr, - Port: 9443, - LeaderElection: enableLeaderElection, - LeaderElectionID: "0c9fa8fa.my.domain", - }) - if err != nil { - setupLog.Error(err, "unable to start manager") - os.Exit(1) - } - - if err = (&controllers.IngressScanReconciler{ - Client: mgr.GetClient(), - Log: ctrl.Log.WithName("controllers").WithName("IngressScanController"), - Scheme: mgr.GetScheme(), - }).SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "DeleteMe") - os.Exit(1) - } - // +kubebuilder:scaffold:builder - - setupLog.Info("starting manager") - if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { - setupLog.Error(err, "problem running manager") - os.Exit(1) - } -} diff --git a/auto-discovery/readme.md b/auto-discovery/readme.md deleted file mode 100644 index 9aba2beb..00000000 --- a/auto-discovery/readme.md +++ /dev/null @@ -1,16 +0,0 @@ -# secureCodeBox Auto-Discovery - -> Disclaimer: This concept is currently undergoing first tests, things might still change drastically. - -The Auto Discovery Services monitor security relevant resources inside a cloud environment and automatically create scans to continuously monitor security aspects of the resources. We aim to eventually support most mayor cloud providers, like AWS, GCP and Azure, but also runtime environments on top of these, primarily kubernetes. - -## Example - -A developer deploys an app to a kubernetes cluster where the secureCodeBox and the kubernetes cloud integration for the secureCodeBox is installed. They create an Deployment for their application container and a Ingress to expose the application to the world. - -The kubernetes cloud integration service will automatically detect these new resources and start scans for them. -The scans it would start: - -1. A image scan scanning for vulnerable libraries in the docker / container image of the deployment. (Using trivy) -2. A TLS Scan against the certificate of the ingress for the host. (Using SSLyze) -3. A ZAP Baseline Scan to detect basic web vulnerabilities in the service. (Using OWASP ZAP) diff --git a/bin/install-all.sh b/bin/install-all.sh index 0d87e0c8..01b4f6b9 100755 --- a/bin/install-all.sh +++ b/bin/install-all.sh @@ -24,6 +24,5 @@ helm upgrade --install http-webhook ./demo-apps/http-webhook/ helm upgrade --install aah ./hooks/update-field/ helm upgrade --install gwh ./hooks/generic-webhook/ -helm upgrade --install issh ./hooks/imperative-subsequent-scans/ helm upgrade --install elkh ./hooks/persistence-elastic/ diff --git a/bin/uninstall-all.sh b/bin/uninstall-all.sh index 07630f46..80f273ab 100755 --- a/bin/uninstall-all.sh +++ b/bin/uninstall-all.sh @@ -23,7 +23,6 @@ helm uninstall swagger-petstore helm uninstall aah helm uninstall gwh -helm uninstall issh helm uninstall elkh diff --git a/demo-apps/bodgeit/Chart.yaml b/demo-apps/bodgeit/Chart.yaml index 2c8173c8..9b3030ad 100644 --- a/demo-apps/bodgeit/Chart.yaml +++ b/demo-apps/bodgeit/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -version: 0.1.0 +version: latest type: application appVersion: "v1.4.0" name: bodgeit @@ -7,13 +7,12 @@ description: "The BodgeIt Store is a vulnerable web app which is aimed at people home: https://github.com/psiinon/bodgeit icon: https://scb-art.j12934.now.sh/bodgeit.png keywords: -- vulnerable -- webapp -- demo + - vulnerable + - webapp + - demo sources: -- https://github.com/secureCodeBox/helm -- https://github.com/psiinon/bodgeit + - https://github.com/secureCodeBox/helm + - https://github.com/psiinon/bodgeit maintainers: -- name: iteratec GmbH - email: security@iteratec.com - + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/bodgeit/README.md b/demo-apps/bodgeit/README.md new file mode 100644 index 00000000..faf99dfc --- /dev/null +++ b/demo-apps/bodgeit/README.md @@ -0,0 +1,42 @@ +# bodgeit + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.4.0](https://img.shields.io/badge/AppVersion-v1.4.0-informational?style=flat-square) + +The BodgeIt Store is a vulnerable web app which is aimed at people who are new to pen testing + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| iteratec GmbH | security@iteratec.com | | + +## Source Code + +* +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"psiinon/bodgeit"` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `8080` | | +| service.type | string | `"ClusterIP"` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/bodgeit/helm2.Chart.yaml b/demo-apps/bodgeit/helm2.Chart.yaml new file mode 100644 index 00000000..c3f395b5 --- /dev/null +++ b/demo-apps/bodgeit/helm2.Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +version: latest +type: application +appVersion: "v1.4.0" +name: bodgeit +description: "The BodgeIt Store is a vulnerable web app which is aimed at people who are new to pen testing" +home: https://github.com/psiinon/bodgeit +icon: https://scb-art.j12934.now.sh/bodgeit.png +keywords: + - vulnerable + - webapp + - demo +sources: + - https://github.com/secureCodeBox/helm + - https://github.com/psiinon/bodgeit +maintainers: + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/dummy-ssh/Chart.yaml b/demo-apps/dummy-ssh/Chart.yaml index 31fc115c..1f9faae1 100644 --- a/demo-apps/dummy-ssh/Chart.yaml +++ b/demo-apps/dummy-ssh/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -version: 0.1.0 +version: latest type: application appVersion: "v1.0.0" name: dummy-ssh @@ -7,11 +7,10 @@ description: "SSH Server for scan testing." home: https://wordpress.org icon: https://www.securecodebox.io/integrationIcons/SSH.svg keywords: -- vulnerable -- ssh + - vulnerable + - ssh sources: -- https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/dummy-ssh + - https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/dummy-ssh maintainers: -- name: iteratec GmbH - email: security@iteratec.com - + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/dummy-ssh/README.md b/demo-apps/dummy-ssh/README.md new file mode 100644 index 00000000..09830cd0 --- /dev/null +++ b/demo-apps/dummy-ssh/README.md @@ -0,0 +1,36 @@ +# dummy-ssh + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.0](https://img.shields.io/badge/AppVersion-v1.0.0-informational?style=flat-square) + +SSH Server for scan testing. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| iteratec GmbH | security@iteratec.com | | + +## Source Code + +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"securecodebox/dummy-ssh"` | | +| imagePullSecrets | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `22` | | +| service.type | string | `"ClusterIP"` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/dummy-ssh/helm2.Chart.yaml b/demo-apps/dummy-ssh/helm2.Chart.yaml new file mode 100644 index 00000000..778b4258 --- /dev/null +++ b/demo-apps/dummy-ssh/helm2.Chart.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +version: latest +type: application +appVersion: "v1.0.0" +name: dummy-ssh +description: "SSH Server for scan testing." +home: https://wordpress.org +icon: https://www.securecodebox.io/integrationIcons/SSH.svg +keywords: + - vulnerable + - ssh +sources: + - https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/dummy-ssh +maintainers: + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/http-webhook/Chart.yaml b/demo-apps/http-webhook/Chart.yaml index dfd68ec9..70cca92e 100644 --- a/demo-apps/http-webhook/Chart.yaml +++ b/demo-apps/http-webhook/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: latest # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/demo-apps/http-webhook/README.md b/demo-apps/http-webhook/README.md new file mode 100644 index 00000000..7081da32 --- /dev/null +++ b/demo-apps/http-webhook/README.md @@ -0,0 +1,39 @@ +# http-webhook + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) + +A Dummy webserver to echo HTTP requests in log + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"mendhak/http-https-echo"` | | +| image.tag | string | `"latest"` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/juice-shop/Chart.yaml b/demo-apps/juice-shop/Chart.yaml index 2515627a..a18c5350 100644 --- a/demo-apps/juice-shop/Chart.yaml +++ b/demo-apps/juice-shop/Chart.yaml @@ -1,26 +1,26 @@ apiVersion: v2 -version: 0.1.0 -appVersion: "v11.1.2" +version: latest +appVersion: "v12.0.2" name: juice-shop description: "OWASP Juice Shop: Probably the most modern and sophisticated insecure web application" type: application home: https://owasp.org/www-project-juice-shop/ icon: https://raw.githubusercontent.com/bkimminich/juice-shop/bdbcc0ea4484a2dd6b8ca243daa34c882129cdd4/frontend/src/assets/public/images/JuiceShop_Logo_400px.png keywords: -- owasp -- javascript -- vulnerable -- hacking -- application-security -- owasp-top-10 -- owasp-top-ten -- pentesting -- vulnapp -- appsec -- ctf + - owasp + - javascript + - vulnerable + - hacking + - application-security + - owasp-top-10 + - owasp-top-ten + - pentesting + - vulnapp + - appsec + - ctf sources: -- https://github.com/secureCodeBox/helm -- https://github.com/bkimminich/juice-shop + - https://github.com/secureCodeBox/helm + - https://github.com/bkimminich/juice-shop maintainers: -- name: iteratec GmbH - email: security@iteratec.com + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/juice-shop/README.md b/demo-apps/juice-shop/README.md new file mode 100644 index 00000000..495f93d4 --- /dev/null +++ b/demo-apps/juice-shop/README.md @@ -0,0 +1,42 @@ +# juice-shop + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v12.0.2](https://img.shields.io/badge/AppVersion-v12.0.2-informational?style=flat-square) + +OWASP Juice Shop: Probably the most modern and sophisticated insecure web application + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| iteratec GmbH | security@iteratec.com | | + +## Source Code + +* +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"bkimminich/juice-shop"` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `3000` | | +| service.type | string | `"ClusterIP"` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/juice-shop/helm2.Chart.yaml b/demo-apps/juice-shop/helm2.Chart.yaml new file mode 100644 index 00000000..a18c5350 --- /dev/null +++ b/demo-apps/juice-shop/helm2.Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +version: latest +appVersion: "v12.0.2" +name: juice-shop +description: "OWASP Juice Shop: Probably the most modern and sophisticated insecure web application" +type: application +home: https://owasp.org/www-project-juice-shop/ +icon: https://raw.githubusercontent.com/bkimminich/juice-shop/bdbcc0ea4484a2dd6b8ca243daa34c882129cdd4/frontend/src/assets/public/images/JuiceShop_Logo_400px.png +keywords: + - owasp + - javascript + - vulnerable + - hacking + - application-security + - owasp-top-10 + - owasp-top-ten + - pentesting + - vulnapp + - appsec + - ctf +sources: + - https://github.com/secureCodeBox/helm + - https://github.com/bkimminich/juice-shop +maintainers: + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/old-wordpress/Chart.yaml b/demo-apps/old-wordpress/Chart.yaml index d797deb9..f8bd97f5 100644 --- a/demo-apps/old-wordpress/Chart.yaml +++ b/demo-apps/old-wordpress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -version: 0.1.0 +version: latest appVersion: "4.0" name: old-wordpress description: "Insecure & Outdated Wordpress Instance: Never expose it to the internet!" @@ -7,11 +7,11 @@ type: application home: https://wordpress.org icon: https://s.w.org/style/images/about/WordPress-logotype-alternative.png keywords: -- vulnerable -- wordpress + - vulnerable + - wordpress sources: -- https://github.com/secureCodeBox/helm -- https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/old-wordpress + - https://github.com/secureCodeBox/helm + - https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/old-wordpress maintainers: -- name: iteratec GmbH - email: security@iteratec.com + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/old-wordpress/README.md b/demo-apps/old-wordpress/README.md new file mode 100644 index 00000000..244ae386 --- /dev/null +++ b/demo-apps/old-wordpress/README.md @@ -0,0 +1,37 @@ +# old-wordpress + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.0](https://img.shields.io/badge/AppVersion-4.0-informational?style=flat-square) + +Insecure & Outdated Wordpress Instance: Never expose it to the internet! + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| iteratec GmbH | security@iteratec.com | | + +## Source Code + +* +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"securecodebox/old-wordpress"` | | +| imagePullSecrets | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/old-wordpress/helm2.Chart.yaml b/demo-apps/old-wordpress/helm2.Chart.yaml new file mode 100644 index 00000000..f8bd97f5 --- /dev/null +++ b/demo-apps/old-wordpress/helm2.Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +version: latest +appVersion: "4.0" +name: old-wordpress +description: "Insecure & Outdated Wordpress Instance: Never expose it to the internet!" +type: application +home: https://wordpress.org +icon: https://s.w.org/style/images/about/WordPress-logotype-alternative.png +keywords: + - vulnerable + - wordpress +sources: + - https://github.com/secureCodeBox/helm + - https://github.com/secureCodeBox/secureCodeBox/tree/master/demo/old-wordpress +maintainers: + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/swagger-petstore/Chart.yaml b/demo-apps/swagger-petstore/Chart.yaml index d8fdc799..7c25ccb8 100644 --- a/demo-apps/swagger-petstore/Chart.yaml +++ b/demo-apps/swagger-petstore/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -version: 0.1.0 +version: latest appVersion: "1.0.3" name: swagger-petstore description: "This is the sample petstore application" @@ -7,11 +7,11 @@ type: application home: https://github.com/swagger-api/swagger-petstore icon: https://static1.smartbear.co/swagger/media/assets/images/swagger_logo.svg keywords: -- swagger -- openapi + - swagger + - openapi sources: -- https://github.com/secureCodeBox/helm -- https://github.com/swagger-api/swagger-petstore + - https://github.com/secureCodeBox/helm + - https://github.com/swagger-api/swagger-petstore maintainers: -- name: iteratec GmbH - email: security@iteratec.com + - name: iteratec GmbH + email: security@iteratec.com diff --git a/demo-apps/swagger-petstore/README.md b/demo-apps/swagger-petstore/README.md new file mode 100644 index 00000000..50f23a38 --- /dev/null +++ b/demo-apps/swagger-petstore/README.md @@ -0,0 +1,43 @@ +# swagger-petstore + +![Version: latest](https://img.shields.io/badge/Version-latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.3](https://img.shields.io/badge/AppVersion-1.0.3-informational?style=flat-square) + +This is the sample petstore application + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| iteratec GmbH | security@iteratec.com | | + +## Source Code + +* +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"swaggerapi/petstore"` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| swaggerHostOverride | string | `"http://swagger-petstore.demo-apps.svc"` | | +| tolerations | list | `[]` | | diff --git a/demo-apps/swagger-petstore/helm2.Chart.yaml b/demo-apps/swagger-petstore/helm2.Chart.yaml new file mode 100644 index 00000000..7c25ccb8 --- /dev/null +++ b/demo-apps/swagger-petstore/helm2.Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +version: latest +appVersion: "1.0.3" +name: swagger-petstore +description: "This is the sample petstore application" +type: application +home: https://github.com/swagger-api/swagger-petstore +icon: https://static1.smartbear.co/swagger/media/assets/images/swagger_logo.svg +keywords: + - swagger + - openapi +sources: + - https://github.com/secureCodeBox/helm + - https://github.com/swagger-api/swagger-petstore +maintainers: + - name: iteratec GmbH + email: security@iteratec.com diff --git a/docs/_config.yml b/docs/_config.yml deleted file mode 100644 index 2f7efbea..00000000 --- a/docs/_config.yml +++ /dev/null @@ -1 +0,0 @@ -theme: jekyll-theme-minimal \ No newline at end of file diff --git a/docs/adr/adr_0001.adoc b/docs/adr/adr_0001.adoc index 87d68733..53e4e95d 100644 --- a/docs/adr/adr_0001.adoc +++ b/docs/adr/adr_0001.adoc @@ -1,214 +1,77 @@ -[[ADR-0000]] -= ADR-0000: How can we introduce a more general extension concept for data processing modules? +[[ADR-0001]] += ADR-0001: Choosing the framework for the new secureCodeBox Website [cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] |==== - +// Use one of the ADR status parameter based on status +// Please add a cross reference link to the new ADR on 'superseded' ADR. +// e.g.: {adr_suposed_by} <> | Status | ACCEPTED | Date -| 2020-05-20 +| 2019-08-21 | Author(s) -| Jannik Hollenbach , - Jorge Estigarribia , - Robert Seedorff , - Sven Strittmatter +| Daniel Patanin daniel.patanin@iteratec.com, + Jannick Hollenbach jannick.hollenbach@iteratec.com +// ... |==== == Context -=== Status Quo - -One major challenge implementing the _secureCodeBox_ is to provide a flexible and modular architecture, which enables the open source community to easily understand the concepts and especially to extend the _secureCodeBox_ with individual features. Therefore we decided to separate the process stages of a single security scan (instance of _scanType_ custom resource definition; further abbreviated with _CRD_) in three major phases: - -.... -โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” -โ”‚ scanning โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ parsing โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ persisting โ”‚ -โ”‚ (phase 1) โ”‚ โ”‚ (phase 2) โ”‚ โ”‚ (phase 3) โ”‚ -โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ -.... - -By now the phase 3 "`persisting`" was implemented by so called _PersistenceProviders_ (e.g., the _persistence-elastic_ provider which is responsible for persisting all findings in a given elasticsearch database). The _secureCodeBox_ Operator is aware of this 3 phases and is responsible for the state model and execution of each security scan. - -=== Problem and Question - -We identified different additional use cases with a more "`data processing oriented`" pattern than the implemented phase 3 "`persisting`" indicates. For example, we implemented a so called _MetaDataProvider_ feature, which is responsible for enhancing each security finding with additional metadata. But the _MetaDataProvider_ must be executed after the phase 2 "`parsing`" and before the phase 3 "`persisting`" because it depends on the parsed finding results (which will be enhanced) and the updated findings should be also persisted. - -To find a proper solution, we split the topic into the following two questions: - -. Should we unify the concepts _MetaDataProvider_ and _PersistenceProvider_? -. How should the execution model look like for each concept? - -==== Question 1: Should We Unify the Concepts MetaDataProvider and PersistenceProvider? - -===== Solution Approach 1: Unify - -Both "`modules`" are "`processing`" the security findings, which were generated in the phase 2 "`parsing`", -but there is one major difference between them: - -* a _PersistenceProvider_ is processing the findings *read only*, and -* a _MetaDataProvider_ is processing the findings *read and write*. - -There is a similar concept in Kubernetes called https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/[AdmissionController], but with the exception that the will be executed before a resource is created. - -There are two variants of _AdmissionControllers_: - -. _ValidatingWebhookConfiguration_: *read only*, *executed last*; and -. _MutatingWebhookConfiguration_: *read and write*, *executed first*. - -We could do a similar thing and introduce CRD which allows to execute "`custom code`" (depends on the second question) after a scan has completed (meaning both phases "`scan`" and "`parsing`" were done). Some name ideas: - -* _ScanHooks_ -* _ScanCompletionHooks_ -* _FindingProcessors_ - -These could be implemented with a `type` attribute, which declares if they are *read only* or *read and write*. - -The _secureCodeBox operator_ would process all these CRDs in the namespace of the scan and execute the *read and write* ones first in serial only one at a time to avoid write conflicts and then the *read only* ones in parallel. - -[source,yaml] ----- -apiVersion: execution.experimental.securecodebox.io/v1 -kind: ScanCompletionHook -metadata: - name: my-metadata -spec: - type: ReadAndWrite - # If implemented like the current persistence provider - image: my-metadata:v2.0.0 ----- - -The Execution Flow would then look something like this: - -.... - โ”Œ ReadOnlyโ”€Hooksโ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ - โ”Œ ReadAndWriteHooks โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ - โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ -โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ -โ”‚ Scan โ”œโ”€โ”€โ–ถโ”‚ Parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” -โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ -.... - -====== Pros - -* Only one implementation. -* Pretty generic to expand and test out new ideas without having to modify the _secureCodeBox operator_. - -====== Cons - -* Possibly an "`over-abstraction`". -* Need to refactor the _persistence-elastic_ provider. -* The "`general implementation`" will be harder than the individual ones. - -===== Solution Approach 2: Keep Split between Persistence Provider and MetaData Provider - -Keep _PersistenceProvider_ as they are and introduce new _MetaDataProvider_ CRD which gets executed before the _PersistenceProviders_ by the __secureCodeBox operator_. - -.... - โ”Œ Persistence Providerโ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ - โ”Œ MetaData Provider โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ - โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ -โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ -โ”‚ Scan โ”œโ”€โ”€โ–ถโ”‚ Parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” -โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ -.... - -====== Pros - -* Quicker to implement. -* Might be worth it to have a separate concept for it. - -====== Cons - -* Not sure if it worth to introduce a new CRD for everything, especially when it's conceptually pretty close to to something already existing. - -==== Question 2: How Should the Execution Model Look like for Each Concept? - -===== Solution Approach 1: Like the Persistence Provider - -Basically a docker container which process findings takes two arguments: - -. A pre-defined URL to download the findings from. -. A pre-defined URL to upload the modified findings to. - -Examples: - -* NodeJS: `node my-metadata.js "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` -* Java: `java my-metadata.jar "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` -* Golang: `./my-metadata "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` - -====== Pros - -* One liner with the current implementations. -* Code overhead / wrapper code is pretty minimal. -* Zero scale: no resource costs when nothing is running. - -===== Cons - -* May results in too many Kubernetes jobs. -** Resource blocking on finished resources. -** `ttlAfterFinished` enabled. -* Container runtime overhead (especially time). - -===== Solution Approach 2: A WebHooks Like Concept - -Analog to kubernetes webhooks: HTTP server receiving findings and returning results. - -===== Pros - -* Milliseconds instead of seconds for processing. -* No overhead for container Creation. -* No additional kubernetes jobs needed. - -===== Cons - -* Introduces new running services which needs to be maintained and have uptime. -* Code overhead / boilerplate (Can be mitigated by an SDK). -* Debugging of individual _MetaDataProvider_ is harder than a single service which handles everything. -* Introduces "`new`"cConcept. -* Certificate management for webhook services (`cert-manager` required by default?). -* Scaling for systems with lots of load could be a problem. -* One service per namespace (multiple tenants) needed -> results in many running active services which is resource consuming. +There are tons of different frameworks for building websites out there. We must choose the most fitting one for our use, fulfilling our mandatory requirements: + +โ€ข Common programming language, if applicable easy to learn +โ€ข Overall easy to use and start-up, also locally +โ€ข Tutorials, examples and a good documentation +โ€ข Bonus points for great and many easy to use templates and plugins +โ€ข Needs continuous support and contribution +โ€ข Must be able to be deployed as GitHub pages + +We will choose from the following popular/trending: + +https://gridsome.org/[Gridsome] + +https://www.gatsbyjs.org/[Gatsby] + +https://gohugo.io/[Hugo] + +https://jekyllrb.com/[Jekyll] + +=== Research + +These frameworks do all fulfill the requirements to the extent that I estimate them as wellsuited. First, I researched the listed features on the respective sites or quickly googled after it +specifically and found instantly the requested feature. I followed up with a general overview +of how old the frameworks, how popular they are and for example pages build with them. +Afterwards I searched for comparison blogs and posts, mostly to examine their comments. +Most of these โ€žpro-cons โ€œ-posts are inaccurate and very superficial, but luckily because of that +the comment sections hold interesting discussions and comparisons from overall features and +usability to specific issues and problems of each framework and which framework fits what +use-cases in general. After this research Iโ€™ve come to a majority of similar experience sharing +and discussions. These described the distribution of these frameworks as follows (roughly +summarized): + +Gridsome is like Gatsby just for VueJS. +Gatsby is blazing fast after building the pages but requires a little bit more understanding of +JavaScript and React and may not be as easy to get behind if youโ€™ve never built a site with a +static site generator before. +Hugo is fast in building and based on Golang. But as a newbie to that language youโ€™ll find yourself using the documentation very much, unless you learn this language to a curtain depth. +Jekyll is simple in templating and very good for quickly starting a small blog site but based on +ruby and therefore requires ruby dependencies. == Decision -Regarding question 1 it seems that both solution approaches are resulting in the same execution model. We decided to implement solution approach 1 and unify both concepts into a more general concept with the name _hook concept_. Therefore we exchange the existing name _PersistenceProvider_ for phase 3 in the execution model with a more general term _processing_: - -.... -โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” -โ”‚ scanning โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ parsing โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ processing โ”‚ -โ”‚ (Phase 1) โ”‚ โ”‚ (Phase 2) โ”‚ โ”‚ (Phase 3) โ”‚ -โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ -.... - -Regarding question 2 we decided to implement the solution approach 1 with a job-based approach (no active service component needed). Therefore the phase 3 _processing_ will be split into two separate phases named _ReadAndWriteHooks_ (3.1) and _ReadOnlyHooks_ (3.2) -// #30 to what refers 3.1 and 3.2? - -.... - โ”Œ 3.2 processing: ReadOnlyHooks โ”€ โ”€ โ”€ - โ”Œ 3.1 processing: ReadAndWriteHooks โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ - โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ -โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ -โ”‚ scanning โ”œโ”€โ”€โ–ถโ”‚ parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” -โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ - โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ -.... +So, it seems that Hugo is a pretty good choice for sites with many, manyโ€ฆ. like many pages. +Jekyll seems to fit for a quick build. Gatsby and Gridsome require a bit more time to learn but +have their advantages in speed and growth of the site. And whether you choose Gridsome over +Gatsby relies on whether you want to use VueJS or not. -== Consequences - -With the new _hook concept_ we open the _phase 3 processing_ to a more intuitive and flexible architecture. It is easier to understand because _WebHooks_ are already a well known concept. It is possible to keep the existing implementation of the _PersistenceProvider_ and integrate them with a lot of other possible processing components in a more general fashion. In the end, this step will result in a lot of additional feature possibilities, which go far beyond the existing ones proposed here. Therefore we only need to implement this concept once in the _secureCodeBox operator_ and new ideas for extending the _DataProcessing_ will not enforce conceptual or architectural changes. +Finally weโ€™ve decided to use Gatsby. Some of the main reasons is itโ€™s fast performance, the extensive documentation and tutorials and also the language, since Hugo (the +other framework we considered mainly) is based on Golang, and as for my part as a developer I +feel completely comfortable and prefer working with JSX. Overall it comes down to preferences mostly, since weโ€™re not going to build a giant Website, nor are we planning on implementing โ€œcrazyโ€ Features. -Ideas for additional processing hooks: +== Consequences -* Notifier hooks (_ReadOnlyHook_) e.g., for chat (slack, teams etc.), metric, alerting systems -* MetaData enrichment hooks (_ReadAndWriteHook_) -* FilterData hooks (_ReadAndWriteHook_) (e.g., false/positive handling) -* SystemIntegration hooks (_ReadOnlyHook_) e.g., for ticketing systems like Jira -* CascadingScans hooks (_ReadOnlyHook_) e.g., for starting new security scans based on findings +For the integration of our multi-repository documentation weโ€™ll use +Antora if working this out with Gatsby is going to be more difficult than integrating Antora. +Weโ€™re aware that using Gatsby requires a bit more maintenance and has the drawback, that if +anybody else will maintain or work on the website, this person will need to at least understand +the basics of React and GraphQL. \ No newline at end of file diff --git a/docs/adr/adr_0002.adoc b/docs/adr/adr_0002.adoc new file mode 100644 index 00000000..006a1d1f --- /dev/null +++ b/docs/adr/adr_0002.adoc @@ -0,0 +1,214 @@ +[[ADR-0002]] += ADR-0002: How can we introduce a more general extension concept for data processing modules? + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== + +| Status +| ACCEPTED + +| Date +| 2020-05-20 + +| Author(s) +| Jannik Hollenbach , + Jorge Estigarribia , + Robert Seedorff , + Sven Strittmatter +|==== + +== Context + +=== Status Quo + +One major challenge implementing the _secureCodeBox_ is to provide a flexible and modular architecture, which enables the open source community to easily understand the concepts and especially to extend the _secureCodeBox_ with individual features. Therefore we decided to separate the process stages of a single security scan (instance of _scanType_ custom resource definition; further abbreviated with _CRD_) in three major phases: + +.... +โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” +โ”‚ scanning โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ parsing โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ persisting โ”‚ +โ”‚ (phase 1) โ”‚ โ”‚ (phase 2) โ”‚ โ”‚ (phase 3) โ”‚ +โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ +.... + +By now the phase 3 "`persisting`" was implemented by so called _PersistenceProviders_ (e.g., the _persistence-elastic_ provider which is responsible for persisting all findings in a given elasticsearch database). The _secureCodeBox_ Operator is aware of this 3 phases and is responsible for the state model and execution of each security scan. + +=== Problem and Question + +We identified different additional use cases with a more "`data processing oriented`" pattern than the implemented phase 3 "`persisting`" indicates. For example, we implemented a so called _MetaDataProvider_ feature, which is responsible for enhancing each security finding with additional metadata. But the _MetaDataProvider_ must be executed after the phase 2 "`parsing`" and before the phase 3 "`persisting`" because it depends on the parsed finding results (which will be enhanced) and the updated findings should be also persisted. + +To find a proper solution, we split the topic into the following two questions: + +. Should we unify the concepts _MetaDataProvider_ and _PersistenceProvider_? +. How should the execution model look like for each concept? + +==== Question 1: Should We Unify the Concepts MetaDataProvider and PersistenceProvider? + +===== Solution Approach 1: Unify + +Both "`modules`" are "`processing`" the security findings, which were generated in the phase 2 "`parsing`", +but there is one major difference between them: + +* a _PersistenceProvider_ is processing the findings *read only*, and +* a _MetaDataProvider_ is processing the findings *read and write*. + +There is a similar concept in Kubernetes called https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/[AdmissionController], but with the exception that the will be executed before a resource is created. + +There are two variants of _AdmissionControllers_: + +. _ValidatingWebhookConfiguration_: *read only*, *executed last*; and +. _MutatingWebhookConfiguration_: *read and write*, *executed first*. + +We could do a similar thing and introduce CRD which allows to execute "`custom code`" (depends on the second question) after a scan has completed (meaning both phases "`scan`" and "`parsing`" were done). Some name ideas: + +* _ScanHooks_ +* _ScanCompletionHooks_ +* _FindingProcessors_ + +These could be implemented with a `type` attribute, which declares if they are *read only* or *read and write*. + +The _secureCodeBox operator_ would process all these CRDs in the namespace of the scan and execute the *read and write* ones first in serial only one at a time to avoid write conflicts and then the *read only* ones in parallel. + +[source,yaml] +---- +apiVersion: execution.securecodebox.io/v1 +kind: ScanCompletionHook +metadata: + name: my-metadata +spec: + type: ReadAndWrite + # If implemented like the current persistence provider + image: my-metadata:v2.0.0 +---- + +The Execution Flow would then look something like this: + +.... + โ”Œ ReadOnlyโ”€Hooksโ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ + โ”Œ ReadAndWriteHooks โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ + โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ +โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ +โ”‚ Scan โ”œโ”€โ”€โ–ถโ”‚ Parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” +โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ +.... + +====== Pros + +* Only one implementation. +* Pretty generic to expand and test out new ideas without having to modify the _secureCodeBox operator_. + +====== Cons + +* Possibly an "`over-abstraction`". +* Need to refactor the _persistence-elastic_ provider. +* The "`general implementation`" will be harder than the individual ones. + +===== Solution Approach 2: Keep Split between Persistence Provider and MetaData Provider + +Keep _PersistenceProvider_ as they are and introduce new _MetaDataProvider_ CRD which gets executed before the _PersistenceProviders_ by the __secureCodeBox operator_. + +.... + โ”Œ Persistence Providerโ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ + โ”Œ MetaData Provider โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ + โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ +โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ +โ”‚ Scan โ”œโ”€โ”€โ–ถโ”‚ Parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” +โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ +.... + +====== Pros + +* Quicker to implement. +* Might be worth it to have a separate concept for it. + +====== Cons + +* Not sure if it worth to introduce a new CRD for everything, especially when it's conceptually pretty close to to something already existing. + +==== Question 2: How Should the Execution Model Look like for Each Concept? + +===== Solution Approach 1: Like the Persistence Provider + +Basically a docker container which process findings takes two arguments: + +. A pre-defined URL to download the findings from. +. A pre-defined URL to upload the modified findings to. + +Examples: + +* NodeJS: `node my-metadata.js "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` +* Java: `java my-metadata.jar "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` +* Golang: `./my-metadata "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` + +====== Pros + +* One liner with the current implementations. +* Code overhead / wrapper code is pretty minimal. +* Zero scale: no resource costs when nothing is running. + +===== Cons + +* May results in too many Kubernetes jobs. +** Resource blocking on finished resources. +** `ttlAfterFinished` enabled. +* Container runtime overhead (especially time). + +===== Solution Approach 2: A WebHooks Like Concept + +Analog to kubernetes webhooks: HTTP server receiving findings and returning results. + +===== Pros + +* Milliseconds instead of seconds for processing. +* No overhead for container Creation. +* No additional kubernetes jobs needed. + +===== Cons + +* Introduces new running services which needs to be maintained and have uptime. +* Code overhead / boilerplate (Can be mitigated by an SDK). +* Debugging of individual _MetaDataProvider_ is harder than a single service which handles everything. +* Introduces "`new`"cConcept. +* Certificate management for webhook services (`cert-manager` required by default?). +* Scaling for systems with lots of load could be a problem. +* One service per namespace (multiple tenants) needed -> results in many running active services which is resource consuming. + +== Decision + +Regarding question 1 it seems that both solution approaches are resulting in the same execution model. We decided to implement solution approach 1 and unify both concepts into a more general concept with the name _hook concept_. Therefore we exchange the existing name _PersistenceProvider_ for phase 3 in the execution model with a more general term _processing_: + +.... +โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” +โ”‚ scanning โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ parsing โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ–ถโ”‚ processing โ”‚ +โ”‚ (Phase 1) โ”‚ โ”‚ (Phase 2) โ”‚ โ”‚ (Phase 3) โ”‚ +โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ +.... + +Regarding question 2 we decided to implement the solution approach 1 with a job-based approach (no active service component needed). Therefore the phase 3 _processing_ will be split into two separate phases named _ReadAndWriteHooks_ (3.1) and _ReadOnlyHooks_ (3.2) +// #30 to what refers 3.1 and 3.2? + +.... + โ”Œ 3.2 processing: ReadOnlyHooks โ”€ โ”€ โ”€ + โ”Œ 3.1 processing: ReadAndWriteHooks โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ + โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”Œโ”€โ”€โ”ผโ–ถโ”‚ Elastic PersistenceProvider โ”‚ +โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ”‚ ReadAndWrite Hook #1 โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ +โ”‚ scanning โ”œโ”€โ”€โ–ถโ”‚ parsing โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ "MyMetaDataProvider" โ”œโ”€โ–ถโ”‚ ReadAndWrite Hook #2 โ”‚โ”€โ”ผโ”€โ”€โ”ค โ”‚ โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” +โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ–ถโ”‚ DefectDojo PersistenceProvider โ”‚ โ”‚ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ โ”‚ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ + โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”€ โ”˜ +.... + +== Consequences + +With the new _hook concept_ we open the _phase 3 processing_ to a more intuitive and flexible architecture. It is easier to understand because _WebHooks_ are already a well known concept. It is possible to keep the existing implementation of the _PersistenceProvider_ and integrate them with a lot of other possible processing components in a more general fashion. In the end, this step will result in a lot of additional feature possibilities, which go far beyond the existing ones proposed here. Therefore we only need to implement this concept once in the _secureCodeBox operator_ and new ideas for extending the _DataProcessing_ will not enforce conceptual or architectural changes. + +Ideas for additional processing hooks: + +* Notifier hooks (_ReadOnlyHook_) e.g., for chat (slack, teams etc.), metric, alerting systems +* MetaData enrichment hooks (_ReadAndWriteHook_) +* FilterData hooks (_ReadAndWriteHook_) (e.g., false/positive handling) +* SystemIntegration hooks (_ReadOnlyHook_) e.g., for ticketing systems like Jira +* CascadingScans hooks (_ReadOnlyHook_) e.g., for starting new security scans based on findings diff --git a/docs/adr/adr_0003.adoc b/docs/adr/adr_0003.adoc new file mode 100644 index 00000000..33880097 --- /dev/null +++ b/docs/adr/adr_0003.adoc @@ -0,0 +1,182 @@ +[[ADR-0003]] += ADR-0003: How can we introduce a mechanism to start specialized scans on the results of previous scans? + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== + +| Status +| ACCEPTED + +| Date +| 2020-05-20 + +| Author(s) +| Jannik Hollenbach , + Robert Seedorff , + Sven Strittmatter +|==== + +== Context + +=== Status Quo + +Currently scans by the secureCodeBox are single focused on a specific tool. +Combining multiple scans requires manual or scripting by the user to use the results of a scan (e.g. Nmap) as a input for another scanner (e.g. SSLyze) + +=== Problem and Question + +How can the results of a scan be used to automatically configure subsequent specialized scans for identified targets. + +In general we want to describe cascading scans like: + +``` ++--------+ +--------+ +--------+ +| scan 1 |-- result -->| scan 2 |-- result -->| scan 3 | ++--------+ +--------+ | +--------+ + | + | +--------+ + +---->| scan 4 | + +--------+ +```` + +A concrete example: + +``` ++----------------+ +-----------------+ +-----------+ +| <> | | <> | | <> | +| find all hosts |-- IP -->| find open ports |-- port 443 -->| check TLS | ++----------------+ +-----------------+ | +-----------+ + | + | +-------------+ + | | <> | + +------->| check HTTPd | + +-------------+ +``` + +The solution should fulfill the following criteria: + +- The "rules" used to describe which subsequent scans can be executed should be modular, so that they can be packaged together with the scan types. +- It should be possible for a user to select which scan rules should be applied +- Protections should be in place to ensure that the clusters are not completely overwhelmed by these automatically created scans. Especially circular structures which create a infinite number of scans should be prevented. + +== Decision + +It was decided to implement these rules as Custom Resource Definitions (CRDs) in Kubernetes. +This allows the Helm Charts of the scanners to package related rules for the scanner together with their ScanTypes. + +=== Defining CascadingRule + +The so called "CascadingRules" consist of a "matches" section which contains one or multiple rules which are compared against findings. +When a finding matches a rule the "scanSpec" section will then be used to create a new scan. +To customize the scan to match the finding, the [mustache](https://github.com/janl/mustache.js) templating language can be used to reference fields of the finding. + +```yaml +apiVersion: "cascading.securecodebox.io/v1" +kind: CascadingRule +metadata: + name: "tls-scans" + labels: + # Described how "invasive" the scan is. + # Possible values: "invasive" or "non-invasive" + # CascadingRules are considered "invasive" when the Scan they start actively sends out packages with attack payloads. + securecodebox.io/invasive: non-invasive + # Described the intensiveness level on a scanning and computational resource level. + # Possible values: "ligh", "medium", "intense" + # CascadingRules are considered more "intensive" when the Scan they start consumes lots of computational resources like RAM, CPU, or Network + securecodebox.io/intensive: light +spec: + matches: + # CascadingRule triggers if a finding matches at least one of the anyOf matchers + # With the first version of this implementation only anyOf would be supported. + # If this turns out to be lacking and other operators (like `allOf` can be introduced without breaking changes) + anyOf: + # define an explicit "port" as finding and a given port number + - category: "Open Port" + attributes: + port: 443 + service: "https" + # define an "port service" finding (any port) + - category: "Open Port" + attributes: + service: "https" + scanSpec: + name: "sslyze" + parameters: ["--regular", "{{attributes.hostname}}"] +``` + +=== Using CascadingRules + +By default no cascading Rules will be used. + +```yaml +# Nmap Scan without cascading rules +apiVersion: "execution.securecodebox.io/v1" +kind: Scan +metadata: + name: "portscan-berlin-wifi" + label: + office: berlin + vlan: wifi +spec: + name: "nmap" + parameters: ["-sV", "10.42.0.0/16"] +``` + +To enable cascading rules you need to specify a label selector to select the cascading rules you'd like + +```yaml +apiVersion: "execution.securecodebox.io/v1" +kind: Scan +metadata: + name: "portscan-berlin-wifi" + label: + office: berlin + vlan: wifi +spec: + cascades: + matchLabels: + # Uses all CascadingRules in the namespace which are labelled as "non-invasive" and a intensiveness level of "light" + securecodebox.io/invasive: non-invasive + securecodebox.io/intensive: light + name: "nmap" + parameters: ["-sV", "10.42.0.0/16"] +``` + +To implicitly enable all cascading rules (not-recommended) a empty label selector can be used + +```yaml +apiVersion: "execution.securecodebox.io/v1" +kind: Scan +metadata: + name: "portscan-berlin-wifi" + label: + office: berlin + vlan: wifi +spec: + cascades: + # Uses all `CascadingRules` in the namespace + matchLabels: {} + name: "nmap" + parameters: ["-sV", "10.42.0.0/16"] +``` + +The label selectors also allow the more powerful [matchExpression](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#set-based-requirement) selectors: + +```yaml +apiVersion: "execution.securecodebox.io/v1" +kind: Scan +metadata: + name: "example.com" +spec: + scanType: nmap + parameters: + - -p22,80,443 + - example.com + cascades: + # Using matchExpression instead of matchLabels + matchExpression: + key: "securecodebox.io/intensive" + operator: In + # This select both light and medium intensity rules + values: [light, medium] +``` diff --git a/docs/adr/adr_0004.adoc b/docs/adr/adr_0004.adoc new file mode 100644 index 00000000..940a6b53 --- /dev/null +++ b/docs/adr/adr_0004.adoc @@ -0,0 +1,41 @@ +[[ADR-0004]] += ADR-0004: Which framework could be more useful for documentation purposes? + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== + +| Status +| ACCEPTED | SUPERSEDES <> + +| Date +| 2020-09-29 + +| Author(s) +| Daniel Patanin daniel.patanin@iteratec.com + +|==== + +== Context + +Since the last major update of our GatsbyJS based website, the original requirements for our ideal webpage have changed. +Originally we needed a website, which could present our project briefly and hold the documentation, dynamically build from our main repository. +The first aspect has changed quite severe since we aim for an actual marketing oriented homepage now. The second goal stays the same, but changed contextually. +We no longer just want to host the documentation, but furthermore want to stay on modern documentation standards and since our team does not want to invest too +much time into the documentation site's development and maintenance, we are looking for a component library or whole framework specialized on documentation. + +== Decision + +We did not evaluate many different frameworks. The journey was quite short in fact. The first documentation oriented framework we looked at was Docusaurus. +As I progressed into trying out to build a basic Docusaurus site and copied all documentation files into it, the website actually looked nice and quite finished already, +after only a few hours of tinkering. It is that easy and simple to understand, especially with it's own good documentation. After reviewing this very basic website, +we decided to advance this and already try to retrieve the documentation remotely from our main repository. At this point the decision was pretty clear already: If there +is no major drawback coming up, Docusaurus is our new framework of choice. And there was no drawback major enough to revoke this decision (yet). Everything we programmatically +wanted to achieve, we could do so by basic scripting and we never really have to think about components like the sidebar, navbar etc. since this is all done completely automatically +by Docusaurus itself. + +== Consequences + +As simple and easy it sounds, so it is, meaning that since the build is automated to a very big degree, we are 'forced' to follow Docusaurus' exact guidelines and mechanics. +For now they are almost identical to what we require. And of course we can build custom components and custom pages, but the documentation and blog part of the site are very strict. +Since we want to use this website mainly (ideally only) for documentation purposes, we need a separate marketing page. As far as maintenance goes, +we mostly need to maintain our custom build scripts. Everything else is very much automated. diff --git a/docs/adr/adr_0005.adoc b/docs/adr/adr_0005.adoc new file mode 100644 index 00000000..94ca4a2b --- /dev/null +++ b/docs/adr/adr_0005.adoc @@ -0,0 +1,41 @@ +[[ADR-0000]] += ADR-0005: Buying separate marketing oriented webpage + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== +| Status +| PROPOSED + +| Date +| 2020-09-29 + +| Author(s) +| Daniel Patanin daniel.patanin@iteratec.com +|==== + +== Context + +As our requirements about our homepage changed we no longer just want to give a simple overview about our project on our landing page as we did with our GatsbyJS based website, +but furthermore we require a marketing oriented webpage additionally to our documentation site (for more on that see <>). This marketing page should satisfy following aspects: + +- Modern, ideally timeless, design +- Overview about the secureCodeBox +- Display of our project's advantages +- Offer for service (prizing) +- Encouragement for contacting us +- Encouragement for contributing + +== Decision + +Since there is no arguable reason to build such a one-pager ourselves, we should buy a ready to go solution for us. We are not aiming to invest extensive time neither in building such a page, +nor in gaining the desired design and marketing expertise, and also not hiring experts on this field (all this would actually be more expensive and time consuming than buying a site). +Some stores for such pages are: + +- https://www.templatemonster.com/ +- https://onepagelove.com/templates +- https://themeforest.net/tags/onepage + +== Consequences + +If we want to change the style or design someday, we probably could not reuse the bought template if it is not a minor change, thus would need to buy another template. +We also would have to orient the presentation of the secureCodeBox around the template we decide on, but nowadays we have a ginormous variety to choose from. diff --git a/docs/adr/adr_0006.adoc b/docs/adr/adr_0006.adoc new file mode 100644 index 00000000..83ef738b --- /dev/null +++ b/docs/adr/adr_0006.adoc @@ -0,0 +1,43 @@ +[[ADR-0001]] += ADR-0001: How We Want to Handle Versions in Our Documentation + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== +// Use one of the ADR status parameter based on status +// Please add a cross reference link to the new ADR on 'superseded' ADR. +// e.g.: {adr_suposed_by} <> +| Status +| PROPOSED + +| Date +| 2020-10-12 + +| Author(s) +| Yannik Fuhrmeister +// ... +|==== + +== Context + +We want to introduce versioning to be able to provide dokumentation for multiple versions of the SecureCodeBox. +The tool that we are currently using for documentation is https://v2.docusaurus.io/[Docusaurus]. +Docusaurus provides the possibility to maintain multiple versions out of the box (https://v2.docusaurus.io/docs/versioning/[]). + +We will need to specify how many versions of the documentation we want to maintain to avoid inconsistencies and overhead. +Furthermore, we need to decide which version increments need to have their own branch of documentation. + +== Decision + +* We introduce a new documentation version for every minor version (https://semver.org/[]) to ensure that the documentation is up to date +* We maintain the latest 3 major versions (previous, current, next) +* We maintain the latest minor version for each major version +* We *do not* maintain patch versions nor multiple minor versions for each major version! +* *Example:* For SecureCodeBox versions `1.9.9`, `2.3.2`, `2.3.3` and `3.0.0` the documentation versions would be `1.9.x`, `2.3.x` and `3.0.x` +* *TL;DR* We maintain 3 versions of the documentation + +== Consequences + +* We need to update the documentation version everytime we increment minor or major versions of the SecureCodeBox (manually or with action) +* Maintaining the documentation could be more difficult due to now increased number of documentation files +* Documentation has to be maintained in two repositories because when creating a new version Docusaurus creates a copy of all files in this respository (see https://v2.docusaurus.io/docs/versioning/#directory-structure[]) + diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index 241c78d9..a7e0ddcc 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -1,3 +1,11 @@ +--- +title: "Developer Guide" +path: "docs/developer-guide" +category: "develop" +--- + + + # Extending secureCodeBox ## Developing the SCB Operator @@ -86,21 +94,32 @@ cd operator make run ``` -## How to a New Security Scanner +## How to add a New Security Scanner ### ScanType Definition +> โœ **Following...** ### Parsing SDK +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the test suite: `npm test` + ## How to Integrate a New Hook +> โœ **Following...** ### HookType Definition +> โœ **Following...** ### Hook SDK +> โœ **Following...** ## Guidelines +> โœ **Following...** ### Coding Guidelines +> โœ **Following...** #### JSON diff --git a/docs/glossary.md b/docs/glossary.md new file mode 100644 index 00000000..ca136a44 --- /dev/null +++ b/docs/glossary.md @@ -0,0 +1,13 @@ +# Glossary + +This overview provides a description for all acronyms and special terms which are used in this project. If you encounter any missing terms, please [let us know](https://github.com/corona-warn-app/cwa-documentation/issues/new?labels=documentation%2C+bug&template=01_doc_issue.md) or [create a pull request](https://github.com/secureCodeBox/secureCodeBox-v2/pulls). + +| Term, acronym... | Description | +| --- | --- | +| API | An [Application Programming Interface](https://en.wikipedia.org/wiki/Application_programming_interface) (API) is a computing interface which defines interactions between multiple software intermediaries. | +| CRD | Acronym for "[Custom Ressource Definition](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)". | +| GUID | Acronym for "[Globally Unique Identifier](https://en.wikipedia.org/wiki/Universally_unique_identifier)". | +| K8S | Acronym for "[Kubernetes](https://kubernetes.io/docs/home/)". | +| SCB | Acronym for "[secureCodeBox (This Project)](https://www.secureCodeBox.io)". | + + diff --git a/docs/index.md b/docs/index.md index abb1ab06..646b7123 100644 --- a/docs/index.md +++ b/docs/index.md @@ -7,14 +7,16 @@ ## Documentation Overview -- [Project Readme and Quickstart][scb-github] -- [User Guide](user-guide/README.md) -- [Developer Guide](developer-guide/README.md) +- [Project Readme and Quickstart][scb-github] Start here if you want to get a brief overview and installation quickstart +- [User Guide](user-guide/README.md) If you want to configure security automation in your environment, please take a look into our user guide. +- [Developer Guide](developer-guide/README.md) If you want to extend the project an add your own compents or bugfix something, please take a look into our developer guide. +- [Glossary](glossary.md) This overview provides a description for all acronyms and special terms which are used in this project. +- [Versioning](versioning.md) This describes how we use versioning in tags and releases. ## Need a human? -- [Join Slack][scb-slack] +- [Join us -> Slack][scb-slack] ๐Ÿ’ฌ ## License Code of secureCodeBox is licensed under the [Apache License 2.0][scb-license]. diff --git a/docs/resources/scb-architecture.drawio b/docs/resources/scb-architecture.drawio index 27d9ee91..496ad545 100644 --- a/docs/resources/scb-architecture.drawio +++ b/docs/resources/scb-architecture.drawio @@ -1,30 +1,47 @@ - + - + - - + + - + - + + + + + + + + + + + + + + + + + + - + - - + + - - + + - + @@ -36,7 +53,7 @@ - + @@ -50,80 +67,41 @@ - - + + + - - - - - - - - - - - - - - - - - - - - + + - - - - - - - - + + - - + + - + - - + + + + - - - - - - - - - - - - - - - - - - - + - + @@ -134,13 +112,61 @@ - + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + + + @@ -149,20 +175,95 @@ - - + + - - + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + + - - + + diff --git a/docs/resources/scb-architecture.svg b/docs/resources/scb-architecture.svg index b6d25a55..f9170692 100644 --- a/docs/resources/scb-architecture.svg +++ b/docs/resources/scb-architecture.svg @@ -1,3 +1,3 @@ -
Kubernetes Job
Kubernetes Job
Scanner Container
Run Scan
Scanner Container...
Lurcher
Extract Results
Lurcher...
Kubernetes Job
Kubernetes Job
Parser Container
Parse Results
Parser Container...
Kubernetes Job
Kubernetes Job
PersistenceProvider
Persist Results
PersistenceProvider...
2
2
3
3
4
4
CustomRessourceDefinition
Scan
CustomRessourceDefinitio...
secureCodeBox
Operator
secureCodeBoxOperator
1
1Viewer does not support full SVG 1.1 \ No newline at end of file +
kubectl apply -f scan.yaml
kubectl apply -f scan.yaml
Kubernetes Job
Kubernetes Job
Scanner Container
Run Scan
Scanner Container...
Lurcher
Extract Results
Lurcher...
Kubernetes Job
Kubernetes Job
CustomRessourceDefinition
Scan : scanType
CustomRessourceDefinitio...
1
1
Security Scanning
Security Scanning
Result Parsing
Result Parsing
Data Processing Hooks
Data Processing Hooks
Analytics &
Vulnerability Management
Analytics &...
Security Testย Definition
Security Testย Definition
Parser Container
Parse Results
Parser Container...
secureCodeBox
Operator
secureCodeBoxOperator
3
3
2
2
Kubernetes Job
Kubernetes Job
PersistenceProvider
Persist Results
PersistenceProvider...
ReadOnlyHook
Notify Results
ReadOnlyHook...
Kubernetes Job
Kubernetes Job
5
5
4
4Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/user-guide/README.md b/docs/user-guide/README.md index 5df2506c..78658237 100644 --- a/docs/user-guide/README.md +++ b/docs/user-guide/README.md @@ -1,3 +1,138 @@ +--- +title: "User Guide" +path: "docs/user-guide" +category: "use" +--- + + + # Using the secureCodeBox -follwing... \ No newline at end of file + +> โœ **Page under construction.** + +## Declarative Combined Scans + +### Install Hook + +Installing the Declarative Combined Scan hook will add a ReadOnly Hook to your namespace which looks for matching CascadingRules in the namespace and starts subsequent scans accordingly. + +```bash +helm install combined-scans ./hooks/declarative-subsequent-scans +``` + +### Verify Hook Installation + +Successful installation can be verified by retrieving installed ScanCompletionHooks. + +```bash +kubectl get ScanCompletionHooks +``` + +The result should contain a hook for declarative subsequent scans. + +```bash +NAME TYPE IMAGE +combined-scans-declarative-subsequent-scans ReadOnly docker.io/securecodebox/hook-declarative-subsequent-scans:latest +``` + +### Verify CascadingRules + +CascadingRules are included in each individual scanner's Helm chart. + +```bash +kubectl get CascadingRules +``` + +Output should show these CascadingRules: + +```bash +NAME STARTS INVASIVENESS INTENSIVENESS +https-tls-scan sslyze non-invasive light +imaps-tls-scan sslyze non-invasive light +nikto-http nikto non-invasive medium +nmap-smb nmap non-invasive light +pop3s-tls-scan sslyze non-invasive light +smtps-tls-scan sslyze non-invasive light +ssh-scan ssh-scan non-invasive light +zap-http zap-baseline non-invasive medium +``` + +### Start Scans + +When you start a normal Scan, no CascadingRule will be applied. +To use CascadingRules the scan must be marked to allow cascading rules. + +This is implemented using kubernetes label selectors, meaning that scans mark the classes of scans which are allowed to be cascaded by the current one. + +### Example + +```bash +cat <= 2.1.2 < 3" } }, - "ieee754": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", - "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" - }, "import-local": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", @@ -2109,9 +2124,9 @@ "dev": true }, "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" }, "inflight": { "version": "1.0.6", @@ -2132,15 +2147,6 @@ "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz", "integrity": "sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==" }, - "into-stream": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-3.1.0.tgz", - "integrity": "sha1-lvsKk2wSur1v8XUqF9BWFqvQlMY=", - "requires": { - "from2": "^2.1.1", - "p-is-promise": "^1.1.0" - } - }, "ip-regex": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", @@ -2245,16 +2251,6 @@ "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "is-object": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", - "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" - }, - "is-plain-obj": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", - "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" - }, "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", @@ -2264,11 +2260,6 @@ "isobject": "^3.0.1" } }, - "is-retry-allowed": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" - }, "is-stream": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", @@ -2295,7 +2286,8 @@ "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -2396,15 +2388,6 @@ "istanbul-lib-report": "^3.0.0" } }, - "isurl": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz", - "integrity": "sha512-1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w==", - "requires": { - "has-to-string-tag-x": "^1.2.0", - "is-object": "^1.0.1" - } - }, "jest": { "version": "25.2.4", "resolved": "https://registry.npmjs.org/jest/-/jest-25.2.4.tgz", @@ -2929,6 +2912,14 @@ "supports-color": "^7.0.0" } }, + "jose": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.2.tgz", + "integrity": "sha512-yD93lsiMA1go/qxSY/vXWBodmIZJIxeB7QhFi8z1yQ3KUwKENqI9UA8VCHlQ5h3x1zWuWZjoY87ByQzkQbIrQg==", + "requires": { + "@panva/asn1.js": "^1.0.0" + } + }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -3003,9 +2994,9 @@ "dev": true }, "json-buffer": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", - "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==" }, "json-schema": { "version": "0.2.3", @@ -3048,11 +3039,11 @@ } }, "keyv": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz", - "integrity": "sha512-eguHnq22OE3uVoSYG0LVWNP+4ppamWr9+zWBe1bsNcovIMy6huUJFPgy4mGwCd/rnl3vOLGW1MTlu4c57CT1xA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.0.3.tgz", + "integrity": "sha512-zdGa2TOpSZPq5mU6iowDARnMBZgtCqJ11dJROFi6tg6kTn4nuUdU09lFyLFSaHrWqpIJ+EBq4E8/Dc0Vx5vLdA==", "requires": { - "json-buffer": "3.0.0" + "json-buffer": "3.0.1" } }, "kind-of": { @@ -3095,7 +3086,8 @@ "lodash": { "version": "4.17.19", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" + "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==", + "dev": true }, "lodash.sortby": { "version": "4.7.0", @@ -3112,22 +3104,17 @@ "@sinonjs/commons": "^1.7.0" } }, - "long": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", - "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" - }, "lowercase-keys": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", - "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz", + "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==" }, "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", "requires": { - "yallist": "^3.0.2" + "yallist": "^4.0.0" } }, "make-dir": { @@ -3147,6 +3134,11 @@ } } }, + "make-error": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + }, "makeerror": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", @@ -3225,6 +3217,23 @@ "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", "dev": true }, + "minipass": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", + "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", + "requires": { + "yallist": "^4.0.0" + } + }, + "minizlib": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", + "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "requires": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + } + }, "mixin-deep": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", @@ -3246,10 +3255,16 @@ } } }, + "mkdirp": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", + "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" + }, "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true }, "nanomatch": { "version": "1.2.13", @@ -3281,34 +3296,12 @@ "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" }, - "node-forge": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.8.5.tgz", - "integrity": "sha512-vFMQIWt+J/7FLNyKouZ9TazT74PRV3wgv9UT4cRjC8BffxFbKXkgIWR42URCPSnHm/QDz6BOlb2Q0U4+VQT67Q==" - }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", "dev": true }, - "node-jose": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/node-jose/-/node-jose-1.1.4.tgz", - "integrity": "sha512-L31IFwL3pWWcMHxxidCY51ezqrDXMkvlT/5pLTfNw5sXmmOLJuN6ug7txzF/iuZN55cRpyOmoJrotwBQIoo5Lw==", - "requires": { - "base64url": "^3.0.1", - "browserify-zlib": "^0.2.0", - "buffer": "^5.5.0", - "es6-promise": "^4.2.8", - "lodash": "^4.17.15", - "long": "^4.0.0", - "node-forge": "^0.8.5", - "process": "^0.11.10", - "react-zlib-js": "^1.0.4", - "uuid": "^3.3.3" - } - }, "node-modules-regexp": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", @@ -3345,14 +3338,9 @@ "dev": true }, "normalize-url": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-2.0.1.tgz", - "integrity": "sha512-D6MUW4K/VzoJ4rJ01JFKxDrtY1v9wrgzCX5f2qj/lzH1m/lW6MhUZFKerVsnyjOhOsYzI9Kqqak+10l4LvLpMw==", - "requires": { - "prepend-http": "^2.0.0", - "query-string": "^5.0.1", - "sort-keys": "^2.0.0" - } + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz", + "integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==" }, "npm-run-path": { "version": "2.0.2", @@ -3373,11 +3361,6 @@ "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" }, - "object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" - }, "object-copy": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", @@ -3410,9 +3393,9 @@ } }, "object-hash": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-1.3.1.tgz", - "integrity": "sha512-OSuu/pU4ENM9kmREg0BdNrUDIl1heYa4mBZacJc+vVWz4GtAwu7jO8s4AIt2aGRUTqxykpWzI3Oqnsm13tTMDA==" + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.0.3.tgz", + "integrity": "sha512-JPKn0GMu+Fa3zt3Bmr66JhokJU5BaNBIh4ZeTlaCBzrBsOeXzwcKKAK1tbLiPKgvwmPXsDvvLHoWh5Bm7ofIYg==" }, "object-visit": { "version": "1.0.1", @@ -3433,9 +3416,9 @@ } }, "oidc-token-hash": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-3.0.2.tgz", - "integrity": "sha512-dTzp80/y/da+um+i+sOucNqiPpwRL7M/xPwj7pH1TFA2/bqQ+OK2sJahSXbemEoLtPkHcFLyhLhLWZa9yW5+RA==" + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.0.tgz", + "integrity": "sha512-8Yr4CZSv+Tn8ZkN3iN2i2w2G92mUKClp4z7EGUfdsERiYSbj7P4i/NHm72ft+aUdsiFx9UdIPSTwbyzQ6C4URg==" }, "once": { "version": "1.4.0", @@ -3455,18 +3438,18 @@ } }, "openid-client": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-2.5.0.tgz", - "integrity": "sha512-t3hFD7xEoW1U25RyBcRFaL19fGGs6hNVTysq9pgmiltH0IVUPzH/bQV9w24pM5Q7MunnGv2/5XjIru6BQcWdxg==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.1.1.tgz", + "integrity": "sha512-/qch3I3v8UtO0A7wVgyXJJjGX/knR8bv06DQpLuKQqLG5u4AHcgusGuVKPKAcneLZvHKbKovF2+3e2ngXyuudA==", "requires": { - "base64url": "^3.0.0", - "got": "^8.3.2", - "lodash": "^4.17.11", - "lru-cache": "^5.1.1", - "node-jose": "^1.1.0", - "object-hash": "^1.3.1", - "oidc-token-hash": "^3.0.1", - "p-any": "^1.1.0" + "base64url": "^3.0.1", + "got": "^11.6.2", + "jose": "^2.0.2", + "lru-cache": "^6.0.0", + "make-error": "^1.3.6", + "object-hash": "^2.0.1", + "oidc-token-hash": "^5.0.0", + "p-any": "^3.0.0" } }, "optionator": { @@ -3484,17 +3467,18 @@ } }, "p-any": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-any/-/p-any-1.1.0.tgz", - "integrity": "sha512-Ef0tVa4CZ5pTAmKn+Cg3w8ABBXh+hHO1aV8281dKOoUHfX+3tjG2EaFcC+aZyagg9b4EYGsHEjz21DnEE8Og2g==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-any/-/p-any-3.0.0.tgz", + "integrity": "sha512-5rqbqfsRWNb0sukt0awwgJMlaep+8jV45S15SKKB34z4UuzjcofIfnriCBhWjZP2jbVtjt9yRl7buB6RlKsu9w==", "requires": { - "p-some": "^2.0.0" + "p-cancelable": "^2.0.0", + "p-some": "^5.0.0" } }, "p-cancelable": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.4.1.tgz", - "integrity": "sha512-HNa1A8LvB1kie7cERyy21VNeHb2CWJJYqyyC2o3klWFfMGlFmWv2Z7sFgZH8ZiaYL95ydToKTFVXgMV/Os0bBQ==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.0.0.tgz", + "integrity": "sha512-wvPXDmbMmu2ksjkB4Z3nZWTSkJEb9lqVdMaCKpZUGJG9TMiNp9XcbG3fn9fPKjem04fJMJnXoyFPk2FmgiaiNg==" }, "p-each-series": { "version": "2.1.0", @@ -3507,11 +3491,6 @@ "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" }, - "p-is-promise": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz", - "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=" - }, "p-limit": { "version": "2.2.2", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.2.2.tgz", @@ -3531,19 +3510,12 @@ } }, "p-some": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-some/-/p-some-2.0.1.tgz", - "integrity": "sha1-Zdh8ixVO289SIdFnd4ttLhUPbwY=", - "requires": { - "aggregate-error": "^1.0.0" - } - }, - "p-timeout": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-timeout/-/p-timeout-2.0.1.tgz", - "integrity": "sha512-88em58dDVB/KzPEx1X0N3LwFfYZPyDc4B6eF38M1rk9VTZMbxXXgjugz8mmwpS9Ox4BDZ+t6t3QP5+/gazweIA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/p-some/-/p-some-5.0.0.tgz", + "integrity": "sha512-Js5XZxo6vHjB9NOYAzWDYAIyyiPvva0DWESAIWIK7uhSpGsyg5FwUPxipU/SOQx5x9EqhOh545d1jo6cVkitig==", "requires": { - "p-finally": "^1.0.0" + "aggregate-error": "^3.0.0", + "p-cancelable": "^2.0.0" } }, "p-try": { @@ -3552,11 +3524,6 @@ "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", "dev": true }, - "pako": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", - "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" - }, "parse5": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", @@ -3601,11 +3568,6 @@ "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", "dev": true }, - "pify": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", - "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" - }, "pirates": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", @@ -3642,11 +3604,6 @@ "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", "dev": true }, - "prepend-http": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz", - "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" - }, "pretty-format": { "version": "25.2.3", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.2.3.tgz", @@ -3667,16 +3624,6 @@ } } }, - "process": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", - "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" - }, - "process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" - }, "prompts": { "version": "2.3.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", @@ -3711,15 +3658,10 @@ "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" }, - "query-string": { + "quick-lru": { "version": "5.1.1", - "resolved": "https://registry.npmjs.org/query-string/-/query-string-5.1.1.tgz", - "integrity": "sha512-gjWOsm2SoGlgLEdAGt7a6slVOk9mGiXmPFMqrEhLQ68rhQuBnpfs3+EmlvqKyxnCo9/PPlF+9MtY02S1aFg+Jw==", - "requires": { - "decode-uri-component": "^0.2.0", - "object-assign": "^4.1.0", - "strict-uri-encode": "^1.0.0" - } + "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==" }, "react-is": { "version": "16.13.1", @@ -3727,32 +3669,6 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", "dev": true }, - "react-zlib-js": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/react-zlib-js/-/react-zlib-js-1.0.4.tgz", - "integrity": "sha512-ynXD9DFxpE7vtGoa3ZwBtPmZrkZYw2plzHGbanUjBOSN4RtuXdektSfABykHtTiWEHMh7WdYj45LHtp228ZF1A==" - }, - "readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - }, - "dependencies": { - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - } - } - }, "realpath-native": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", @@ -3874,6 +3790,11 @@ "path-parse": "^1.0.6" } }, + "resolve-alpn": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.0.0.tgz", + "integrity": "sha512-rTuiIEqFmGxne4IovivKSDzld2lWW9QCjqv80SYjPgf+gS35eaCAjaP54CCwGAwBtnCsvNLYtqxe1Nw+i6JEmA==" + }, "resolve-cwd": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", @@ -3896,11 +3817,11 @@ "dev": true }, "responselike": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", - "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/responselike/-/responselike-2.0.0.tgz", + "integrity": "sha512-xH48u3FTB9VsZw7R+vvgaKeLKzT6jOogbQhEe/jewwnZgzPcnyWui2Av6JpoYZF/91uueC+lqhWqeURw5/qhCw==", "requires": { - "lowercase-keys": "^1.0.0" + "lowercase-keys": "^2.0.0" } }, "ret": { @@ -3910,15 +3831,14 @@ "dev": true }, "rfc4648": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.3.0.tgz", - "integrity": "sha512-x36K12jOflpm1V8QjPq3I+pt7Z1xzeZIjiC8J2Oxd7bE1efTrOG241DTYVJByP/SxR9jl1t7iZqYxDX864jgBQ==" + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.4.0.tgz", + "integrity": "sha512-3qIzGhHlMHA6PoT6+cdPKZ+ZqtxkIvg8DZGKA5z6PQ33/uuhoJ+Ws/D/J9rXW6gXodgH8QYlz2UCl+sdUDmNIg==" }, "rimraf": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, "requires": { "glob": "^7.1.3" } @@ -4301,14 +4221,6 @@ } } }, - "sort-keys": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-2.0.0.tgz", - "integrity": "sha1-ZYU1WEhh7JfXMNbPQYIuH1ZoQSg=", - "requires": { - "is-plain-obj": "^1.0.0" - } - }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", @@ -4407,10 +4319,10 @@ "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", "dev": true }, - "strict-uri-encode": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", - "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" + "stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, "string-length": { "version": "3.1.0", @@ -4444,21 +4356,6 @@ "strip-ansi": "^6.0.0" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - }, - "dependencies": { - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - } - } - }, "strip-ansi": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", @@ -4518,6 +4415,19 @@ "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", "dev": true }, + "tar": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.0.5.tgz", + "integrity": "sha512-0b4HOimQHj9nXNEAA7zWwMM91Zhhba3pspja6sQbgTpynOJf+bkjBnfybNYzbpLbnwXnbyB4LOREvlyXLkCHSg==", + "requires": { + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "minipass": "^3.0.0", + "minizlib": "^2.1.1", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + } + }, "terminal-link": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", @@ -4545,10 +4455,21 @@ "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", "dev": true }, - "timed-out": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz", - "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=" + "tmp": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", + "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", + "requires": { + "rimraf": "^3.0.0" + } + }, + "tmp-promise": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", + "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", + "requires": { + "tmp": "^0.2.0" + } }, "tmpl": { "version": "1.0.4", @@ -4670,9 +4591,9 @@ } }, "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.11.0.tgz", + "integrity": "sha512-xY96SsN3NA461qIRKZ/+qox37YXPtSBswMGfiNptr+wrt6ds4HaMw23TP612fEyGekRE6LNRiLYr/aqbHXNedw==" }, "union-value": { "version": "1.0.1", @@ -4740,30 +4661,12 @@ "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", "dev": true }, - "url-parse-lax": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz", - "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=", - "requires": { - "prepend-http": "^2.0.0" - } - }, - "url-to-options": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz", - "integrity": "sha1-FQWgOiiaSMvXpDTvuu7FBV9WM6k=" - }, "use": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", "dev": true }, - "util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" - }, "uuid": { "version": "3.4.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", @@ -4931,9 +4834,9 @@ "dev": true }, "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "yargs": { "version": "15.3.1", diff --git a/hook-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json index 1051b4fd..30ccecba 100644 --- a/hook-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -10,8 +10,8 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.12.0", - "axios": "^0.19.2", + "@kubernetes/client-node": "^0.12.2", + "axios": "^0.20.0", "ws": "^7.3.1" }, "devDependencies": { diff --git a/hooks/declarative-subsequent-scans/Chart.yaml b/hooks/declarative-subsequent-scans/Chart.yaml index c04e7d9e..f3bd0dc3 100644 --- a/hooks/declarative-subsequent-scans/Chart.yaml +++ b/hooks/declarative-subsequent-scans/Chart.yaml @@ -4,8 +4,8 @@ description: Starts possible subsequent security scans based on findings (e.g. o type: application -version: 0.1.0 - -appVersion: latest +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" dependencies: [] diff --git a/hooks/declarative-subsequent-scans/Dockerfile b/hooks/declarative-subsequent-scans/Dockerfile index 9289dfe9..54703587 100644 --- a/hooks/declarative-subsequent-scans/Dockerfile +++ b/hooks/declarative-subsequent-scans/Dockerfile @@ -13,7 +13,7 @@ RUN npm ci COPY hook.ts scan-helpers.ts kubernetes-label-selector.ts ./ RUN npm run build -FROM scbexperimental/hook-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=install --chown=app:app /home/app/node_modules/ ./node_modules/ COPY --from=build --chown=app:app /home/app/hook.js /home/app/scan-helpers.js /home/app/kubernetes-label-selector.js ./ diff --git a/hooks/declarative-subsequent-scans/README.md b/hooks/declarative-subsequent-scans/README.md index 0f71cef0..f03ecbab 100644 --- a/hooks/declarative-subsequent-scans/README.md +++ b/hooks/declarative-subsequent-scans/README.md @@ -11,7 +11,7 @@ usecase: "Cascading Scans based declarative Rules." ## Deployment -Installing the Cascading Scans hook will add a ReadOnly Hook to your namespace which looks for matching _CascadingRules_ in the namespace and start the according scans. +Installing the Cascading Scans hook will add a ReadOnly Hook to your namespace which looks for matching _CascadingRules_ in the namespace and start the according scans. ```bash helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ @@ -21,11 +21,11 @@ helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ ```bash kubectl get ScanCompletionHooks NAME TYPE IMAGE -dssh ReadOnly docker.io/scbexperimental/hook-declarative-subsequent-scans:latest +dssh ReadOnly docker.io/securecodebox/hook-declarative-subsequent-scans:latest ``` ## CascadingScan Rules -The CascadingRules are included directly in each helm chart of the individual scanners. +The CascadingRules are included directly in each helm chart of the individual scanners. ```bash # Check your CascadingRules @@ -48,7 +48,7 @@ This is implemented using kubernetes label selectors, meaning that scans mark th ### Example ```yaml cat < + +## Deployment + +Installing the Cascading Scans hook will add a ReadOnly Hook to your namespace which looks for matching _CascadingRules_ in the namespace and start the according scans. + +```bash +helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ +``` + +### Verification +```bash +kubectl get ScanCompletionHooks +NAME TYPE IMAGE +dssh ReadOnly docker.io/securecodebox/hook-declarative-subsequent-scans:latest +``` + +## CascadingScan Rules +The CascadingRules are included directly in each helm chart of the individual scanners. + +```bash +# Check your CascadingRules +kubectl get CascadingRules +NAME STARTS INVASIVENESS INTENSIVENESS +https-tls-scan sslyze non-invasive light +imaps-tls-scan sslyze non-invasive light +nikto-http nikto non-invasive medium +nmap-smb nmap non-invasive light +pop3s-tls-scan sslyze non-invasive light +smtps-tls-scan sslyze non-invasive light +ssh-scan ssh-scan non-invasive light +zap-http zap-baseline non-invasive medium +``` + +## Starting a cascading Scan +When you start a normal Scan, no CascadingRule will be applied. To use a _CascadingRule_ the scan must be marked to allow cascading rules. +This is implemented using kubernetes label selectors, meaning that scans mark the classes of scans which are allowed to be cascaded by the current one. + +### Example +```yaml +cat <=v1.11.0" \ No newline at end of file diff --git a/hooks/declarative-subsequent-scans/hook.test.js b/hooks/declarative-subsequent-scans/hook.test.js index 2da1ba4b..c7694c6e 100644 --- a/hooks/declarative-subsequent-scans/hook.test.js +++ b/hooks/declarative-subsequent-scans/hook.test.js @@ -5,7 +5,7 @@ let sslyzeCascadingRules = undefined; beforeEach(() => { parentScan = { - apiVersion: "execution.experimental.securecodebox.io/v1", + apiVersion: "execution.securecodebox.io/v1", kind: "Scan", metadata: { name: "nmap-foobar.com", @@ -20,7 +20,7 @@ beforeEach(() => { sslyzeCascadingRules = [ { - apiVersion: "cascading.experimental.securecodebox.io/v1", + apiVersion: "cascading.securecodebox.io/v1", kind: "CascadingRule", metadata: { name: "tls-scans", diff --git a/hooks/declarative-subsequent-scans/package-lock.json b/hooks/declarative-subsequent-scans/package-lock.json index 8ea155b9..5b435c96 100644 --- a/hooks/declarative-subsequent-scans/package-lock.json +++ b/hooks/declarative-subsequent-scans/package-lock.json @@ -610,13 +610,15 @@ } }, "@kubernetes/client-node": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.0.tgz", - "integrity": "sha512-u57q5IaZl91f7YZoZOsgCa31hHyowHxFG88XZXd8arI8heSxbdHWHineo/8mLZbeSbHkge9Awae1stQZzuTnjg==", + "version": "0.12.2", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.2.tgz", + "integrity": "sha512-J0UwyFl1Iv/IZ6WMP7LaizBEoKPnqwtc8tIO2q/X+EuDT7eGpPPAMHXSEOC/EI9JGIf0FaJEcDHhB/Dio/mKhw==", "requires": { "@types/js-yaml": "^3.12.1", "@types/node": "^10.12.0", "@types/request": "^2.47.1", + "@types/stream-buffers": "^3.0.3", + "@types/tar": "^4.0.3", "@types/underscore": "^1.8.9", "@types/ws": "^6.0.1", "byline": "^5.0.0", @@ -624,34 +626,39 @@ "isomorphic-ws": "^4.0.1", "js-yaml": "^3.13.1", "jsonpath-plus": "^0.19.0", - "openid-client": "2.5.0", + "openid-client": "^4.1.1", "request": "^2.88.0", "rfc4648": "^1.3.0", "shelljs": "^0.8.2", + "stream-buffers": "^3.0.2", + "tar": "^6.0.2", + "tmp-promise": "^3.0.2", "tslib": "^1.9.3", "underscore": "^1.9.1", - "ws": "^6.1.0" + "ws": "^7.3.1" }, "dependencies": { "@types/node": { - "version": "10.17.24", - "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.24.tgz", - "integrity": "sha512-5SCfvCxV74kzR3uWgTYiGxrd69TbT1I6+cMx1A5kEly/IVveJBimtAMlXiEyVFn5DvUFewQWxOOiJhlxeQwxgA==" + "version": "10.17.35", + "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.35.tgz", + "integrity": "sha512-gXx7jAWpMddu0f7a+L+txMplp3FnHl53OhQIF9puXKq3hDGY/GjH+MF04oWnV/adPSCrbtHumDCFwzq2VhltWA==" }, "ws": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz", - "integrity": "sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==", - "requires": { - "async-limiter": "~1.0.0" - } + "version": "7.3.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.1.tgz", + "integrity": "sha512-D3RuNkynyHmEJIpD2qrgVkc9DQ23OrN/moAwZX4L8DfvszsJxpjQuUq3LMx6HoYji9fbIOBY18XWBsAux1ZZUA==" } } }, + "@panva/asn1.js": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz", + "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw==" + }, "@sindresorhus/is": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.7.0.tgz", - "integrity": "sha512-ONhaKPIufzzrlNbqtWFFd+jlnemX6lJAgq9ZeiZtS7I1PIf/la7CW4m83rTXRnVnsMbW2k56pGYu7AUFJD9Pow==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.2.tgz", + "integrity": "sha512-JiX9vxoKMmu8Y3Zr2RVathBL1Cdu4Nt4MuNWemt1Nc06A0RAin9c5FArkhGsyMBWfCu4zj+9b+GxtjAnE4qqLQ==" }, "@sinonjs/commons": { "version": "1.8.0", @@ -662,6 +669,14 @@ "type-detect": "4.0.8" } }, + "@szmarczak/http-timer": { + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-4.0.5.tgz", + "integrity": "sha512-PyRA9sm1Yayuj5OIoJ1hGt2YISX45w9WcFbh6ddT0Z/0yaFxOtGLInr4jUfU1EAFVs0Yfyfev4RNwBlUaHdlDQ==", + "requires": { + "defer-to-connect": "^2.0.0" + } + }, "@types/babel__core": { "version": "7.1.7", "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", @@ -703,6 +718,17 @@ "@babel/types": "^7.3.0" } }, + "@types/cacheable-request": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/@types/cacheable-request/-/cacheable-request-6.0.1.tgz", + "integrity": "sha512-ykFq2zmBGOCbpIXtoVbz4SKY5QriWPh3AjyU4G74RYbtt5yOc5OfaY75ftjg7mikMOla1CTGpX3lLbuJh8DTrQ==", + "requires": { + "@types/http-cache-semantics": "*", + "@types/keyv": "*", + "@types/node": "*", + "@types/responselike": "*" + } + }, "@types/caseless": { "version": "0.12.2", "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", @@ -723,6 +749,11 @@ "@types/node": "*" } }, + "@types/http-cache-semantics": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.0.tgz", + "integrity": "sha512-c3Xy026kOF7QOTn00hbIllV1dLR9hG9NkSrLQgCVs8NF6sBU+VGWjD3wLPhmh1TYAc7ugCFsvHYMN4VcBN1U1A==" + }, "@types/istanbul-lib-coverage": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", @@ -749,9 +780,25 @@ } }, "@types/js-yaml": { - "version": "3.12.4", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.4.tgz", - "integrity": "sha512-fYMgzN+9e28R81weVN49inn/u798ruU91En1ZnGvSZzCRc5jXx9B2EDhlRaWmcO1RIxFHL8AajRXzxDuJu93+A==" + "version": "3.12.5", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.5.tgz", + "integrity": "sha512-JCcp6J0GV66Y4ZMDAQCXot4xprYB+Zfd3meK9+INSJeVZwJmHAW30BBEEkPzXswMXuiyReUGOP3GxrADc9wPww==" + }, + "@types/keyv": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/@types/keyv/-/keyv-3.1.1.tgz", + "integrity": "sha512-MPtoySlAZQ37VoLaPcTHCu1RWJ4llDkULYZIzOYxlhxBqYPB0RsRlmMU0R6tahtFe27mIdkHV+551ZWV4PLmVw==", + "requires": { + "@types/node": "*" + } + }, + "@types/minipass": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@types/minipass/-/minipass-2.2.0.tgz", + "integrity": "sha512-wuzZksN4w4kyfoOv/dlpov4NOunwutLA/q7uc00xU02ZyUY+aoM5PWIXEKBMnm0NHd4a+N71BMjq+x7+2Af1fg==", + "requires": { + "@types/node": "*" + } }, "@types/node": { "version": "14.0.14", @@ -793,21 +840,46 @@ } } }, + "@types/responselike": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@types/responselike/-/responselike-1.0.0.tgz", + "integrity": "sha512-85Y2BjiufFzaMIlvJDvTTB8Fxl2xfLo4HgmHzVBz08w4wDePCTjYw66PdrolO0kzli3yam/YCgRufyo1DdQVTA==", + "requires": { + "@types/node": "*" + } + }, "@types/stack-utils": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", "dev": true }, + "@types/stream-buffers": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.3.tgz", + "integrity": "sha512-NeFeX7YfFZDYsCfbuaOmFQ0OjSmHreKBpp7MQ4alWQBHeh2USLsj7qyMyn9t82kjqIX516CR/5SRHnARduRtbQ==", + "requires": { + "@types/node": "*" + } + }, + "@types/tar": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/@types/tar/-/tar-4.0.3.tgz", + "integrity": "sha512-Z7AVMMlkI8NTWF0qGhC4QIX0zkV/+y0J8x7b/RsHrN0310+YNjoJd8UrApCiGBCWtKjxS9QhNqLi2UJNToh5hA==", + "requires": { + "@types/minipass": "*", + "@types/node": "*" + } + }, "@types/tough-cookie": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.0.tgz", "integrity": "sha512-I99sngh224D0M7XgW1s120zxCt3VYQ3IQsuw3P3jbq5GG4yc79+ZjyKznyOGIQrflfylLgcfekeZW/vk0yng6A==" }, "@types/underscore": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.0.tgz", - "integrity": "sha512-ZAbqul7QAKpM2h1PFGa5ETN27ulmqtj0QviYHasw9LffvXZvVHuraOx/FOsIPPDNGZN0Qo1nASxxSfMYOtSoCw==" + "version": "1.10.23", + "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.23.tgz", + "integrity": "sha512-vX1NPekXhrLquFWskH2thcvFAha187F/lM6xYOoEMZWwJ/6alSk0/ttmGP/YRqcqtCv0TMbZjYAdZyHAEcuU4g==" }, "@types/ws": { "version": "6.0.4", @@ -869,12 +941,12 @@ "dev": true }, "aggregate-error": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-1.0.0.tgz", - "integrity": "sha1-iINE2tAiCnLjr1CQYRf0h3GSX6w=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", + "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", "requires": { - "clean-stack": "^1.0.0", - "indent-string": "^3.0.0" + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" } }, "ajv": { @@ -994,11 +1066,6 @@ "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", "dev": true }, - "async-limiter": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", - "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" - }, "asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", @@ -1148,11 +1215,6 @@ } } }, - "base64-js": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", - "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" - }, "base64url": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", @@ -1207,14 +1269,6 @@ } } }, - "browserify-zlib": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz", - "integrity": "sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==", - "requires": { - "pako": "~1.0.5" - } - }, "bser": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", @@ -1224,15 +1278,6 @@ "node-int64": "^0.4.0" } }, - "buffer": { - "version": "5.6.0", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz", - "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==", - "requires": { - "base64-js": "^1.0.2", - "ieee754": "^1.1.4" - } - }, "buffer-from": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", @@ -1261,29 +1306,32 @@ "unset-value": "^1.0.0" } }, + "cacheable-lookup": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-5.0.3.tgz", + "integrity": "sha512-W+JBqF9SWe18A72XFzN/V/CULFzPm7sBXzzR6ekkE+3tLG72wFZrBiBZhrZuDoYexop4PHJVdFAKb/Nj9+tm9w==" + }, "cacheable-request": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-2.1.4.tgz", - "integrity": "sha1-DYCIAbY0KtM8kd+dC0TcCbkeXD0=", - "requires": { - "clone-response": "1.0.2", - "get-stream": "3.0.0", - "http-cache-semantics": "3.8.1", - "keyv": "3.0.0", - "lowercase-keys": "1.0.0", - "normalize-url": "2.0.1", - "responselike": "1.0.2" + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-7.0.1.tgz", + "integrity": "sha512-lt0mJ6YAnsrBErpTMWeu5kl/tg9xMAWjavYTN6VQXM1A/teBITuNcccXsCxF0tDQQJf9DfAaX5O4e0zp0KlfZw==", + "requires": { + "clone-response": "^1.0.2", + "get-stream": "^5.1.0", + "http-cache-semantics": "^4.0.0", + "keyv": "^4.0.0", + "lowercase-keys": "^2.0.0", + "normalize-url": "^4.1.0", + "responselike": "^2.0.0" }, "dependencies": { "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - }, - "lowercase-keys": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.0.tgz", - "integrity": "sha1-TjNms55/VFfjXxMkvfb4jQv8cwY=" + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz", + "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==", + "requires": { + "pump": "^3.0.0" + } } } }, @@ -1323,6 +1371,11 @@ "supports-color": "^7.1.0" } }, + "chownr": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", + "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" + }, "ci-info": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", @@ -1353,9 +1406,9 @@ } }, "clean-stack": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-1.3.0.tgz", - "integrity": "sha1-noIVAa6XmYbEax1m0tQy2y/UrjE=" + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==" }, "cliui": { "version": "6.0.0", @@ -1539,14 +1592,22 @@ "decode-uri-component": { "version": "0.2.0", "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", - "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=" + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=", + "dev": true }, "decompress-response": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz", - "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", "requires": { - "mimic-response": "^1.0.0" + "mimic-response": "^3.1.0" + }, + "dependencies": { + "mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==" + } } }, "deep-is": { @@ -1561,6 +1622,11 @@ "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", "dev": true }, + "defer-to-connect": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.0.tgz", + "integrity": "sha512-bYL2d05vOSf1JEZNx5vSAtPuBMkX8K9EUutg7zlKvTqKXHt7RhWJFbmd7qakVuf13i+IkGmp6FwSsONOf6VYIg==" + }, "define-property": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", @@ -1628,11 +1694,6 @@ "webidl-conversions": "^4.0.2" } }, - "duplexer3": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz", - "integrity": "sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=" - }, "ecc-jsbn": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", @@ -1665,11 +1726,6 @@ "is-arrayish": "^0.2.1" } }, - "es6-promise": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", - "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" - }, "escape-string-regexp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", @@ -1966,13 +2022,12 @@ "map-cache": "^0.2.2" } }, - "from2": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", - "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", + "fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", "requires": { - "inherits": "^2.0.1", - "readable-stream": "^2.0.0" + "minipass": "^3.0.0" } }, "fs.realpath": { @@ -2047,34 +2102,21 @@ "dev": true }, "got": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/got/-/got-8.3.2.tgz", - "integrity": "sha512-qjUJ5U/hawxosMryILofZCkm3C84PLJS/0grRIpjAwu+Lkxxj5cxeCU25BG0/3mDSpXKTyZr8oh8wIgLaH0QCw==", - "requires": { - "@sindresorhus/is": "^0.7.0", - "cacheable-request": "^2.1.1", - "decompress-response": "^3.3.0", - "duplexer3": "^0.1.4", - "get-stream": "^3.0.0", - "into-stream": "^3.1.0", - "is-retry-allowed": "^1.1.0", - "isurl": "^1.0.0-alpha5", - "lowercase-keys": "^1.0.0", - "mimic-response": "^1.0.0", - "p-cancelable": "^0.4.0", - "p-timeout": "^2.0.1", - "pify": "^3.0.0", - "safe-buffer": "^5.1.1", - "timed-out": "^4.0.1", - "url-parse-lax": "^3.0.0", - "url-to-options": "^1.0.1" - }, - "dependencies": { - "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - } + "version": "11.7.0", + "resolved": "https://registry.npmjs.org/got/-/got-11.7.0.tgz", + "integrity": "sha512-7en2XwH2MEqOsrK0xaKhbWibBoZqy+f1RSUoIeF1BLcnf+pyQdDsljWMfmOh+QKJwuvDIiKx38GtPh5wFdGGjg==", + "requires": { + "@sindresorhus/is": "^3.1.1", + "@szmarczak/http-timer": "^4.0.5", + "@types/cacheable-request": "^6.0.1", + "@types/responselike": "^1.0.0", + "cacheable-lookup": "^5.0.3", + "cacheable-request": "^7.0.1", + "decompress-response": "^6.0.0", + "http2-wrapper": "^1.0.0-beta.5.2", + "lowercase-keys": "^2.0.0", + "p-cancelable": "^2.0.0", + "responselike": "^2.0.0" } }, "graceful-fs": { @@ -2110,19 +2152,6 @@ "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, - "has-symbol-support-x": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz", - "integrity": "sha512-3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw==" - }, - "has-to-string-tag-x": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz", - "integrity": "sha512-vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw==", - "requires": { - "has-symbol-support-x": "^1.4.1" - } - }, "has-value": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", @@ -2197,9 +2226,9 @@ "dev": true }, "http-cache-semantics": { - "version": "3.8.1", - "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz", - "integrity": "sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w==" + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz", + "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ==" }, "http-signature": { "version": "1.2.0", @@ -2211,6 +2240,15 @@ "sshpk": "^1.7.0" } }, + "http2-wrapper": { + "version": "1.0.0-beta.5.2", + "resolved": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-1.0.0-beta.5.2.tgz", + "integrity": "sha512-xYz9goEyBnC8XwXDTuC/MZ6t+MrKVQZOk4s7+PaDkwIsQd8IwqvM+0M6bA/2lvG8GHXcPdf+MejTUeO2LCPCeQ==", + "requires": { + "quick-lru": "^5.1.1", + "resolve-alpn": "^1.0.0" + } + }, "human-signals": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", @@ -2226,11 +2264,6 @@ "safer-buffer": ">= 2.1.2 < 3" } }, - "ieee754": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", - "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" - }, "import-local": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", @@ -2248,9 +2281,9 @@ "dev": true }, "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" }, "inflight": { "version": "1.0.6", @@ -2271,15 +2304,6 @@ "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz", "integrity": "sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==" }, - "into-stream": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-3.1.0.tgz", - "integrity": "sha1-lvsKk2wSur1v8XUqF9BWFqvQlMY=", - "requires": { - "from2": "^2.1.1", - "p-is-promise": "^1.1.0" - } - }, "ip-regex": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", @@ -2397,16 +2421,6 @@ "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, - "is-object": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", - "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" - }, - "is-plain-obj": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", - "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" - }, "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", @@ -2416,11 +2430,6 @@ "isobject": "^3.0.1" } }, - "is-retry-allowed": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" - }, "is-stream": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", @@ -2450,7 +2459,8 @@ "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -2523,15 +2533,6 @@ "istanbul-lib-report": "^3.0.0" } }, - "isurl": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz", - "integrity": "sha512-1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w==", - "requires": { - "has-to-string-tag-x": "^1.2.0", - "is-object": "^1.0.1" - } - }, "jest": { "version": "25.5.4", "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", @@ -3032,6 +3033,14 @@ "supports-color": "^7.0.0" } }, + "jose": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.2.tgz", + "integrity": "sha512-yD93lsiMA1go/qxSY/vXWBodmIZJIxeB7QhFi8z1yQ3KUwKENqI9UA8VCHlQ5h3x1zWuWZjoY87ByQzkQbIrQg==", + "requires": { + "@panva/asn1.js": "^1.0.0" + } + }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -3093,9 +3102,9 @@ "dev": true }, "json-buffer": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", - "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==" }, "json-parse-better-errors": { "version": "1.0.2", @@ -3144,11 +3153,11 @@ } }, "keyv": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz", - "integrity": "sha512-eguHnq22OE3uVoSYG0LVWNP+4ppamWr9+zWBe1bsNcovIMy6huUJFPgy4mGwCd/rnl3vOLGW1MTlu4c57CT1xA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.0.3.tgz", + "integrity": "sha512-zdGa2TOpSZPq5mU6iowDARnMBZgtCqJ11dJROFi6tg6kTn4nuUdU09lFyLFSaHrWqpIJ+EBq4E8/Dc0Vx5vLdA==", "requires": { - "json-buffer": "3.0.0" + "json-buffer": "3.0.1" } }, "kind-of": { @@ -3214,22 +3223,17 @@ "@sinonjs/commons": "^1.7.0" } }, - "long": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", - "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" - }, "lowercase-keys": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", - "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz", + "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==" }, "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", "requires": { - "yallist": "^3.0.2" + "yallist": "^4.0.0" } }, "make-dir": { @@ -3241,6 +3245,11 @@ "semver": "^6.0.0" } }, + "make-error": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + }, "makeerror": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", @@ -3319,6 +3328,23 @@ "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", "dev": true }, + "minipass": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", + "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", + "requires": { + "yallist": "^4.0.0" + } + }, + "minizlib": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", + "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "requires": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + } + }, "mixin-deep": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", @@ -3340,6 +3366,11 @@ } } }, + "mkdirp": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", + "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" + }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", @@ -3381,34 +3412,12 @@ "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" }, - "node-forge": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.8.5.tgz", - "integrity": "sha512-vFMQIWt+J/7FLNyKouZ9TazT74PRV3wgv9UT4cRjC8BffxFbKXkgIWR42URCPSnHm/QDz6BOlb2Q0U4+VQT67Q==" - }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", "dev": true }, - "node-jose": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/node-jose/-/node-jose-1.1.4.tgz", - "integrity": "sha512-L31IFwL3pWWcMHxxidCY51ezqrDXMkvlT/5pLTfNw5sXmmOLJuN6ug7txzF/iuZN55cRpyOmoJrotwBQIoo5Lw==", - "requires": { - "base64url": "^3.0.1", - "browserify-zlib": "^0.2.0", - "buffer": "^5.5.0", - "es6-promise": "^4.2.8", - "lodash": "^4.17.15", - "long": "^4.0.0", - "node-forge": "^0.8.5", - "process": "^0.11.10", - "react-zlib-js": "^1.0.4", - "uuid": "^3.3.3" - } - }, "node-modules-regexp": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", @@ -3468,14 +3477,9 @@ "dev": true }, "normalize-url": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-2.0.1.tgz", - "integrity": "sha512-D6MUW4K/VzoJ4rJ01JFKxDrtY1v9wrgzCX5f2qj/lzH1m/lW6MhUZFKerVsnyjOhOsYzI9Kqqak+10l4LvLpMw==", - "requires": { - "prepend-http": "^2.0.0", - "query-string": "^5.0.1", - "sort-keys": "^2.0.0" - } + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz", + "integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==" }, "npm-run-path": { "version": "2.0.2", @@ -3496,11 +3500,6 @@ "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" }, - "object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" - }, "object-copy": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", @@ -3533,9 +3532,9 @@ } }, "object-hash": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-1.3.1.tgz", - "integrity": "sha512-OSuu/pU4ENM9kmREg0BdNrUDIl1heYa4mBZacJc+vVWz4GtAwu7jO8s4AIt2aGRUTqxykpWzI3Oqnsm13tTMDA==" + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.0.3.tgz", + "integrity": "sha512-JPKn0GMu+Fa3zt3Bmr66JhokJU5BaNBIh4ZeTlaCBzrBsOeXzwcKKAK1tbLiPKgvwmPXsDvvLHoWh5Bm7ofIYg==" }, "object-visit": { "version": "1.0.1", @@ -3556,9 +3555,9 @@ } }, "oidc-token-hash": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-3.0.2.tgz", - "integrity": "sha512-dTzp80/y/da+um+i+sOucNqiPpwRL7M/xPwj7pH1TFA2/bqQ+OK2sJahSXbemEoLtPkHcFLyhLhLWZa9yW5+RA==" + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.0.tgz", + "integrity": "sha512-8Yr4CZSv+Tn8ZkN3iN2i2w2G92mUKClp4z7EGUfdsERiYSbj7P4i/NHm72ft+aUdsiFx9UdIPSTwbyzQ6C4URg==" }, "once": { "version": "1.4.0", @@ -3578,18 +3577,18 @@ } }, "openid-client": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-2.5.0.tgz", - "integrity": "sha512-t3hFD7xEoW1U25RyBcRFaL19fGGs6hNVTysq9pgmiltH0IVUPzH/bQV9w24pM5Q7MunnGv2/5XjIru6BQcWdxg==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.1.1.tgz", + "integrity": "sha512-/qch3I3v8UtO0A7wVgyXJJjGX/knR8bv06DQpLuKQqLG5u4AHcgusGuVKPKAcneLZvHKbKovF2+3e2ngXyuudA==", "requires": { - "base64url": "^3.0.0", - "got": "^8.3.2", - "lodash": "^4.17.11", - "lru-cache": "^5.1.1", - "node-jose": "^1.1.0", - "object-hash": "^1.3.1", - "oidc-token-hash": "^3.0.1", - "p-any": "^1.1.0" + "base64url": "^3.0.1", + "got": "^11.6.2", + "jose": "^2.0.2", + "lru-cache": "^6.0.0", + "make-error": "^1.3.6", + "object-hash": "^2.0.1", + "oidc-token-hash": "^5.0.0", + "p-any": "^3.0.0" } }, "optionator": { @@ -3607,17 +3606,18 @@ } }, "p-any": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-any/-/p-any-1.1.0.tgz", - "integrity": "sha512-Ef0tVa4CZ5pTAmKn+Cg3w8ABBXh+hHO1aV8281dKOoUHfX+3tjG2EaFcC+aZyagg9b4EYGsHEjz21DnEE8Og2g==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-any/-/p-any-3.0.0.tgz", + "integrity": "sha512-5rqbqfsRWNb0sukt0awwgJMlaep+8jV45S15SKKB34z4UuzjcofIfnriCBhWjZP2jbVtjt9yRl7buB6RlKsu9w==", "requires": { - "p-some": "^2.0.0" + "p-cancelable": "^2.0.0", + "p-some": "^5.0.0" } }, "p-cancelable": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.4.1.tgz", - "integrity": "sha512-HNa1A8LvB1kie7cERyy21VNeHb2CWJJYqyyC2o3klWFfMGlFmWv2Z7sFgZH8ZiaYL95ydToKTFVXgMV/Os0bBQ==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.0.0.tgz", + "integrity": "sha512-wvPXDmbMmu2ksjkB4Z3nZWTSkJEb9lqVdMaCKpZUGJG9TMiNp9XcbG3fn9fPKjem04fJMJnXoyFPk2FmgiaiNg==" }, "p-each-series": { "version": "2.1.0", @@ -3630,11 +3630,6 @@ "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" }, - "p-is-promise": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz", - "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=" - }, "p-limit": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", @@ -3654,19 +3649,12 @@ } }, "p-some": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-some/-/p-some-2.0.1.tgz", - "integrity": "sha1-Zdh8ixVO289SIdFnd4ttLhUPbwY=", - "requires": { - "aggregate-error": "^1.0.0" - } - }, - "p-timeout": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-timeout/-/p-timeout-2.0.1.tgz", - "integrity": "sha512-88em58dDVB/KzPEx1X0N3LwFfYZPyDc4B6eF38M1rk9VTZMbxXXgjugz8mmwpS9Ox4BDZ+t6t3QP5+/gazweIA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/p-some/-/p-some-5.0.0.tgz", + "integrity": "sha512-Js5XZxo6vHjB9NOYAzWDYAIyyiPvva0DWESAIWIK7uhSpGsyg5FwUPxipU/SOQx5x9EqhOh545d1jo6cVkitig==", "requires": { - "p-finally": "^1.0.0" + "aggregate-error": "^3.0.0", + "p-cancelable": "^2.0.0" } }, "p-try": { @@ -3675,11 +3663,6 @@ "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", "dev": true }, - "pako": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", - "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" - }, "parse-json": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", @@ -3736,11 +3719,6 @@ "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", "dev": true }, - "pify": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", - "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" - }, "pirates": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", @@ -3777,11 +3755,6 @@ "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", "dev": true }, - "prepend-http": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz", - "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" - }, "pretty-format": { "version": "25.5.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", @@ -3802,16 +3775,6 @@ } } }, - "process": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", - "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" - }, - "process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" - }, "prompts": { "version": "2.3.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", @@ -3846,15 +3809,10 @@ "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" }, - "query-string": { + "quick-lru": { "version": "5.1.1", - "resolved": "https://registry.npmjs.org/query-string/-/query-string-5.1.1.tgz", - "integrity": "sha512-gjWOsm2SoGlgLEdAGt7a6slVOk9mGiXmPFMqrEhLQ68rhQuBnpfs3+EmlvqKyxnCo9/PPlF+9MtY02S1aFg+Jw==", - "requires": { - "decode-uri-component": "^0.2.0", - "object-assign": "^4.1.0", - "strict-uri-encode": "^1.0.0" - } + "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==" }, "react-is": { "version": "16.13.1", @@ -3862,11 +3820,6 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", "dev": true }, - "react-zlib-js": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/react-zlib-js/-/react-zlib-js-1.0.4.tgz", - "integrity": "sha512-ynXD9DFxpE7vtGoa3ZwBtPmZrkZYw2plzHGbanUjBOSN4RtuXdektSfABykHtTiWEHMh7WdYj45LHtp228ZF1A==" - }, "read-pkg": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", @@ -3898,20 +3851,6 @@ "type-fest": "^0.8.1" } }, - "readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - } - }, "realpath-native": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", @@ -4044,6 +3983,11 @@ "path-parse": "^1.0.6" } }, + "resolve-alpn": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.0.0.tgz", + "integrity": "sha512-rTuiIEqFmGxne4IovivKSDzld2lWW9QCjqv80SYjPgf+gS35eaCAjaP54CCwGAwBtnCsvNLYtqxe1Nw+i6JEmA==" + }, "resolve-cwd": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", @@ -4066,11 +4010,11 @@ "dev": true }, "responselike": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", - "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/responselike/-/responselike-2.0.0.tgz", + "integrity": "sha512-xH48u3FTB9VsZw7R+vvgaKeLKzT6jOogbQhEe/jewwnZgzPcnyWui2Av6JpoYZF/91uueC+lqhWqeURw5/qhCw==", "requires": { - "lowercase-keys": "^1.0.0" + "lowercase-keys": "^2.0.0" } }, "ret": { @@ -4080,15 +4024,14 @@ "dev": true }, "rfc4648": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.3.0.tgz", - "integrity": "sha512-x36K12jOflpm1V8QjPq3I+pt7Z1xzeZIjiC8J2Oxd7bE1efTrOG241DTYVJByP/SxR9jl1t7iZqYxDX864jgBQ==" + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.4.0.tgz", + "integrity": "sha512-3qIzGhHlMHA6PoT6+cdPKZ+ZqtxkIvg8DZGKA5z6PQ33/uuhoJ+Ws/D/J9rXW6gXodgH8QYlz2UCl+sdUDmNIg==" }, "rimraf": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, "requires": { "glob": "^7.1.3" } @@ -4478,14 +4421,6 @@ } } }, - "sort-keys": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-2.0.0.tgz", - "integrity": "sha1-ZYU1WEhh7JfXMNbPQYIuH1ZoQSg=", - "requires": { - "is-plain-obj": "^1.0.0" - } - }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", @@ -4616,10 +4551,10 @@ "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", "dev": true }, - "strict-uri-encode": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", - "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" + "stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, "string-length": { "version": "3.1.0", @@ -4653,14 +4588,6 @@ "strip-ansi": "^6.0.0" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, "strip-ansi": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", @@ -4720,6 +4647,19 @@ "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", "dev": true }, + "tar": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.0.5.tgz", + "integrity": "sha512-0b4HOimQHj9nXNEAA7zWwMM91Zhhba3pspja6sQbgTpynOJf+bkjBnfybNYzbpLbnwXnbyB4LOREvlyXLkCHSg==", + "requires": { + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "minipass": "^3.0.0", + "minizlib": "^2.1.1", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + } + }, "terminal-link": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", @@ -4747,10 +4687,21 @@ "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", "dev": true }, - "timed-out": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz", - "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=" + "tmp": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", + "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", + "requires": { + "rimraf": "^3.0.0" + } + }, + "tmp-promise": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", + "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", + "requires": { + "tmp": "^0.2.0" + } }, "tmpl": { "version": "1.0.4", @@ -4880,9 +4831,9 @@ "dev": true }, "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.11.0.tgz", + "integrity": "sha512-xY96SsN3NA461qIRKZ/+qox37YXPtSBswMGfiNptr+wrt6ds4HaMw23TP612fEyGekRE6LNRiLYr/aqbHXNedw==" }, "union-value": { "version": "1.0.1", @@ -4950,30 +4901,12 @@ "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", "dev": true }, - "url-parse-lax": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz", - "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=", - "requires": { - "prepend-http": "^2.0.0" - } - }, - "url-to-options": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz", - "integrity": "sha1-FQWgOiiaSMvXpDTvuu7FBV9WM6k=" - }, "use": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", "dev": true }, - "util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" - }, "uuid": { "version": "3.4.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", @@ -5153,9 +5086,9 @@ "dev": true }, "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "yargs": { "version": "15.3.1", diff --git a/hooks/declarative-subsequent-scans/package.json b/hooks/declarative-subsequent-scans/package.json index 8decdbfa..820fb77e 100644 --- a/hooks/declarative-subsequent-scans/package.json +++ b/hooks/declarative-subsequent-scans/package.json @@ -1,17 +1,43 @@ { "name": "declarative-subsequent-scans", "version": "1.0.0", - "description": "", + "description": "secureCodeBox v2 Hook to cascade scan in an declarative manner.", + "homepage": "https://www.secureCodeBox.io", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, "main": "hook.js", "scripts": { "build": "npx typescript hook.ts --sourceMap", "test": "jest ." }, - "keywords": [], - "author": "", + "keywords": [ + "secureCodeBox", + "security", + "hook" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name": "Jannik Hollenbach", + "url": "https://github.com/J12934" + }, + { + "name": "Robert Seedorff", + "url": "https://github.com/rseedorff" + } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" + }, "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.12.0", + "@kubernetes/client-node": "^0.12.2", "lodash": "^4.17.19", "mustache": "^4.0.1" }, diff --git a/hooks/declarative-subsequent-scans/scan-helpers.ts b/hooks/declarative-subsequent-scans/scan-helpers.ts index a4ee4e57..c112a0de 100644 --- a/hooks/declarative-subsequent-scans/scan-helpers.ts +++ b/hooks/declarative-subsequent-scans/scan-helpers.ts @@ -72,7 +72,7 @@ export async function startSubsequentSecureCodeBoxScan({ } const scanDefinition = { - apiVersion: "execution.experimental.securecodebox.io/v1", + apiVersion: "execution.securecodebox.io/v1", kind: "Scan", metadata: { generateName: `${name}-`, @@ -89,7 +89,7 @@ export async function startSubsequentSecureCodeBoxScan({ }, ownerReferences: [ { - apiVersion: "execution.experimental.securecodebox.io/v1", + apiVersion: "execution.securecodebox.io/v1", blockOwnerDeletion: true, controller: true, kind: "Scan", @@ -110,7 +110,7 @@ export async function startSubsequentSecureCodeBoxScan({ try { // Submitting the Scan to the kubernetes api await k8sApiCRD.createNamespacedCustomObject( - "execution.experimental.securecodebox.io", + "execution.securecodebox.io", "v1", namespace, "scans", @@ -137,7 +137,7 @@ export async function getCascadingRulesForScan(scan: Scan) { ); const response: any = await k8sApiCRD.listNamespacedCustomObject( - "cascading.experimental.securecodebox.io", + "cascading.securecodebox.io", "v1", namespace, "cascadingrules", diff --git a/hooks/declarative-subsequent-scans/templates/NOTES.txt b/hooks/declarative-subsequent-scans/templates/NOTES.txt index 5b163957..0e06e84a 100644 --- a/hooks/declarative-subsequent-scans/templates/NOTES.txt +++ b/hooks/declarative-subsequent-scans/templates/NOTES.txt @@ -10,4 +10,4 @@ $ kubectl get cascadingrules You need to explicitly turn on scan cascading for every scan you use. You can do that by setting a label selector which matches all rules you want to use. -Find out more, on the docs: TODO(https://github.com/secureCodeBox/secureCodeBox-v2-alpha/issues/46) \ No newline at end of file +Find out more, on the docs: TODO(https://github.com/secureCodeBox/secureCodeBox-v2/issues/46) \ No newline at end of file diff --git a/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml b/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml index 321b8747..a0eddcb6 100644 --- a/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml +++ b/hooks/declarative-subsequent-scans/templates/declerative-subsequent-scans-hook.yaml @@ -1,20 +1,8 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ScanCompletionHook metadata: name: {{ include "declarative-subsequent-scans.fullname" . }} spec: type: ReadOnly - {{- if .Values.image.registry }} - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - {{- else }} - {{- if .Values.image.digest }} - image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" serviceAccountName: declarative-combined-scans \ No newline at end of file diff --git a/hooks/declarative-subsequent-scans/templates/role.yaml b/hooks/declarative-subsequent-scans/templates/role.yaml index af1028dd..f485ed2b 100644 --- a/hooks/declarative-subsequent-scans/templates/role.yaml +++ b/hooks/declarative-subsequent-scans/templates/role.yaml @@ -7,21 +7,21 @@ metadata: namespace: {{ .Release.Namespace }} rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: - get - create - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: - get - patch - apiGroups: - - cascading.experimental.securecodebox.io + - cascading.securecodebox.io resources: - cascadingrules verbs: diff --git a/hooks/declarative-subsequent-scans/values.yaml b/hooks/declarative-subsequent-scans/values.yaml index 230c9bbe..9d9ca89e 100644 --- a/hooks/declarative-subsequent-scans/values.yaml +++ b/hooks/declarative-subsequent-scans/values.yaml @@ -3,7 +3,9 @@ # Declare variables to be passed into your templates. image: - registry: docker.io - repository: scbexperimental/hook-declarative-subsequent-scans - tag: latest - digest: null + # image.tag - defaults to the charts version + # image.repository -- Hook image repository + repository: docker.io/securecodebox/hook-declarative-subsequent-scans + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null diff --git a/hooks/generic-webhook/Chart.yaml b/hooks/generic-webhook/Chart.yaml index 821f54f1..30b67881 100644 --- a/hooks/generic-webhook/Chart.yaml +++ b/hooks/generic-webhook/Chart.yaml @@ -4,8 +4,8 @@ description: Lets you send http webhooks after scans are completed type: application -version: 0.1.0 - -appVersion: latest +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" dependencies: [] diff --git a/hooks/generic-webhook/Dockerfile b/hooks/generic-webhook/Dockerfile index 6e0086dd..adfb0ac2 100644 --- a/hooks/generic-webhook/Dockerfile +++ b/hooks/generic-webhook/Dockerfile @@ -5,7 +5,7 @@ WORKDIR /home/app COPY package.json package-lock.json ./ RUN npm ci --production -FROM scbexperimental/hook-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/generic-webhook/README.md b/hooks/generic-webhook/README.md index be2cf6a6..42b786e4 100644 --- a/hooks/generic-webhook/README.md +++ b/hooks/generic-webhook/README.md @@ -11,8 +11,17 @@ usecase: "Publishes Scan Findings as WebHook." ## Deployment -Installing the Generic WebHook hook will add a ReadOnly Hook to your namespace. +Installing the Generic WebHook hook will add a ReadOnly Hook to your namespace. ```bash helm upgrade --install gwh ./hooks/generic-webhook/ --set webhookUrl="http://example.com/my/webhook/target" ``` +> โœ This documentation is currently work-in-progress. + +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image.repository | string | `"docker.io/securecodebox/generic-webhook"` | Hook image repository | +| image.tag | string | `nil` | | +| webhookUrl | string | `"http://example.com"` | The URL of your WebHook endpoint | diff --git a/hooks/generic-webhook/README.md.gotmpl b/hooks/generic-webhook/README.md.gotmpl new file mode 100644 index 00000000..ecb28bf2 --- /dev/null +++ b/hooks/generic-webhook/README.md.gotmpl @@ -0,0 +1,23 @@ +--- +title: "Generic WebHook" +path: "hooks/generic-webhook" +category: "hook" +type: "integration" +state: "released" +usecase: "Publishes Scan Findings as WebHook." +--- + + + +## Deployment + +Installing the Generic WebHook hook will add a ReadOnly Hook to your namespace. + +```bash +helm upgrade --install gwh ./hooks/generic-webhook/ --set webhookUrl="http://example.com/my/webhook/target" +``` +> โœ This documentation is currently work-in-progress. + +## Chart Configuration + +{{ template "chart.valuesTable" . }} diff --git a/hooks/generic-webhook/helm2.Chart.yaml b/hooks/generic-webhook/helm2.Chart.yaml new file mode 100644 index 00000000..526d6785 --- /dev/null +++ b/hooks/generic-webhook/helm2.Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +name: generic-webhook +description: Lets you send http webhooks after scans are completed + +type: application + +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" \ No newline at end of file diff --git a/hooks/generic-webhook/package-lock.json b/hooks/generic-webhook/package-lock.json index 748ee3d6..9a9dff3b 100644 --- a/hooks/generic-webhook/package-lock.json +++ b/hooks/generic-webhook/package-lock.json @@ -920,11 +920,11 @@ "dev": true }, "axios": { - "version": "0.19.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz", - "integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==", + "version": "0.20.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.20.0.tgz", + "integrity": "sha512-ANA4rr2BDcmmAQLOKft2fufrtuvlqR+cXNNinUmvfeSNCOF98PZL+7M/v1zIdGo7OLjEA9J2gXJL+j4zGsl0bA==", "requires": { - "follow-redirects": "1.5.10" + "follow-redirects": "^1.10.0" } }, "babel-jest": { @@ -1776,27 +1776,9 @@ } }, "follow-redirects": { - "version": "1.5.10", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz", - "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==", - "requires": { - "debug": "=3.1.0" - }, - "dependencies": { - "debug": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", - "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", - "requires": { - "ms": "2.0.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.0.tgz", + "integrity": "sha512-aq6gF1BEKje4a9i9+5jimNFIpq4Q1WiwBToeRK5NvZBd/TRsmW8BsJfOEGkr76TbOyPVD3OVDN910EcUNtRYEA==" }, "for-in": { "version": "1.0.2", diff --git a/hooks/generic-webhook/package.json b/hooks/generic-webhook/package.json index 50f268ed..21abaf9f 100644 --- a/hooks/generic-webhook/package.json +++ b/hooks/generic-webhook/package.json @@ -1,16 +1,42 @@ { "name": "scb-generic-webhook", "version": "1.0.0", - "description": "", + "description": "secureCodeBox v2 Generic WebHook.", + "homepage": "https://www.secureCodeBox.io", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, "main": "hook.js", "scripts": { "test": "jest ." }, - "keywords": [], - "author": "", - "license": "ISC", + "keywords": [ + "secureCodeBox", + "security", + "hook" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name" : "Jannik Hollenbach", + "url" : "https://github.com/J12934" + }, + { + "name" : "Robert Seedorff", + "url" : "https://github.com/rseedorff" + } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" + }, + "license": "Apache-2.0", "dependencies": { - "axios": "^0.19.2" + "axios": "^0.20.0" }, "devDependencies": { "jest": "^25.1.0" diff --git a/hooks/generic-webhook/templates/webhook-hook.yaml b/hooks/generic-webhook/templates/webhook-hook.yaml index 863610a4..e5e40026 100644 --- a/hooks/generic-webhook/templates/webhook-hook.yaml +++ b/hooks/generic-webhook/templates/webhook-hook.yaml @@ -1,14 +1,10 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ScanCompletionHook metadata: name: {{ include "generic-webhook.fullname" . }} spec: type: ReadOnly - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" env: - name: WEBHOOK_URL value: {{ .Values.webhookUrl | quote }} \ No newline at end of file diff --git a/hooks/generic-webhook/values.yaml b/hooks/generic-webhook/values.yaml index 545b7851..e937df7e 100644 --- a/hooks/generic-webhook/values.yaml +++ b/hooks/generic-webhook/values.yaml @@ -2,10 +2,13 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# webhookUrl -- The URL of your WebHook endpoint webhookUrl: "http://example.com" image: - registry: docker.io - repository: scbexperimental/generic-webhook - tag: latest - digest: null + # image.tag - defaults to the charts version + # image.repository -- Hook image repository + repository: docker.io/securecodebox/generic-webhook + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null diff --git a/hooks/imperative-subsequent-scans/.dockerignore b/hooks/imperative-subsequent-scans/.dockerignore deleted file mode 100644 index 40b878db..00000000 --- a/hooks/imperative-subsequent-scans/.dockerignore +++ /dev/null @@ -1 +0,0 @@ -node_modules/ \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/.helmignore b/hooks/imperative-subsequent-scans/.helmignore deleted file mode 100644 index 676a3554..00000000 --- a/hooks/imperative-subsequent-scans/.helmignore +++ /dev/null @@ -1,30 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -# Node.js files -node_modules/* -package.json -package-lock.json -src/* -config/* -Dockerfile -.dockerignore \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/Chart.lock b/hooks/imperative-subsequent-scans/Chart.lock deleted file mode 100644 index eb7f3a24..00000000 --- a/hooks/imperative-subsequent-scans/Chart.lock +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: [] -digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 -generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/imperative-subsequent-scans/Chart.yaml b/hooks/imperative-subsequent-scans/Chart.yaml deleted file mode 100644 index 554c41d9..00000000 --- a/hooks/imperative-subsequent-scans/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: imperative-subsequent-scans -description: Starts possible subsequent security scans based on findings (e.g. open ports found by NMAP or subdomains found by AMASS). - -type: application - -version: 0.1.0 - -appVersion: 0.1.0 - -dependencies: [] diff --git a/hooks/imperative-subsequent-scans/Dockerfile b/hooks/imperative-subsequent-scans/Dockerfile deleted file mode 100644 index dda1c6e4..00000000 --- a/hooks/imperative-subsequent-scans/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -# This image doesn't install the hooks dependencies, as it only has the @kubernetes/client-node dependencies which is already installed via the hook-sdk - -ARG baseImageTag -FROM scbexperimental/hook-sdk-nodejs:${baseImageTag:-latest} -WORKDIR /home/app/hook-wrapper/hook/ -COPY --chown=app:app hook.js scan-helpers.js ./ diff --git a/hooks/imperative-subsequent-scans/__mocks__/scan-helpers.js b/hooks/imperative-subsequent-scans/__mocks__/scan-helpers.js deleted file mode 100644 index 6d1a50b1..00000000 --- a/hooks/imperative-subsequent-scans/__mocks__/scan-helpers.js +++ /dev/null @@ -1 +0,0 @@ -module.exports.startSubsequentSecureCodeBoxScan = jest.fn(); diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js deleted file mode 100644 index 28145c67..00000000 --- a/hooks/imperative-subsequent-scans/hook.js +++ /dev/null @@ -1,290 +0,0 @@ -const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); - -async function handle({ - scan, - getFindings, - cascadeAmassNmap = process.env["CASCADE_AMASS_NMAP"] === "true", - cascadeNmapSsl = process.env["CASCADE_NMAP_SSL"] === "true", - cascadeNmapSsh = process.env["CASCADE_NMAP_SSH"] === "true", - cascadeNmapNikto = process.env["CASCADE_NMAP_NIKTO"] === "true", - cascadeNmapSmb = process.env["CASCADE_NMAP_SMB"] === "true", - cascadeNmapZapBaseline = process.env["CASCADE_NMAP_ZAP_BASELINE"] === "true", -}) { - const findings = await getFindings(); - - console.log(findings); - console.log("cascadeAmassNmap: " + cascadeAmassNmap); - console.log("cascadeNmapSsl: " + cascadeNmapSsl); - console.log("cascadeNmapSsh: " + cascadeNmapSsh); - console.log("cascadeNmapNikto: " + cascadeNmapNikto); - console.log("cascadeNmapSmb: " + cascadeNmapSmb); - console.log("cascadeNmapZapBaseline: " + cascadeNmapZapBaseline); - - console.log( - `Found #${findings.length} findings... Trying to find identify if these are NMAP specific findings and start possible subsequent security scans.` - ); - - for (const finding of findings) { - if ( - finding.category === "Open Port" && - finding.attributes.state === "open" && - (finding.attributes.hostname != null || finding.attributes.ip_address) - ) { - - const hostname = finding.attributes.hostname || finding.attributes.ip_address; - const port = finding.attributes.port; - - console.log( - "Found NMAP 'Open Port' finding for host '"+hostname+"' port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'" - ); - - // search for HTTP ports and start subsequent Nikto Scan - if ( - cascadeNmapNikto && - finding.attributes.service === "http" - ) { - await startNiktoScan({ - parentScan: scan, - hostname, - port, - }); - } - - // search for SMB ports and start subsequent NMAP Scan - if ( - cascadeNmapSmb && - finding.attributes.port === 445 && - (finding.attributes.service === "microsoft-ds" || - finding.attributes.service === "netbios-ssn") - ) { - await startSMBScan({ - parentScan: scan, - hostname, - port, - }); - } - - // search for HTTPS ports and start subsequent SSLyze Scan - if ( - cascadeNmapSsl && - (finding.attributes.service === "ssl" || - finding.attributes.service === "https") - ) { - await startSSLyzeScan({ - parentScan: scan, - hostname, - port, - }); - } - - // search for HTTPS ports and start subsequent ZAP Baselne Scan - if ( - cascadeNmapZapBaseline && - (finding.attributes.service === "ssl" || - finding.attributes.service === "https") - ) { - await startZAPBaselineHttpsScan({ - parentScan: scan, - hostname, - port, - }); - } - - // search for HTTPS ports and start subsequent SSH Scan - if ( - cascadeNmapSsh && - finding.attributes.service === "ssh" - ) { - await startSSHScan({ - parentScan: scan, - hostname, - port, - }); - } - } - } - - console.log( - `Found #${findings.length} findings... Trying to find identify if these are AMASS specific findings and start possible subsequent security scans.` - ); - - for (const finding of findings) { - if( - cascadeAmassNmap && - finding.category === "Subdomain" && - finding.osi_layer === "NETWORK" && - finding.description.startsWith("Found subdomain" - )) { - console.log("Found AMASS 'Subdomain' finding: " + finding.location); - - const hostname = finding.location; - - await startNMAPScan({ - parentScan: scan, - hostname - }); - } - } -} - -/** - * Creates a new subsequent SCB ZAP Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent ZAP scan for. - * @param {string} port The port to start a new subsequent ZAP scan for. - */ -async function startSMBScan({ parentScan, hostname}) { - if(hostname) { - console.log( - " --> Starting async subsequent NMAP SMB Scan for host: " + hostname - ); - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nmap-smb-${hostname.toLowerCase()}`, - scanType: "nmap", - parameters: ["-Pn", "-p445", "--script", "smb-protocols", hostname], - }); - } - else - { - console.log( - " --> Failed to start subsequent NMAP SMB Scan because host: '" + hostname + "' must not be null." - ); - } -} - -/** - * Creates a new subsequent SCB ZAP Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent ZAP scan for. - * @param {string} port The port to start a new subsequent ZAP scan for. - */ -async function startNMAPScan({ parentScan, hostname}) { - - - if(hostname) { - console.log( - " --> Starting async subsequent NMAP Scan for host: " + hostname - ); - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nmap-${hostname.toLowerCase()}`, - scanType: "nmap", - parameters: ["-Pn", hostname], - }); - } - else - { - console.log( - " --> Failed to start subsequent NMAP Scan because host: '" + hostname + "' must not be null." - ); - } -} - -/** - * Creates a new subsequent SCB ZAP Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent ZAP scan for. - * @param {string} port The port to start a new subsequent ZAP scan for. - */ -async function startZAPBaselineHttpsScan({ parentScan, hostname, port }) { - - - if(hostname) { - console.log( - " --> Starting async subsequent ZAP Scan for host: '" + hostname + "' and port: '" + port + "'" - ); - // https://www.zaproxy.org/docs/docker/baseline-scan/ - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `zap-${port}-${hostname.toLowerCase()}`, - scanType: "zap-baseline", - parameters: ["-a", "-j", "-t", "https://" + hostname + ":" + port], - }); - } - else - { - console.log( - " --> Failed to start subsequent ZAP Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." - ); - } -} - -/** - * Creates a new subsequent SCB SSH Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent SSH scan for. - * @param {string} port The port to start a new subsequent SSH scan for. - */ -async function startSSHScan({ parentScan, hostname, port }) { - - if(hostname && port) { - console.log( - " --> Starting async subsequent SSH Scan for host: '" + hostname + "' and port: '" + port + "'" - ); - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `ssh-${port}-${hostname.toLowerCase()}`, - scanType: "ssh-scan", - parameters: ["-t", hostname, "-p", port.toString()], - }); - } - else - { - console.log( - " --> Failed to start subsequent SSH Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." - ); - } -} - -/** - * Creates a new subsequent SCB Nikto Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent Nikto scan for. - * @param {string} port The port to start a new subsequent Nikto scan for. - */ -async function startNiktoScan({ parentScan, hostname, port }) { - - - if(hostname && port) { - console.log( - " --> Starting async subsequent Nikto Scan for host: '" + hostname + "' and port: '" + port + "'" - ); - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nikto-${port}-${hostname.toLowerCase()}`, - scanType: "nikto", - parameters: ["-h", hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], - }); - } - else - { - console.log( - " --> Failed to start subsequent Nikto Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." - ); - } -} - -/** - * Creates a new subsequent SCB SSLyze Scan for the given hostname. - * @param {string} hostname The hostname to start a new subsequent SSLyze scan for. - * @param {string} port The port to start a new subsequent SSLyze scan for. - */ -async function startSSLyzeScan({ parentScan, hostname, port }) { - - - if(hostname && port) { - console.log( - " --> Starting async subsequent SSLyze Scan for host: '" + hostname + "' and port: '" + port + "'" - ); - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `sslyze-${port}-${hostname.toLowerCase()}`, - scanType: "sslyze", - parameters: ["--regular", hostname+":"+port], - }); - } - else - { - console.log( - " --> Failed to start subsequent SSLyze Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." - ); - } -} - -module.exports.handle = handle; diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js deleted file mode 100644 index 83b296f2..00000000 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ /dev/null @@ -1,690 +0,0 @@ -jest.mock("./scan-helpers"); - -const { handle } = require("./hook"); -const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); - -test("Should create subsequent scans for open HTTPS ports (NMAP findings)", async () => { - const findings = [ - { - name: "Port 443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 443, - service: "https", - }, - }, - { - name: "Port 8443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 8443, - service: "ssl", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(4); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { - name: "sslyze-443-foobar.com", - parameters: ["--regular", "foobar.com:443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "sslyze", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { - name: "zap-443-foobar.com", - parameters: ["-a", "-j", "-t", "https://foobar.com:443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "zap-baseline", - }); - // even if the HTTPS port is not running at port 443 a corresponding Sslyze scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(3, { - name: "sslyze-8443-example.com", - parameters: ["--regular", "example.com:8443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "sslyze", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(4, { - name: "zap-8443-example.com", - parameters: ["-a", "-j", "-t", "https://example.com:8443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "zap-baseline", - }); -}); - -test("Should create subsequent scans for open HTTP ports (NMAP findings)", async () => { - const findings = [ - { - name: "Port 80 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 80, - service: "http", - }, - }, - { - name: "Port 3000 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 3000, - service: "http", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(6); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(5, { - name: "nikto-80-foobar.com", - parameters: ["-h", "foobar.com", "-p", "80", "-Tuning", "1,2,3,5,7,b"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nikto", - }); - // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(6, { - name: "nikto-3000-example.com", - parameters: ["-h", "example.com", "-p", "3000", "-Tuning", "1,2,3,5,7,b"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nikto", - }); -}); - -test("Should create subsequent scans for open SSH ports (NMAP findings)", async () => { - const findings = [ - { - name: "Port 22 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 22, - service: "ssh", - }, - }, - { - name: "Port 23454 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 23454, - service: "ssh", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(8); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(7, { - name: "ssh-22-foobar.com", - parameters: ["-t", "foobar.com", "-p", "22"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "ssh-scan", - }); - // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(8, { - name: "ssh-23454-example.com", - parameters: ["-t", "example.com", "-p", "23454"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "ssh-scan", - }); -}); - -test("Should create subsequent scans for open SMB ports (NMAP findings)", async () => { - const findings = [ - { - name: "Port 445 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 445, - service: "microsoft-ds", - }, - }, - { - name: "Port 445 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 445, - service: "filtered", - }, - }, - { - name: "Port 445 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: null, - ip_address: "10.10.0.0", - port: 445, - service: "microsoft-ds", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(10); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, { - name: "nmap-smb-foobar.com", - parameters: ["-Pn", "-p445", "--script", "smb-protocols", "foobar.com"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nmap", - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { - name: "nmap-smb-10.10.0.0", - parameters: ["-Pn", "-p445", "--script", "smb-protocols", "10.10.0.0"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nmap", - }); -}); - -test("Should create subsequent scans for subdomains (AMASS findings)", async () => { - const findings = [ - { - name: "www.example.com", - description: "Found subdomain www.example.com", - category: "Subdomain", - location: "www.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - { - name: "example.example.com", - description: "Found subdomain example.example.com", - category: "Subdomain", - location: "example.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const getFindings = async () => findings; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, { - name: "nmap-www.example.com", - parameters: ["-Pn", "www.example.com"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nmap", - }); - // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(12, { - name: "nmap-example.example.com", - parameters: ["-Pn", "example.example.com"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nmap", - }); -}); - -test("Should not create subsequent scans for subdomains (AMASS subsequent scans disabled)", async () => { - const findings = [ - { - name: "www.example.com", - description: "Found subdomain www.example.com", - category: "Subdomain", - location: "www.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - { - name: "example.example.com", - description: "Found subdomain example.example.com", - category: "Subdomain", - location: "example.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const getFindings = async () => findings; - - const cascadeAmassNmap = false; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); -}); - -test("Should not create subsequent scans for empty findings even if activated", async () => { - const findings = []; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const getFindings = async () => findings; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); -}); - -test("Should not create subsequent scans if no subsequent scan is activated", async () => { - const findings = [ - { - name: "Port 445 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 445, - service: "microsoft-ds", - }, - }, - { - name: "Port 445 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 445, - service: "filtered", - }, - }, - { - name: "www.example.com", - description: "Found subdomain www.example.com", - category: "Subdomain", - location: "www.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - { - name: "example.example.com", - description: "Found subdomain example.example.com", - category: "Subdomain", - location: "example.example.com", - osi_layer: "NETWORK", - severity: "INFORMATIONAL", - }, - { - name: "Port 22 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 22, - service: "ssh", - }, - }, - { - name: "Port 23454 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 23454, - service: "ssh", - }, - }, - { - name: "Port 80 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 80, - service: "http", - }, - }, - { - name: "Port 3000 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 3000, - service: "http", - }, - }, - { - name: "Port 443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 443, - service: "https", - }, - }, - { - name: "Port 8443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "example.com", - port: 8443, - service: "ssl", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = false; - const cascadeNmapSsl = false; - const cascadeNmapSsh = false; - const cascadeNmapNikto = false; - const cascadeNmapSmb = false; - const cascadeNmapZapBaseline = false; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); -}); - -test("Should create subsequent scans for Service which are running in custom ports", async () => { - const findings = [ - { - name: "Port 22000 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "ssh.example.com", - port: 22000, - service: "ssh", - }, - }, - { - name: "Port 8000 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "http.example.com", - port: 8000, - service: "http", - }, - }, - { - name: "Port 3000 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "https.example.com", - port: 3000, - service: "https", - }, - }, - { - name: "Port 8443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "ssl.example.com", - port: 8443, - service: "ssl", - }, - } - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const cascadeAmassNmap = true; - const cascadeNmapSsl = true; - const cascadeNmapSsh = true; - const cascadeNmapNikto = true; - const cascadeNmapSmb = true; - const cascadeNmapZapBaseline = true; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - cascadeAmassNmap, - cascadeNmapSsl, - cascadeNmapSsh, - cascadeNmapNikto, - cascadeNmapSmb, - cascadeNmapZapBaseline - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(18); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(13, { - name: "ssh-22000-ssh.example.com", - parameters: ["-t", "ssh.example.com", "-p", "22000"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "ssh-scan", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(14, { - name: "nikto-8000-http.example.com", - parameters: ["-h", "http.example.com", "-p", "8000", "-Tuning", "1,2,3,5,7,b"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "nikto", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(15, { - name: "sslyze-3000-https.example.com", - parameters: ["--regular", "https.example.com:3000"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "sslyze", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(16, { - name: "zap-3000-https.example.com", - parameters: ["-a", "-j", "-t", "https://https.example.com:3000"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "zap-baseline", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(17, { - name: "sslyze-8443-ssl.example.com", - parameters: ["--regular", "ssl.example.com:8443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "sslyze", - }); -}); \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/package-lock.json b/hooks/imperative-subsequent-scans/package-lock.json deleted file mode 100644 index 520f0f80..00000000 --- a/hooks/imperative-subsequent-scans/package-lock.json +++ /dev/null @@ -1,5184 +0,0 @@ -{ - "name": "imperative-subsequent-scans", - "version": "1.0.0", - "lockfileVersion": 1, - "requires": true, - "dependencies": { - "@babel/code-frame": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", - "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", - "dev": true, - "requires": { - "@babel/highlight": "^7.8.3" - } - }, - "@babel/core": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.6.tgz", - "integrity": "sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.8.3", - "@babel/generator": "^7.9.6", - "@babel/helper-module-transforms": "^7.9.0", - "@babel/helpers": "^7.9.6", - "@babel/parser": "^7.9.6", - "@babel/template": "^7.8.6", - "@babel/traverse": "^7.9.6", - "@babel/types": "^7.9.6", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.1", - "json5": "^2.1.2", - "lodash": "^4.17.13", - "resolve": "^1.3.2", - "semver": "^5.4.1", - "source-map": "^0.5.0" - }, - "dependencies": { - "semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", - "dev": true - }, - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/generator": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.9.6.tgz", - "integrity": "sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==", - "dev": true, - "requires": { - "@babel/types": "^7.9.6", - "jsesc": "^2.5.1", - "lodash": "^4.17.13", - "source-map": "^0.5.0" - }, - "dependencies": { - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "@babel/helper-function-name": { - "version": "7.9.5", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz", - "integrity": "sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==", - "dev": true, - "requires": { - "@babel/helper-get-function-arity": "^7.8.3", - "@babel/template": "^7.8.3", - "@babel/types": "^7.9.5" - } - }, - "@babel/helper-get-function-arity": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz", - "integrity": "sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==", - "dev": true, - "requires": { - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-member-expression-to-functions": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz", - "integrity": "sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==", - "dev": true, - "requires": { - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-module-imports": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz", - "integrity": "sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==", - "dev": true, - "requires": { - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-module-transforms": { - "version": "7.9.0", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz", - "integrity": "sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==", - "dev": true, - "requires": { - "@babel/helper-module-imports": "^7.8.3", - "@babel/helper-replace-supers": "^7.8.6", - "@babel/helper-simple-access": "^7.8.3", - "@babel/helper-split-export-declaration": "^7.8.3", - "@babel/template": "^7.8.6", - "@babel/types": "^7.9.0", - "lodash": "^4.17.13" - } - }, - "@babel/helper-optimise-call-expression": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz", - "integrity": "sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==", - "dev": true, - "requires": { - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-plugin-utils": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz", - "integrity": "sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==", - "dev": true - }, - "@babel/helper-replace-supers": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz", - "integrity": "sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==", - "dev": true, - "requires": { - "@babel/helper-member-expression-to-functions": "^7.8.3", - "@babel/helper-optimise-call-expression": "^7.8.3", - "@babel/traverse": "^7.9.6", - "@babel/types": "^7.9.6" - } - }, - "@babel/helper-simple-access": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz", - "integrity": "sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==", - "dev": true, - "requires": { - "@babel/template": "^7.8.3", - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-split-export-declaration": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz", - "integrity": "sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==", - "dev": true, - "requires": { - "@babel/types": "^7.8.3" - } - }, - "@babel/helper-validator-identifier": { - "version": "7.9.5", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz", - "integrity": "sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==", - "dev": true - }, - "@babel/helpers": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.9.6.tgz", - "integrity": "sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==", - "dev": true, - "requires": { - "@babel/template": "^7.8.3", - "@babel/traverse": "^7.9.6", - "@babel/types": "^7.9.6" - } - }, - "@babel/highlight": { - "version": "7.9.0", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.9.0.tgz", - "integrity": "sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.9.0", - "chalk": "^2.0.0", - "js-tokens": "^4.0.0" - }, - "dependencies": { - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dev": true, - "requires": { - "color-convert": "^1.9.0" - } - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dev": true, - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dev": true, - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "dev": true - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "dev": true - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dev": true, - "requires": { - "has-flag": "^3.0.0" - } - } - } - }, - "@babel/parser": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.9.6.tgz", - "integrity": "sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==", - "dev": true - }, - "@babel/plugin-syntax-async-generators": { - "version": "7.8.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", - "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-bigint": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", - "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-class-properties": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.8.3.tgz", - "integrity": "sha512-UcAyQWg2bAN647Q+O811tG9MrJ38Z10jjhQdKNAL8fsyPzE3cCN/uT+f55cFVY4aGO4jqJAvmqsuY3GQDwAoXg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.3" - } - }, - "@babel/plugin-syntax-json-strings": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", - "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-logical-assignment-operators": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.8.3.tgz", - "integrity": "sha512-Zpg2Sgc++37kuFl6ppq2Q7Awc6E6AIW671x5PY8E/f7MCIyPPGK/EoeZXvvY3P42exZ3Q4/t3YOzP/HiN79jDg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.3" - } - }, - "@babel/plugin-syntax-nullish-coalescing-operator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", - "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-numeric-separator": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz", - "integrity": "sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.3" - } - }, - "@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-catch-binding": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", - "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/plugin-syntax-optional-chaining": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", - "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "@babel/template": { - "version": "7.8.6", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.8.6.tgz", - "integrity": "sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.8.3", - "@babel/parser": "^7.8.6", - "@babel/types": "^7.8.6" - } - }, - "@babel/traverse": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.9.6.tgz", - "integrity": "sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.8.3", - "@babel/generator": "^7.9.6", - "@babel/helper-function-name": "^7.9.5", - "@babel/helper-split-export-declaration": "^7.8.3", - "@babel/parser": "^7.9.6", - "@babel/types": "^7.9.6", - "debug": "^4.1.0", - "globals": "^11.1.0", - "lodash": "^4.17.13" - } - }, - "@babel/types": { - "version": "7.9.6", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.9.6.tgz", - "integrity": "sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==", - "dev": true, - "requires": { - "@babel/helper-validator-identifier": "^7.9.5", - "lodash": "^4.17.13", - "to-fast-properties": "^2.0.0" - } - }, - "@bcoe/v8-coverage": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", - "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", - "dev": true - }, - "@cnakazawa/watch": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", - "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", - "dev": true, - "requires": { - "exec-sh": "^0.3.2", - "minimist": "^1.2.0" - } - }, - "@istanbuljs/load-nyc-config": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", - "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", - "dev": true, - "requires": { - "camelcase": "^5.3.1", - "find-up": "^4.1.0", - "get-package-type": "^0.1.0", - "js-yaml": "^3.13.1", - "resolve-from": "^5.0.0" - } - }, - "@istanbuljs/schema": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.2.tgz", - "integrity": "sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==", - "dev": true - }, - "@jest/console": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/console/-/console-25.5.0.tgz", - "integrity": "sha512-T48kZa6MK1Y6k4b89sexwmSF4YLeZS/Udqg3Jj3jG/cHH+N/sLFCEoXEDMOKugJQ9FxPN1osxIknvKkxt6MKyw==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "jest-message-util": "^25.5.0", - "jest-util": "^25.5.0", - "slash": "^3.0.0" - } - }, - "@jest/core": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/@jest/core/-/core-25.5.4.tgz", - "integrity": "sha512-3uSo7laYxF00Dg/DMgbn4xMJKmDdWvZnf89n8Xj/5/AeQ2dOQmn6b6Hkj/MleyzZWXpwv+WSdYWl4cLsy2JsoA==", - "dev": true, - "requires": { - "@jest/console": "^25.5.0", - "@jest/reporters": "^25.5.1", - "@jest/test-result": "^25.5.0", - "@jest/transform": "^25.5.1", - "@jest/types": "^25.5.0", - "ansi-escapes": "^4.2.1", - "chalk": "^3.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-changed-files": "^25.5.0", - "jest-config": "^25.5.4", - "jest-haste-map": "^25.5.1", - "jest-message-util": "^25.5.0", - "jest-regex-util": "^25.2.6", - "jest-resolve": "^25.5.1", - "jest-resolve-dependencies": "^25.5.4", - "jest-runner": "^25.5.4", - "jest-runtime": "^25.5.4", - "jest-snapshot": "^25.5.1", - "jest-util": "^25.5.0", - "jest-validate": "^25.5.0", - "jest-watcher": "^25.5.0", - "micromatch": "^4.0.2", - "p-each-series": "^2.1.0", - "realpath-native": "^2.0.0", - "rimraf": "^3.0.0", - "slash": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "@jest/environment": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-25.5.0.tgz", - "integrity": "sha512-U2VXPEqL07E/V7pSZMSQCvV5Ea4lqOlT+0ZFijl/i316cRMHvZ4qC+jBdryd+lmRetjQo0YIQr6cVPNxxK87mA==", - "dev": true, - "requires": { - "@jest/fake-timers": "^25.5.0", - "@jest/types": "^25.5.0", - "jest-mock": "^25.5.0" - } - }, - "@jest/fake-timers": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-25.5.0.tgz", - "integrity": "sha512-9y2+uGnESw/oyOI3eww9yaxdZyHq7XvprfP/eeoCsjqKYts2yRlsHS/SgjPDV8FyMfn2nbMy8YzUk6nyvdLOpQ==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "jest-message-util": "^25.5.0", - "jest-mock": "^25.5.0", - "jest-util": "^25.5.0", - "lolex": "^5.0.0" - } - }, - "@jest/globals": { - "version": "25.5.2", - "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-25.5.2.tgz", - "integrity": "sha512-AgAS/Ny7Q2RCIj5kZ+0MuKM1wbF0WMLxbCVl/GOMoCNbODRdJ541IxJ98xnZdVSZXivKpJlNPIWa3QmY0l4CXA==", - "dev": true, - "requires": { - "@jest/environment": "^25.5.0", - "@jest/types": "^25.5.0", - "expect": "^25.5.0" - } - }, - "@jest/reporters": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-25.5.1.tgz", - "integrity": "sha512-3jbd8pPDTuhYJ7vqiHXbSwTJQNavczPs+f1kRprRDxETeE3u6srJ+f0NPuwvOmk+lmunZzPkYWIFZDLHQPkviw==", - "dev": true, - "requires": { - "@bcoe/v8-coverage": "^0.2.3", - "@jest/console": "^25.5.0", - "@jest/test-result": "^25.5.0", - "@jest/transform": "^25.5.1", - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.2", - "graceful-fs": "^4.2.4", - "istanbul-lib-coverage": "^3.0.0", - "istanbul-lib-instrument": "^4.0.0", - "istanbul-lib-report": "^3.0.0", - "istanbul-lib-source-maps": "^4.0.0", - "istanbul-reports": "^3.0.2", - "jest-haste-map": "^25.5.1", - "jest-resolve": "^25.5.1", - "jest-util": "^25.5.0", - "jest-worker": "^25.5.0", - "node-notifier": "^6.0.0", - "slash": "^3.0.0", - "source-map": "^0.6.0", - "string-length": "^3.1.0", - "terminal-link": "^2.0.0", - "v8-to-istanbul": "^4.1.3" - } - }, - "@jest/source-map": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-25.5.0.tgz", - "integrity": "sha512-eIGx0xN12yVpMcPaVpjXPnn3N30QGJCJQSkEDUt9x1fI1Gdvb07Ml6K5iN2hG7NmMP6FDmtPEssE3z6doOYUwQ==", - "dev": true, - "requires": { - "callsites": "^3.0.0", - "graceful-fs": "^4.2.4", - "source-map": "^0.6.0" - } - }, - "@jest/test-result": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-25.5.0.tgz", - "integrity": "sha512-oV+hPJgXN7IQf/fHWkcS99y0smKLU2czLBJ9WA0jHITLst58HpQMtzSYxzaBvYc6U5U6jfoMthqsUlUlbRXs0A==", - "dev": true, - "requires": { - "@jest/console": "^25.5.0", - "@jest/types": "^25.5.0", - "@types/istanbul-lib-coverage": "^2.0.0", - "collect-v8-coverage": "^1.0.0" - } - }, - "@jest/test-sequencer": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-25.5.4.tgz", - "integrity": "sha512-pTJGEkSeg1EkCO2YWq6hbFvKNXk8ejqlxiOg1jBNLnWrgXOkdY6UmqZpwGFXNnRt9B8nO1uWMzLLZ4eCmhkPNA==", - "dev": true, - "requires": { - "@jest/test-result": "^25.5.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^25.5.1", - "jest-runner": "^25.5.4", - "jest-runtime": "^25.5.4" - } - }, - "@jest/transform": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-25.5.1.tgz", - "integrity": "sha512-Y8CEoVwXb4QwA6Y/9uDkn0Xfz0finGkieuV0xkdF9UtZGJeLukD5nLkaVrVsODB1ojRWlaoD0AJZpVHCSnJEvg==", - "dev": true, - "requires": { - "@babel/core": "^7.1.0", - "@jest/types": "^25.5.0", - "babel-plugin-istanbul": "^6.0.0", - "chalk": "^3.0.0", - "convert-source-map": "^1.4.0", - "fast-json-stable-stringify": "^2.0.0", - "graceful-fs": "^4.2.4", - "jest-haste-map": "^25.5.1", - "jest-regex-util": "^25.2.6", - "jest-util": "^25.5.0", - "micromatch": "^4.0.2", - "pirates": "^4.0.1", - "realpath-native": "^2.0.0", - "slash": "^3.0.0", - "source-map": "^0.6.1", - "write-file-atomic": "^3.0.0" - } - }, - "@jest/types": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/@jest/types/-/types-25.5.0.tgz", - "integrity": "sha512-OXD0RgQ86Tu3MazKo8bnrkDRaDXXMGUqd+kTtLtK1Zb7CRzQcaSRPPPV37SvYTdevXEBVxe0HXylEjs8ibkmCw==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "^2.0.0", - "@types/istanbul-reports": "^1.1.1", - "@types/yargs": "^15.0.0", - "chalk": "^3.0.0" - } - }, - "@kubernetes/client-node": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.0.tgz", - "integrity": "sha512-u57q5IaZl91f7YZoZOsgCa31hHyowHxFG88XZXd8arI8heSxbdHWHineo/8mLZbeSbHkge9Awae1stQZzuTnjg==", - "requires": { - "@types/js-yaml": "^3.12.1", - "@types/node": "^10.12.0", - "@types/request": "^2.47.1", - "@types/underscore": "^1.8.9", - "@types/ws": "^6.0.1", - "byline": "^5.0.0", - "execa": "1.0.0", - "isomorphic-ws": "^4.0.1", - "js-yaml": "^3.13.1", - "jsonpath-plus": "^0.19.0", - "openid-client": "2.5.0", - "request": "^2.88.0", - "rfc4648": "^1.3.0", - "shelljs": "^0.8.2", - "tslib": "^1.9.3", - "underscore": "^1.9.1", - "ws": "^6.1.0" - }, - "dependencies": { - "@types/node": { - "version": "10.17.24", - "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.24.tgz", - "integrity": "sha512-5SCfvCxV74kzR3uWgTYiGxrd69TbT1I6+cMx1A5kEly/IVveJBimtAMlXiEyVFn5DvUFewQWxOOiJhlxeQwxgA==" - }, - "ws": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz", - "integrity": "sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==", - "requires": { - "async-limiter": "~1.0.0" - } - } - } - }, - "@sindresorhus/is": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.7.0.tgz", - "integrity": "sha512-ONhaKPIufzzrlNbqtWFFd+jlnemX6lJAgq9ZeiZtS7I1PIf/la7CW4m83rTXRnVnsMbW2k56pGYu7AUFJD9Pow==" - }, - "@sinonjs/commons": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.0.tgz", - "integrity": "sha512-wEj54PfsZ5jGSwMX68G8ZXFawcSglQSXqCftWX3ec8MDUzQdHgcKvw97awHbY0efQEL5iKUOAmmVtoYgmrSG4Q==", - "dev": true, - "requires": { - "type-detect": "4.0.8" - } - }, - "@types/babel__core": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", - "integrity": "sha512-RL62NqSFPCDK2FM1pSDH0scHpJvsXtZNiYlMB73DgPBaG1E38ZYVL+ei5EkWRbr+KC4YNiAUNBnRj+bgwpgjMw==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0", - "@types/babel__generator": "*", - "@types/babel__template": "*", - "@types/babel__traverse": "*" - } - }, - "@types/babel__generator": { - "version": "7.6.1", - "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", - "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0" - } - }, - "@types/babel__template": { - "version": "7.0.2", - "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", - "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", - "dev": true, - "requires": { - "@babel/parser": "^7.1.0", - "@babel/types": "^7.0.0" - } - }, - "@types/babel__traverse": { - "version": "7.0.11", - "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.11.tgz", - "integrity": "sha512-ddHK5icION5U6q11+tV2f9Mo6CZVuT8GJKld2q9LqHSZbvLbH34Kcu2yFGckZut453+eQU6btIA3RihmnRgI+Q==", - "dev": true, - "requires": { - "@babel/types": "^7.3.0" - } - }, - "@types/caseless": { - "version": "0.12.2", - "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", - "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" - }, - "@types/color-name": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", - "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==", - "dev": true - }, - "@types/graceful-fs": { - "version": "4.1.3", - "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.3.tgz", - "integrity": "sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ==", - "dev": true, - "requires": { - "@types/node": "*" - } - }, - "@types/istanbul-lib-coverage": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", - "integrity": "sha512-rsZg7eL+Xcxsxk2XlBt9KcG8nOp9iYdKCOikY9x2RFJCyOdNj4MKPQty0e8oZr29vVAzKXr1BmR+kZauti3o1w==", - "dev": true - }, - "@types/istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*" - } - }, - "@types/istanbul-reports": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", - "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "*", - "@types/istanbul-lib-report": "*" - } - }, - "@types/js-yaml": { - "version": "3.12.4", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.4.tgz", - "integrity": "sha512-fYMgzN+9e28R81weVN49inn/u798ruU91En1ZnGvSZzCRc5jXx9B2EDhlRaWmcO1RIxFHL8AajRXzxDuJu93+A==" - }, - "@types/node": { - "version": "14.0.5", - "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.5.tgz", - "integrity": "sha512-90hiq6/VqtQgX8Sp0EzeIsv3r+ellbGj4URKj5j30tLlZvRUpnAe9YbYnjl3pJM93GyXU0tghHhvXHq+5rnCKA==" - }, - "@types/normalize-package-data": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz", - "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==", - "dev": true - }, - "@types/prettier": { - "version": "1.19.1", - "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", - "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", - "dev": true - }, - "@types/request": { - "version": "2.48.5", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.5.tgz", - "integrity": "sha512-/LO7xRVnL3DxJ1WkPGDQrp4VTV1reX9RkC85mJ+Qzykj2Bdw+mG15aAfDahc76HtknjzE16SX/Yddn6MxVbmGQ==", - "requires": { - "@types/caseless": "*", - "@types/node": "*", - "@types/tough-cookie": "*", - "form-data": "^2.5.0" - }, - "dependencies": { - "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - } - } - }, - "@types/stack-utils": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", - "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", - "dev": true - }, - "@types/tough-cookie": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.0.tgz", - "integrity": "sha512-I99sngh224D0M7XgW1s120zxCt3VYQ3IQsuw3P3jbq5GG4yc79+ZjyKznyOGIQrflfylLgcfekeZW/vk0yng6A==" - }, - "@types/underscore": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.0.tgz", - "integrity": "sha512-ZAbqul7QAKpM2h1PFGa5ETN27ulmqtj0QviYHasw9LffvXZvVHuraOx/FOsIPPDNGZN0Qo1nASxxSfMYOtSoCw==" - }, - "@types/ws": { - "version": "6.0.4", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-6.0.4.tgz", - "integrity": "sha512-PpPrX7SZW9re6+Ha8ojZG4Se8AZXgf0GK6zmfqEuCsY49LFDNXO3SByp44X3dFEqtB73lkCDAdUazhAjVPiNwg==", - "requires": { - "@types/node": "*" - } - }, - "@types/yargs": { - "version": "15.0.5", - "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.5.tgz", - "integrity": "sha512-Dk/IDOPtOgubt/IaevIUbTgV7doaKkoorvOyYM2CMwuDyP89bekI7H4xLIwunNYiK9jhCkmc6pUrJk3cj2AB9w==", - "dev": true, - "requires": { - "@types/yargs-parser": "*" - } - }, - "@types/yargs-parser": { - "version": "15.0.0", - "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", - "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==", - "dev": true - }, - "abab": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz", - "integrity": "sha512-tsFzPpcttalNjFBCFMqsKYQcWxxen1pgJR56by//QwvJc4/OUS3kPOOttx2tSIfjsylB0pYu7f5D3K1RCxUnUg==", - "dev": true - }, - "acorn": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.2.0.tgz", - "integrity": "sha512-apwXVmYVpQ34m/i71vrApRrRKCWQnZZF1+npOD0WV5xZFfwWOmKGQ2RWlfdy9vWITsenisM8M0Qeq8agcFHNiQ==", - "dev": true - }, - "acorn-globals": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", - "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", - "dev": true, - "requires": { - "acorn": "^6.0.1", - "acorn-walk": "^6.0.1" - }, - "dependencies": { - "acorn": { - "version": "6.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", - "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==", - "dev": true - } - } - }, - "acorn-walk": { - "version": "6.2.0", - "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", - "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==", - "dev": true - }, - "aggregate-error": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-1.0.0.tgz", - "integrity": "sha1-iINE2tAiCnLjr1CQYRf0h3GSX6w=", - "requires": { - "clean-stack": "^1.0.0", - "indent-string": "^3.0.0" - } - }, - "ajv": { - "version": "6.12.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.2.tgz", - "integrity": "sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==", - "requires": { - "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", - "uri-js": "^4.2.2" - } - }, - "ansi-escapes": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", - "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", - "dev": true, - "requires": { - "type-fest": "^0.11.0" - }, - "dependencies": { - "type-fest": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", - "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==", - "dev": true - } - } - }, - "ansi-regex": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", - "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", - "dev": true - }, - "ansi-styles": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", - "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", - "dev": true, - "requires": { - "@types/color-name": "^1.1.1", - "color-convert": "^2.0.1" - } - }, - "anymatch": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", - "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", - "dev": true, - "requires": { - "normalize-path": "^3.0.0", - "picomatch": "^2.0.4" - } - }, - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "arr-diff": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", - "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=", - "dev": true - }, - "arr-flatten": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", - "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", - "dev": true - }, - "arr-union": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", - "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", - "dev": true - }, - "array-equal": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", - "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", - "dev": true - }, - "array-unique": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", - "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=", - "dev": true - }, - "asn1": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", - "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", - "requires": { - "safer-buffer": "~2.1.0" - } - }, - "assert-plus": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", - "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" - }, - "assign-symbols": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", - "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", - "dev": true - }, - "astral-regex": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", - "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", - "dev": true - }, - "async-limiter": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", - "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" - }, - "atob": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", - "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==", - "dev": true - }, - "aws-sign2": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", - "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" - }, - "aws4": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", - "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==" - }, - "babel-jest": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-25.5.1.tgz", - "integrity": "sha512-9dA9+GmMjIzgPnYtkhBg73gOo/RHqPmLruP3BaGL4KEX3Dwz6pI8auSN8G8+iuEG90+GSswyKvslN+JYSaacaQ==", - "dev": true, - "requires": { - "@jest/transform": "^25.5.1", - "@jest/types": "^25.5.0", - "@types/babel__core": "^7.1.7", - "babel-plugin-istanbul": "^6.0.0", - "babel-preset-jest": "^25.5.0", - "chalk": "^3.0.0", - "graceful-fs": "^4.2.4", - "slash": "^3.0.0" - } - }, - "babel-plugin-istanbul": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.0.0.tgz", - "integrity": "sha512-AF55rZXpe7trmEylbaE1Gv54wn6rwU03aptvRoVIGP8YykoSxqdVLV1TfwflBCE/QtHmqtP8SWlTENqbK8GCSQ==", - "dev": true, - "requires": { - "@babel/helper-plugin-utils": "^7.0.0", - "@istanbuljs/load-nyc-config": "^1.0.0", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-instrument": "^4.0.0", - "test-exclude": "^6.0.0" - } - }, - "babel-plugin-jest-hoist": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-25.5.0.tgz", - "integrity": "sha512-u+/W+WAjMlvoocYGTwthAiQSxDcJAyHpQ6oWlHdFZaaN+Rlk8Q7iiwDPg2lN/FyJtAYnKjFxbn7xus4HCFkg5g==", - "dev": true, - "requires": { - "@babel/template": "^7.3.3", - "@babel/types": "^7.3.3", - "@types/babel__traverse": "^7.0.6" - } - }, - "babel-preset-current-node-syntax": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-0.1.2.tgz", - "integrity": "sha512-u/8cS+dEiK1SFILbOC8/rUI3ml9lboKuuMvZ/4aQnQmhecQAgPw5ew066C1ObnEAUmlx7dv/s2z52psWEtLNiw==", - "dev": true, - "requires": { - "@babel/plugin-syntax-async-generators": "^7.8.4", - "@babel/plugin-syntax-bigint": "^7.8.3", - "@babel/plugin-syntax-class-properties": "^7.8.3", - "@babel/plugin-syntax-json-strings": "^7.8.3", - "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", - "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", - "@babel/plugin-syntax-numeric-separator": "^7.8.3", - "@babel/plugin-syntax-object-rest-spread": "^7.8.3", - "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", - "@babel/plugin-syntax-optional-chaining": "^7.8.3" - } - }, - "babel-preset-jest": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-25.5.0.tgz", - "integrity": "sha512-8ZczygctQkBU+63DtSOKGh7tFL0CeCuz+1ieud9lJ1WPQ9O6A1a/r+LGn6Y705PA6whHQ3T1XuB/PmpfNYf8Fw==", - "dev": true, - "requires": { - "babel-plugin-jest-hoist": "^25.5.0", - "babel-preset-current-node-syntax": "^0.1.2" - } - }, - "balanced-match": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", - "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" - }, - "base": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", - "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", - "dev": true, - "requires": { - "cache-base": "^1.0.1", - "class-utils": "^0.3.5", - "component-emitter": "^1.2.1", - "define-property": "^1.0.0", - "isobject": "^3.0.1", - "mixin-deep": "^1.2.0", - "pascalcase": "^0.1.1" - }, - "dependencies": { - "define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", - "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", - "dev": true, - "requires": { - "is-descriptor": "^1.0.0" - } - }, - "is-accessor-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-data-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-descriptor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", - "dev": true, - "requires": { - "is-accessor-descriptor": "^1.0.0", - "is-data-descriptor": "^1.0.0", - "kind-of": "^6.0.2" - } - } - } - }, - "base64-js": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", - "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" - }, - "base64url": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", - "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==" - }, - "bcrypt-pbkdf": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", - "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", - "requires": { - "tweetnacl": "^0.14.3" - } - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "dev": true, - "requires": { - "fill-range": "^7.0.1" - } - }, - "browser-process-hrtime": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", - "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", - "dev": true - }, - "browser-resolve": { - "version": "1.11.3", - "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", - "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", - "dev": true, - "requires": { - "resolve": "1.1.7" - }, - "dependencies": { - "resolve": { - "version": "1.1.7", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", - "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=", - "dev": true - } - } - }, - "browserify-zlib": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz", - "integrity": "sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==", - "requires": { - "pako": "~1.0.5" - } - }, - "bser": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", - "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", - "dev": true, - "requires": { - "node-int64": "^0.4.0" - } - }, - "buffer": { - "version": "5.6.0", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz", - "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==", - "requires": { - "base64-js": "^1.0.2", - "ieee754": "^1.1.4" - } - }, - "buffer-from": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", - "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", - "dev": true - }, - "byline": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", - "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" - }, - "cache-base": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", - "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", - "dev": true, - "requires": { - "collection-visit": "^1.0.0", - "component-emitter": "^1.2.1", - "get-value": "^2.0.6", - "has-value": "^1.0.0", - "isobject": "^3.0.1", - "set-value": "^2.0.0", - "to-object-path": "^0.3.0", - "union-value": "^1.0.0", - "unset-value": "^1.0.0" - } - }, - "cacheable-request": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-2.1.4.tgz", - "integrity": "sha1-DYCIAbY0KtM8kd+dC0TcCbkeXD0=", - "requires": { - "clone-response": "1.0.2", - "get-stream": "3.0.0", - "http-cache-semantics": "3.8.1", - "keyv": "3.0.0", - "lowercase-keys": "1.0.0", - "normalize-url": "2.0.1", - "responselike": "1.0.2" - }, - "dependencies": { - "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - }, - "lowercase-keys": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.0.tgz", - "integrity": "sha1-TjNms55/VFfjXxMkvfb4jQv8cwY=" - } - } - }, - "callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "dev": true - }, - "camelcase": { - "version": "5.3.1", - "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", - "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", - "dev": true - }, - "capture-exit": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", - "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", - "dev": true, - "requires": { - "rsvp": "^4.8.4" - } - }, - "caseless": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", - "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" - }, - "chalk": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", - "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "ci-info": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", - "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", - "dev": true - }, - "class-utils": { - "version": "0.3.6", - "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", - "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", - "dev": true, - "requires": { - "arr-union": "^3.1.0", - "define-property": "^0.2.5", - "isobject": "^3.0.0", - "static-extend": "^0.1.1" - }, - "dependencies": { - "define-property": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", - "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", - "dev": true, - "requires": { - "is-descriptor": "^0.1.0" - } - } - } - }, - "clean-stack": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-1.3.0.tgz", - "integrity": "sha1-noIVAa6XmYbEax1m0tQy2y/UrjE=" - }, - "cliui": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz", - "integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==", - "dev": true, - "requires": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0", - "wrap-ansi": "^6.2.0" - } - }, - "clone-response": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/clone-response/-/clone-response-1.0.2.tgz", - "integrity": "sha1-0dyXOSAxTfZ/vrlCI7TuNQI56Ws=", - "requires": { - "mimic-response": "^1.0.0" - } - }, - "co": { - "version": "4.6.0", - "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", - "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", - "dev": true - }, - "collect-v8-coverage": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", - "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", - "dev": true - }, - "collection-visit": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", - "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", - "dev": true, - "requires": { - "map-visit": "^1.0.0", - "object-visit": "^1.0.0" - } - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "component-emitter": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", - "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==", - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "convert-source-map": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", - "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.1" - } - }, - "copy-descriptor": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", - "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=", - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", - "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" - }, - "cross-spawn": { - "version": "6.0.5", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", - "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", - "requires": { - "nice-try": "^1.0.4", - "path-key": "^2.0.1", - "semver": "^5.5.0", - "shebang-command": "^1.2.0", - "which": "^1.2.9" - }, - "dependencies": { - "semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" - }, - "which": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", - "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", - "requires": { - "isexe": "^2.0.0" - } - } - } - }, - "cssom": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", - "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", - "dev": true - }, - "cssstyle": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", - "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", - "dev": true, - "requires": { - "cssom": "~0.3.6" - }, - "dependencies": { - "cssom": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", - "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", - "dev": true - } - } - }, - "dashdash": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", - "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "data-urls": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", - "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", - "dev": true, - "requires": { - "abab": "^2.0.0", - "whatwg-mimetype": "^2.2.0", - "whatwg-url": "^7.0.0" - } - }, - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "dev": true, - "requires": { - "ms": "^2.1.1" - } - }, - "decamelize": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", - "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", - "dev": true - }, - "decode-uri-component": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", - "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=" - }, - "decompress-response": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz", - "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=", - "requires": { - "mimic-response": "^1.0.0" - } - }, - "deep-is": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", - "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", - "dev": true - }, - "deepmerge": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", - "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", - "dev": true - }, - "define-property": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", - "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", - "dev": true, - "requires": { - "is-descriptor": "^1.0.2", - "isobject": "^3.0.1" - }, - "dependencies": { - "is-accessor-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-data-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-descriptor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", - "dev": true, - "requires": { - "is-accessor-descriptor": "^1.0.0", - "is-data-descriptor": "^1.0.0", - "kind-of": "^6.0.2" - } - } - } - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" - }, - "detect-newline": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", - "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", - "dev": true - }, - "diff-sequences": { - "version": "25.2.6", - "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-25.2.6.tgz", - "integrity": "sha512-Hq8o7+6GaZeoFjtpgvRBUknSXNeJiCx7V9Fr94ZMljNiCr9n9L8H8aJqgWOQiDDGdyn29fRNcDdRVJ5fdyihfg==", - "dev": true - }, - "domexception": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", - "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", - "dev": true, - "requires": { - "webidl-conversions": "^4.0.2" - } - }, - "duplexer3": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz", - "integrity": "sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=" - }, - "ecc-jsbn": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", - "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", - "requires": { - "jsbn": "~0.1.0", - "safer-buffer": "^2.1.0" - } - }, - "emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true - }, - "end-of-stream": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", - "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", - "requires": { - "once": "^1.4.0" - } - }, - "error-ex": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", - "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", - "dev": true, - "requires": { - "is-arrayish": "^0.2.1" - } - }, - "es6-promise": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", - "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "dev": true - }, - "escodegen": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.1.tgz", - "integrity": "sha512-Bmt7NcRySdIfNPfU2ZoXDrrXsG9ZjvDxcAlMfDUgRBjLOWTuIACXPBFJH7Z+cLb40JeQco5toikyc9t9P8E9SQ==", - "dev": true, - "requires": { - "esprima": "^4.0.1", - "estraverse": "^4.2.0", - "esutils": "^2.0.2", - "optionator": "^0.8.1", - "source-map": "~0.6.1" - } - }, - "esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" - }, - "estraverse": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", - "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", - "dev": true - }, - "esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "dev": true - }, - "exec-sh": { - "version": "0.3.4", - "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", - "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==", - "dev": true - }, - "execa": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", - "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", - "requires": { - "cross-spawn": "^6.0.0", - "get-stream": "^4.0.0", - "is-stream": "^1.1.0", - "npm-run-path": "^2.0.0", - "p-finally": "^1.0.0", - "signal-exit": "^3.0.0", - "strip-eof": "^1.0.0" - } - }, - "exit": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", - "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", - "dev": true - }, - "expand-brackets": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", - "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", - "dev": true, - "requires": { - "debug": "^2.3.3", - "define-property": "^0.2.5", - "extend-shallow": "^2.0.1", - "posix-character-classes": "^0.1.0", - "regex-not": "^1.0.0", - "snapdragon": "^0.8.1", - "to-regex": "^3.0.1" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "dev": true, - "requires": { - "ms": "2.0.0" - } - }, - "define-property": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", - "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", - "dev": true, - "requires": { - "is-descriptor": "^0.1.0" - } - }, - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", - "dev": true - } - } - }, - "expect": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/expect/-/expect-25.5.0.tgz", - "integrity": "sha512-w7KAXo0+6qqZZhovCaBVPSIqQp7/UTcx4M9uKt2m6pd2VB1voyC8JizLRqeEqud3AAVP02g+hbErDu5gu64tlA==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "ansi-styles": "^4.0.0", - "jest-get-type": "^25.2.6", - "jest-matcher-utils": "^25.5.0", - "jest-message-util": "^25.5.0", - "jest-regex-util": "^25.2.6" - } - }, - "extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "extend-shallow": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", - "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", - "dev": true, - "requires": { - "assign-symbols": "^1.0.0", - "is-extendable": "^1.0.1" - }, - "dependencies": { - "is-extendable": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", - "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", - "dev": true, - "requires": { - "is-plain-object": "^2.0.4" - } - } - } - }, - "extglob": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", - "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", - "dev": true, - "requires": { - "array-unique": "^0.3.2", - "define-property": "^1.0.0", - "expand-brackets": "^2.1.4", - "extend-shallow": "^2.0.1", - "fragment-cache": "^0.2.1", - "regex-not": "^1.0.0", - "snapdragon": "^0.8.1", - "to-regex": "^3.0.1" - }, - "dependencies": { - "define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", - "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", - "dev": true, - "requires": { - "is-descriptor": "^1.0.0" - } - }, - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - }, - "is-accessor-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-data-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-descriptor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", - "dev": true, - "requires": { - "is-accessor-descriptor": "^1.0.0", - "is-data-descriptor": "^1.0.0", - "kind-of": "^6.0.2" - } - } - } - }, - "extsprintf": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", - "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" - }, - "fast-deep-equal": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", - "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==" - }, - "fast-json-stable-stringify": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", - "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" - }, - "fast-levenshtein": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", - "dev": true - }, - "fb-watchman": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", - "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", - "dev": true, - "requires": { - "bser": "2.1.1" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "find-up": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", - "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", - "dev": true, - "requires": { - "locate-path": "^5.0.0", - "path-exists": "^4.0.0" - } - }, - "for-in": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", - "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", - "dev": true - }, - "forever-agent": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", - "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" - }, - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "fragment-cache": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", - "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", - "dev": true, - "requires": { - "map-cache": "^0.2.2" - } - }, - "from2": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", - "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", - "requires": { - "inherits": "^2.0.1", - "readable-stream": "^2.0.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "fsevents": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", - "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", - "dev": true, - "optional": true - }, - "gensync": { - "version": "1.0.0-beta.1", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", - "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==", - "dev": true - }, - "get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true - }, - "get-package-type": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", - "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", - "dev": true - }, - "get-stream": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", - "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", - "requires": { - "pump": "^3.0.0" - } - }, - "get-value": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", - "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=", - "dev": true - }, - "getpass": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", - "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", - "requires": { - "assert-plus": "^1.0.0" - } - }, - "glob": { - "version": "7.1.6", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", - "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true - }, - "got": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/got/-/got-8.3.2.tgz", - "integrity": "sha512-qjUJ5U/hawxosMryILofZCkm3C84PLJS/0grRIpjAwu+Lkxxj5cxeCU25BG0/3mDSpXKTyZr8oh8wIgLaH0QCw==", - "requires": { - "@sindresorhus/is": "^0.7.0", - "cacheable-request": "^2.1.1", - "decompress-response": "^3.3.0", - "duplexer3": "^0.1.4", - "get-stream": "^3.0.0", - "into-stream": "^3.1.0", - "is-retry-allowed": "^1.1.0", - "isurl": "^1.0.0-alpha5", - "lowercase-keys": "^1.0.0", - "mimic-response": "^1.0.0", - "p-cancelable": "^0.4.0", - "p-timeout": "^2.0.1", - "pify": "^3.0.0", - "safe-buffer": "^5.1.1", - "timed-out": "^4.0.1", - "url-parse-lax": "^3.0.0", - "url-to-options": "^1.0.1" - }, - "dependencies": { - "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - } - } - }, - "graceful-fs": { - "version": "4.2.4", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", - "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", - "dev": true - }, - "growly": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", - "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=", - "dev": true, - "optional": true - }, - "har-schema": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", - "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" - }, - "har-validator": { - "version": "5.1.3", - "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", - "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", - "requires": { - "ajv": "^6.5.5", - "har-schema": "^2.0.0" - } - }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "has-symbol-support-x": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz", - "integrity": "sha512-3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw==" - }, - "has-to-string-tag-x": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz", - "integrity": "sha512-vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw==", - "requires": { - "has-symbol-support-x": "^1.4.1" - } - }, - "has-value": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", - "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", - "dev": true, - "requires": { - "get-value": "^2.0.6", - "has-values": "^1.0.0", - "isobject": "^3.0.0" - } - }, - "has-values": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", - "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", - "dev": true, - "requires": { - "is-number": "^3.0.0", - "kind-of": "^4.0.0" - }, - "dependencies": { - "is-number": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", - "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", - "dev": true, - "requires": { - "kind-of": "^3.0.2" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "kind-of": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", - "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "hosted-git-info": { - "version": "2.8.8", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", - "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", - "dev": true - }, - "html-encoding-sniffer": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", - "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", - "dev": true, - "requires": { - "whatwg-encoding": "^1.0.1" - } - }, - "html-escaper": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", - "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", - "dev": true - }, - "http-cache-semantics": { - "version": "3.8.1", - "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz", - "integrity": "sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w==" - }, - "http-signature": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", - "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", - "requires": { - "assert-plus": "^1.0.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" - } - }, - "human-signals": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", - "integrity": "sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==", - "dev": true - }, - "iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", - "dev": true, - "requires": { - "safer-buffer": ">= 2.1.2 < 3" - } - }, - "ieee754": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", - "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" - }, - "import-local": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", - "integrity": "sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA==", - "dev": true, - "requires": { - "pkg-dir": "^4.2.0", - "resolve-cwd": "^3.0.0" - } - }, - "imurmurhash": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", - "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", - "dev": true - }, - "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "interpret": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz", - "integrity": "sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==" - }, - "into-stream": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-3.1.0.tgz", - "integrity": "sha1-lvsKk2wSur1v8XUqF9BWFqvQlMY=", - "requires": { - "from2": "^2.1.1", - "p-is-promise": "^1.1.0" - } - }, - "ip-regex": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", - "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=", - "dev": true - }, - "is-accessor-descriptor": { - "version": "0.1.6", - "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", - "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", - "dev": true, - "requires": { - "kind-of": "^3.0.2" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "is-arrayish": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", - "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", - "dev": true - }, - "is-buffer": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", - "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "dev": true - }, - "is-ci": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", - "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", - "dev": true, - "requires": { - "ci-info": "^2.0.0" - } - }, - "is-data-descriptor": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", - "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", - "dev": true, - "requires": { - "kind-of": "^3.0.2" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "is-descriptor": { - "version": "0.1.6", - "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", - "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", - "dev": true, - "requires": { - "is-accessor-descriptor": "^0.1.6", - "is-data-descriptor": "^0.1.4", - "kind-of": "^5.0.0" - }, - "dependencies": { - "kind-of": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", - "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", - "dev": true - } - } - }, - "is-docker": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", - "integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==", - "dev": true, - "optional": true - }, - "is-extendable": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", - "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=", - "dev": true - }, - "is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "dev": true - }, - "is-generator-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", - "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", - "dev": true - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", - "dev": true - }, - "is-object": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", - "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" - }, - "is-plain-obj": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", - "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" - }, - "is-plain-object": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", - "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", - "dev": true, - "requires": { - "isobject": "^3.0.1" - } - }, - "is-retry-allowed": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" - }, - "is-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", - "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=" - }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, - "is-windows": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", - "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", - "dev": true - }, - "is-wsl": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", - "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", - "dev": true, - "optional": true, - "requires": { - "is-docker": "^2.0.0" - } - }, - "isarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isobject": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", - "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", - "dev": true - }, - "isomorphic-ws": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-4.0.1.tgz", - "integrity": "sha512-BhBvN2MBpWTaSHdWRb/bwdZJ1WaehQ2L1KngkCkfLUGF0mAWAT1sQUQacEmQ0jXkFw/czDXPNQSL5u2/Krsz1w==" - }, - "isstream": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", - "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" - }, - "istanbul-lib-coverage": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz", - "integrity": "sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==", - "dev": true - }, - "istanbul-lib-instrument": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", - "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", - "dev": true, - "requires": { - "@babel/core": "^7.7.5", - "@istanbuljs/schema": "^0.1.2", - "istanbul-lib-coverage": "^3.0.0", - "semver": "^6.3.0" - } - }, - "istanbul-lib-report": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", - "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", - "dev": true, - "requires": { - "istanbul-lib-coverage": "^3.0.0", - "make-dir": "^3.0.0", - "supports-color": "^7.1.0" - } - }, - "istanbul-lib-source-maps": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.0.tgz", - "integrity": "sha512-c16LpFRkR8vQXyHZ5nLpY35JZtzj1PQY1iZmesUbf1FZHbIupcWfjgOXBY9YHkLEQ6puz1u4Dgj6qmU/DisrZg==", - "dev": true, - "requires": { - "debug": "^4.1.1", - "istanbul-lib-coverage": "^3.0.0", - "source-map": "^0.6.1" - } - }, - "istanbul-reports": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.0.2.tgz", - "integrity": "sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw==", - "dev": true, - "requires": { - "html-escaper": "^2.0.0", - "istanbul-lib-report": "^3.0.0" - } - }, - "isurl": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz", - "integrity": "sha512-1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w==", - "requires": { - "has-to-string-tag-x": "^1.2.0", - "is-object": "^1.0.1" - } - }, - "jest": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", - "integrity": "sha512-hHFJROBTqZahnO+X+PMtT6G2/ztqAZJveGqz//FnWWHurizkD05PQGzRZOhF3XP6z7SJmL+5tCfW8qV06JypwQ==", - "dev": true, - "requires": { - "@jest/core": "^25.5.4", - "import-local": "^3.0.2", - "jest-cli": "^25.5.4" - }, - "dependencies": { - "jest-cli": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-25.5.4.tgz", - "integrity": "sha512-rG8uJkIiOUpnREh1768/N3n27Cm+xPFkSNFO91tgg+8o2rXeVLStz+vkXkGr4UtzH6t1SNbjwoiswd7p4AhHTw==", - "dev": true, - "requires": { - "@jest/core": "^25.5.4", - "@jest/test-result": "^25.5.0", - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "import-local": "^3.0.2", - "is-ci": "^2.0.0", - "jest-config": "^25.5.4", - "jest-util": "^25.5.0", - "jest-validate": "^25.5.0", - "prompts": "^2.0.1", - "realpath-native": "^2.0.0", - "yargs": "^15.3.1" - } - } - } - }, - "jest-changed-files": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-25.5.0.tgz", - "integrity": "sha512-EOw9QEqapsDT7mKF162m8HFzRPbmP8qJQny6ldVOdOVBz3ACgPm/1nAn5fPQ/NDaYhX/AHkrGwwkCncpAVSXcw==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "execa": "^3.2.0", - "throat": "^5.0.0" - }, - "dependencies": { - "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", - "dev": true, - "requires": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" - } - }, - "execa": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-3.4.0.tgz", - "integrity": "sha512-r9vdGQk4bmCuK1yKQu1KTwcT2zwfWdbdaXfCtAh+5nU/4fSX+JAb7vZGvI5naJrQlvONrEB20jeruESI69530g==", - "dev": true, - "requires": { - "cross-spawn": "^7.0.0", - "get-stream": "^5.0.0", - "human-signals": "^1.1.1", - "is-stream": "^2.0.0", - "merge-stream": "^2.0.0", - "npm-run-path": "^4.0.0", - "onetime": "^5.1.0", - "p-finally": "^2.0.0", - "signal-exit": "^3.0.2", - "strip-final-newline": "^2.0.0" - } - }, - "get-stream": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", - "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", - "dev": true, - "requires": { - "pump": "^3.0.0" - } - }, - "is-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz", - "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", - "dev": true - }, - "npm-run-path": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", - "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", - "dev": true, - "requires": { - "path-key": "^3.0.0" - } - }, - "p-finally": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz", - "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw==", - "dev": true - }, - "path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "dev": true - }, - "shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "dev": true, - "requires": { - "shebang-regex": "^3.0.0" - } - }, - "shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "dev": true - } - } - }, - "jest-config": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-25.5.4.tgz", - "integrity": "sha512-SZwR91SwcdK6bz7Gco8qL7YY2sx8tFJYzvg216DLihTWf+LKY/DoJXpM9nTzYakSyfblbqeU48p/p7Jzy05Atg==", - "dev": true, - "requires": { - "@babel/core": "^7.1.0", - "@jest/test-sequencer": "^25.5.4", - "@jest/types": "^25.5.0", - "babel-jest": "^25.5.1", - "chalk": "^3.0.0", - "deepmerge": "^4.2.2", - "glob": "^7.1.1", - "graceful-fs": "^4.2.4", - "jest-environment-jsdom": "^25.5.0", - "jest-environment-node": "^25.5.0", - "jest-get-type": "^25.2.6", - "jest-jasmine2": "^25.5.4", - "jest-regex-util": "^25.2.6", - "jest-resolve": "^25.5.1", - "jest-util": "^25.5.0", - "jest-validate": "^25.5.0", - "micromatch": "^4.0.2", - "pretty-format": "^25.5.0", - "realpath-native": "^2.0.0" - } - }, - "jest-diff": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-25.5.0.tgz", - "integrity": "sha512-z1kygetuPiREYdNIumRpAHY6RXiGmp70YHptjdaxTWGmA085W3iCnXNx0DhflK3vwrKmrRWyY1wUpkPMVxMK7A==", - "dev": true, - "requires": { - "chalk": "^3.0.0", - "diff-sequences": "^25.2.6", - "jest-get-type": "^25.2.6", - "pretty-format": "^25.5.0" - } - }, - "jest-docblock": { - "version": "25.3.0", - "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-25.3.0.tgz", - "integrity": "sha512-aktF0kCar8+zxRHxQZwxMy70stc9R1mOmrLsT5VO3pIT0uzGRSDAXxSlz4NqQWpuLjPpuMhPRl7H+5FRsvIQAg==", - "dev": true, - "requires": { - "detect-newline": "^3.0.0" - } - }, - "jest-each": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-25.5.0.tgz", - "integrity": "sha512-QBogUxna3D8vtiItvn54xXde7+vuzqRrEeaw8r1s+1TG9eZLVJE5ZkKoSUlqFwRjnlaA4hyKGiu9OlkFIuKnjA==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "jest-get-type": "^25.2.6", - "jest-util": "^25.5.0", - "pretty-format": "^25.5.0" - } - }, - "jest-environment-jsdom": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-25.5.0.tgz", - "integrity": "sha512-7Jr02ydaq4jaWMZLY+Skn8wL5nVIYpWvmeatOHL3tOcV3Zw8sjnPpx+ZdeBfc457p8jCR9J6YCc+Lga0oIy62A==", - "dev": true, - "requires": { - "@jest/environment": "^25.5.0", - "@jest/fake-timers": "^25.5.0", - "@jest/types": "^25.5.0", - "jest-mock": "^25.5.0", - "jest-util": "^25.5.0", - "jsdom": "^15.2.1" - } - }, - "jest-environment-node": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-25.5.0.tgz", - "integrity": "sha512-iuxK6rQR2En9EID+2k+IBs5fCFd919gVVK5BeND82fYeLWPqvRcFNPKu9+gxTwfB5XwBGBvZ0HFQa+cHtIoslA==", - "dev": true, - "requires": { - "@jest/environment": "^25.5.0", - "@jest/fake-timers": "^25.5.0", - "@jest/types": "^25.5.0", - "jest-mock": "^25.5.0", - "jest-util": "^25.5.0", - "semver": "^6.3.0" - } - }, - "jest-get-type": { - "version": "25.2.6", - "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-25.2.6.tgz", - "integrity": "sha512-DxjtyzOHjObRM+sM1knti6or+eOgcGU4xVSb2HNP1TqO4ahsT+rqZg+nyqHWJSvWgKC5cG3QjGFBqxLghiF/Ig==", - "dev": true - }, - "jest-haste-map": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-25.5.1.tgz", - "integrity": "sha512-dddgh9UZjV7SCDQUrQ+5t9yy8iEgKc1AKqZR9YDww8xsVOtzPQSMVLDChc21+g29oTRexb9/B0bIlZL+sWmvAQ==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "@types/graceful-fs": "^4.1.2", - "anymatch": "^3.0.3", - "fb-watchman": "^2.0.0", - "fsevents": "^2.1.2", - "graceful-fs": "^4.2.4", - "jest-serializer": "^25.5.0", - "jest-util": "^25.5.0", - "jest-worker": "^25.5.0", - "micromatch": "^4.0.2", - "sane": "^4.0.3", - "walker": "^1.0.7", - "which": "^2.0.2" - } - }, - "jest-jasmine2": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-25.5.4.tgz", - "integrity": "sha512-9acbWEfbmS8UpdcfqnDO+uBUgKa/9hcRh983IHdM+pKmJPL77G0sWAAK0V0kr5LK3a8cSBfkFSoncXwQlRZfkQ==", - "dev": true, - "requires": { - "@babel/traverse": "^7.1.0", - "@jest/environment": "^25.5.0", - "@jest/source-map": "^25.5.0", - "@jest/test-result": "^25.5.0", - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "co": "^4.6.0", - "expect": "^25.5.0", - "is-generator-fn": "^2.0.0", - "jest-each": "^25.5.0", - "jest-matcher-utils": "^25.5.0", - "jest-message-util": "^25.5.0", - "jest-runtime": "^25.5.4", - "jest-snapshot": "^25.5.1", - "jest-util": "^25.5.0", - "pretty-format": "^25.5.0", - "throat": "^5.0.0" - } - }, - "jest-leak-detector": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-25.5.0.tgz", - "integrity": "sha512-rV7JdLsanS8OkdDpZtgBf61L5xZ4NnYLBq72r6ldxahJWWczZjXawRsoHyXzibM5ed7C2QRjpp6ypgwGdKyoVA==", - "dev": true, - "requires": { - "jest-get-type": "^25.2.6", - "pretty-format": "^25.5.0" - } - }, - "jest-matcher-utils": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-25.5.0.tgz", - "integrity": "sha512-VWI269+9JS5cpndnpCwm7dy7JtGQT30UHfrnM3mXl22gHGt/b7NkjBqXfbhZ8V4B7ANUsjK18PlSBmG0YH7gjw==", - "dev": true, - "requires": { - "chalk": "^3.0.0", - "jest-diff": "^25.5.0", - "jest-get-type": "^25.2.6", - "pretty-format": "^25.5.0" - } - }, - "jest-message-util": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-25.5.0.tgz", - "integrity": "sha512-ezddz3YCT/LT0SKAmylVyWWIGYoKHOFOFXx3/nA4m794lfVUskMcwhip6vTgdVrOtYdjeQeis2ypzes9mZb4EA==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "@jest/types": "^25.5.0", - "@types/stack-utils": "^1.0.1", - "chalk": "^3.0.0", - "graceful-fs": "^4.2.4", - "micromatch": "^4.0.2", - "slash": "^3.0.0", - "stack-utils": "^1.0.1" - } - }, - "jest-mock": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-25.5.0.tgz", - "integrity": "sha512-eXWuTV8mKzp/ovHc5+3USJMYsTBhyQ+5A1Mak35dey/RG8GlM4YWVylZuGgVXinaW6tpvk/RSecmF37FKUlpXA==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0" - } - }, - "jest-pnp-resolver": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.1.tgz", - "integrity": "sha512-pgFw2tm54fzgYvc/OHrnysABEObZCUNFnhjoRjaVOCN8NYc032/gVjPaHD4Aq6ApkSieWtfKAFQtmDKAmhupnQ==", - "dev": true - }, - "jest-regex-util": { - "version": "25.2.6", - "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-25.2.6.tgz", - "integrity": "sha512-KQqf7a0NrtCkYmZZzodPftn7fL1cq3GQAFVMn5Hg8uKx/fIenLEobNanUxb7abQ1sjADHBseG/2FGpsv/wr+Qw==", - "dev": true - }, - "jest-resolve": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-25.5.1.tgz", - "integrity": "sha512-Hc09hYch5aWdtejsUZhA+vSzcotf7fajSlPA6EZPE1RmPBAD39XtJhvHWFStid58iit4IPDLI/Da4cwdDmAHiQ==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "browser-resolve": "^1.11.3", - "chalk": "^3.0.0", - "graceful-fs": "^4.2.4", - "jest-pnp-resolver": "^1.2.1", - "read-pkg-up": "^7.0.1", - "realpath-native": "^2.0.0", - "resolve": "^1.17.0", - "slash": "^3.0.0" - } - }, - "jest-resolve-dependencies": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-25.5.4.tgz", - "integrity": "sha512-yFmbPd+DAQjJQg88HveObcGBA32nqNZ02fjYmtL16t1xw9bAttSn5UGRRhzMHIQbsep7znWvAvnD4kDqOFM0Uw==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "jest-regex-util": "^25.2.6", - "jest-snapshot": "^25.5.1" - } - }, - "jest-runner": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-25.5.4.tgz", - "integrity": "sha512-V/2R7fKZo6blP8E9BL9vJ8aTU4TH2beuqGNxHbxi6t14XzTb+x90B3FRgdvuHm41GY8ch4xxvf0ATH4hdpjTqg==", - "dev": true, - "requires": { - "@jest/console": "^25.5.0", - "@jest/environment": "^25.5.0", - "@jest/test-result": "^25.5.0", - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "exit": "^0.1.2", - "graceful-fs": "^4.2.4", - "jest-config": "^25.5.4", - "jest-docblock": "^25.3.0", - "jest-haste-map": "^25.5.1", - "jest-jasmine2": "^25.5.4", - "jest-leak-detector": "^25.5.0", - "jest-message-util": "^25.5.0", - "jest-resolve": "^25.5.1", - "jest-runtime": "^25.5.4", - "jest-util": "^25.5.0", - "jest-worker": "^25.5.0", - "source-map-support": "^0.5.6", - "throat": "^5.0.0" - } - }, - "jest-runtime": { - "version": "25.5.4", - "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-25.5.4.tgz", - "integrity": "sha512-RWTt8LeWh3GvjYtASH2eezkc8AehVoWKK20udV6n3/gC87wlTbE1kIA+opCvNWyyPeBs6ptYsc6nyHUb1GlUVQ==", - "dev": true, - "requires": { - "@jest/console": "^25.5.0", - "@jest/environment": "^25.5.0", - "@jest/globals": "^25.5.2", - "@jest/source-map": "^25.5.0", - "@jest/test-result": "^25.5.0", - "@jest/transform": "^25.5.1", - "@jest/types": "^25.5.0", - "@types/yargs": "^15.0.0", - "chalk": "^3.0.0", - "collect-v8-coverage": "^1.0.0", - "exit": "^0.1.2", - "glob": "^7.1.3", - "graceful-fs": "^4.2.4", - "jest-config": "^25.5.4", - "jest-haste-map": "^25.5.1", - "jest-message-util": "^25.5.0", - "jest-mock": "^25.5.0", - "jest-regex-util": "^25.2.6", - "jest-resolve": "^25.5.1", - "jest-snapshot": "^25.5.1", - "jest-util": "^25.5.0", - "jest-validate": "^25.5.0", - "realpath-native": "^2.0.0", - "slash": "^3.0.0", - "strip-bom": "^4.0.0", - "yargs": "^15.3.1" - } - }, - "jest-serializer": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-25.5.0.tgz", - "integrity": "sha512-LxD8fY1lByomEPflwur9o4e2a5twSQ7TaVNLlFUuToIdoJuBt8tzHfCsZ42Ok6LkKXWzFWf3AGmheuLAA7LcCA==", - "dev": true, - "requires": { - "graceful-fs": "^4.2.4" - } - }, - "jest-snapshot": { - "version": "25.5.1", - "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-25.5.1.tgz", - "integrity": "sha512-C02JE1TUe64p2v1auUJ2ze5vcuv32tkv9PyhEb318e8XOKF7MOyXdJ7kdjbvrp3ChPLU2usI7Rjxs97Dj5P0uQ==", - "dev": true, - "requires": { - "@babel/types": "^7.0.0", - "@jest/types": "^25.5.0", - "@types/prettier": "^1.19.0", - "chalk": "^3.0.0", - "expect": "^25.5.0", - "graceful-fs": "^4.2.4", - "jest-diff": "^25.5.0", - "jest-get-type": "^25.2.6", - "jest-matcher-utils": "^25.5.0", - "jest-message-util": "^25.5.0", - "jest-resolve": "^25.5.1", - "make-dir": "^3.0.0", - "natural-compare": "^1.4.0", - "pretty-format": "^25.5.0", - "semver": "^6.3.0" - } - }, - "jest-util": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-25.5.0.tgz", - "integrity": "sha512-KVlX+WWg1zUTB9ktvhsg2PXZVdkI1NBevOJSkTKYAyXyH4QSvh+Lay/e/v+bmaFfrkfx43xD8QTfgobzlEXdIA==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "chalk": "^3.0.0", - "graceful-fs": "^4.2.4", - "is-ci": "^2.0.0", - "make-dir": "^3.0.0" - } - }, - "jest-validate": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-25.5.0.tgz", - "integrity": "sha512-okUFKqhZIpo3jDdtUXUZ2LxGUZJIlfdYBvZb1aczzxrlyMlqdnnws9MOxezoLGhSaFc2XYaHNReNQfj5zPIWyQ==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "camelcase": "^5.3.1", - "chalk": "^3.0.0", - "jest-get-type": "^25.2.6", - "leven": "^3.1.0", - "pretty-format": "^25.5.0" - } - }, - "jest-watcher": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-25.5.0.tgz", - "integrity": "sha512-XrSfJnVASEl+5+bb51V0Q7WQx65dTSk7NL4yDdVjPnRNpM0hG+ncFmDYJo9O8jaSRcAitVbuVawyXCRoxGrT5Q==", - "dev": true, - "requires": { - "@jest/test-result": "^25.5.0", - "@jest/types": "^25.5.0", - "ansi-escapes": "^4.2.1", - "chalk": "^3.0.0", - "jest-util": "^25.5.0", - "string-length": "^3.1.0" - } - }, - "jest-worker": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", - "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", - "dev": true, - "requires": { - "merge-stream": "^2.0.0", - "supports-color": "^7.0.0" - } - }, - "js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", - "dev": true - }, - "js-yaml": { - "version": "3.14.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", - "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - }, - "jsdom": { - "version": "15.2.1", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-15.2.1.tgz", - "integrity": "sha512-fAl1W0/7T2G5vURSyxBzrJ1LSdQn6Tr5UX/xD4PXDx/PDgwygedfW6El/KIj3xJ7FU61TTYnc/l/B7P49Eqt6g==", - "dev": true, - "requires": { - "abab": "^2.0.0", - "acorn": "^7.1.0", - "acorn-globals": "^4.3.2", - "array-equal": "^1.0.0", - "cssom": "^0.4.1", - "cssstyle": "^2.0.0", - "data-urls": "^1.1.0", - "domexception": "^1.0.1", - "escodegen": "^1.11.1", - "html-encoding-sniffer": "^1.0.2", - "nwsapi": "^2.2.0", - "parse5": "5.1.0", - "pn": "^1.1.0", - "request": "^2.88.0", - "request-promise-native": "^1.0.7", - "saxes": "^3.1.9", - "symbol-tree": "^3.2.2", - "tough-cookie": "^3.0.1", - "w3c-hr-time": "^1.0.1", - "w3c-xmlserializer": "^1.1.2", - "webidl-conversions": "^4.0.2", - "whatwg-encoding": "^1.0.5", - "whatwg-mimetype": "^2.3.0", - "whatwg-url": "^7.0.0", - "ws": "^7.0.0", - "xml-name-validator": "^3.0.0" - } - }, - "jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "dev": true - }, - "json-buffer": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", - "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" - }, - "json-parse-better-errors": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", - "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", - "dev": true - }, - "json-schema": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", - "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=" - }, - "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" - }, - "json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" - }, - "json5": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", - "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", - "dev": true, - "requires": { - "minimist": "^1.2.5" - } - }, - "jsonpath-plus": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-0.19.0.tgz", - "integrity": "sha512-GSVwsrzW9LsA5lzsqe4CkuZ9wp+kxBb2GwNniaWzI2YFn5Ig42rSW8ZxVpWXaAfakXNrx5pgY5AbQq7kzX29kg==" - }, - "jsprim": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", - "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", - "requires": { - "assert-plus": "1.0.0", - "extsprintf": "1.3.0", - "json-schema": "0.2.3", - "verror": "1.10.0" - } - }, - "keyv": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz", - "integrity": "sha512-eguHnq22OE3uVoSYG0LVWNP+4ppamWr9+zWBe1bsNcovIMy6huUJFPgy4mGwCd/rnl3vOLGW1MTlu4c57CT1xA==", - "requires": { - "json-buffer": "3.0.0" - } - }, - "kind-of": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", - "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==", - "dev": true - }, - "kleur": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", - "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", - "dev": true - }, - "leven": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", - "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", - "dev": true - }, - "levn": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", - "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", - "dev": true, - "requires": { - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2" - } - }, - "lines-and-columns": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", - "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", - "dev": true - }, - "locate-path": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", - "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", - "dev": true, - "requires": { - "p-locate": "^4.1.0" - } - }, - "lodash": { - "version": "4.17.19", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" - }, - "lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" - }, - "lodash.sortby": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", - "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", - "dev": true - }, - "lolex": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/lolex/-/lolex-5.1.2.tgz", - "integrity": "sha512-h4hmjAvHTmd+25JSwrtTIuwbKdwg5NzZVRMLn9saij4SZaepCrTCxPr35H/3bjwfMJtN+t3CX8672UIkglz28A==", - "dev": true, - "requires": { - "@sinonjs/commons": "^1.7.0" - } - }, - "long": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", - "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" - }, - "lowercase-keys": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", - "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==" - }, - "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", - "requires": { - "yallist": "^3.0.2" - } - }, - "make-dir": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", - "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", - "dev": true, - "requires": { - "semver": "^6.0.0" - } - }, - "makeerror": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", - "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", - "dev": true, - "requires": { - "tmpl": "1.0.x" - } - }, - "map-cache": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", - "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=", - "dev": true - }, - "map-visit": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", - "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", - "dev": true, - "requires": { - "object-visit": "^1.0.0" - } - }, - "merge-stream": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", - "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", - "dev": true - }, - "micromatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", - "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", - "dev": true, - "requires": { - "braces": "^3.0.1", - "picomatch": "^2.0.5" - } - }, - "mime-db": { - "version": "1.44.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", - "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==" - }, - "mime-types": { - "version": "2.1.27", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", - "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", - "requires": { - "mime-db": "1.44.0" - } - }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "mimic-response": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz", - "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ==" - }, - "minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, - "mixin-deep": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", - "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", - "dev": true, - "requires": { - "for-in": "^1.0.2", - "is-extendable": "^1.0.1" - }, - "dependencies": { - "is-extendable": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", - "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", - "dev": true, - "requires": { - "is-plain-object": "^2.0.4" - } - } - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "nanomatch": { - "version": "1.2.13", - "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", - "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", - "dev": true, - "requires": { - "arr-diff": "^4.0.0", - "array-unique": "^0.3.2", - "define-property": "^2.0.2", - "extend-shallow": "^3.0.2", - "fragment-cache": "^0.2.1", - "is-windows": "^1.0.2", - "kind-of": "^6.0.2", - "object.pick": "^1.3.0", - "regex-not": "^1.0.0", - "snapdragon": "^0.8.1", - "to-regex": "^3.0.1" - } - }, - "natural-compare": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", - "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", - "dev": true - }, - "nice-try": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", - "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" - }, - "node-forge": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.8.5.tgz", - "integrity": "sha512-vFMQIWt+J/7FLNyKouZ9TazT74PRV3wgv9UT4cRjC8BffxFbKXkgIWR42URCPSnHm/QDz6BOlb2Q0U4+VQT67Q==" - }, - "node-int64": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", - "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", - "dev": true - }, - "node-jose": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/node-jose/-/node-jose-1.1.4.tgz", - "integrity": "sha512-L31IFwL3pWWcMHxxidCY51ezqrDXMkvlT/5pLTfNw5sXmmOLJuN6ug7txzF/iuZN55cRpyOmoJrotwBQIoo5Lw==", - "requires": { - "base64url": "^3.0.1", - "browserify-zlib": "^0.2.0", - "buffer": "^5.5.0", - "es6-promise": "^4.2.8", - "lodash": "^4.17.15", - "long": "^4.0.0", - "node-forge": "^0.8.5", - "process": "^0.11.10", - "react-zlib-js": "^1.0.4", - "uuid": "^3.3.3" - } - }, - "node-modules-regexp": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", - "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", - "dev": true - }, - "node-notifier": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-6.0.0.tgz", - "integrity": "sha512-SVfQ/wMw+DesunOm5cKqr6yDcvUTDl/yc97ybGHMrteNEY6oekXpNpS3lZwgLlwz0FLgHoiW28ZpmBHUDg37cw==", - "dev": true, - "optional": true, - "requires": { - "growly": "^1.3.0", - "is-wsl": "^2.1.1", - "semver": "^6.3.0", - "shellwords": "^0.1.1", - "which": "^1.3.1" - }, - "dependencies": { - "which": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", - "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", - "dev": true, - "optional": true, - "requires": { - "isexe": "^2.0.0" - } - } - } - }, - "normalize-package-data": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", - "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", - "dev": true, - "requires": { - "hosted-git-info": "^2.1.4", - "resolve": "^1.10.0", - "semver": "2 || 3 || 4 || 5", - "validate-npm-package-license": "^3.0.1" - }, - "dependencies": { - "semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", - "dev": true - } - } - }, - "normalize-path": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", - "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", - "dev": true - }, - "normalize-url": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-2.0.1.tgz", - "integrity": "sha512-D6MUW4K/VzoJ4rJ01JFKxDrtY1v9wrgzCX5f2qj/lzH1m/lW6MhUZFKerVsnyjOhOsYzI9Kqqak+10l4LvLpMw==", - "requires": { - "prepend-http": "^2.0.0", - "query-string": "^5.0.1", - "sort-keys": "^2.0.0" - } - }, - "npm-run-path": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", - "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", - "requires": { - "path-key": "^2.0.0" - } - }, - "nwsapi": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", - "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", - "dev": true - }, - "oauth-sign": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", - "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" - }, - "object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" - }, - "object-copy": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", - "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", - "dev": true, - "requires": { - "copy-descriptor": "^0.1.0", - "define-property": "^0.2.5", - "kind-of": "^3.0.3" - }, - "dependencies": { - "define-property": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", - "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", - "dev": true, - "requires": { - "is-descriptor": "^0.1.0" - } - }, - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "object-hash": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-1.3.1.tgz", - "integrity": "sha512-OSuu/pU4ENM9kmREg0BdNrUDIl1heYa4mBZacJc+vVWz4GtAwu7jO8s4AIt2aGRUTqxykpWzI3Oqnsm13tTMDA==" - }, - "object-visit": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", - "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", - "dev": true, - "requires": { - "isobject": "^3.0.0" - } - }, - "object.pick": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", - "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", - "dev": true, - "requires": { - "isobject": "^3.0.1" - } - }, - "oidc-token-hash": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-3.0.2.tgz", - "integrity": "sha512-dTzp80/y/da+um+i+sOucNqiPpwRL7M/xPwj7pH1TFA2/bqQ+OK2sJahSXbemEoLtPkHcFLyhLhLWZa9yW5+RA==" - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "requires": { - "wrappy": "1" - } - }, - "onetime": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz", - "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, - "openid-client": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-2.5.0.tgz", - "integrity": "sha512-t3hFD7xEoW1U25RyBcRFaL19fGGs6hNVTysq9pgmiltH0IVUPzH/bQV9w24pM5Q7MunnGv2/5XjIru6BQcWdxg==", - "requires": { - "base64url": "^3.0.0", - "got": "^8.3.2", - "lodash": "^4.17.11", - "lru-cache": "^5.1.1", - "node-jose": "^1.1.0", - "object-hash": "^1.3.1", - "oidc-token-hash": "^3.0.1", - "p-any": "^1.1.0" - } - }, - "optionator": { - "version": "0.8.3", - "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", - "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", - "dev": true, - "requires": { - "deep-is": "~0.1.3", - "fast-levenshtein": "~2.0.6", - "levn": "~0.3.0", - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2", - "word-wrap": "~1.2.3" - } - }, - "p-any": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-any/-/p-any-1.1.0.tgz", - "integrity": "sha512-Ef0tVa4CZ5pTAmKn+Cg3w8ABBXh+hHO1aV8281dKOoUHfX+3tjG2EaFcC+aZyagg9b4EYGsHEjz21DnEE8Og2g==", - "requires": { - "p-some": "^2.0.0" - } - }, - "p-cancelable": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.4.1.tgz", - "integrity": "sha512-HNa1A8LvB1kie7cERyy21VNeHb2CWJJYqyyC2o3klWFfMGlFmWv2Z7sFgZH8ZiaYL95ydToKTFVXgMV/Os0bBQ==" - }, - "p-each-series": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-2.1.0.tgz", - "integrity": "sha512-ZuRs1miPT4HrjFa+9fRfOFXxGJfORgelKV9f9nNOWw2gl6gVsRaVDOQP0+MI0G0wGKns1Yacsu0GjOFbTK0JFQ==", - "dev": true - }, - "p-finally": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", - "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" - }, - "p-is-promise": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz", - "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=" - }, - "p-limit": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", - "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", - "dev": true, - "requires": { - "p-try": "^2.0.0" - } - }, - "p-locate": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", - "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", - "dev": true, - "requires": { - "p-limit": "^2.2.0" - } - }, - "p-some": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-some/-/p-some-2.0.1.tgz", - "integrity": "sha1-Zdh8ixVO289SIdFnd4ttLhUPbwY=", - "requires": { - "aggregate-error": "^1.0.0" - } - }, - "p-timeout": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-timeout/-/p-timeout-2.0.1.tgz", - "integrity": "sha512-88em58dDVB/KzPEx1X0N3LwFfYZPyDc4B6eF38M1rk9VTZMbxXXgjugz8mmwpS9Ox4BDZ+t6t3QP5+/gazweIA==", - "requires": { - "p-finally": "^1.0.0" - } - }, - "p-try": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", - "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", - "dev": true - }, - "pako": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", - "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" - }, - "parse-json": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", - "integrity": "sha512-OOY5b7PAEFV0E2Fir1KOkxchnZNCdowAJgQ5NuxjpBKTRP3pQhwkrkxqQjeoKJ+fO7bCpmIZaogI4eZGDMEGOw==", - "dev": true, - "requires": { - "@babel/code-frame": "^7.0.0", - "error-ex": "^1.3.1", - "json-parse-better-errors": "^1.0.1", - "lines-and-columns": "^1.1.6" - } - }, - "parse5": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", - "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==", - "dev": true - }, - "pascalcase": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", - "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=", - "dev": true - }, - "path-exists": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", - "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", - "dev": true - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" - }, - "path-key": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", - "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=" - }, - "path-parse": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", - "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==" - }, - "performance-now": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", - "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" - }, - "picomatch": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", - "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", - "dev": true - }, - "pify": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", - "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" - }, - "pirates": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", - "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", - "dev": true, - "requires": { - "node-modules-regexp": "^1.0.0" - } - }, - "pkg-dir": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", - "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", - "dev": true, - "requires": { - "find-up": "^4.0.0" - } - }, - "pn": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", - "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", - "dev": true - }, - "posix-character-classes": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", - "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=", - "dev": true - }, - "prelude-ls": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", - "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", - "dev": true - }, - "prepend-http": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz", - "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" - }, - "pretty-format": { - "version": "25.5.0", - "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", - "integrity": "sha512-kbo/kq2LQ/A/is0PQwsEHM7Ca6//bGPPvU6UnsdDRSKTWxT/ru/xb88v4BJf6a69H+uTytOEsTusT9ksd/1iWQ==", - "dev": true, - "requires": { - "@jest/types": "^25.5.0", - "ansi-regex": "^5.0.0", - "ansi-styles": "^4.0.0", - "react-is": "^16.12.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", - "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", - "dev": true - } - } - }, - "process": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", - "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" - }, - "process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" - }, - "prompts": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", - "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", - "dev": true, - "requires": { - "kleur": "^3.0.3", - "sisteransi": "^1.0.4" - } - }, - "psl": { - "version": "1.8.0", - "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", - "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" - }, - "pump": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", - "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", - "requires": { - "end-of-stream": "^1.1.0", - "once": "^1.3.1" - } - }, - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - }, - "qs": { - "version": "6.5.2", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", - "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" - }, - "query-string": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/query-string/-/query-string-5.1.1.tgz", - "integrity": "sha512-gjWOsm2SoGlgLEdAGt7a6slVOk9mGiXmPFMqrEhLQ68rhQuBnpfs3+EmlvqKyxnCo9/PPlF+9MtY02S1aFg+Jw==", - "requires": { - "decode-uri-component": "^0.2.0", - "object-assign": "^4.1.0", - "strict-uri-encode": "^1.0.0" - } - }, - "react-is": { - "version": "16.13.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", - "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", - "dev": true - }, - "react-zlib-js": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/react-zlib-js/-/react-zlib-js-1.0.4.tgz", - "integrity": "sha512-ynXD9DFxpE7vtGoa3ZwBtPmZrkZYw2plzHGbanUjBOSN4RtuXdektSfABykHtTiWEHMh7WdYj45LHtp228ZF1A==" - }, - "read-pkg": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", - "integrity": "sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==", - "dev": true, - "requires": { - "@types/normalize-package-data": "^2.4.0", - "normalize-package-data": "^2.5.0", - "parse-json": "^5.0.0", - "type-fest": "^0.6.0" - }, - "dependencies": { - "type-fest": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", - "integrity": "sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==", - "dev": true - } - } - }, - "read-pkg-up": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", - "integrity": "sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==", - "dev": true, - "requires": { - "find-up": "^4.1.0", - "read-pkg": "^5.2.0", - "type-fest": "^0.8.1" - } - }, - "readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - } - }, - "realpath-native": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", - "integrity": "sha512-v1SEYUOXXdbBZK8ZuNgO4TBjamPsiSgcFr0aP+tEKpQZK8vooEUqV6nm6Cv502mX4NF2EfsnVqtNAHG+/6Ur1Q==", - "dev": true - }, - "rechoir": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz", - "integrity": "sha1-hSBLVNuoLVdC4oyWdW70OvUOM4Q=", - "requires": { - "resolve": "^1.1.6" - } - }, - "regex-not": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", - "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", - "dev": true, - "requires": { - "extend-shallow": "^3.0.2", - "safe-regex": "^1.1.0" - } - }, - "remove-trailing-separator": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", - "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=", - "dev": true - }, - "repeat-element": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", - "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==", - "dev": true - }, - "repeat-string": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", - "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", - "dev": true - }, - "request": { - "version": "2.88.2", - "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", - "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", - "requires": { - "aws-sign2": "~0.7.0", - "aws4": "^1.8.0", - "caseless": "~0.12.0", - "combined-stream": "~1.0.6", - "extend": "~3.0.2", - "forever-agent": "~0.6.1", - "form-data": "~2.3.2", - "har-validator": "~5.1.3", - "http-signature": "~1.2.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.19", - "oauth-sign": "~0.9.0", - "performance-now": "^2.1.0", - "qs": "~6.5.2", - "safe-buffer": "^5.1.2", - "tough-cookie": "~2.5.0", - "tunnel-agent": "^0.6.0", - "uuid": "^3.3.2" - }, - "dependencies": { - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - } - } - }, - "request-promise-core": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.3.tgz", - "integrity": "sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==", - "dev": true, - "requires": { - "lodash": "^4.17.15" - } - }, - "request-promise-native": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.8.tgz", - "integrity": "sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==", - "dev": true, - "requires": { - "request-promise-core": "1.1.3", - "stealthy-require": "^1.1.1", - "tough-cookie": "^2.3.3" - }, - "dependencies": { - "tough-cookie": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", - "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", - "dev": true, - "requires": { - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - } - } - }, - "require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", - "dev": true - }, - "require-main-filename": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", - "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", - "dev": true - }, - "resolve": { - "version": "1.17.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", - "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", - "requires": { - "path-parse": "^1.0.6" - } - }, - "resolve-cwd": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", - "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", - "dev": true, - "requires": { - "resolve-from": "^5.0.0" - } - }, - "resolve-from": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", - "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", - "dev": true - }, - "resolve-url": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", - "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", - "dev": true - }, - "responselike": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", - "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=", - "requires": { - "lowercase-keys": "^1.0.0" - } - }, - "ret": { - "version": "0.1.15", - "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", - "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", - "dev": true - }, - "rfc4648": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.3.0.tgz", - "integrity": "sha512-x36K12jOflpm1V8QjPq3I+pt7Z1xzeZIjiC8J2Oxd7bE1efTrOG241DTYVJByP/SxR9jl1t7iZqYxDX864jgBQ==" - }, - "rimraf": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", - "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", - "dev": true, - "requires": { - "glob": "^7.1.3" - } - }, - "rsvp": { - "version": "4.8.5", - "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", - "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==", - "dev": true - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safe-regex": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", - "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", - "dev": true, - "requires": { - "ret": "~0.1.10" - } - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "sane": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", - "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", - "dev": true, - "requires": { - "@cnakazawa/watch": "^1.0.3", - "anymatch": "^2.0.0", - "capture-exit": "^2.0.0", - "exec-sh": "^0.3.2", - "execa": "^1.0.0", - "fb-watchman": "^2.0.0", - "micromatch": "^3.1.4", - "minimist": "^1.1.1", - "walker": "~1.0.5" - }, - "dependencies": { - "anymatch": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", - "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", - "dev": true, - "requires": { - "micromatch": "^3.1.4", - "normalize-path": "^2.1.1" - } - }, - "braces": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", - "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", - "dev": true, - "requires": { - "arr-flatten": "^1.1.0", - "array-unique": "^0.3.2", - "extend-shallow": "^2.0.1", - "fill-range": "^4.0.0", - "isobject": "^3.0.1", - "repeat-element": "^1.1.2", - "snapdragon": "^0.8.1", - "snapdragon-node": "^2.0.1", - "split-string": "^3.0.2", - "to-regex": "^3.0.1" - }, - "dependencies": { - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - } - } - }, - "fill-range": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", - "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", - "dev": true, - "requires": { - "extend-shallow": "^2.0.1", - "is-number": "^3.0.0", - "repeat-string": "^1.6.1", - "to-regex-range": "^2.1.0" - }, - "dependencies": { - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - } - } - }, - "is-number": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", - "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", - "dev": true, - "requires": { - "kind-of": "^3.0.2" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "micromatch": { - "version": "3.1.10", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", - "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", - "dev": true, - "requires": { - "arr-diff": "^4.0.0", - "array-unique": "^0.3.2", - "braces": "^2.3.1", - "define-property": "^2.0.2", - "extend-shallow": "^3.0.2", - "extglob": "^2.0.4", - "fragment-cache": "^0.2.1", - "kind-of": "^6.0.2", - "nanomatch": "^1.2.9", - "object.pick": "^1.3.0", - "regex-not": "^1.0.0", - "snapdragon": "^0.8.1", - "to-regex": "^3.0.2" - } - }, - "normalize-path": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", - "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", - "dev": true, - "requires": { - "remove-trailing-separator": "^1.0.1" - } - }, - "to-regex-range": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", - "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", - "dev": true, - "requires": { - "is-number": "^3.0.0", - "repeat-string": "^1.6.1" - } - } - } - }, - "saxes": { - "version": "3.1.11", - "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", - "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", - "dev": true, - "requires": { - "xmlchars": "^2.1.1" - } - }, - "semver": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", - "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", - "dev": true - }, - "set-blocking": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", - "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", - "dev": true - }, - "set-value": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", - "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", - "dev": true, - "requires": { - "extend-shallow": "^2.0.1", - "is-extendable": "^0.1.1", - "is-plain-object": "^2.0.3", - "split-string": "^3.0.1" - }, - "dependencies": { - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - } - } - }, - "shebang-command": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", - "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", - "requires": { - "shebang-regex": "^1.0.0" - } - }, - "shebang-regex": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", - "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=" - }, - "shelljs": { - "version": "0.8.4", - "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.4.tgz", - "integrity": "sha512-7gk3UZ9kOfPLIAbslLzyWeGiEqx9e3rxwZM0KE6EL8GlGwjym9Mrlx5/p33bWTu9YG6vcS4MBxYZDHYr5lr8BQ==", - "requires": { - "glob": "^7.0.0", - "interpret": "^1.0.0", - "rechoir": "^0.6.2" - } - }, - "shellwords": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", - "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", - "dev": true, - "optional": true - }, - "signal-exit": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", - "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==" - }, - "sisteransi": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", - "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", - "dev": true - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", - "dev": true - }, - "snapdragon": { - "version": "0.8.2", - "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", - "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", - "dev": true, - "requires": { - "base": "^0.11.1", - "debug": "^2.2.0", - "define-property": "^0.2.5", - "extend-shallow": "^2.0.1", - "map-cache": "^0.2.2", - "source-map": "^0.5.6", - "source-map-resolve": "^0.5.0", - "use": "^3.1.0" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "dev": true, - "requires": { - "ms": "2.0.0" - } - }, - "define-property": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", - "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", - "dev": true, - "requires": { - "is-descriptor": "^0.1.0" - } - }, - "extend-shallow": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", - "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", - "dev": true, - "requires": { - "is-extendable": "^0.1.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", - "dev": true - }, - "source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "dev": true - } - } - }, - "snapdragon-node": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", - "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", - "dev": true, - "requires": { - "define-property": "^1.0.0", - "isobject": "^3.0.0", - "snapdragon-util": "^3.0.1" - }, - "dependencies": { - "define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", - "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", - "dev": true, - "requires": { - "is-descriptor": "^1.0.0" - } - }, - "is-accessor-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", - "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-data-descriptor": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", - "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", - "dev": true, - "requires": { - "kind-of": "^6.0.0" - } - }, - "is-descriptor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", - "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", - "dev": true, - "requires": { - "is-accessor-descriptor": "^1.0.0", - "is-data-descriptor": "^1.0.0", - "kind-of": "^6.0.2" - } - } - } - }, - "snapdragon-util": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", - "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", - "dev": true, - "requires": { - "kind-of": "^3.2.0" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "sort-keys": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-2.0.0.tgz", - "integrity": "sha1-ZYU1WEhh7JfXMNbPQYIuH1ZoQSg=", - "requires": { - "is-plain-obj": "^1.0.0" - } - }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, - "source-map-resolve": { - "version": "0.5.3", - "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", - "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", - "dev": true, - "requires": { - "atob": "^2.1.2", - "decode-uri-component": "^0.2.0", - "resolve-url": "^0.2.1", - "source-map-url": "^0.4.0", - "urix": "^0.1.0" - } - }, - "source-map-support": { - "version": "0.5.19", - "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", - "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "source-map": "^0.6.0" - } - }, - "source-map-url": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", - "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=", - "dev": true - }, - "spdx-correct": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", - "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", - "dev": true, - "requires": { - "spdx-expression-parse": "^3.0.0", - "spdx-license-ids": "^3.0.0" - } - }, - "spdx-exceptions": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", - "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==", - "dev": true - }, - "spdx-expression-parse": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", - "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", - "dev": true, - "requires": { - "spdx-exceptions": "^2.1.0", - "spdx-license-ids": "^3.0.0" - } - }, - "spdx-license-ids": { - "version": "3.0.5", - "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", - "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", - "dev": true - }, - "split-string": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", - "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", - "dev": true, - "requires": { - "extend-shallow": "^3.0.0" - } - }, - "sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=" - }, - "sshpk": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", - "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", - "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jsbn": "~0.1.0", - "safer-buffer": "^2.0.2", - "tweetnacl": "~0.14.0" - } - }, - "stack-utils": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", - "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", - "dev": true - }, - "static-extend": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", - "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", - "dev": true, - "requires": { - "define-property": "^0.2.5", - "object-copy": "^0.1.0" - }, - "dependencies": { - "define-property": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", - "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", - "dev": true, - "requires": { - "is-descriptor": "^0.1.0" - } - } - } - }, - "stealthy-require": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", - "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", - "dev": true - }, - "strict-uri-encode": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", - "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" - }, - "string-length": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", - "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", - "dev": true, - "requires": { - "astral-regex": "^1.0.0", - "strip-ansi": "^5.2.0" - }, - "dependencies": { - "strip-ansi": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", - "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", - "dev": true, - "requires": { - "ansi-regex": "^4.1.0" - } - } - } - }, - "string-width": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", - "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", - "dev": true, - "requires": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.0" - } - }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - } - }, - "strip-ansi": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", - "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", - "dev": true, - "requires": { - "ansi-regex": "^5.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", - "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", - "dev": true - } - } - }, - "strip-bom": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", - "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", - "dev": true - }, - "strip-eof": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", - "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=" - }, - "strip-final-newline": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", - "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", - "dev": true - }, - "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, - "supports-hyperlinks": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.1.0.tgz", - "integrity": "sha512-zoE5/e+dnEijk6ASB6/qrK+oYdm2do1hjoLWrqUC/8WEIW1gbxFcKuBof7sW8ArN6e+AYvsE8HBGiVRWL/F5CA==", - "dev": true, - "requires": { - "has-flag": "^4.0.0", - "supports-color": "^7.0.0" - } - }, - "symbol-tree": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", - "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", - "dev": true - }, - "terminal-link": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", - "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", - "dev": true, - "requires": { - "ansi-escapes": "^4.2.1", - "supports-hyperlinks": "^2.0.0" - } - }, - "test-exclude": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", - "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", - "dev": true, - "requires": { - "@istanbuljs/schema": "^0.1.2", - "glob": "^7.1.4", - "minimatch": "^3.0.4" - } - }, - "throat": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/throat/-/throat-5.0.0.tgz", - "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", - "dev": true - }, - "timed-out": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz", - "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=" - }, - "tmpl": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", - "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=", - "dev": true - }, - "to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "dev": true - }, - "to-object-path": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", - "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", - "dev": true, - "requires": { - "kind-of": "^3.0.2" - }, - "dependencies": { - "kind-of": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", - "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "dev": true, - "requires": { - "is-buffer": "^1.1.5" - } - } - } - }, - "to-regex": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", - "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", - "dev": true, - "requires": { - "define-property": "^2.0.2", - "extend-shallow": "^3.0.2", - "regex-not": "^1.0.2", - "safe-regex": "^1.1.0" - } - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "dev": true, - "requires": { - "is-number": "^7.0.0" - } - }, - "tough-cookie": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-3.0.1.tgz", - "integrity": "sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg==", - "dev": true, - "requires": { - "ip-regex": "^2.1.0", - "psl": "^1.1.28", - "punycode": "^2.1.1" - } - }, - "tr46": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", - "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", - "dev": true, - "requires": { - "punycode": "^2.1.0" - } - }, - "tslib": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.13.0.tgz", - "integrity": "sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==" - }, - "tunnel-agent": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", - "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "tweetnacl": { - "version": "0.14.5", - "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", - "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" - }, - "type-check": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", - "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", - "dev": true, - "requires": { - "prelude-ls": "~1.1.2" - } - }, - "type-detect": { - "version": "4.0.8", - "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", - "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", - "dev": true - }, - "type-fest": { - "version": "0.8.1", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", - "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", - "dev": true - }, - "typedarray-to-buffer": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", - "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", - "dev": true, - "requires": { - "is-typedarray": "^1.0.0" - } - }, - "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" - }, - "union-value": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", - "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", - "dev": true, - "requires": { - "arr-union": "^3.1.0", - "get-value": "^2.0.6", - "is-extendable": "^0.1.1", - "set-value": "^2.0.1" - } - }, - "unset-value": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", - "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", - "dev": true, - "requires": { - "has-value": "^0.3.1", - "isobject": "^3.0.0" - }, - "dependencies": { - "has-value": { - "version": "0.3.1", - "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", - "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", - "dev": true, - "requires": { - "get-value": "^2.0.3", - "has-values": "^0.1.4", - "isobject": "^2.0.0" - }, - "dependencies": { - "isobject": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", - "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", - "dev": true, - "requires": { - "isarray": "1.0.0" - } - } - } - }, - "has-values": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", - "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=", - "dev": true - } - } - }, - "uri-js": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", - "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", - "requires": { - "punycode": "^2.1.0" - } - }, - "urix": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", - "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", - "dev": true - }, - "url-parse-lax": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz", - "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=", - "requires": { - "prepend-http": "^2.0.0" - } - }, - "url-to-options": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz", - "integrity": "sha1-FQWgOiiaSMvXpDTvuu7FBV9WM6k=" - }, - "use": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", - "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", - "dev": true - }, - "util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" - }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, - "v8-to-istanbul": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-4.1.4.tgz", - "integrity": "sha512-Rw6vJHj1mbdK8edjR7+zuJrpDtKIgNdAvTSAcpYfgMIw+u2dPDntD3dgN4XQFLU2/fvFQdzj+EeSGfd/jnY5fQ==", - "dev": true, - "requires": { - "@types/istanbul-lib-coverage": "^2.0.1", - "convert-source-map": "^1.6.0", - "source-map": "^0.7.3" - }, - "dependencies": { - "source-map": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", - "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", - "dev": true - } - } - }, - "validate-npm-package-license": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", - "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", - "dev": true, - "requires": { - "spdx-correct": "^3.0.0", - "spdx-expression-parse": "^3.0.0" - } - }, - "verror": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", - "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", - "requires": { - "assert-plus": "^1.0.0", - "core-util-is": "1.0.2", - "extsprintf": "^1.2.0" - } - }, - "w3c-hr-time": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", - "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", - "dev": true, - "requires": { - "browser-process-hrtime": "^1.0.0" - } - }, - "w3c-xmlserializer": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", - "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", - "dev": true, - "requires": { - "domexception": "^1.0.1", - "webidl-conversions": "^4.0.2", - "xml-name-validator": "^3.0.0" - } - }, - "walker": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", - "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", - "dev": true, - "requires": { - "makeerror": "1.0.x" - } - }, - "webidl-conversions": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", - "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", - "dev": true - }, - "whatwg-encoding": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", - "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", - "dev": true, - "requires": { - "iconv-lite": "0.4.24" - } - }, - "whatwg-mimetype": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", - "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", - "dev": true - }, - "whatwg-url": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", - "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", - "dev": true, - "requires": { - "lodash.sortby": "^4.7.0", - "tr46": "^1.0.1", - "webidl-conversions": "^4.0.2" - } - }, - "which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "dev": true, - "requires": { - "isexe": "^2.0.0" - } - }, - "which-module": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", - "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", - "dev": true - }, - "word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", - "dev": true - }, - "wrap-ansi": { - "version": "6.2.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", - "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", - "dev": true, - "requires": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "write-file-atomic": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", - "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", - "dev": true, - "requires": { - "imurmurhash": "^0.1.4", - "is-typedarray": "^1.0.0", - "signal-exit": "^3.0.2", - "typedarray-to-buffer": "^3.1.5" - } - }, - "ws": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.0.tgz", - "integrity": "sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w==", - "dev": true - }, - "xml-name-validator": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", - "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", - "dev": true - }, - "xmlchars": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", - "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", - "dev": true - }, - "y18n": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", - "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", - "dev": true - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" - }, - "yargs": { - "version": "15.3.1", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", - "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", - "dev": true, - "requires": { - "cliui": "^6.0.0", - "decamelize": "^1.2.0", - "find-up": "^4.1.0", - "get-caller-file": "^2.0.1", - "require-directory": "^2.1.1", - "require-main-filename": "^2.0.0", - "set-blocking": "^2.0.0", - "string-width": "^4.2.0", - "which-module": "^2.0.0", - "y18n": "^4.0.0", - "yargs-parser": "^18.1.1" - } - }, - "yargs-parser": { - "version": "18.1.3", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz", - "integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==", - "dev": true, - "requires": { - "camelcase": "^5.0.0", - "decamelize": "^1.2.0" - } - } - } -} diff --git a/hooks/imperative-subsequent-scans/package.json b/hooks/imperative-subsequent-scans/package.json deleted file mode 100644 index ddcc03bb..00000000 --- a/hooks/imperative-subsequent-scans/package.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "imperative-subsequent-scans", - "version": "1.0.0", - "description": "", - "main": "hook.js", - "scripts": { - "test": "jest ." - }, - "keywords": [], - "author": "", - "license": "ISC", - "dependencies": { - "@kubernetes/client-node": "^0.12.0", - "lodash.set": "^4.3.2" - }, - "devDependencies": { - "jest": "^25.1.0" - } -} diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js deleted file mode 100644 index 4326aca6..00000000 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ /dev/null @@ -1,66 +0,0 @@ -const k8s = require("@kubernetes/client-node"); - -// configure k8s client -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); - -const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); - -async function startSubsequentSecureCodeBoxScan({ - parentScan, - name, - scanType, - parameters, -}) { - const scanDefinition = { - apiVersion: "execution.experimental.securecodebox.io/v1", - kind: "Scan", - metadata: { - name: name, - labels: { - ...parentScan.metadata.labels, - }, - annotations: { - "securecodebox.io/hook": "imperative-subsequent-scans", - "securecodebox.io/parent-scan": parentScan.metadata.name, - }, - ownerReferences: [ - { - apiVersion: "execution.experimental.securecodebox.io/v1", - blockOwnerDeletion: true, - controller: true, - kind: "Scan", - name: parentScan.metadata.name, - uid: parentScan.metadata.uid, - }, - ], - }, - spec: { - scanType, - parameters, - }, - }; - - // Changing label 'scan-type' (if defined by parent scan) to to the given scanType for the subsequent scan - if( scanDefinition.metadata.labels && scanDefinition.metadata.labels['scan-type'] ) { - scanDefinition.metadata.labels['scan-type'] = scanType; - } - - try { - // Starting another subsequent sslyze scan based on the nmap results - // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 - await k8sApiCRD.createNamespacedCustomObject( - "execution.experimental.securecodebox.io", - "v1", - process.env["NAMESPACE"], - "scans", - scanDefinition, - "false" - ); - } catch (error) { - console.error(`Failed to start Scan ${name}`); - console.error(error); - } -} - -module.exports.startSubsequentSecureCodeBoxScan = startSubsequentSecureCodeBoxScan; diff --git a/hooks/imperative-subsequent-scans/templates/NOTES.txt b/hooks/imperative-subsequent-scans/templates/NOTES.txt deleted file mode 100644 index 5c320679..00000000 --- a/hooks/imperative-subsequent-scans/templates/NOTES.txt +++ /dev/null @@ -1,2 +0,0 @@ -imperative-subsequent-scans Hook deployed. -This will start possible subsequent security scans based on nmap findings (e.g. open ports found by NMAP or subdomains found by AMASS). \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/templates/_helpers.tpl b/hooks/imperative-subsequent-scans/templates/_helpers.tpl deleted file mode 100644 index f428bdf3..00000000 --- a/hooks/imperative-subsequent-scans/templates/_helpers.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "imperative-subsequent-scans.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "imperative-subsequent-scans.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "imperative-subsequent-scans.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "imperative-subsequent-scans.labels" -}} -helm.sh/chart: {{ include "imperative-subsequent-scans.chart" . }} -{{ include "imperative-subsequent-scans.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "imperative-subsequent-scans.selectorLabels" -}} -app.kubernetes.io/name: {{ include "imperative-subsequent-scans.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} diff --git a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml deleted file mode 100644 index e397f629..00000000 --- a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: ScanCompletionHook -metadata: - name: {{ .Release.Name }} -spec: - type: ReadOnly - {{- if .Values.image.registry }} - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - {{- else }} - {{- if .Values.image.digest }} - image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - {{- end }} - serviceAccountName: imperative-combined-scans - env: - - name: CASCADE_AMASS_NMAP - value: {{ .Values.cascade.amassNmap | quote }} - - name: CASCADE_NMAP_SMB - value: {{ .Values.cascade.nmapSmb | quote }} - - name: CASCADE_NMAP_SSH - value: {{ .Values.cascade.nmapSsh | quote }} - - name: CASCADE_NMAP_SSL - value: {{ .Values.cascade.nmapSsl | quote }} - - name: CASCADE_NMAP_NIKTO - value: {{ .Values.cascade.nmapNikto | quote }} - - name: CASCADE_NMAP_ZAP_BASELINE - value: {{ .Values.cascade.nmapZapBaseline | quote }} \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/templates/role-binding.yaml b/hooks/imperative-subsequent-scans/templates/role-binding.yaml deleted file mode 100644 index d7ae37c9..00000000 --- a/hooks/imperative-subsequent-scans/templates/role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - description: ImperativeCombinedScansHook needs to have the rights to create new scans and the usual patch rules to update the scan status - name: imperative-combined-scans - namespace: {{ .Release.Namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: imperative-combined-scans -subjects: - - kind: ServiceAccount - name: imperative-combined-scans diff --git a/hooks/imperative-subsequent-scans/templates/role.yaml b/hooks/imperative-subsequent-scans/templates/role.yaml deleted file mode 100644 index 32a856cf..00000000 --- a/hooks/imperative-subsequent-scans/templates/role.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: - description: ImperativeCombinedScansHook needs to have the rights to create new scans and the usual patch rules to update the scan status - name: imperative-combined-scans - namespace: {{ .Release.Namespace }} -rules: - - apiGroups: - - execution.experimental.securecodebox.io - resources: - - scans - verbs: - - get - - list - - create - - apiGroups: - - execution.experimental.securecodebox.io - resources: - - scans/status - verbs: - - get - - patch \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/templates/service-account.yaml b/hooks/imperative-subsequent-scans/templates/service-account.yaml deleted file mode 100644 index 01b12e9d..00000000 --- a/hooks/imperative-subsequent-scans/templates/service-account.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: - description: ImperativeCombinedScansHook needs to have the rights to create new scans and the usual patch rules to update the scan status - name: imperative-combined-scans - namespace: {{ .Release.Namespace }} diff --git a/hooks/imperative-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml deleted file mode 100644 index 23f83f7e..00000000 --- a/hooks/imperative-subsequent-scans/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Default values for imperative-subsequent-scans Hook. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -cascade: - # Cascade nmap scans for each subdomain found by amass - amassNmap: true - # Cascade nmap SMB scans for each SMB Port found by nmap - nmapSmb: false - # Cascade SSH scans for each SSH Port found by nmap - nmapSsh: true - # Cascade SSL scans for each HTTP Port found by nmap - nmapSsl: true - # Cascade Nikto scans for each HTTP Port found by nmap - nmapNikto: false - # Cascade ZAP scans for each HTTP Port found by nmap - nmapZapBaseline: false - -image: - registry: docker.io - repository: scbexperimental/hook-imperative-subsequent-scans - tag: latest - digest: null diff --git a/hooks/package.json b/hooks/package.json index cb681ce8..6a4a960a 100644 --- a/hooks/package.json +++ b/hooks/package.json @@ -1,7 +1,12 @@ { "name": "securecodebox-hooks", "version": "1.0.0", - "description": "", + "description": "NPM library to easily set up new hooks for the secureCodeBox v2", + "homepage": "https://www.secureCodeBox.io", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, "main": "index.js", "directories": { "example": "example" @@ -9,9 +14,30 @@ "scripts": { "test": "jest" }, - "keywords": [], - "author": "", - "license": "ISC", + "keywords": [ + "secureCodeBox", + "security", + "hooks" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name" : "Jannik Hollenbach", + "url" : "https://github.com/J12934" + }, + { + "name" : "Robert Seedorff", + "url" : "https://github.com/rseedorff" + } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" + }, + "license": "Apache-2.0", "devDependencies": { "jest": "^25.1.0" } diff --git a/hooks/persistence-defectdojo/README.md b/hooks/persistence-defectdojo/README.md index dbf4cd42..5b85c64f 100644 --- a/hooks/persistence-defectdojo/README.md +++ b/hooks/persistence-defectdojo/README.md @@ -3,7 +3,7 @@ title: "DefectDojo" path: "hooks/persistence-defectdojo" category: "hook" type: "persistenceProvider" -state: "roadmap" +state: "developing" usecase: "Publishes all Scan Findings to DefectDojo." --- @@ -18,7 +18,7 @@ Tools which are supported both by the secureCodeBox and DefectDojo (OWASP ZAP & To learn more about DefectDojo visit [DefectDojo GitHub] or [DefectDojo Website]. ## Deployment -The secureCodeBox core team is working on an integration of DefectDojo. We will keep you informed. +> ๐Ÿ”ง The implementation is currently work-in-progress and under still undergoing major changes. It'll be released here once it has stabilized. [DefectDojo Website]: https://www.defectdojo.org/ diff --git a/hooks/persistence-elastic/Chart.lock b/hooks/persistence-elastic/Chart.lock index f046652e..945e6594 100644 --- a/hooks/persistence-elastic/Chart.lock +++ b/hooks/persistence-elastic/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: elasticsearch repository: https://helm.elastic.co - version: 7.6.1 + version: 7.9.2 - name: kibana repository: https://helm.elastic.co - version: 7.6.1 -digest: sha256:7d3461d986f620421f775f9ecaf73af2565ace9d909a8134c4259c5206f1f89c -generated: "2020-03-17T15:09:24.838784+01:00" + version: 7.9.2 +digest: sha256:e47a0c36a3ded9bc2cab9b2482dfa117dd2c3b9950d92d19d92cf47ac774ad69 +generated: "2020-10-07T10:47:56.519541956+02:00" diff --git a/hooks/persistence-elastic/Chart.yaml b/hooks/persistence-elastic/Chart.yaml index 855f4818..9fb2239b 100644 --- a/hooks/persistence-elastic/Chart.yaml +++ b/hooks/persistence-elastic/Chart.yaml @@ -4,16 +4,18 @@ description: The elastic persistence provider persists secureCodeBox findings in type: application -version: 0.1.0 +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest -appVersion: latest +appVersion: 7.9.2 +kubeVersion: ">=v1.11.0" dependencies: - name: elasticsearch - version: 7.6.1 + version: 7.9.2 repository: https://helm.elastic.co condition: elasticsearch.enabled - name: kibana - version: 7.6.1 + version: 7.9.2 repository: https://helm.elastic.co condition: kibana.enabled diff --git a/hooks/persistence-elastic/Dockerfile b/hooks/persistence-elastic/Dockerfile index 6e0086dd..adfb0ac2 100644 --- a/hooks/persistence-elastic/Dockerfile +++ b/hooks/persistence-elastic/Dockerfile @@ -5,7 +5,7 @@ WORKDIR /home/app COPY package.json package-lock.json ./ RUN npm ci --production -FROM scbexperimental/hook-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/persistence-elastic/README.md b/hooks/persistence-elastic/README.md index 294194d4..c39b74ea 100644 --- a/hooks/persistence-elastic/README.md +++ b/hooks/persistence-elastic/README.md @@ -10,46 +10,45 @@ usecase: "Publishes all Scan Findings to Elasticsearch." ## About -The ElasticSearch persistenceProvider hook saves all findings and reports into the configured ElasticSearch index. This allows for some easy searching and visualization of the findings. To learn more about Elasticsearch visit elastic.io. +The ElasticSearch persistenceProvider hook saves all findings and reports into the configured ElasticSearch index. This allows for some easy searching and visualization of the findings. To learn more about Elasticsearch visit [elastic.io]. ## Deployment -Installing the Elasticsearch persistenceProvider hook will add a _ReadOnly Hook_ to your namespace. +Installing the Elasticsearch persistenceProvider hook will add a _ReadOnly Hook_ to your namespace. ```bash helm upgrade --install elkh ./hooks/persistence-elastic/ ``` -## Configuration -see values.yaml - -```yaml -# Define a specific index prefix -indexPrefix: "scbv2" - -# Enable this when you already have an Elastic Stack running to which you want to send your results -externalElasticStack: - enabled: false - elasticsearchAddress: "https://elasticsearch.example.com" - kibanaAddress: "https://kibana.example.com" - -# Configure authentication schema and credentials the persistence provider should use to connect to elasticsearch -# user and apikey are mutually exclusive, only set one! -authentication: - # Link a pre-existing generic secret with `username` and `password` key / value pairs - userSecret: null - # Link a pre-existing generic secret with `id` and `key` key / value pairs - apiKeySecret: null - -# Configures included Elasticsearch subchart -elasticsearch: - enabled: true - replicas: 1 - minimumMasterNodes: 1 - # image: docker.elastic.co/elasticsearch/elasticsearch-oss - -# Configures included Elasticsearch subchart -kibana: - enabled: true - # image: docker.elastic.co/kibana/kibana-oss -``` \ No newline at end of file +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| authentication | object | `{"apiKeySecret":null,"userSecret":null}` | Configure authentication schema and credentials the persistence provider should use to connect to elasticsearch user and apikey are mutually exclusive, only set one! | +| authentication.apiKeySecret | string | `nil` | Link a pre-existing generic secret with `id` and `key` key / value pairs | +| authentication.userSecret | string | `nil` | Link a pre-existing generic secret with `username` and `password` key / value pairs | +| dashboardImporter.image.repository | string | `"securecodebox/persistence-elastic-dashboard-importer"` | | +| dashboardImporter.image.tag | string | `nil` | | +| elasticsearch | object | `{"enabled":true,"minimumMasterNodes":1,"replicas":1}` | Configures the included elasticsearch subchart (see: https://github.com/elastic/helm-charts/tree/elasticsearch) | +| elasticsearch.enabled | bool | `true` | Enable if you want to deploy an elasticsearch service. | +| elasticsearch.minimumMasterNodes | int | `1` | The value for discovery.zen.minimum_master_nodes. Should be set to (master_eligible_nodes / 2) + 1. Ignored in Elasticsearch versions >= 7 | +| elasticsearch.replicas | int | `1` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | +| externalElasticStack.elasticsearchAddress | string | `"https://elasticsearch.example.com"` | The URL of the elasticsearch service to persists all findings to. | +| externalElasticStack.enabled | bool | `false` | Enable this when you already have an Elastic Stack running to which you want to send your results | +| externalElasticStack.kibanaAddress | string | `"https://kibana.example.com"` | The URL of the kibana service used to visualize all findings. | +| fullnameOverride | string | `""` | | +| image.repository | string | `"docker.io/securecodebox/persistence-elastic"` | Image repository for the dashboard importer job | +| image.tag | string | defaults to the charts version | Image tag for the dashboard importer job | +| imagePullSecrets | list | `[]` | | +| indexPrefix | string | `"scbv2"` | Define a specific index prefix used for all elasticsearch indices. | +| kibana | object | `{"enabled":true}` | Configures included Elasticsearch subchart | +| kibana.enabled | bool | `true` | Enable if you want to deploy an kibana service (see: https://github.com/elastic/helm-charts/tree/master/kibana) | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| tolerations | list | `[]` | | + +[elastic.io]: https://www.elastic.co/products/elasticsearch \ No newline at end of file diff --git a/hooks/persistence-elastic/README.md.gotmpl b/hooks/persistence-elastic/README.md.gotmpl new file mode 100644 index 00000000..e6841ab4 --- /dev/null +++ b/hooks/persistence-elastic/README.md.gotmpl @@ -0,0 +1,28 @@ +--- +title: "Elasticsearch" +path: "hooks/persistence-elastic" +category: "hook" +type: "persistenceProvider" +state: "released" +usecase: "Publishes all Scan Findings to Elasticsearch." +--- + + + +## About +The ElasticSearch persistenceProvider hook saves all findings and reports into the configured ElasticSearch index. This allows for some easy searching and visualization of the findings. To learn more about Elasticsearch visit [elastic.io]. + +## Deployment + +Installing the Elasticsearch persistenceProvider hook will add a _ReadOnly Hook_ to your namespace. + +```bash +helm upgrade --install elkh ./hooks/persistence-elastic/ +``` + +## Chart Configuration + +{{ template "chart.valuesTable" . }} + + +[elastic.io]: https://www.elastic.co/products/elasticsearch \ No newline at end of file diff --git a/hooks/persistence-elastic/charts/elasticsearch-7.6.1.tgz b/hooks/persistence-elastic/charts/elasticsearch-7.6.1.tgz deleted file mode 100644 index 5fdb8c3b..00000000 Binary files a/hooks/persistence-elastic/charts/elasticsearch-7.6.1.tgz and /dev/null differ diff --git a/hooks/persistence-elastic/charts/elasticsearch-7.9.2.tgz b/hooks/persistence-elastic/charts/elasticsearch-7.9.2.tgz new file mode 100644 index 00000000..87e8cc83 Binary files /dev/null and b/hooks/persistence-elastic/charts/elasticsearch-7.9.2.tgz differ diff --git a/hooks/persistence-elastic/charts/kibana-7.6.1.tgz b/hooks/persistence-elastic/charts/kibana-7.6.1.tgz deleted file mode 100644 index 142bf7be..00000000 Binary files a/hooks/persistence-elastic/charts/kibana-7.6.1.tgz and /dev/null differ diff --git a/hooks/persistence-elastic/charts/kibana-7.9.2.tgz b/hooks/persistence-elastic/charts/kibana-7.9.2.tgz new file mode 100644 index 00000000..fc93d4ed Binary files /dev/null and b/hooks/persistence-elastic/charts/kibana-7.9.2.tgz differ diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json b/hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json index 02c3bb51..08fd680b 100644 --- a/hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json @@ -1,11 +1,11 @@ { - "version": "7.6.1", + "version": "7.8.0", "objects": [ { "id": "34c734b0-6e79-11ea-bdc0-35f8aa7c4664", "type": "dashboard", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzEwOCwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzYyLDFd", "attributes": { "title": "Daily Summary", "hits": 0, @@ -68,8 +68,8 @@ { "id": "c0042750-6e78-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzEwOSwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzYzLDFd", "attributes": { "title": "Findings Today", "visState": "{\"title\":\"Findings Today\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"number\",\"params\":{}}}]},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Findings today\"}}]}", @@ -93,14 +93,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "063dc0f0-6e79-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExMCwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY0LDFd", "attributes": { "title": "Scanners Run Today", "visState": "{\"title\":\"Scanners Run Today\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"scan_type.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_type.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Others\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Scanners\"}}]}", @@ -124,14 +124,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "819bc8f0-6e79-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExMSwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY1LDFd", "attributes": { "title": "Findings of the Day Grouped by Severity", "visState": "{\"title\":\"Findings of the Day Grouped by Severity\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{}}}],\"bucket\":{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}}}},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":4,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Findings\"}}]}", @@ -155,14 +155,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "01736ad0-6e7d-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExMiwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY2LDFd", "attributes": { "title": "Findings of the Day", "visState": "{\"title\":\"Findings of the Day\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"severity.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":4,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}", @@ -186,14 +186,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "8e8f8840-6e7d-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExMywxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY3LDFd", "attributes": { "title": "Findings of the Day Grouped by Scanner and Severity", "visState": "{\"title\":\"Findings of the Day Grouped by Scanner and Severity\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Findings\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Findings\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"scan_type.keyword: Descending\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Findings\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Scanner\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Findings\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"scan_type.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Scanners\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Scanner\"}}]}", @@ -217,14 +217,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "1b6acc20-6e7e-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExNCwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY4LDFd", "attributes": { "title": "Scanner Distribution over the Day", "visState": "{\"title\":\"Scanner Distribution over the Day\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT1H\",\"intervalESValue\":1,\"intervalESUnit\":\"h\",\"format\":\"YYYY-MM-DD HH:mm\",\"bounds\":{\"min\":\"2020-03-24T23:00:00.000Z\",\"max\":\"2020-03-25T22:59:59.999Z\"}},\"label\":\"Time\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"scan_type.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now/d\",\"to\":\"now/d\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"h\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Time\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"scan_type.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":8,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}", @@ -248,14 +248,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "d86d2e30-6e7e-11ea-bdc0-35f8aa7c4664", "type": "visualization", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExNSwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzY5LDFd", "attributes": { "title": "Finding Categories", "visState": "{\"title\":\"Finding Categories\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT1H\",\"intervalESValue\":1,\"intervalESUnit\":\"h\",\"format\":\"YYYY-MM-DD HH:mm\",\"bounds\":{\"min\":\"2020-03-24T23:00:00.000Z\",\"max\":\"2020-03-25T22:59:59.999Z\"}},\"label\":\"Time\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"category.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now/d\",\"to\":\"now/d\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"h\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"Time\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":8,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}", @@ -279,14 +279,14 @@ } ], "migrationVersion": { - "visualization": "7.4.2" + "visualization": "7.8.0" } }, { "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", "type": "index-pattern", - "updated_at": "2020-03-25T10:15:04.535Z", - "version": "WzExNiwxXQ==", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzcwLDFd", "attributes": { "title": "scbv2_*", "timeFieldName": "@timestamp", @@ -298,4 +298,4 @@ } } ] -} +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/nikto-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/nikto-overview.json new file mode 100644 index 00000000..92c19f76 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/nikto-overview.json @@ -0,0 +1,202 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "6a005c80-c4fd-11ea-8ad8-4f602085b3a0", + "type": "dashboard", + "updated_at": "2020-10-07T07:10:55.130Z", + "version": "WzE0MCwxXQ==", + "attributes": { + "title": "Nikto Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":24,\"h\":26,\"i\":\"064d7e56-9cc6-4412-8d22-c90a132d4ef0\"},\"panelIndex\":\"064d7e56-9cc6-4412-8d22-c90a132d4ef0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":12,\"i\":\"2974bd00-8e53-4585-87ec-37ba940bce1d\"},\"panelIndex\":\"2974bd00-8e53-4585-87ec-37ba940bce1d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":12,\"w\":24,\"h\":14,\"i\":\"016c374d-e5e9-4bf8-9bcd-bb7974dc2e41\"},\"panelIndex\":\"016c374d-e5e9-4bf8-9bcd-bb7974dc2e41\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":26,\"w\":48,\"h\":19,\"i\":\"3363d7bc-188d-42e6-9ab9-e532fb7586e0\"},\"panelIndex\":\"3363d7bc-188d-42e6-9ab9-e532fb7586e0\",\"embeddableConfig\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"asc\"}},\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":45,\"w\":48,\"h\":13,\"i\":\"8f0b22ff-6cde-4307-ae5a-8f7eaaed293f\"},\"panelIndex\":\"8f0b22ff-6cde-4307-ae5a-8f7eaaed293f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "3e202ad0-ca63-11ea-a3b0-538af20dfa95" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "783c93a0-c4fc-11ea-8ad8-4f602085b3a0" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "b8835650-c4f8-11ea-8ad8-4f602085b3a0" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "355b97b0-c4f8-11ea-8ad8-4f602085b3a0" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "1ae78820-c4fe-11ea-8ad8-4f602085b3a0" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "3e202ad0-ca63-11ea-a3b0-538af20dfa95", + "type": "visualization", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzNCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"scan_type.keyword\",\"negate\":false,\"params\":{\"query\":\"nikto\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"nikto\"}}}]}" + }, + "title": "Nikto Category Severity Distribution ", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100}},\"title\":\"Nikto Category Severity Distribution \"}" + }, + "references": [ + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "783c93a0-c4fc-11ea-8ad8-4f602085b3a0", + "type": "visualization", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzNSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"scan_type : nikto\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Nikto Findings Count", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"Nikto Findings Count\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":1,\"format\":{\"id\":\"number\",\"params\":{}}}],\"bucket\":{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}}}},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"\"}}]}" + }, + "references": [ + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "b8835650-c4f8-11ea-8ad8-4f602085b3a0", + "type": "visualization", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzNiwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"scan_type : nikto\",\"language\":\"kuery\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}" + }, + "title": "Nikto Finding Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.hostname.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"location.keyword: Descending\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"severity.keyword: Descending\",\"aggType\":\"terms\"}]}},\"title\":\"Nikto Finding Distribution\"}" + }, + "references": [ + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "355b97b0-c4f8-11ea-8ad8-4f602085b3a0", + "type": "visualization", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzNywxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"scan_type.keyword : \\\"nikto\\\" \",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Nitko Findings Table", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"title\":\"Nitko Findings Table\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":6,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Location\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Finding\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"OSI-Layer\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Severity\",\"aggType\":\"terms\"},{\"accessor\":4,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Category\",\"aggType\":\"terms\"},{\"accessor\":5,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://172.17.0.3:32634\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Path\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.hostname.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Location\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Finding\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"osi_layer.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"OSI-Layer\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Severity\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Category\"}},{\"id\":\"7\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"location.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"URL\"}}]}" + }, + "references": [ + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "1ae78820-c4fe-11ea-8ad8-4f602085b3a0", + "type": "visualization", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzOCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"scan_type : nikto\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[]}" + }, + "title": "Nikto Findings over Time", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"line\",\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"severity.keyword\",\"customLabel\":\"Number of Findings\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-15m\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"12h\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"2\",\"order\":\"desc\",\"size\":15,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"label\":\"Count\",\"params\":{}}]},\"grid\":{\"categoryLines\":false},\"labels\":{},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"2\",\"label\":\"Number of Findings\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"thresholdLine\":{\"color\":\"#E7664C\",\"show\":false,\"style\":\"full\",\"value\":10,\"width\":1},\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Number of Findings\"},\"type\":\"value\"}]},\"title\":\"Nikto Findings over Time\"}" + }, + "references": [ + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "275ca490-c4e1-11ea-8ad8-4f602085b3a0", + "type": "index-pattern", + "updated_at": "2020-10-07T07:10:28.522Z", + "version": "WzEzOSwxXQ==", + "attributes": { + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.ip_address.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.ip_address\"}}},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]", + "title": "scbv2*" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/portscan-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/portscan-overview.json new file mode 100644 index 00000000..20d422e8 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/portscan-overview.json @@ -0,0 +1,208 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "d93db110-937f-11ea-9a99-c571feec3570", + "type": "dashboard", + "updated_at": "2020-10-07T07:14:16.980Z", + "version": "WzE1MiwxXQ==", + "attributes": { + "title": "Portscan (Nmap) Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":24,\"h\":21,\"i\":\"8c5e3b84-d13b-4091-8aeb-4149ae76308e\"},\"panelIndex\":\"8c5e3b84-d13b-4091-8aeb-4149ae76308e\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":21,\"i\":\"5266292e-68fc-42c7-8987-ffccb4bd5fa9\"},\"panelIndex\":\"5266292e-68fc-42c7-8987-ffccb4bd5fa9\",\"embeddableConfig\":{\"legendOpen\":true,\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":21,\"w\":48,\"h\":17,\"i\":\"e9d5490e-311b-4e0e-9c32-89414cf6f8b8\"},\"panelIndex\":\"e9d5490e-311b-4e0e-9c32-89414cf6f8b8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":38,\"w\":48,\"h\":15,\"i\":\"bb29dd79-3523-427d-9873-a37e5fcffb64\"},\"panelIndex\":\"bb29dd79-3523-427d-9873-a37e5fcffb64\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": true, + "timeTo": "now", + "timeFrom": "now-7d", + "refreshInterval": { + "pause": true, + "value": 0 + }, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "ba6f5e30-937c-11ea-9a99-c571feec3570" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "d41ea4e0-937b-11ea-9a99-c571feec3570" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "15d73850-937e-11ea-9a99-c571feec3570" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "d49924b0-937e-11ea-9a99-c571feec3570" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "ba6f5e30-937c-11ea-9a99-c571feec3570", + "type": "visualization", + "updated_at": "2020-10-07T07:13:25.125Z", + "version": "WzE0NSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"Open Port\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Open Port\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"attributes.state.keyword\",\"params\":{\"query\":\"open\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index\"},\"query\":{\"match_phrase\":{\"attributes.state.keyword\":\"open\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Open Port Distribution", + "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", + "version": 1, + "visState": "{\"title\":\"Open Port Distribution\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Port\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.port\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "d41ea4e0-937b-11ea-9a99-c571feec3570", + "type": "visualization", + "updated_at": "2020-10-07T07:13:25.125Z", + "version": "WzE0NiwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"Host\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Host\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Host Distribution", + "uiStateJSON": "{\"vis\":{\"legendOpen\":false}}", + "version": 1, + "visState": "{\"title\":\"Host Distribution\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Office\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"scan_labels.vlan.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"scan_labels.office.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Office\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"scan_labels.vlan.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"VLAN\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "15d73850-937e-11ea-9a99-c571feec3570", + "type": "visualization", + "updated_at": "2020-10-07T07:13:25.125Z", + "version": "WzE0NywxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"type.keyword\",\"negate\":false,\"params\":{\"query\":\"finding\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category.keyword\",\"negate\":false,\"params\":{\"query\":\"Open Port\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Open Port\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Host Port Overview", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"title\":\"Host Port Overview\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":7,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"IP Address\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Hostname\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Port\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"State\",\"aggType\":\"terms\"},{\"accessor\":4,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Service Name\",\"aggType\":\"terms\"},{\"accessor\":5,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Office\",\"aggType\":\"terms\"},{\"accessor\":6,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"VLAN\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.ip_address.keyword\",\"orderBy\":\"1\",\"order\":\"asc\",\"size\":500,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"IP Address\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.hostname.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":500,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Hostname\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.port\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":30,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.service.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Service Name\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_labels.office.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Office\"}},{\"id\":\"7\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_labels.vlan.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"VLAN\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "d49924b0-937e-11ea-9a99-c571feec3570", + "type": "visualization", + "updated_at": "2020-10-07T07:13:25.125Z", + "version": "WzE0OCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "Open Ports Histogram", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"Open Ports Histogram\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Open Ports\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Open Ports\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"interpolate\":\"linear\",\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD\"}},\"params\":{\"date\":true,\"interval\":\"P1D\",\"intervalESValue\":1,\"intervalESUnit\":\"d\",\"format\":\"YYYY-MM-DD\",\"bounds\":{\"min\":\"2020-05-05T09:41:29.143Z\",\"max\":\"2020-05-12T09:41:29.143Z\"}},\"label\":\"@timestamp per day\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Port Count\",\"aggType\":\"cardinality\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"attributes.service.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Open Ports\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"d\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"attributes.service.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "type": "index-pattern", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzcwLDFd", + "attributes": { + "title": "scbv2_*", + "timeFieldName": "@timestamp", + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"ip\",\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/ssh-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/ssh-overview.json new file mode 100644 index 00000000..fe296047 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/ssh-overview.json @@ -0,0 +1,662 @@ +{ + "version": "7.9.1", + "objects": [ + { + "id": "271ddac0-98d7-11ea-890b-7db8819c4f5b", + "type": "dashboard", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:44:05.331Z", + "version": "WzE5MDYsMV0=", + "attributes": { + "title": "SSH Scan Dashboard", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":20,\"h\":13,\"i\":\"00457ec4-c76c-4196-88af-0dca1404627f\"},\"panelIndex\":\"00457ec4-c76c-4196-88af-0dca1404627f\",\"embeddableConfig\":{\"colors\":{\"A\":\"#3F6833\",\"C\":\"#EAB839\",\"D\":\"#967302\",\"F\":\"#890F02\"},\"legendOpen\":true,\"vis\":{\"colors\":{\"A\":\"#3F6833\",\"C\":\"#EAB839\",\"D\":\"#967302\",\"F\":\"#890F02\"},\"legendOpen\":false}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":20,\"y\":0,\"w\":9,\"h\":13,\"i\":\"aea66e0d-be54-4d82-b167-f49ca7168ba1\"},\"panelIndex\":\"aea66e0d-be54-4d82-b167-f49ca7168ba1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":29,\"y\":0,\"w\":19,\"h\":13,\"i\":\"9272c81f-a5a2-405e-a81a-390f11fd1e79\"},\"panelIndex\":\"9272c81f-a5a2-405e-a81a-390f11fd1e79\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":13,\"w\":48,\"h\":9,\"i\":\"5fc84884-6aae-4de5-ac36-19db1a653dd4\"},\"panelIndex\":\"5fc84884-6aae-4de5-ac36-19db1a653dd4\",\"embeddableConfig\":{\"vis\":{\"colors\":{\"F\":\"#890F02\",\"D\":\"#99440A\",\"C\":\"#EAB839\",\"A\":\"#3F6833\"}},\"colors\":{\"F\":\"#890F02\",\"D\":\"#99440A\",\"C\":\"#EAB839\"}},\"panelRefName\":\"panel_3\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":22,\"w\":48,\"h\":10,\"i\":\"feb5ab7a-abdc-4a83-8760-4685d7b4eb72\"},\"panelIndex\":\"feb5ab7a-abdc-4a83-8760-4685d7b4eb72\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":32,\"w\":35,\"h\":16,\"i\":\"37f39ea5-db2d-4327-8f1b-f892de74fcce\"},\"panelIndex\":\"37f39ea5-db2d-4327-8f1b-f892de74fcce\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":35,\"y\":32,\"w\":13,\"h\":16,\"i\":\"d83824f6-132d-4b53-b00d-3acaea0feac6\"},\"panelIndex\":\"d83824f6-132d-4b53-b00d-3acaea0feac6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":48,\"w\":48,\"h\":14,\"i\":\"9a8ddb7b-5af8-4b09-a27d-199fff45dc21\"},\"panelIndex\":\"9a8ddb7b-5af8-4b09-a27d-199fff45dc21\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":62,\"w\":24,\"h\":15,\"i\":\"58f41ba4-642d-459b-8676-b7c8a12ca563\"},\"panelIndex\":\"58f41ba4-642d-459b-8676-b7c8a12ca563\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":62,\"w\":24,\"h\":15,\"i\":\"ec192f6a-6e6e-4c61-b32d-90c5fff62662\"},\"panelIndex\":\"ec192f6a-6e6e-4c61-b32d-90c5fff62662\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":77,\"w\":24,\"h\":15,\"i\":\"40218cb8-446a-4514-98ae-2a2a2b16acd9\"},\"panelIndex\":\"40218cb8-446a-4514-98ae-2a2a2b16acd9\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_10\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":77,\"w\":24,\"h\":15,\"i\":\"47e57065-d470-434a-91e4-121a12a24166\"},\"panelIndex\":\"47e57065-d470-434a-91e4-121a12a24166\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_11\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":92,\"w\":24,\"h\":15,\"i\":\"a0457934-be43-4ecd-810a-24dde212b47a\"},\"panelIndex\":\"a0457934-be43-4ecd-810a-24dde212b47a\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_12\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":92,\"w\":24,\"h\":15,\"i\":\"aa1c30f3-728a-4282-a20f-7de52d944957\"},\"panelIndex\":\"aa1c30f3-728a-4282-a20f-7de52d944957\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_13\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": true, + "timeTo": "now", + "timeFrom": "now-7d", + "refreshInterval": { + "pause": true, + "value": 0 + }, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "eea6d510-98cd-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "12ee70d0-98cf-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "f9e53480-98d7-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "be883b00-98d0-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "5fb07c90-98d1-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_5", + "type": "visualization", + "id": "18de5700-98d2-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_6", + "type": "visualization", + "id": "d1eadf10-98d8-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_7", + "type": "visualization", + "id": "c83ca340-98d3-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_8", + "type": "visualization", + "id": "2690e460-98d4-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_9", + "type": "visualization", + "id": "65c68860-98d4-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_10", + "type": "visualization", + "id": "e3736260-98d4-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_11", + "type": "visualization", + "id": "3da019e0-98d5-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_12", + "type": "visualization", + "id": "8f4c74f0-98d5-11ea-890b-7db8819c4f5b" + }, + { + "name": "panel_13", + "type": "visualization", + "id": "086ce900-98d6-11ea-890b-7db8819c4f5b" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "eea6d510-98cd-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NDYsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Grade Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Grade Distribution\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"attributes.grade.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.grade.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "12ee70d0-98cf-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4MzcsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"scan_type.keyword\",\"params\":{\"query\":\"ssh-scan\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"ssh-scan\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Number of Hosts", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Number of Hosts\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"number\",\"params\":{}}}]},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"SSH Hosts\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "f9e53480-98d7-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NDcsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Policy Violation\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Policy Violation\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Server Issue Types", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Server Issue Types\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"name.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "be883b00-98d0-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NDksMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Grades over Time", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Grades over Time\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique count of location.keyword\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Unique count of location.keyword\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"interpolate\":\"linear\",\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"12h\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"attributes.grade.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":6,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "5fb07c90-98d1-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTAsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"attributes.server_banner.keyword\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"attributes.server_banner.keyword\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"}},{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"attributes.grade.keyword\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Server Banners over Time", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Server Banners over Time\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique count of location.keyword\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"area\",\"mode\":\"stacked\",\"data\":{\"label\":\"Unique count of location.keyword\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"labels\":{},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT12H\",\"intervalESValue\":12,\"intervalESUnit\":\"h\",\"format\":\"YYYY-MM-DD HH:mm\",\"bounds\":{\"min\":\"2020-05-11T07:37:02.350Z\",\"max\":\"2020-05-18T07:37:02.350Z\"}},\"label\":\"@timestamp per 12 hours\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"attributes.server_banner.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"d\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"attributes.server_banner.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "18de5700-98d2-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NDAsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Version Distribution Bar Chart", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Version Distribution Bar Chart\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Server Banner\",\"aggType\":\"terms\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"cardinality\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"scan_labels.office.keyword: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.server_banner.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Server Banner\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"scan_labels.office.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Office\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "d1eadf10-98d8-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTEsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Server Versions", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Server Versions\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"attributes.ssh_version: Descending\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.server_banner.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "c83ca340-98d3-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTIsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type.keyword\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type.keyword\":\"finding\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"scan_type.keyword\",\"params\":{\"query\":\"ssh-scan\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"ssh-scan\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[3].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Server Overview", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"title\":\"SSH Server Overview\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":7,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Location\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"IP Address\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Server Banner\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Grade\",\"aggType\":\"terms\"},{\"accessor\":4,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"SecurityTest Context\",\"aggType\":\"terms\"},{\"accessor\":5,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"Office\",\"aggType\":\"terms\"},{\"accessor\":6,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"VLAN\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"location.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Location\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.ip_address.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"IP Address\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.server_banner.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Server Banner\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.grade.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Grade\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":1000,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SecurityTest Context\"}},{\"id\":\"7\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_labels.office.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Office\"}},{\"id\":\"8\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"scan_labels.vlan.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"VLAN\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[3].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "2690e460-98d4-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NDQsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Authentication Methods", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Authentication Methods\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Unique count of location.keyword\",\"aggType\":\"cardinality\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}},\"params\":{},\"label\":\"SSH Authentication Methods\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.auth_methods.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SSH Authentication Methods\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "65c68860-98d4-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTMsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Protocol Version Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Protocol Version Distribution\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.ssh_version\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "e3736260-98d4-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTQsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Key Exchange Algorithms Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Key Exchange Algorithms Distribution\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.key_algorithms.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SSH Key Exchange Algorithms\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "3da019e0-98d5-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTUsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Encryption Algorithms", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Encryption Algorithms\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.encryption_algorithms.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SSH Encryption Algorithms\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "8f4c74f0-98d5-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4NTYsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH MAC Algorithm Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH MAC Algorithm Distribution\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.mac_algorithms.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SSH MAC Algorithms\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "086ce900-98d6-11ea-890b-7db8819c4f5b", + "type": "visualization", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4MzQsMV0=", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"category.keyword\",\"params\":{\"query\":\"SSH Service\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"SSH Service\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"exists\",\"key\":\"attributes.grade.keyword\",\"value\":\"exists\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"exists\":{\"field\":\"attributes.grade.keyword\"},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH Compression Algorithms Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"title\":\"SSH Compression Algorithms Distribution\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.compression_algorithms.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SSH Compression Algorithms\"}}]}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "type": "index-pattern", + "namespaces": [ + "scbv2-demo" + ], + "updated_at": "2020-07-24T06:32:17.680Z", + "version": "WzE4MjEsMV0=", + "attributes": { + "fieldFormatMap": "{\"attributes.port\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"},\"pattern\":\"00.[000]\"}},\"attributes.smb_protocol_version\":{\"id\":\"number\",\"params\":{\"parsedUrl\":{\"origin\":\"https://analytics.chase.securecodebox.io\",\"pathname\":\"/s/securecodebox-v2/app/kibana\",\"basePath\":\"/s/securecodebox-v2\"}}}}", + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":1,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.addresses.asn\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"attributes.addresses.cidr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.addresses.cidr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.addresses.cidr\"}}},{\"name\":\"attributes.addresses.desc\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.addresses.desc.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.addresses.desc\"}}},{\"name\":\"attributes.addresses.ip\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.addresses.ip.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.addresses.ip\"}}},{\"name\":\"attributes.auth_methods\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.auth_methods.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.auth_methods\"}}},{\"name\":\"attributes.cipher_suites\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.cipher_suites.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.cipher_suites\"}}},{\"name\":\"attributes.compliance_policy\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.compliance_policy.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.compliance_policy\"}}},{\"name\":\"attributes.compliant\",\"type\":\"boolean\",\"esTypes\":[\"boolean\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"attributes.compression_algorithms\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.compression_algorithms.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.compression_algorithms\"}}},{\"name\":\"attributes.domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.domain\"}}},{\"name\":\"attributes.encryption_algorithms\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.encryption_algorithms.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.encryption_algorithms\"}}},{\"name\":\"attributes.grade\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.grade.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.grade\"}}},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.ip_address.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.ip_address\"}}},{\"name\":\"attributes.key_algorithms\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.key_algorithms.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.key_algorithms\"}}},{\"name\":\"attributes.mac_algorithms\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.mac_algorithms.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.mac_algorithms\"}}},{\"name\":\"attributes.method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.method\"}}},{\"name\":\"attributes.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.name\"}}},{\"name\":\"attributes.os_cpe\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.os_cpe.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.os_cpe\"}}},{\"name\":\"attributes.outdated_version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.outdated_version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.outdated_version\"}}},{\"name\":\"attributes.payload\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.payload.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.payload\"}}},{\"name\":\"attributes.port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"attributes.protocol\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.protocol.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.protocol\"}}},{\"name\":\"attributes.references\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.references.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.references\"}}},{\"name\":\"attributes.scripts\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.scripts.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.scripts\"}}},{\"name\":\"attributes.server_banner\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.server_banner.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.server_banner\"}}},{\"name\":\"attributes.service\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.service.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.service\"}}},{\"name\":\"attributes.serviceProduct\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.serviceProduct.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.serviceProduct\"}}},{\"name\":\"attributes.serviceVersion\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.serviceVersion.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.serviceVersion\"}}},{\"name\":\"attributes.smb_protocol_version\",\"type\":\"number\",\"esTypes\":[\"float\",\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"attributes.source\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.source.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.source\"}}},{\"name\":\"attributes.ssh_lib_cpe\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.ssh_lib_cpe.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.ssh_lib_cpe\"}}},{\"name\":\"attributes.ssh_version\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"attributes.state\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.state.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.state\"}}},{\"name\":\"attributes.tag\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.tag.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.tag\"}}},{\"name\":\"attributes.tls_versions\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.tls_versions.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.tls_versions\"}}},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"hint\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"hint.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"hint\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"labels.attack-surface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.attack-surface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.attack-surface\"}}},{\"name\":\"labels.fluxcd.io/sync-gc-mark\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.fluxcd.io/sync-gc-mark.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.fluxcd.io/sync-gc-mark\"}}},{\"name\":\"labels.office\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.office.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.office\"}}},{\"name\":\"labels.organization\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.organization.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.organization\"}}},{\"name\":\"labels.product\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.product.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.product\"}}},{\"name\":\"labels.scan-type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.scan-type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.scan-type\"}}},{\"name\":\"labels.vlan\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.vlan.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.vlan\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_labels.attack-surface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.attack-surface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.attack-surface\"}}},{\"name\":\"scan_labels.fluxcd.io/sync-gc-mark\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.fluxcd.io/sync-gc-mark.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.fluxcd.io/sync-gc-mark\"}}},{\"name\":\"scan_labels.office\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.office.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.office\"}}},{\"name\":\"scan_labels.organization\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.organization.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.organization\"}}},{\"name\":\"scan_labels.product\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.product.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.product\"}}},{\"name\":\"scan_labels.scan-type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.scan-type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.scan-type\"}}},{\"name\":\"scan_labels.vlan\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.vlan.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.vlan\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":3,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]", + "timeFieldName": "@timestamp", + "title": "scbv2_*" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/subdomain-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/subdomain-overview.json new file mode 100644 index 00000000..53e6ab16 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/subdomain-overview.json @@ -0,0 +1,247 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "83e56080-b235-11ea-872e-c9b5d5ddb284", + "type": "dashboard", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "WzcxLDFd", + "attributes": { + "title": "Subdomain (Amass) Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":10,\"h\":8,\"i\":\"3733ddef-b40f-4217-a0b2-8ba0b33bda55\"},\"panelIndex\":\"3733ddef-b40f-4217-a0b2-8ba0b33bda55\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":10,\"y\":0,\"w\":7,\"h\":8,\"i\":\"641856dc-33f7-448f-8b1d-d5650e36ee5b\"},\"panelIndex\":\"641856dc-33f7-448f-8b1d-d5650e36ee5b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":17,\"y\":0,\"w\":7,\"h\":8,\"i\":\"65a2dafa-4d83-4a82-a8c8-d29f78c5de07\"},\"panelIndex\":\"65a2dafa-4d83-4a82-a8c8-d29f78c5de07\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":23,\"i\":\"d331a001-f70b-4991-a050-a4347db862f2\"},\"panelIndex\":\"d331a001-f70b-4991-a050-a4347db862f2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":8,\"w\":24,\"h\":15,\"i\":\"dceb4446-16c3-4cb8-b1df-0062d56bac3f\"},\"panelIndex\":\"dceb4446-16c3-4cb8-b1df-0062d56bac3f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":23,\"w\":48,\"h\":16,\"i\":\"2569f9de-cacd-4747-89ae-73bf6d336d9e\"},\"panelIndex\":\"2569f9de-cacd-4747-89ae-73bf6d336d9e\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"}]", + "optionsJSON": "{\"useMargins\":true,\"hidePanelTitles\":false}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "ad340d40-b232-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "e3205f80-b232-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "36b1bc50-b235-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "fe56db10-b234-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "47eaae20-b233-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_5", + "type": "search", + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "ad340d40-b232-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "WzcyLDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "[Subdomain] Average Subdomain Count", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg_bucket\",\"schema\":\"metric\",\"params\":{\"customBucket\":{\"id\":\"1-bucket\",\"enabled\":true,\"type\":\"terms\",\"params\":{\"field\":\"attributes.domain.keyword\",\"orderBy\":\"_key\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}},\"customMetric\":{\"id\":\"1-metric\",\"enabled\":true,\"type\":\"cardinality\",\"params\":{\"field\":\"location.keyword\"}}}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"[Subdomain] Average Subdomain Count\"}" + }, + "references": [ + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "e3205f80-b232-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "WzczLDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "[Subdomain] Domain Monitored", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"attributes.domain.keyword\",\"customLabel\":\"Domains Monitored\"}}],\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}},\"title\":\"[Subdomain] Domain Monitored\"}" + }, + "references": [ + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "36b1bc50-b235-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "Wzc0LDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "[Subdomain] Total Subdomain Count", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Total Subdomain Count\"}}],\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}}},\"title\":\"[Subdomain] Total Subdomain Count\"}" + }, + "references": [ + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "fe56db10-b234-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "Wzc1LDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "[Subdomain] Subdomain Table", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"type\":\"table\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"attributes.domain.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"location.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"perPage\":20,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"percentageCol\":\"\"},\"title\":\"[Subdomain] Subdomain Table\"}" + }, + "references": [ + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "47eaae20-b233-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "Wzc2LDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "[Subdomain] Subdomain Count per Domain", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Subdomain Count\",\"field\":\"location.keyword\"},\"schema\":\"metric\",\"type\":\"cardinality\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"attributes.domain.keyword\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"size\":100},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":true,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"[Subdomain] Subdomain Count per Domain\",\"type\":\"pie\"}" + }, + "references": [ + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "9aef0a00-b231-11ea-872e-c9b5d5ddb284", + "type": "search", + "updated_at": "2020-10-07T06:45:26.362Z", + "version": "Wzc3LDFd", + "attributes": { + "columns": [ + "_source" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"*\",\"language\":\"kuery\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"scan_type\",\"params\":{\"query\":\"amass\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type\":\"amass\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"type\":\"finding\"}},\"$state\":{\"store\":\"appState\"}}]}" + }, + "sort": [], + "title": "AMASS Findings", + "version": 1 + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "search": "7.4.0" + } + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "type": "index-pattern", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzcwLDFd", + "attributes": { + "title": "scbv2_*", + "timeFieldName": "@timestamp", + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"ip\",\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/tls-ssl-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/tls-ssl-overview.json new file mode 100644 index 00000000..ecbb9f75 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/tls-ssl-overview.json @@ -0,0 +1,432 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "f5e576c0-af97-11ea-b237-7b9069d086af", + "type": "dashboard", + "updated_at": "2020-10-07T06:57:38.769Z", + "version": "WzExNCwxXQ==", + "attributes": { + "title": "TLS/SSL (SSLyze) Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":8,\"h\":8,\"i\":\"164d323a-d2c8-47c7-9383-a333a7b9cb7b\"},\"panelIndex\":\"164d323a-d2c8-47c7-9383-a333a7b9cb7b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":8,\"y\":0,\"w\":8,\"h\":8,\"i\":\"896f77b8-b797-4c28-bffe-7485c2b51e0b\"},\"panelIndex\":\"896f77b8-b797-4c28-bffe-7485c2b51e0b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":16,\"y\":0,\"w\":8,\"h\":8,\"i\":\"c521873b-6c8d-48b0-b1ca-6a0433382703\"},\"panelIndex\":\"c521873b-6c8d-48b0-b1ca-6a0433382703\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":0,\"w\":24,\"h\":12,\"i\":\"50b58fb8-bc82-4f0d-9632-8b5e4859a40c\"},\"panelIndex\":\"50b58fb8-bc82-4f0d-9632-8b5e4859a40c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":8,\"w\":24,\"h\":19,\"i\":\"c0eeaec9-1923-4e15-b913-8bef98c3f1d0\"},\"panelIndex\":\"c0eeaec9-1923-4e15-b913-8bef98c3f1d0\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":24,\"y\":12,\"w\":24,\"h\":15,\"i\":\"5e9e232f-2a55-46ed-a051-20276691925b\"},\"panelIndex\":\"5e9e232f-2a55-46ed-a051-20276691925b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":27,\"w\":10,\"h\":18,\"i\":\"2827d73e-16a5-411f-b666-0181f4511065\"},\"panelIndex\":\"2827d73e-16a5-411f-b666-0181f4511065\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":10,\"y\":27,\"w\":38,\"h\":18,\"i\":\"e84f6296-df1d-4382-94b0-229496815970\"},\"panelIndex\":\"e84f6296-df1d-4382-94b0-229496815970\",\"embeddableConfig\":{},\"panelRefName\":\"panel_7\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":45,\"w\":48,\"h\":12,\"i\":\"e5cc761e-604c-48ae-86cc-577fe82be7f2\"},\"panelIndex\":\"e5cc761e-604c-48ae-86cc-577fe82be7f2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_8\"},{\"version\":\"7.8.0\",\"gridData\":{\"x\":0,\"y\":57,\"w\":48,\"h\":16,\"i\":\"791b05e7-010b-477d-aa41-7194acafde51\"},\"panelIndex\":\"791b05e7-010b-477d-aa41-7194acafde51\",\"embeddableConfig\":{},\"panelRefName\":\"panel_9\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "cd94e7d0-af94-11ea-b237-7b9069d086af" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "a952df70-af95-11ea-b237-7b9069d086af" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "65ad1010-af95-11ea-b237-7b9069d086af" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "d02bd470-af96-11ea-b237-7b9069d086af" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "35e5f6c0-af96-11ea-b237-7b9069d086af" + }, + { + "name": "panel_5", + "type": "visualization", + "id": "c41769e0-af98-11ea-b237-7b9069d086af" + }, + { + "name": "panel_6", + "type": "visualization", + "id": "01d1cda0-af9b-11ea-b237-7b9069d086af" + }, + { + "name": "panel_7", + "type": "visualization", + "id": "fc8c4650-af99-11ea-b237-7b9069d086af" + }, + { + "name": "panel_8", + "type": "visualization", + "id": "bb536d60-af9b-11ea-b237-7b9069d086af" + }, + { + "name": "panel_9", + "type": "visualization", + "id": "5b86d230-af9d-11ea-b237-7b9069d086af" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "cd94e7d0-af94-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "Wzk4LDFd", + "attributes": { + "description": "Counts the total amount of tls services found during a given period of time. ", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category\",\"negate\":false,\"params\":{\"query\":\"TLS Service Info\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category\":\"TLS Service Info\"}}}]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Unique Service Count", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Unique TLS Services\"}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"TLS Unique Service Count\"}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "a952df70-af95-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "Wzk5LDFd", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category.keyword\",\"negate\":false,\"params\":{\"query\":\"Invalid Certificate\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Invalid Certificate\"}}}]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Unique Count of Invalid Certificate Findings", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Unique Invalid TLS Cert Findings\"}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"TLS Unique Count of Invalid Certificate Findings\"}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "65ad1010-af95-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwMCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category.keyword\",\"negate\":false,\"params\":{\"query\":\"Outdated TLS Version\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Outdated TLS Version\"}}}]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Unique Count of Outdated Certificate Findings", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Outdated TLS Versions\"}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"TLS Unique Count of Outdated Certificate Findings\"}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "d02bd470-af96-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwMSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category.keyword\",\"negate\":false,\"params\":{\"query\":\"Invalid Certificate\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Invalid Certificate\"}}}]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Service Issue Distribution", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Untrusted Certificate Root\":\"#EA6460\",\"Expired Certificate\":\"#890F02\",\"Invalid Hostname\":\"#70DBED\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"field\":\"location.keyword\"},\"schema\":\"metric\",\"type\":\"cardinality\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"name.keyword\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"size\":10},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"TLS Service Issue Distribution\",\"type\":\"pie\"}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "35e5f6c0-af96-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwMiwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Findings by Category and Severity", + "uiStateJSON": "{\"vis\":{\"colors\":{\"INFORMATIONAL\":\"#DEDAF7\",\"MEDIUM\":\"#EF843C\"}}}", + "version": 1, + "visState": "{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Unique count of location.keyword\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Unique count of location.keyword\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":true},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"orderBucketsBySum\":true},\"title\":\"TLS Findings by Category and Severity\"}" + }, + "references": [ + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "c41769e0-af98-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwMywxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Version Distribution by Severity", + "uiStateJSON": "{\"vis\":{\"colors\":{\"INFORMATIONAL\":\"#DEDAF7\"}}}", + "version": 1, + "visState": "{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Unique Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.tls_versions.keyword\",\"orderBy\":\"_key\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"TLS Version\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Unique Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":true},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"orderBucketsBySum\":false},\"title\":\"TLS Version Distribution by Severity\"}" + }, + "references": [ + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "01d1cda0-af9b-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwNCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Port Distribution", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.port\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Port\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"TLS Port Distribution\"}" + }, + "references": [ + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "fc8c4650-af99-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwNSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Cipher Suites Distribution by Severity", + "uiStateJSON": "{\"vis\":{\"colors\":{\"INFORMATIONAL\":\"#DEDAF7\"}}}", + "version": 1, + "visState": "{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Unique Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.cipher_suites.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"TLS Cipher Suites\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false},\"labels\":{\"show\":true},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Unique Count\"},\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"mode\":\"stacked\",\"show\":true,\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"thresholdLine\":{\"color\":\"#E7664C\",\"show\":false,\"style\":\"full\",\"value\":10,\"width\":1},\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Unique Count\"},\"type\":\"value\"}]},\"title\":\"TLS Cipher Suites Distribution by Severity\"}" + }, + "references": [ + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "bb536d60-af9b-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwNiwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Findings by Category Histogram", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"line\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\",\"customLabel\":\"Unique Count\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-4d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Unique Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"interpolate\":\"linear\",\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}},\"title\":\"TLS Findings by Category Histogram\"}" + }, + "references": [ + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "5b86d230-af9d-11ea-b237-7b9069d086af", + "type": "visualization", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwNywxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"category.keyword\",\"negate\":false,\"params\":{\"query\":\"Outdated TLS Version\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"category.keyword\":\"Outdated TLS Version\"}}}]}" + }, + "savedSearchRefName": "search_0", + "title": "TLS Hostnames with Outdated Certificates", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":2,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Unique Count\",\"field\":\"attributes.hostname.keyword\"},\"schema\":\"metric\",\"type\":\"cardinality\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"Hostname\",\"field\":\"attributes.hostname.keyword\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":100},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Port\",\"field\":\"attributes.port\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":10},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"5\",\"params\":{\"customLabel\":\"TLS Category\",\"field\":\"category.keyword\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":10,\"percentageCol\":\"\",\"showMetricsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"TLS Hostnames with Outdated Certificates\",\"type\":\"table\"}" + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "type": "index-pattern", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzcwLDFd", + "attributes": { + "title": "scbv2_*", + "timeFieldName": "@timestamp", + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"ip\",\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + }, + { + "id": "414409a0-af94-11ea-b237-7b9069d086af", + "type": "search", + "updated_at": "2020-10-07T06:56:04.257Z", + "version": "WzEwOCwxXQ==", + "attributes": { + "columns": [ + "_source" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":true,\"type\":\"phrase\",\"key\":\"type\",\"params\":{\"query\":\"scan\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type\":\"scan\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"scan_type\",\"params\":{\"query\":\"sslyze\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type\":\"sslyze\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"type\",\"params\":{\"query\":\"finding\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index\"},\"query\":{\"match_phrase\":{\"type\":\"finding\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "sort": [], + "title": "SSL Scan Findings", + "version": 1 + }, + "references": [ + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[2].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "search": "7.4.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/wordpress-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/wordpress-overview.json new file mode 100644 index 00000000..63d9d3bb --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/wordpress-overview.json @@ -0,0 +1,218 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "12b72880-fc09-11ea-a91c-5358dd402fdc", + "type": "dashboard", + "updated_at": "2020-10-07T06:46:19.501Z", + "version": "Wzg3LDFd", + "attributes": { + "title": "WordPress (WPScan) Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"version\":\"7.8.0\",\"gridData\":{\"h\":16,\"i\":\"a884a6e4-f79d-473c-9cee-6852b7ccb262\",\"w\":8,\"x\":0,\"y\":0},\"panelIndex\":\"a884a6e4-f79d-473c-9cee-6852b7ccb262\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.8.0\",\"gridData\":{\"h\":16,\"i\":\"4179832b-c365-44d6-ad05-bc5143fd20e1\",\"w\":20,\"x\":8,\"y\":0},\"panelIndex\":\"4179832b-c365-44d6-ad05-bc5143fd20e1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.8.0\",\"gridData\":{\"h\":16,\"i\":\"ea2a79e4-43f7-45e4-8bd9-43eac8e207d5\",\"w\":20,\"x\":28,\"y\":0},\"panelIndex\":\"ea2a79e4-43f7-45e4-8bd9-43eac8e207d5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.8.0\",\"gridData\":{\"h\":16,\"i\":\"a6a33782-1ad5-4005-ad42-f97c5cea44ab\",\"w\":48,\"x\":0,\"y\":16},\"panelIndex\":\"a6a33782-1ad5-4005-ad42-f97c5cea44ab\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.8.0\",\"gridData\":{\"h\":15,\"i\":\"c9018376-6bdf-44a2-a9bc-f2044d1a0abe\",\"w\":48,\"x\":0,\"y\":32},\"panelIndex\":\"c9018376-6bdf-44a2-a9bc-f2044d1a0abe\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "b70123d0-fc06-11ea-a91c-5358dd402fdc" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "a55a03b0-fc04-11ea-a91c-5358dd402fdc" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "1525d810-fd89-11ea-a23c-bdbeb8721271" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "4005af70-fc02-11ea-a91c-5358dd402fdc" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "574594f0-fd8f-11ea-a23c-bdbeb8721271" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "b70123d0-fc06-11ea-a91c-5358dd402fdc", + "type": "visualization", + "updated_at": "2020-10-07T06:45:27.386Z", + "version": "Wzc5LDFd", + "attributes": { + "title": "WPScan Findings Count", + "visState": "{\"title\":\"WPScan Findings Count\",\"type\":\"metric\",\"params\":{\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"type\":\"range\",\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":60}},\"dimensions\":{\"metrics\":[{\"type\":\"vis_dimension\",\"accessor\":0,\"format\":{\"id\":\"number\",\"params\":{}}}]},\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Findings\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"scan_type.keyword\",\"negate\":false,\"params\":{\"query\":\"wpscan\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"wpscan\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + } + }, + "references": [ + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + }, + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "a55a03b0-fc04-11ea-a91c-5358dd402fdc", + "type": "visualization", + "updated_at": "2020-10-07T06:45:27.386Z", + "version": "WzgwLDFd", + "attributes": { + "title": "WPScan WordPress Version Overview", + "visState": "{\"title\":\"WPScan WordPress Version Overview\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Location\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Wordpress Version\",\"aggType\":\"terms\"}]},\"isDonut\":true,\"labels\":{\"last_level\":false,\"show\":true,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.wp_version.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Wordpress Version\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"location.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Location\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + } + }, + "references": [ + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "1525d810-fd89-11ea-a23c-bdbeb8721271", + "type": "visualization", + "updated_at": "2020-10-07T06:45:27.386Z", + "version": "WzgxLDFd", + "attributes": { + "title": "WPScan Findings Category Overview", + "visState": "{\"title\":\"WPScan Findings Category Overview\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"category.keyword: Descending\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Host\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"attributes.hostname.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Host\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"scan_type.keyword\",\"negate\":false,\"params\":{\"query\":\"wpscan\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"wpscan\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + } + }, + "references": [ + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + }, + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "4005af70-fc02-11ea-a91c-5358dd402fdc", + "type": "visualization", + "updated_at": "2020-10-07T06:45:27.386Z", + "version": "WzgyLDFd", + "attributes": { + "title": "WPScan Findings Table", + "visState": "{\"title\":\"WPScan Findings Table\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":4,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Category\",\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"URL\",\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Description\",\"aggType\":\"terms\"},{\"accessor\":3,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Confidence\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":25,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Category\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"location.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"URL\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"description.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Description\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"confidence\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Confidence\"}}]}", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"scan_type.keyword\",\"params\":{\"query\":\"wpscan\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"wpscan\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + } + }, + "references": [ + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + }, + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "574594f0-fd8f-11ea-a23c-bdbeb8721271", + "type": "visualization", + "updated_at": "2020-10-07T06:45:27.386Z", + "version": "WzgzLDFd", + "attributes": { + "title": "WPScan Findings over Time", + "visState": "{\"title\":\"WPScan Findings over Time\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"interpolate\":\"linear\",\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT5M\",\"intervalESValue\":5,\"intervalESUnit\":\"m\",\"format\":\"HH:mm\",\"bounds\":{\"min\":\"2020-09-23T07:25:21.102Z\",\"max\":\"2020-09-23T11:25:21.102Z\"}},\"label\":\"@timestamp per 5 minutes\",\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"label\":\"Count\",\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\",\"parsedUrl\":{\"origin\":\"http://localhost:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}},\"params\":{},\"label\":\"Hostname\",\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-4h\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"12h\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"attributes.hostname.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":100,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Hostname\"}}]}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"scan_type.keyword\",\"negate\":false,\"params\":{\"query\":\"wpscan\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type.keyword\":\"wpscan\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + } + }, + "references": [ + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + }, + { + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern", + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "60ee6af0-6e78-11ea-bdc0-35f8aa7c4664", + "type": "index-pattern", + "updated_at": "2020-10-07T06:45:25.958Z", + "version": "WzcwLDFd", + "attributes": { + "title": "scbv2_*", + "timeFieldName": "@timestamp", + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.hostname\"}}},{\"name\":\"attributes.ip_address\",\"type\":\"ip\",\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/dashboards/zap-overview.json b/hooks/persistence-elastic/dashboardImporter/dashboards/zap-overview.json new file mode 100644 index 00000000..97e839a8 --- /dev/null +++ b/hooks/persistence-elastic/dashboardImporter/dashboards/zap-overview.json @@ -0,0 +1,251 @@ +{ + "version": "7.8.0", + "objects": [ + { + "id": "57b2a830-bc60-11ea-872e-c9b5d5ddb284", + "type": "dashboard", + "updated_at": "2020-10-07T07:05:37.690Z", + "version": "WzEyOCwxXQ==", + "attributes": { + "title": "ZAP Overview", + "hits": 0, + "description": "", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"48062493-cfcd-4b99-abde-42687c4275c8\",\"w\":7,\"x\":0,\"y\":0},\"panelIndex\":\"48062493-cfcd-4b99-abde-42687c4275c8\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"9343ea80-1303-4860-a46d-84710e00d325\",\"w\":22,\"x\":7,\"y\":0},\"panelIndex\":\"9343ea80-1303-4860-a46d-84710e00d325\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"72d83397-7eff-4b48-a9b4-1d20b87ea21a\",\"w\":19,\"x\":29,\"y\":0},\"panelIndex\":\"72d83397-7eff-4b48-a9b4-1d20b87ea21a\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{\"table\":null,\"vis\":{\"colors\":{\"INFORMATIONAL\":\"#DEDAF7\",\"LOW\":\"#F2C96D\",\"MEDIUM\":\"#EF843C\"}}},\"gridData\":{\"h\":13,\"i\":\"f8f98aab-c858-4c02-ba0c-a4b76a27f97d\",\"w\":48,\"x\":0,\"y\":12},\"panelIndex\":\"f8f98aab-c858-4c02-ba0c-a4b76a27f97d\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":14,\"i\":\"6b3c41c7-5d25-460b-9d0f-7a8192f33e37\",\"w\":48,\"x\":0,\"y\":25},\"panelIndex\":\"6b3c41c7-5d25-460b-9d0f-7a8192f33e37\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":18,\"i\":\"69508fd5-3591-47b3-adeb-2e66512bbec8\",\"w\":48,\"x\":0,\"y\":39},\"panelIndex\":\"69508fd5-3591-47b3-adeb-2e66512bbec8\",\"version\":\"7.8.0\",\"panelRefName\":\"panel_5\"}]", + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}" + } + }, + "references": [ + { + "name": "panel_0", + "type": "visualization", + "id": "0ce44ec0-bc61-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_1", + "type": "visualization", + "id": "0d4eb3e0-bc62-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_2", + "type": "visualization", + "id": "16ee26d0-bc60-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_3", + "type": "visualization", + "id": "6a976de0-bc61-11ea-872e-c9b5d5ddb284" + }, + { + "name": "panel_4", + "type": "visualization", + "id": "02dcce50-bf9c-11ea-a3b0-538af20dfa95" + }, + { + "name": "panel_5", + "type": "search", + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284" + } + ], + "migrationVersion": { + "dashboard": "7.3.0" + } + }, + { + "id": "0ce44ec0-bc61-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzExOCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "ZAP Findings Count", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"metric\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"ZAP Findings Count\"}" + }, + "references": [ + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "0d4eb3e0-bc62-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzExOSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "ZAP Findings by Severity", + "uiStateJSON": "{\"vis\":{\"colors\":{\"LOW\":\"#F4D598\",\"INFORMATIONAL\":\"#DEDAF7\",\"MEDIUM\":\"#EF843C\"}}}", + "version": 1, + "visState": "{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":true,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"ZAP Findings by Severity\"}" + }, + "references": [ + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "16ee26d0-bc60-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzEyMCwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "ZAP Findings by Category", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"pie\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"location.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":true,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"title\":\"ZAP Findings by Category\"}" + }, + "references": [ + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "6a976de0-bc61-11ea-872e-c9b5d5ddb284", + "type": "visualization", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzEyMSwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "ZAP Findings by Severity Histogram", + "uiStateJSON": "{\"vis\":{\"colors\":{\"LOW\":\"#F2C96D\",\"INFORMATIONAL\":\"#DEDAF7\",\"MEDIUM\":\"#EF843C\"}}}", + "version": 1, + "visState": "{\"type\":\"line\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"category.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique count of category.keyword\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"line\",\"mode\":\"normal\",\"data\":{\"label\":\"Unique count of category.keyword\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"interpolate\":\"linear\",\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}},\"title\":\"ZAP Findings by Severity Histogram\"}" + }, + "references": [ + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "02dcce50-bf9c-11ea-a3b0-538af20dfa95", + "type": "visualization", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzEyMiwxXQ==", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "ZAP Findings Category Histogram", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"type\":\"histogram\",\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"attributes.host.keyword\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"scaleMetricValues\":false,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":true,\"missingBucketLabel\":\"Missing\"}}],\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Unique count of attributes.host.keyword\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Unique count of attributes.host.keyword\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"lineWidth\":2,\"showCircles\":true,\"interpolate\":\"cardinal\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":true,\"labels\":{\"show\":true},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#E7664C\"}},\"title\":\"ZAP Findings Category Histogram\"}" + }, + "references": [ + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "name": "search_0", + "type": "search" + } + ], + "migrationVersion": { + "visualization": "7.8.0" + } + }, + { + "id": "6d46a340-b238-11ea-872e-c9b5d5ddb284", + "type": "search", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzEyMywxXQ==", + "attributes": { + "columns": [ + "category", + "scan_labels.attack-surface", + "scan_labels.organization", + "severity", + "location" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"*\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"type\",\"negate\":false,\"params\":{\"query\":\"finding\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"type\":\"finding\"}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"scan_type\",\"negate\":false,\"params\":{\"query\":\"zap-*\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"scan_type\":\"zap-*\"}}}]}" + }, + "sort": [], + "title": "ZAP Findings", + "version": 1 + }, + "references": [ + { + "id": "6f304f00-bbf5-11ea-872e-c9b5d5ddb284", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "6f304f00-bbf5-11ea-872e-c9b5d5ddb284", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "6f304f00-bbf5-11ea-872e-c9b5d5ddb284", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "migrationVersion": { + "search": "7.4.0" + } + }, + { + "id": "6f304f00-bbf5-11ea-872e-c9b5d5ddb284", + "type": "index-pattern", + "updated_at": "2020-10-07T07:04:36.538Z", + "version": "WzEyNCwxXQ==", + "attributes": { + "fields": "[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"attributes.host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.host\"}}},{\"name\":\"attributes.zap_confidence\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_confidence.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_confidence\"}}},{\"name\":\"attributes.zap_count\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_count.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_count\"}}},{\"name\":\"attributes.zap_cweid\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_cweid.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_cweid\"}}},{\"name\":\"attributes.zap_finding_urls.evidence\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_finding_urls.evidence.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_finding_urls.evidence\"}}},{\"name\":\"attributes.zap_finding_urls.method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_finding_urls.method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_finding_urls.method\"}}},{\"name\":\"attributes.zap_finding_urls.param\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_finding_urls.param.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_finding_urls.param\"}}},{\"name\":\"attributes.zap_finding_urls.uri\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_finding_urls.uri.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_finding_urls.uri\"}}},{\"name\":\"attributes.zap_otherinfo\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_otherinfo.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_otherinfo\"}}},{\"name\":\"attributes.zap_pluginid\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_pluginid.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_pluginid\"}}},{\"name\":\"attributes.zap_reference\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_reference.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_reference\"}}},{\"name\":\"attributes.zap_riskcode\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_riskcode.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_riskcode\"}}},{\"name\":\"attributes.zap_solution\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_solution.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_solution\"}}},{\"name\":\"attributes.zap_wascid\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"attributes.zap_wascid.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"attributes.zap_wascid\"}}},{\"name\":\"category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"category\"}}},{\"name\":\"description\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"description.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"description\"}}},{\"name\":\"id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"id\"}}},{\"name\":\"labels.attack-surface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.attack-surface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.attack-surface\"}}},{\"name\":\"labels.organization\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.organization.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.organization\"}}},{\"name\":\"labels.product\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"labels.product.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"labels.product\"}}},{\"name\":\"location\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"location.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"location\"}}},{\"name\":\"name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"name\"}}},{\"name\":\"osi_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"osi_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"osi_layer\"}}},{\"name\":\"parameters\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"parameters.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"parameters\"}}},{\"name\":\"scan_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_id\"}}},{\"name\":\"scan_labels.attack-surface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.attack-surface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.attack-surface\"}}},{\"name\":\"scan_labels.organization\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.organization.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.organization\"}}},{\"name\":\"scan_labels.product\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_labels.product.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_labels.product\"}}},{\"name\":\"scan_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_name\"}}},{\"name\":\"scan_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"scan_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"scan_type\"}}},{\"name\":\"severity\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"severity\"}}},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"type\"}}}]", + "timeFieldName": "@timestamp", + "title": "scbv2_*" + }, + "references": [], + "migrationVersion": { + "index-pattern": "7.6.0" + } + } + ] +} \ No newline at end of file diff --git a/hooks/persistence-elastic/dashboardImporter/export-dashboards.sh b/hooks/persistence-elastic/dashboardImporter/export-dashboards.sh index 95adb1c8..ab44f42f 100755 --- a/hooks/persistence-elastic/dashboardImporter/export-dashboards.sh +++ b/hooks/persistence-elastic/dashboardImporter/export-dashboards.sh @@ -1,4 +1,4 @@ - #!/usr/bin/env bash +#!/usr/bin/env bash kibanaURL=${1:-"http://localhost:5601"} @@ -8,4 +8,11 @@ exportDashboard() { curl ${kibanaURL}/api/kibana/dashboards/export?dashboard=${id} > ./dashboards/${filename} } -exportDashboard "daily-summary.json" "34c734b0-6e79-11ea-bdc0-35f8aa7c4664" \ No newline at end of file +exportDashboard "daily-summary.json" "34c734b0-6e79-11ea-bdc0-35f8aa7c4664" +exportDashboard "wordpress-overview.json" "12b72880-fc09-11ea-a91c-5358dd402fdc" +exportDashboard "subdomain-overview.json" "83e56080-b235-11ea-872e-c9b5d5ddb284" +exportDashboard "tls-ssl-overview.json" "f5e576c0-af97-11ea-b237-7b9069d086af" +exportDashboard "zap-overview.json" "57b2a830-bc60-11ea-872e-c9b5d5ddb284" +exportDashboard "nikto-overview.json" "6a005c80-c4fd-11ea-8ad8-4f602085b3a0" +exportDashboard "portscan-overview.json" "d93db110-937f-11ea-9a99-c571feec3570" +exportDashboard "ssh-overview.json" "271ddac0-98d7-11ea-890b-7db8819c4f5b" diff --git a/hooks/persistence-elastic/dashboardImporter/import-dashboards.sh b/hooks/persistence-elastic/dashboardImporter/import-dashboards.sh index 7b57e66f..78b8d6fe 100755 --- a/hooks/persistence-elastic/dashboardImporter/import-dashboards.sh +++ b/hooks/persistence-elastic/dashboardImporter/import-dashboards.sh @@ -7,9 +7,11 @@ until $(curl --output /dev/null --silent --head --fail ${kibanaURL}); do printf '.' sleep 5 done +echo "" echo "Kibana is availible" for filename in ./dashboards/*.json; do echo "Importing dashboard '${filename}'" curl -i -H "Content-Type: application/json" -H "kbn-xsrf: reporting" -X POST --data @${filename} ${kibanaURL}/api/kibana/dashboards/import -done \ No newline at end of file + echo -e "\n\n" +done diff --git a/hooks/persistence-elastic/helm2.Chart.yaml b/hooks/persistence-elastic/helm2.Chart.yaml new file mode 100644 index 00000000..f84938d0 --- /dev/null +++ b/hooks/persistence-elastic/helm2.Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +name: persistence-elastic +description: The elastic persistence provider persists secureCodeBox findings into the elastic stack. + +type: application + +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: 7.6.1 +kubeVersion: ">=v1.11.0" \ No newline at end of file diff --git a/hooks/persistence-elastic/helm2.requirements.lock b/hooks/persistence-elastic/helm2.requirements.lock new file mode 100644 index 00000000..f046652e --- /dev/null +++ b/hooks/persistence-elastic/helm2.requirements.lock @@ -0,0 +1,9 @@ +dependencies: +- name: elasticsearch + repository: https://helm.elastic.co + version: 7.6.1 +- name: kibana + repository: https://helm.elastic.co + version: 7.6.1 +digest: sha256:7d3461d986f620421f775f9ecaf73af2565ace9d909a8134c4259c5206f1f89c +generated: "2020-03-17T15:09:24.838784+01:00" diff --git a/hooks/persistence-elastic/helm2.requirements.yaml b/hooks/persistence-elastic/helm2.requirements.yaml new file mode 100644 index 00000000..23216808 --- /dev/null +++ b/hooks/persistence-elastic/helm2.requirements.yaml @@ -0,0 +1,9 @@ +dependencies: + - name: elasticsearch + version: 7.6.1 + repository: https://helm.elastic.co + condition: elasticsearch.enabled + - name: kibana + version: 7.6.1 + repository: https://helm.elastic.co + condition: kibana.enabled diff --git a/hooks/persistence-elastic/package-lock.json b/hooks/persistence-elastic/package-lock.json index ec6a8f85..2f4c5072 100644 --- a/hooks/persistence-elastic/package-lock.json +++ b/hooks/persistence-elastic/package-lock.json @@ -330,9 +330,9 @@ } }, "@elastic/elasticsearch": { - "version": "7.8.0", - "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-7.8.0.tgz", - "integrity": "sha512-rUOTNN1At0KoN0Fcjd6+J7efghuURnoMTB/od9EMK6Mcdebi6N3z5ulShTsKRn6OanS9Eq3l/OmheQY1Y+WLcg==", + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@elastic/elasticsearch/-/elasticsearch-7.9.0.tgz", + "integrity": "sha512-iSLQvQafspN03YayzccShkKgJeRsUbncbtIhIL2SeiH01xwdnOZcp0nCvSNaMsH28A3YQ4ogTs9K8eXe42UaUA==", "requires": { "debug": "^4.1.1", "decompress-response": "^4.2.0", diff --git a/hooks/persistence-elastic/package.json b/hooks/persistence-elastic/package.json index e1f345b5..1fe1e7be 100644 --- a/hooks/persistence-elastic/package.json +++ b/hooks/persistence-elastic/package.json @@ -1,16 +1,44 @@ { "name": "persistence-elastic", "version": "1.0.0", - "description": "", - "main": "index.js", + "description": "secureCodeBox v2 Hook to persist results to elasticsearch.", + "homepage": "https://www.secureCodeBox.io", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, + "main": "hook.js", "scripts": { "test": "jest ." }, - "keywords": [], - "author": "", - "license": "ISC", + "keywords": [ + "secureCodeBox", + "security", + "hook", + "elasticsearch", + "persistence" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name" : "Jannik Hollenbach", + "url" : "https://github.com/J12934" + }, + { + "name" : "Robert Seedorff", + "url" : "https://github.com/rseedorff" + } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" + }, + "license": "Apache-2.0", "dependencies": { - "@elastic/elasticsearch": "^7.8.0", + "@elastic/elasticsearch": "^7.9.0", "lodash.chunk": "^4.2.0", "lodash.flatmap": "^4.5.0" }, diff --git a/hooks/persistence-elastic/templates/import-dashboard.yaml b/hooks/persistence-elastic/templates/import-dashboard.yaml index b60b2111..ff23ad60 100644 --- a/hooks/persistence-elastic/templates/import-dashboard.yaml +++ b/hooks/persistence-elastic/templates/import-dashboard.yaml @@ -10,7 +10,7 @@ spec: restartPolicy: 'OnFailure' containers: - name: dasboard-importer - image: scbexperimental/persistence-elastic-dashboard-importer + image: "{{ .Values.dashboardImporter.image.repository }}:{{ .Values.dashboardImporter.image.tag | default .Chart.Version }}" imagePullPolicy: Always env: {{- if .Values.externalElasticStack.enabled }} @@ -18,5 +18,5 @@ spec: value: {{ .Values.externalElasticStack.kibanaAddress | quote }} {{- else }} - name: KIBANA_URL - value: "http://persistence-elastic-kibana.{{ .Release.Namespace }}.svc.cluster.local:5601" -{{- end }} \ No newline at end of file + value: "http://{{ .Release.Name }}-kibana.{{ .Release.Namespace }}.svc.cluster.local:5601" +{{- end }} diff --git a/hooks/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml index 330198d3..e444e30f 100644 --- a/hooks/persistence-elastic/templates/persistence-provider.yaml +++ b/hooks/persistence-elastic/templates/persistence-provider.yaml @@ -1,4 +1,4 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ScanCompletionHook metadata: name: {{ .Release.Name }} @@ -6,12 +6,7 @@ metadata: type: Structured spec: type: ReadOnly - image: "scbexperimental/persistence-elastic:latest" - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" env: - name: ELASTICSEARCH_INDEX_PREFIX value: {{ .Values.indexPrefix | quote }} diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml index 697a617b..1dd3ee86 100644 --- a/hooks/persistence-elastic/values.yaml +++ b/hooks/persistence-elastic/values.yaml @@ -3,40 +3,56 @@ # Declare variables to be passed into your templates. image: - registry: docker.io - repository: scbexperimental/persistence-elastic - tag: latest - digest: null + # image.tag - defaults to the charts version + # image.repository -- Hook image repository + repository: docker.io/securecodebox/persistence-elastic + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null -# Define a specific index prefix +# indexPrefix -- Define a specific index prefix used for all elasticsearch indices. indexPrefix: "scbv2" -# Enable this when you already have an Elastic Stack running to which you want to send your results externalElasticStack: + # externalElasticStack.enabled -- Enable this when you already have an Elastic Stack running to which you want to send your results enabled: false + # externalElasticStack.elasticsearchAddress -- The URL of the elasticsearch service to persists all findings to. elasticsearchAddress: "https://elasticsearch.example.com" + # externalElasticStack.kibanaAddress -- The URL of the kibana service used to visualize all findings. kibanaAddress: "https://kibana.example.com" -# Configure authentication schema and credentials the persistence provider should use to connect to elasticsearch +# authentication -- Configure authentication schema and credentials the persistence provider should use to connect to elasticsearch # user and apikey are mutually exclusive, only set one! authentication: - # Link a pre-existing generic secret with `username` and `password` key / value pairs + # authentication.userSecret -- Link a pre-existing generic secret with `username` and `password` key / value pairs userSecret: null - # Link a pre-existing generic secret with `id` and `key` key / value pairs + # authentication.apiKeySecret -- Link a pre-existing generic secret with `id` and `key` key / value pairs apiKeySecret: null -# Configures included Elasticsearch subchart +# elasticsearch -- Configures the included elasticsearch subchart (see: https://github.com/elastic/helm-charts/tree/elasticsearch) elasticsearch: + # elasticsearch.enabled -- Enable if you want to deploy an elasticsearch service. enabled: true + # elasticsearch.replicas -- Kubernetes replica count for the StatefulSet (i.e. how many pods) replicas: 1 + # elasticsearch.minimumMasterNodes -- The value for discovery.zen.minimum_master_nodes. Should be set to (master_eligible_nodes / 2) + 1. Ignored in Elasticsearch versions >= 7 minimumMasterNodes: 1 # image: docker.elastic.co/elasticsearch/elasticsearch-oss -# Configures included Elasticsearch subchart +# kibana -- Configures included Elasticsearch subchart kibana: + # kibana.enabled -- Enable if you want to deploy an kibana service (see: https://github.com/elastic/helm-charts/tree/master/kibana) enabled: true # image: docker.elastic.co/kibana/kibana-oss +dashboardImporter: + image: + # image.repository -- Image repository for the dashboard importer job + repository: securecodebox/persistence-elastic-dashboard-importer + # image.tag -- Image tag for the dashboard importer job + # @default -- defaults to the charts version + tag: null + imagePullSecrets: [] nameOverride: "" fullnameOverride: "" diff --git a/hooks/persistence-static-report/README.md b/hooks/persistence-static-report/README.md new file mode 100644 index 00000000..adbbefcd --- /dev/null +++ b/hooks/persistence-static-report/README.md @@ -0,0 +1,15 @@ +--- +title: "Static Report" +path: "hooks/persistence-staticreport" +category: "hook" +type: "persistenceProvider" +state: "developing" +usecase: "Publishes all Scan Findings as HTML Report." +--- + + + +## Deployment + +> ๐Ÿ”ง The implementation is currently work-in-progress and still undergoing major changes. It'll be released here once it has stabilized. + diff --git a/hooks/slack-webhook/README.md b/hooks/slack-webhook/README.md index 3b0c7748..c204ea85 100644 --- a/hooks/slack-webhook/README.md +++ b/hooks/slack-webhook/README.md @@ -13,4 +13,4 @@ usecase: "Publishes Scan Summary to Slack." Installing the Slack WebHook hook will add a ReadOnly Hook to your namespace. -The secureCodeBox core team is working on this, we will keep you informed. \ No newline at end of file +> ๐Ÿ”ง The implementation is currently work-in-progress and still undergoing major changes. It'll be released here once it has stabilized. diff --git a/hooks/teams-webhook/README.md b/hooks/teams-webhook/README.md index 9860e723..9c0cbfa9 100644 --- a/hooks/teams-webhook/README.md +++ b/hooks/teams-webhook/README.md @@ -13,4 +13,4 @@ usecase: "Publishes Scan Summary to MS Teams." Installing the Teams WebHook hook will add a ReadOnly Hook to your namespace. -The secureCodeBox core team is working on this, we will keep you informed. \ No newline at end of file +> ๐Ÿ”ง The implementation is currently work-in-progress and still undergoing major changes. It'll be released here once it has stabilized. diff --git a/hooks/update-field/Chart.yaml b/hooks/update-field/Chart.yaml index 462870b1..89401637 100644 --- a/hooks/update-field/Chart.yaml +++ b/hooks/update-field/Chart.yaml @@ -4,8 +4,8 @@ description: Lets you add or override a field to every finding type: application -version: 0.1.0 - -appVersion: latest +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" dependencies: [] diff --git a/hooks/update-field/Dockerfile b/hooks/update-field/Dockerfile index 6e0086dd..adfb0ac2 100644 --- a/hooks/update-field/Dockerfile +++ b/hooks/update-field/Dockerfile @@ -5,7 +5,7 @@ WORKDIR /home/app COPY package.json package-lock.json ./ RUN npm ci --production -FROM scbexperimental/hook-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/hook-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/hook-wrapper/hook/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/update-field/README.md b/hooks/update-field/README.md index cb9ebc6d..e4713fdc 100644 --- a/hooks/update-field/README.md +++ b/hooks/update-field/README.md @@ -11,8 +11,19 @@ usecase: "Updates fields in finding results." ## Deployment -Installing the _Update Field_ hook will add a ReadOnly Hook to your namespace. +Installing the _Update Field_ hook will add a ReadOnly Hook to your namespace. ```bash helm upgrade --install ufh ./hooks/update-field/ --set attribute.name="category" --set attribute.value="my-own-category" ``` + +> โœ This documentation is currently work-in-progress. + +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| attribute.name | string | `"category"` | The name of the attribute you want to add to each finding result | +| attribute.value | string | `"my-own-category"` | The value of the attribute you want to add to each finding result | +| image.repository | string | `"docker.io/securecodebox/update-field"` | Hook image repository | +| image.tag | string | `nil` | | diff --git a/hooks/update-field/README.md.gotmpl b/hooks/update-field/README.md.gotmpl new file mode 100644 index 00000000..bfc20599 --- /dev/null +++ b/hooks/update-field/README.md.gotmpl @@ -0,0 +1,24 @@ +--- +title: "Update Field" +path: "hooks/update-field" +category: "hook" +type: "dataProcessing" +state: "released" +usecase: "Updates fields in finding results." +--- + + + +## Deployment + +Installing the _Update Field_ hook will add a ReadOnly Hook to your namespace. + +```bash +helm upgrade --install ufh ./hooks/update-field/ --set attribute.name="category" --set attribute.value="my-own-category" +``` + +> โœ This documentation is currently work-in-progress. + +## Chart Configuration + +{{ template "chart.valuesTable" . }} diff --git a/hooks/update-field/helm2.Chart.yaml b/hooks/update-field/helm2.Chart.yaml new file mode 100644 index 00000000..ddcaec8b --- /dev/null +++ b/hooks/update-field/helm2.Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +name: update-field-hook +description: Lets you add or override a field to every finding + +type: application + +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" \ No newline at end of file diff --git a/hooks/update-field/package.json b/hooks/update-field/package.json index 73ced215..94e65c30 100644 --- a/hooks/update-field/package.json +++ b/hooks/update-field/package.json @@ -1,14 +1,40 @@ { "name": "scb-update-field", "version": "1.0.0", - "description": "", + "description": "secureCodeBox v2 Update Field Hook", + "homepage": "https://www.secureCodeBox.io", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, "main": "hook.js", "scripts": { "test": "jest ." }, - "keywords": [], - "author": "", - "license": "ISC", + "keywords": [ + "secureCodeBox", + "security", + "scanner" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" + }, + "contributors": [ + { + "name" : "Jannik Hollenbach", + "url" : "https://github.com/J12934" + }, + { + "name" : "Robert Seedorff", + "url" : "https://github.com/rseedorff" + } + ], + "bugs": { + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" + }, + "license": "Apache-2.0", "dependencies": { "lodash.set": "^4.3.2" }, diff --git a/hooks/update-field/templates/update-field-hook.yaml b/hooks/update-field/templates/update-field-hook.yaml index 105b17b4..d651c572 100644 --- a/hooks/update-field/templates/update-field-hook.yaml +++ b/hooks/update-field/templates/update-field-hook.yaml @@ -1,14 +1,10 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ScanCompletionHook metadata: name: {{ .Release.Name }} spec: type: ReadAndWrite - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" env: - name: ATTRIBUTE_NAME value: {{ .Values.attribute.name | quote }} diff --git a/hooks/update-field/values.yaml b/hooks/update-field/values.yaml index 8ee928d1..d479cea2 100644 --- a/hooks/update-field/values.yaml +++ b/hooks/update-field/values.yaml @@ -3,11 +3,15 @@ # Declare variables to be passed into your templates. attribute: + # attribute.name -- The name of the attribute you want to add to each finding result name: "category" + # attribute.value -- The value of the attribute you want to add to each finding result value: my-own-category image: - registry: docker.io - repository: scbexperimental/update-field - tag: latest - digest: null + # image.tag - defaults to the charts version + # image.repository -- Hook image repository + repository: docker.io/securecodebox/update-field + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null diff --git a/lurcher/Dockerfile b/lurcher/Dockerfile index 5e55aab5..c5b5cf1e 100644 --- a/lurcher/Dockerfile +++ b/lurcher/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.13 as builder +FROM golang:1.15 as builder WORKDIR /workspace # Copy the Go Modules manifests @@ -20,7 +20,5 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o lurcher FROM gcr.io/distroless/static:nonroot WORKDIR / COPY --from=builder /workspace/lurcher . -COPY result.xml /home/securecodebox/result.xml -USER nonroot:nonroot ENTRYPOINT ["/lurcher"] diff --git a/lurcher/go.mod b/lurcher/go.mod index eea3bcf0..432b7b95 100644 --- a/lurcher/go.mod +++ b/lurcher/go.mod @@ -1,6 +1,6 @@ -module github.com/secureCodeBox/secureCodeBox-v2-alpha/lurcher +module github.com/secureCodeBox/secureCodeBox-v2/lurcher -go 1.13 +go 1.15 require ( k8s.io/apimachinery v0.0.0-20191028221656-72ed19daf4bb diff --git a/lurcher/job.yaml b/lurcher/job.yaml deleted file mode 100644 index 3aa24783..00000000 --- a/lurcher/job.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: lurcher-test -spec: - backoffLimit: 4 - template: - spec: - restartPolicy: Never - containers: - - name: primary - image: alpine - command: ["sleep", "5"] - - name: lurcher - image: scbexperimental - imagePullPolicy: IfNotPresent - args: - - "--container" - - "primary" - - "--file" - - "/home/securecodebox/result.xml" - - "--url" - # This URL has been expired for quite some time ;) To test this you'll need to generate a new one. - - "https://fra1.digitaloceanspaces.com/securecodebox/scan/result.xml?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=NWN2DEMTNFQUTQB5SZ6A%2F20200312%2Ffra1%2Fs3%2Faws4_request&X-Amz-Date=20200312T180859Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=852dc4576ff5b6195b9f6a7dd49851cc701a2fb59fb23db6e7c7913f412f0460" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: lurcher ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: "default" - name: lurcher -rules: - - apiGroups: [""] - resources: ["pods"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: lurcher - namespace: default -subjects: - - kind: ServiceAccount - name: lurcher -roleRef: - kind: Role - name: lurcher - apiGroup: rbac.authorization.k8s.io diff --git a/lurcher/result.xml b/lurcher/result.xml deleted file mode 100644 index b364cd36..00000000 --- a/lurcher/result.xml +++ /dev/null @@ -1 +0,0 @@ - diff --git a/operator/Chart.lock b/operator/Chart.lock index 6c4f43cf..36b76646 100644 --- a/operator/Chart.lock +++ b/operator/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: minio - repository: https://kubernetes-charts.storage.googleapis.com/ - version: 5.0.19 -digest: sha256:13a3a902e7ac7dcc7124ab858344b5bebe9ab623d06ee9c8d5a1cc3f467a36bb -generated: "2020-04-02T11:05:53.901454949+02:00" + repository: https://helm.min.io/ + version: 7.1.2 +digest: sha256:6fee974baf705caae258636dbd7b2b89f14230b9ae28aa20da4643d8292c399b +generated: "2020-10-07T11:26:59.229968+02:00" diff --git a/operator/Chart.yaml b/operator/Chart.yaml index 7436aef8..f4e07934 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -4,16 +4,24 @@ description: secureCodeBox Operator to automate the execution of security scans type: application -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.2.0 +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.18.0 +keywords: + - security + - secureCodeBox + - operator +home: https://docs.securecodebox.io/docs/getting-started/installation +icon: https://docs.securecodebox.io/img/Logo_Color.svg +sources: + - https://github.com/secureCodeBox/secureCodeBox-v2 +maintainers: + - name: iteratec GmbH + email: secureCodeBox@iteratec.com dependencies: - name: minio - version: 5.0.19 - repository: https://kubernetes-charts.storage.googleapis.com/ + version: 7.1.2 + repository: https://helm.min.io/ condition: minio.enabled diff --git a/operator/Dockerfile b/operator/Dockerfile index 42586593..44c1379e 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.13 as builder +FROM golang:1.15 as builder WORKDIR /workspace # Copy the Go Modules manifests @@ -13,6 +13,7 @@ RUN go mod download COPY main.go main.go COPY apis/ apis/ COPY controllers/ controllers/ +COPY internal/ internal/ COPY utils/ utils/ # Build @@ -21,8 +22,11 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM gcr.io/distroless/static:nonroot + +ENV VERSION=unkown +ENV TELEMETRY_ENABLED "true" + WORKDIR / COPY --from=builder /workspace/manager . -USER nonroot:nonroot ENTRYPOINT ["/manager"] diff --git a/operator/Makefile b/operator/Makefile index a8492827..daa6e0d5 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -1,6 +1,6 @@ # Image URL to use all building/pushing image targets -IMG ?= scbexperimental/operator:latest +IMG ?= securecodebox/operator:latest # Produce CRDs that work back to Kubernetes 1.11 (no version conversion) CRD_OPTIONS ?= "crd:trivialVersions=true" diff --git a/operator/PROJECT b/operator/PROJECT index a0c68343..f453e307 100644 --- a/operator/PROJECT +++ b/operator/PROJECT @@ -1,6 +1,6 @@ -domain: experimental.securecodebox.io +domain: securecodebox.io multigroup: true -repo: github.com/secureCodeBox/secureCodeBox-v2-alpha +repo: github.com/secureCodeBox/secureCodeBox-v2 resources: - group: execution kind: Scan @@ -17,9 +17,6 @@ resources: - group: execution kind: ScheduledScan version: v1 -- group: targets - kind: Host - version: v1 - group: cascading kind: CascadingRule version: v1 diff --git a/operator/README.md b/operator/README.md new file mode 100644 index 00000000..119f7ace --- /dev/null +++ b/operator/README.md @@ -0,0 +1,47 @@ +![operator logo](https://docs.securecodebox.io/img/Logo_Color.svg) + +The secureCodeBox operator is runniing on kubernetes and the core component of the complete secureCodeBox stack, responsible for operating all scans and ressources. + + + +## Deployment + +The secureCodeBox Operator can be deployed via helm: + +```bash +# Add the secureCodeBox Helm Repo +helm repo add secureCodeBox https://charts.securecodebox.io +# Create a new namespace for the secureCodeBox Operator +kubectl create namespace securecodebox-system +# Install the Operator & CRD's +helm install securecodebox-operator secureCodeBox/operator +``` + +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image.pullPolicy | string | `"Always"` | Image pull policy | +| image.repository | string | `"docker.io/securecodebox/operator"` | The operator image repository | +| image.tag | string | defaults to the charts version | Parser image tag | +| lurcher.image.pullPolicy | string | `"Always"` | Image pull policy | +| lurcher.image.repository | string | `"docker.io/securecodebox/lurcher"` | The operator image repository | +| lurcher.image.tag | string | defaults to the charts version | Parser image tag | +| minio.defaultBucket.enabled | bool | `true` | | +| minio.defaultBucket.name | string | `"securecodebox"` | | +| minio.enabled | bool | `true` | | +| resources | object | `{"limits":{"cpu":"100m","memory":"30Mi"},"requests":{"cpu":"100m","memory":"20Mi"}}` | CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) | +| s3.bucket | string | `"my-bucket"` | | +| s3.enabled | bool | `false` | | +| s3.endpoint | string | `"fra1.digitaloceanspaces.com"` | | +| s3.keySecret | string | `"my-secret"` | | +| s3.port | string | `nil` | | +| s3.secretAttributeNames.accesskey | string | `"accesskey"` | | +| s3.secretAttributeNames.secretkey | string | `"secretkey"` | | +| securityContext.allowPrivilegeEscalation | bool | `false` | Ensure that users privileges cannot be escalated | +| securityContext.capabilities.drop[0] | string | `"all"` | This drops all linux privileges from the operator container. They are not required | +| securityContext.privileged | bool | `false` | Ensures that the operator container is not run in privileged mode | +| securityContext.readOnlyRootFilesystem | bool | `true` | Prevents write access to the containers file system | +| securityContext.runAsNonRoot | bool | `true` | Enforces that the Operator image is run as a non root user | +| telemetryEnabled | bool | `true` | The Operator sends anonymous telemetry data, to give the team an overview how much the secureCodeBox is used. Find out more at https://www.securecodebox.io/telemetry | + diff --git a/operator/README.md.gotmpl b/operator/README.md.gotmpl new file mode 100644 index 00000000..0883f3fc --- /dev/null +++ b/operator/README.md.gotmpl @@ -0,0 +1,23 @@ +![operator logo](https://docs.securecodebox.io/img/Logo_Color.svg) + +The secureCodeBox operator is runniing on kubernetes and the core component of the complete secureCodeBox stack, responsible for operating all scans and ressources. + + + +## Deployment + +The secureCodeBox Operator can be deployed via helm: + +```bash +# Add the secureCodeBox Helm Repo +helm repo add secureCodeBox https://charts.securecodebox.io +# Create a new namespace for the secureCodeBox Operator +kubectl create namespace securecodebox-system +# Install the Operator & CRD's +helm install securecodebox-operator secureCodeBox/operator +``` + +## Chart Configuration + +{{ template "chart.valuesTable" . }} + diff --git a/operator/apis/cascading/v1/cascadingrule_types.go b/operator/apis/cascading/v1/cascadingrule_types.go index 2115bf0d..b1de37eb 100644 --- a/operator/apis/cascading/v1/cascadingrule_types.go +++ b/operator/apis/cascading/v1/cascadingrule_types.go @@ -17,7 +17,7 @@ limitations under the License. package v1 import ( - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" ) diff --git a/operator/apis/cascading/v1/groupversion_info.go b/operator/apis/cascading/v1/groupversion_info.go index 4cf5a62b..57b8a73a 100644 --- a/operator/apis/cascading/v1/groupversion_info.go +++ b/operator/apis/cascading/v1/groupversion_info.go @@ -16,7 +16,7 @@ limitations under the License. // Package v1 contains API Schema definitions for the cascading v1 API group // +kubebuilder:object:generate=true -// +groupName=cascading.experimental.securecodebox.io +// +groupName=cascading.securecodebox.io package v1 import ( @@ -26,7 +26,7 @@ import ( var ( // GroupVersion is group version used to register these objects - GroupVersion = schema.GroupVersion{Group: "cascading.experimental.securecodebox.io", Version: "v1"} + GroupVersion = schema.GroupVersion{Group: "cascading.securecodebox.io", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} diff --git a/operator/apis/execution/v1/groupversion_info.go b/operator/apis/execution/v1/groupversion_info.go index 513b848f..446aafc2 100644 --- a/operator/apis/execution/v1/groupversion_info.go +++ b/operator/apis/execution/v1/groupversion_info.go @@ -16,7 +16,7 @@ limitations under the License. // Package v1 contains API Schema definitions for the execution v1 API group // +kubebuilder:object:generate=true -// +groupName=execution.experimental.securecodebox.io +// +groupName=execution.securecodebox.io package v1 import ( @@ -26,7 +26,7 @@ import ( var ( // GroupVersion is group version used to register these objects - GroupVersion = schema.GroupVersion{Group: "execution.experimental.securecodebox.io", Version: "v1"} + GroupVersion = schema.GroupVersion{Group: "execution.securecodebox.io", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} diff --git a/operator/apis/execution/v1/parsedefinition_types.go b/operator/apis/execution/v1/parsedefinition_types.go index d7e0f8df..8a496e56 100644 --- a/operator/apis/execution/v1/parsedefinition_types.go +++ b/operator/apis/execution/v1/parsedefinition_types.go @@ -29,10 +29,10 @@ type ParseDefinitionSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of ParseDefinition. Edit ParseDefinition_types.go to remove/update - HandlesResultsType string `json:"handlesResultsType,omitempty"` - Image string `json:"image,omitempty"` - ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + // Image is the reference to the parser container image which ca transform the raw scan report into findings + Image string `json:"image,omitempty"` + // ImagePullSecrets used to access private parser images + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` } // ParseDefinitionStatus defines the observed state of ParseDefinition @@ -42,7 +42,6 @@ type ParseDefinitionStatus struct { } // +kubebuilder:object:root=true -// +kubebuilder:printcolumn:name="Handles Type",type=string,JSONPath=`.spec.handlesResultsType`,description="Which result file type the parser is able to handle" // +kubebuilder:printcolumn:name="Image",type=string,JSONPath=`.spec.image`,description="Scanner Container Image" // ParseDefinition is the Schema for the parsedefinitions API diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go index 23a598e9..1d66a05f 100644 --- a/operator/apis/execution/v1/scan_types.go +++ b/operator/apis/execution/v1/scan_types.go @@ -43,13 +43,20 @@ type ScanSpec struct { type ScanStatus struct { State string `json:"state,omitempty"` - ErrorDescription string `json:"errorDescription,omitempty"` + // FinishedAt contains the time where the scan (including parser & hooks) has been marked as "Done" + FinishedAt *metav1.Time `json:"finishedAt,omitempty"` + ErrorDescription string `json:"errorDescription,omitempty"` // RawResultType determines which kind of ParseDefinition will be used to turn the raw results of the scanner into findings RawResultType string `json:"rawResultType,omitempty"` // RawResultFile Filename of the result file of the scanner. e.g. `nmap-result.xml` RawResultFile string `json:"rawResultFile,omitempty"` + // FindingDownloadLink link to download the finding json file from. Valid for 7 days + FindingDownloadLink string `json:"findingDownloadLink,omitempty"` + // RawResultDownloadLink link to download the raw result file from. Valid for 7 days + RawResultDownloadLink string `json:"rawResultDownloadLink,omitempty"` + Findings FindingStats `json:"findings,omitempty"` ReadAndWriteHookStatus []HookStatus `json:"readAndWriteHookStatus,omitempty"` diff --git a/operator/apis/execution/v1/scancompletionhook.go b/operator/apis/execution/v1/scancompletionhook.go index 6345ac10..9545bceb 100644 --- a/operator/apis/execution/v1/scancompletionhook.go +++ b/operator/apis/execution/v1/scancompletionhook.go @@ -44,7 +44,7 @@ type ScanCompletionHookSpec struct { ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` Env []corev1.EnvVar `json:"env,omitempty"` Type HookType `json:"type"` - // ServiceAccountName Name of the serviceAccount Name used. Should only be used if your hook needs specifc RBAC Access. Otherwise the hook is run using a "scan-completion-hook" service account. The service account should have at least "get" rights on scans.execution.experimental.securecodebox.io, and "get" & "patch" scans.execution.experimental.securecodebox.io/status + // ServiceAccountName Name of the serviceAccount Name used. Should only be used if your hook needs specifc RBAC Access. Otherwise the hook is run using a "scan-completion-hook" service account. The service account should have at least "get" rights on scans.execution.securecodebox.io, and "get" & "patch" scans.execution.securecodebox.io/status ServiceAccountName *string `json:"serviceAccountName,omitempty"` } diff --git a/operator/apis/execution/v1/scheduledscan_types.go b/operator/apis/execution/v1/scheduledscan_types.go index c29f6b57..de6f10bd 100644 --- a/operator/apis/execution/v1/scheduledscan_types.go +++ b/operator/apis/execution/v1/scheduledscan_types.go @@ -29,13 +29,16 @@ type ScheduledScanSpec struct { // Important: Run "make" to regenerate code after modifying this file // Interval describes how often the scan should be repeated - // Examples: '12h', '7d', '30m' (only days, hours and minutes supported, specified as integers) + // Examples: '12h', '30m' Interval metav1.Duration `json:"interval"` - // HistoryLimit determines how many past Scans will be kept until the oldest one will be delted, defaults to 3. When set to 0 Scans will be deleted directly after completion - HistoryLimit int64 `json:"historyLimit,omitempty"` + // +kubebuilder:validation:Optional + // +kubebuilder:validation:Minimum=0 - // Foo is an example field of ScheduledScan. Edit ScheduledScan_types.go to remove/update + // SuccessfulJobsHistoryLimit determines how many past Scans will be kept until the oldest one will be deleted, defaults to 3. When set to 0, Scans will be deleted directly after completion + SuccessfulJobsHistoryLimit *int32 `json:"successfulJobsHistoryLimit,omitempty"` + + // ScanSpec describes the scan which should be started regularly ScanSpec *ScanSpec `json:"scanSpec"` } diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go index 268e7d6f..9cc38bf6 100644 --- a/operator/apis/execution/v1/zz_generated.deepcopy.go +++ b/operator/apis/execution/v1/zz_generated.deepcopy.go @@ -388,6 +388,10 @@ func (in *ScanSpec) DeepCopy() *ScanSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ScanStatus) DeepCopyInto(out *ScanStatus) { *out = *in + if in.FinishedAt != nil { + in, out := &in.FinishedAt, &out.FinishedAt + *out = (*in).DeepCopy() + } in.Findings.DeepCopyInto(&out.Findings) if in.ReadAndWriteHookStatus != nil { in, out := &in.ReadAndWriteHookStatus, &out.ReadAndWriteHookStatus @@ -560,6 +564,11 @@ func (in *ScheduledScanList) DeepCopyObject() runtime.Object { func (in *ScheduledScanSpec) DeepCopyInto(out *ScheduledScanSpec) { *out = *in out.Interval = in.Interval + if in.SuccessfulJobsHistoryLimit != nil { + in, out := &in.SuccessfulJobsHistoryLimit, &out.SuccessfulJobsHistoryLimit + *out = new(int32) + **out = **in + } if in.ScanSpec != nil { in, out := &in.ScanSpec, &out.ScanSpec *out = new(ScanSpec) diff --git a/operator/apis/targets/v1/groupversion_info.go b/operator/apis/targets/v1/groupversion_info.go deleted file mode 100644 index f81c0a2f..00000000 --- a/operator/apis/targets/v1/groupversion_info.go +++ /dev/null @@ -1,36 +0,0 @@ -/* -Copyright 2020 iteratec GmbH. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1 contains API Schema definitions for the targets v1 API group -// +kubebuilder:object:generate=true -// +groupName=targets.experimental.securecodebox.io -package v1 - -import ( - "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/controller-runtime/pkg/scheme" -) - -var ( - // GroupVersion is group version used to register these objects - GroupVersion = schema.GroupVersion{Group: "targets.experimental.securecodebox.io", Version: "v1"} - - // SchemeBuilder is used to add go types to the GroupVersionKind scheme - SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} - - // AddToScheme adds the types in this group-version to the given scheme. - AddToScheme = SchemeBuilder.AddToScheme -) diff --git a/operator/apis/targets/v1/host_types.go b/operator/apis/targets/v1/host_types.go deleted file mode 100644 index 47b0fea6..00000000 --- a/operator/apis/targets/v1/host_types.go +++ /dev/null @@ -1,82 +0,0 @@ -/* -Copyright 2020 iteratec GmbH. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import ( - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. - -// HostSpec defines the desired state of Host -type HostSpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "make" to regenerate code after modifying this file - - // Hostname contains the dns name of the host - // TODO: Add an IPAddress Field - Hostname string `json:"hostname"` - - Ports []HostPort `json:"ports"` -} - -// HostPort describes a Port of a Host -type HostPort struct { - Type string `json:"type"` - // The port number - // +kubebuilder:validation:Minimum=0 - // +kubebuilder:validation:Maximun=65536 - Port int32 `json:"port" protobuf:"varint,2,opt,name=port"` -} - -// HostStatus defines the observed state of Host -type HostStatus struct { - // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - // Important: Run "make" to regenerate code after modifying this file - - Findings executionv1.FindingStats `json:"findings,omitempty"` -} - -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +kubebuilder:printcolumn:name="Hostname",type=string,JSONPath=`.spec.hostname` -// +kubebuilder:printcolumn:name="Ports",type=string,JSONPath=`.spec.ports`,description="Ports of the Host" -// +kubebuilder:printcolumn:name="Findings",type=string,JSONPath=`.status.findings.count`,description="Total Finding Count" - -// Host is the Schema for the hosts API -type Host struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec HostSpec `json:"spec,omitempty"` - Status HostStatus `json:"status,omitempty"` -} - -// +kubebuilder:object:root=true - -// HostList contains a list of Host -type HostList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []Host `json:"items"` -} - -func init() { - SchemeBuilder.Register(&Host{}, &HostList{}) -} diff --git a/operator/apis/targets/v1/zz_generated.deepcopy.go b/operator/apis/targets/v1/zz_generated.deepcopy.go deleted file mode 100644 index 03c8fc67..00000000 --- a/operator/apis/targets/v1/zz_generated.deepcopy.go +++ /dev/null @@ -1,135 +0,0 @@ -// +build !ignore_autogenerated - -/* -Copyright 2020 iteratec GmbH. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by controller-gen. DO NOT EDIT. - -package v1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Host) DeepCopyInto(out *Host) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Host. -func (in *Host) DeepCopy() *Host { - if in == nil { - return nil - } - out := new(Host) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Host) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostList) DeepCopyInto(out *HostList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Host, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostList. -func (in *HostList) DeepCopy() *HostList { - if in == nil { - return nil - } - out := new(HostList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *HostList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostPort) DeepCopyInto(out *HostPort) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPort. -func (in *HostPort) DeepCopy() *HostPort { - if in == nil { - return nil - } - out := new(HostPort) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostSpec) DeepCopyInto(out *HostSpec) { - *out = *in - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]HostPort, len(*in)) - copy(*out, *in) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostSpec. -func (in *HostSpec) DeepCopy() *HostSpec { - if in == nil { - return nil - } - out := new(HostSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HostStatus) DeepCopyInto(out *HostStatus) { - *out = *in - in.Findings.DeepCopyInto(&out.Findings) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostStatus. -func (in *HostStatus) DeepCopy() *HostStatus { - if in == nil { - return nil - } - out := new(HostStatus) - in.DeepCopyInto(out) - return out -} diff --git a/operator/charts/minio-5.0.19.tgz b/operator/charts/minio-5.0.19.tgz deleted file mode 100644 index 99080661..00000000 Binary files a/operator/charts/minio-5.0.19.tgz and /dev/null differ diff --git a/operator/charts/minio-7.1.2.tgz b/operator/charts/minio-7.1.2.tgz new file mode 100644 index 00000000..1ac390b1 Binary files /dev/null and b/operator/charts/minio-7.1.2.tgz differ diff --git a/operator/crds/cascading.experimental.securecodebox.io_cascadingrules.yaml b/operator/config/crd/bases/cascading.securecodebox.io_cascadingrules.yaml similarity index 99% rename from operator/crds/cascading.experimental.securecodebox.io_cascadingrules.yaml rename to operator/config/crd/bases/cascading.securecodebox.io_cascadingrules.yaml index 6f882ef0..7fc15ea5 100644 --- a/operator/crds/cascading.experimental.securecodebox.io_cascadingrules.yaml +++ b/operator/config/crd/bases/cascading.securecodebox.io_cascadingrules.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: cascadingrules.cascading.experimental.securecodebox.io + name: cascadingrules.cascading.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.scanSpec.scanType @@ -23,7 +23,7 @@ spec: 'light' or 'medium' name: Intensiveness type: string - group: cascading.experimental.securecodebox.io + group: cascading.securecodebox.io names: kind: CascadingRule listKind: CascadingRuleList diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_parsedefinitions.yaml b/operator/config/crd/bases/execution.securecodebox.io_parsedefinitions.yaml similarity index 84% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_parsedefinitions.yaml rename to operator/config/crd/bases/execution.securecodebox.io_parsedefinitions.yaml index 00293fec..11d8db42 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_parsedefinitions.yaml +++ b/operator/config/crd/bases/execution.securecodebox.io_parsedefinitions.yaml @@ -6,18 +6,14 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: parsedefinitions.execution.experimental.securecodebox.io + name: parsedefinitions.execution.securecodebox.io spec: additionalPrinterColumns: - - JSONPath: .spec.handlesResultsType - description: Which result file type the parser is able to handle - name: Handles Type - type: string - JSONPath: .spec.image description: Scanner Container Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ParseDefinition listKind: ParseDefinitionList @@ -44,13 +40,12 @@ spec: spec: description: ParseDefinitionSpec defines the desired state of ParseDefinition properties: - handlesResultsType: - description: Foo is an example field of ParseDefinition. Edit ParseDefinition_types.go - to remove/update - type: string image: + description: Image is the reference to the parser container image which + ca transform the raw scan report into findings type: string imagePullSecrets: + description: ImagePullSecrets used to access private parser images items: description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. diff --git a/operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml b/operator/config/crd/bases/execution.securecodebox.io_scancompletionhooks.yaml similarity index 97% rename from operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml rename to operator/config/crd/bases/execution.securecodebox.io_scancompletionhooks.yaml index 6e74e988..4c96e092 100644 --- a/operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml +++ b/operator/config/crd/bases/execution.securecodebox.io_scancompletionhooks.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scancompletionhooks.execution.experimental.securecodebox.io + name: scancompletionhooks.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.type @@ -17,7 +17,7 @@ spec: description: ScanCompletionHook Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScanCompletionHook listKind: ScanCompletionHookList @@ -160,8 +160,8 @@ spec: description: ServiceAccountName Name of the serviceAccount Name used. Should only be used if your hook needs specifc RBAC Access. Otherwise the hook is run using a "scan-completion-hook" service account. The - service account should have at least "get" rights on scans.execution.experimental.securecodebox.io, - and "get" & "patch" scans.execution.experimental.securecodebox.io/status + service account should have at least "get" rights on scans.execution.securecodebox.io, + and "get" & "patch" scans.execution.securecodebox.io/status type: string type: description: HookType Defines weather the hook should be able to change diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml b/operator/config/crd/bases/execution.securecodebox.io_scans.yaml similarity index 94% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml rename to operator/config/crd/bases/execution.securecodebox.io_scans.yaml index a5ee337a..b9033f92 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml +++ b/operator/config/crd/bases/execution.securecodebox.io_scans.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scans.execution.experimental.securecodebox.io + name: scans.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .metadata.uid @@ -31,7 +31,7 @@ spec: name: Parameters priority: 1 type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: Scan listKind: ScanList @@ -218,6 +218,10 @@ spec: properties: errorDescription: type: string + findingDownloadLink: + description: FindingDownloadLink link to download the finding json file + from. Valid for 7 days + type: string findings: description: FindingStats contains the general stats about the results of the scan @@ -252,6 +256,15 @@ spec: type: integer type: object type: object + finishedAt: + description: FinishedAt contains the time where the scan (including + parser & hooks) has been marked as "Done" + format: date-time + type: string + rawResultDownloadLink: + description: RawResultDownloadLink link to download the raw result file + from. Valid for 7 days + type: string rawResultFile: description: RawResultFile Filename of the result file of the scanner. e.g. `nmap-result.xml` diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scantypes.yaml b/operator/config/crd/bases/execution.securecodebox.io_scantypes.yaml similarity index 99% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_scantypes.yaml rename to operator/config/crd/bases/execution.securecodebox.io_scantypes.yaml index 97a148b3..668c328a 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scantypes.yaml +++ b/operator/config/crd/bases/execution.securecodebox.io_scantypes.yaml @@ -6,14 +6,14 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scantypes.execution.experimental.securecodebox.io + name: scantypes.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.jobTemplate.spec.template.spec.containers[0].image description: Scanner Container Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScanType listKind: ScanTypeList diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scheduledscans.yaml b/operator/config/crd/bases/execution.securecodebox.io_scheduledscans.yaml similarity index 95% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_scheduledscans.yaml rename to operator/config/crd/bases/execution.securecodebox.io_scheduledscans.yaml index 2bb27a8f..a51d9f3e 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scheduledscans.yaml +++ b/operator/config/crd/bases/execution.securecodebox.io_scheduledscans.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scheduledscans.execution.experimental.securecodebox.io + name: scheduledscans.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .metadata.uid @@ -31,7 +31,7 @@ spec: name: Parameters priority: 1 type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScheduledScan listKind: ScheduledScanList @@ -59,20 +59,12 @@ spec: spec: description: ScheduledScanSpec defines the desired state of ScheduledScan properties: - historyLimit: - description: HistoryLimit determines how many past Scans will be kept - until the oldest one will be delted, defaults to 3. When set to 0 - Scans will be deleted directly after completion - format: int64 - type: integer interval: description: 'Interval describes how often the scan should be repeated - Examples: ''12h'', ''7d'', ''30m'' (only days, hours and minutes supported, - specified as integers)' + Examples: ''12h'', ''30m''' type: string scanSpec: - description: Foo is an example field of ScheduledScan. Edit ScheduledScan_types.go - to remove/update + description: ScanSpec describes the scan which should be started regularly properties: cascades: description: A label selector is a label query over a set of resources. @@ -232,6 +224,13 @@ spec: scanType: type: string type: object + successfulJobsHistoryLimit: + description: SuccessfulJobsHistoryLimit determines how many past Scans + will be kept until the oldest one will be deleted, defaults to 3. + When set to 0, Scans will be deleted directly after completion + format: int32 + minimum: 0 + type: integer required: - interval - scanSpec diff --git a/operator/config/crd/bases/targets.experimental.securecodebox.io_hosts.yaml b/operator/config/crd/bases/targets.experimental.securecodebox.io_hosts.yaml deleted file mode 100644 index 4079b62c..00000000 --- a/operator/config/crd/bases/targets.experimental.securecodebox.io_hosts.yaml +++ /dev/null @@ -1,124 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.4 - creationTimestamp: null - name: hosts.targets.experimental.securecodebox.io -spec: - additionalPrinterColumns: - - JSONPath: .spec.hostname - name: Hostname - type: string - - JSONPath: .spec.ports - description: Ports of the Host - name: Ports - type: string - - JSONPath: .status.findings.count - description: Total Finding Count - name: Findings - type: string - group: targets.experimental.securecodebox.io - names: - kind: Host - listKind: HostList - plural: hosts - singular: host - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Host is the Schema for the hosts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HostSpec defines the desired state of Host - properties: - hostname: - description: 'Hostname contains the dns name of the host TODO: Add an - IPAddress Field' - type: string - ports: - items: - description: HostPort describes a Port of a Host - properties: - port: - description: The port number - format: int32 - minimum: 0 - type: integer - type: - type: string - required: - - port - - type - type: object - type: array - required: - - hostname - - ports - type: object - status: - description: HostStatus defines the observed state of Host - properties: - findings: - description: FindingStats contains the general stats about the results - of the scan - properties: - categories: - additionalProperties: - format: int64 - type: integer - description: FindingCategories indicates the count of finding broken - down by their categories - type: object - count: - description: Count indicates how many findings were identified in - total - format: int64 - type: integer - severities: - description: FindingSeverities indicates the count of finding with - the respective severity - properties: - high: - format: int64 - type: integer - informational: - format: int64 - type: integer - low: - format: int64 - type: integer - medium: - format: int64 - type: integer - type: object - type: object - type: object - type: object - version: v1 - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/operator/config/crd/kustomization.yaml b/operator/config/crd/kustomization.yaml index 7a1e9496..086bf5fe 100644 --- a/operator/config/crd/kustomization.yaml +++ b/operator/config/crd/kustomization.yaml @@ -2,13 +2,12 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/execution.experimental.securecodebox.io_scans.yaml -- bases/execution.experimental.securecodebox.io_scantypes.yaml -- bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml -- bases/execution.experimental.securecodebox.io_parsedefinitions.yaml -- bases/execution.experimental.securecodebox.io_scheduledscans.yaml -- bases/targets.experimental.securecodebox.io_hosts.yaml -- bases/cascading.experimental.securecodebox.io_cascadingrules.yaml + - bases/execution.securecodebox.io_scans.yaml + - bases/execution.securecodebox.io_scantypes.yaml + - bases/execution.securecodebox.io_scancompletionhooks.yaml + - bases/execution.securecodebox.io_parsedefinitions.yaml + - bases/execution.securecodebox.io_scheduledscans.yaml + - bases/cascading.securecodebox.io_cascadingrules.yaml # +kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: @@ -36,4 +35,4 @@ patchesStrategicMerge: # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/operator/config/crd/patches/cainjection_in_cascadingrules.yaml b/operator/config/crd/patches/cainjection_in_cascadingrules.yaml index 95953e4a..973cfc88 100644 --- a/operator/config/crd/patches/cainjection_in_cascadingrules.yaml +++ b/operator/config/crd/patches/cainjection_in_cascadingrules.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: cascadingrules.cascading.experimental.securecodebox.io + name: cascadingrules.cascading.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_hosts.yaml b/operator/config/crd/patches/cainjection_in_hosts.yaml deleted file mode 100644 index 356ddfed..00000000 --- a/operator/config/crd/patches/cainjection_in_hosts.yaml +++ /dev/null @@ -1,8 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -# CRD conversion requires k8s 1.13 or later. -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: hosts.targets.experimental.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_parsedefinitions.yaml b/operator/config/crd/patches/cainjection_in_parsedefinitions.yaml index 5a81bcb5..852bf621 100644 --- a/operator/config/crd/patches/cainjection_in_parsedefinitions.yaml +++ b/operator/config/crd/patches/cainjection_in_parsedefinitions.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: parsedefinitions.execution.experimental.securecodebox.io + name: parsedefinitions.execution.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_persistenceproviders.yaml b/operator/config/crd/patches/cainjection_in_persistenceproviders.yaml index 9a8395a0..76888752 100644 --- a/operator/config/crd/patches/cainjection_in_persistenceproviders.yaml +++ b/operator/config/crd/patches/cainjection_in_persistenceproviders.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: persistenceproviders.execution.experimental.securecodebox.io + name: persistenceproviders.execution.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_scans.yaml b/operator/config/crd/patches/cainjection_in_scans.yaml index d56bc98d..0b360445 100644 --- a/operator/config/crd/patches/cainjection_in_scans.yaml +++ b/operator/config/crd/patches/cainjection_in_scans.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: scans.execution.experimental.securecodebox.io + name: scans.execution.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_scantypes.yaml b/operator/config/crd/patches/cainjection_in_scantypes.yaml index e6f952b6..ac8237f9 100644 --- a/operator/config/crd/patches/cainjection_in_scantypes.yaml +++ b/operator/config/crd/patches/cainjection_in_scantypes.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: scantypes.execution.experimental.securecodebox.io + name: scantypes.execution.securecodebox.io diff --git a/operator/config/crd/patches/cainjection_in_scheduledscans.yaml b/operator/config/crd/patches/cainjection_in_scheduledscans.yaml index f3238c6d..ab0b42a1 100644 --- a/operator/config/crd/patches/cainjection_in_scheduledscans.yaml +++ b/operator/config/crd/patches/cainjection_in_scheduledscans.yaml @@ -5,4 +5,4 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: scheduledscans.execution.experimental.securecodebox.io + name: scheduledscans.execution.securecodebox.io diff --git a/operator/config/crd/patches/webhook_in_cascadingrules.yaml b/operator/config/crd/patches/webhook_in_cascadingrules.yaml index bc9c0933..870c44aa 100644 --- a/operator/config/crd/patches/webhook_in_cascadingrules.yaml +++ b/operator/config/crd/patches/webhook_in_cascadingrules.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: cascadingrules.cascading.experimental.securecodebox.io + name: cascadingrules.cascading.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/crd/patches/webhook_in_hosts.yaml b/operator/config/crd/patches/webhook_in_hosts.yaml deleted file mode 100644 index 48fb75a9..00000000 --- a/operator/config/crd/patches/webhook_in_hosts.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# The following patch enables conversion webhook for CRD -# CRD conversion requires k8s 1.13 or later. -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: hosts.targets.experimental.securecodebox.io -spec: - conversion: - strategy: Webhook - webhookClientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== - service: - namespace: system - name: webhook-service - path: /convert diff --git a/operator/config/crd/patches/webhook_in_parsedefinitions.yaml b/operator/config/crd/patches/webhook_in_parsedefinitions.yaml index fb7459ca..91089136 100644 --- a/operator/config/crd/patches/webhook_in_parsedefinitions.yaml +++ b/operator/config/crd/patches/webhook_in_parsedefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: parsedefinitions.execution.experimental.securecodebox.io + name: parsedefinitions.execution.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/crd/patches/webhook_in_persistenceproviders.yaml b/operator/config/crd/patches/webhook_in_persistenceproviders.yaml index b2f93d64..7d2b3ec6 100644 --- a/operator/config/crd/patches/webhook_in_persistenceproviders.yaml +++ b/operator/config/crd/patches/webhook_in_persistenceproviders.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: persistenceproviders.execution.experimental.securecodebox.io + name: persistenceproviders.execution.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/crd/patches/webhook_in_scans.yaml b/operator/config/crd/patches/webhook_in_scans.yaml index b20252b3..3772e37d 100644 --- a/operator/config/crd/patches/webhook_in_scans.yaml +++ b/operator/config/crd/patches/webhook_in_scans.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: scans.execution.experimental.securecodebox.io + name: scans.execution.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/crd/patches/webhook_in_scantypes.yaml b/operator/config/crd/patches/webhook_in_scantypes.yaml index 3162ad47..cde6ac0b 100644 --- a/operator/config/crd/patches/webhook_in_scantypes.yaml +++ b/operator/config/crd/patches/webhook_in_scantypes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: scantypes.execution.experimental.securecodebox.io + name: scantypes.execution.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/crd/patches/webhook_in_scheduledscans.yaml b/operator/config/crd/patches/webhook_in_scheduledscans.yaml index 9b0a2d52..02d45394 100644 --- a/operator/config/crd/patches/webhook_in_scheduledscans.yaml +++ b/operator/config/crd/patches/webhook_in_scheduledscans.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: scheduledscans.execution.experimental.securecodebox.io + name: scheduledscans.execution.securecodebox.io spec: conversion: strategy: Webhook diff --git a/operator/config/rbac/cascadingrule_editor_role.yaml b/operator/config/rbac/cascadingrule_editor_role.yaml index 25560f60..b009d75a 100644 --- a/operator/config/rbac/cascadingrule_editor_role.yaml +++ b/operator/config/rbac/cascadingrule_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: cascadingrule-editor-role rules: - apiGroups: - - cascading.experimental.securecodebox.io + - cascading.securecodebox.io resources: - cascadingrules verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - cascading.experimental.securecodebox.io + - cascading.securecodebox.io resources: - cascadingrules/status verbs: diff --git a/operator/config/rbac/cascadingrule_viewer_role.yaml b/operator/config/rbac/cascadingrule_viewer_role.yaml index 9a3bffe1..c3b94010 100644 --- a/operator/config/rbac/cascadingrule_viewer_role.yaml +++ b/operator/config/rbac/cascadingrule_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: cascadingrule-viewer-role rules: - apiGroups: - - cascading.experimental.securecodebox.io + - cascading.securecodebox.io resources: - cascadingrules verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - cascading.experimental.securecodebox.io + - cascading.securecodebox.io resources: - cascadingrules/status verbs: diff --git a/operator/config/rbac/host_editor_role.yaml b/operator/config/rbac/host_editor_role.yaml deleted file mode 100644 index 95ef4241..00000000 --- a/operator/config/rbac/host_editor_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to edit hosts. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: host-editor-role -rules: -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get diff --git a/operator/config/rbac/host_viewer_role.yaml b/operator/config/rbac/host_viewer_role.yaml deleted file mode 100644 index a8d063cb..00000000 --- a/operator/config/rbac/host_viewer_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# permissions for end users to view hosts. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: host-viewer-role -rules: -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - get - - list - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get diff --git a/operator/config/rbac/parsedefinition_editor_role.yaml b/operator/config/rbac/parsedefinition_editor_role.yaml index 51759daf..e1beeb6a 100644 --- a/operator/config/rbac/parsedefinition_editor_role.yaml +++ b/operator/config/rbac/parsedefinition_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: parsedefinition-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions/status verbs: diff --git a/operator/config/rbac/parsedefinition_viewer_role.yaml b/operator/config/rbac/parsedefinition_viewer_role.yaml index a4d6b98d..fca9d3e1 100644 --- a/operator/config/rbac/parsedefinition_viewer_role.yaml +++ b/operator/config/rbac/parsedefinition_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: parsedefinition-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions/status verbs: diff --git a/operator/config/rbac/role.yaml b/operator/config/rbac/role.yaml index b1bd525a..b4209542 100644 --- a/operator/config/rbac/role.yaml +++ b/operator/config/rbac/role.yaml @@ -34,7 +34,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -42,7 +42,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scancompletionhooks verbs: @@ -50,7 +50,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -62,7 +62,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: @@ -70,7 +70,7 @@ rules: - patch - update - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -78,7 +78,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -90,7 +90,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: @@ -115,23 +115,3 @@ rules: - get - list - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get - - patch - - update diff --git a/operator/config/rbac/scan_editor_role.yaml b/operator/config/rbac/scan_editor_role.yaml index 7d318019..da18687f 100644 --- a/operator/config/rbac/scan_editor_role.yaml +++ b/operator/config/rbac/scan_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scan-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: diff --git a/operator/config/rbac/scan_viewer_role.yaml b/operator/config/rbac/scan_viewer_role.yaml index e2fde72a..9252998e 100644 --- a/operator/config/rbac/scan_viewer_role.yaml +++ b/operator/config/rbac/scan_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scan-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: diff --git a/operator/config/rbac/scantype_editor_role.yaml b/operator/config/rbac/scantype_editor_role.yaml index b9127ef1..d94247b9 100644 --- a/operator/config/rbac/scantype_editor_role.yaml +++ b/operator/config/rbac/scantype_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scantype-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes/status verbs: diff --git a/operator/config/rbac/scantype_viewer_role.yaml b/operator/config/rbac/scantype_viewer_role.yaml index 94175088..d1c09aa2 100644 --- a/operator/config/rbac/scantype_viewer_role.yaml +++ b/operator/config/rbac/scantype_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scantype-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes/status verbs: diff --git a/operator/config/rbac/scheduledscan_editor_role.yaml b/operator/config/rbac/scheduledscan_editor_role.yaml index 91183cc2..5ec1b65f 100644 --- a/operator/config/rbac/scheduledscan_editor_role.yaml +++ b/operator/config/rbac/scheduledscan_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scheduledscan-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: diff --git a/operator/config/rbac/scheduledscan_viewer_role.yaml b/operator/config/rbac/scheduledscan_viewer_role.yaml index 94a400db..14c781bf 100644 --- a/operator/config/rbac/scheduledscan_viewer_role.yaml +++ b/operator/config/rbac/scheduledscan_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scheduledscan-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: diff --git a/operator/config/samples/cascading_v1_cascadingrule.yaml b/operator/config/samples/cascading_v1_cascadingrule.yaml index f5d176ac..30045592 100644 --- a/operator/config/samples/cascading_v1_cascadingrule.yaml +++ b/operator/config/samples/cascading_v1_cascadingrule.yaml @@ -1,4 +1,4 @@ -apiVersion: cascading.experimental.securecodebox.io/v1 +apiVersion: cascading.securecodebox.io/v1 kind: CascadingRule metadata: name: cascadingrule-sample diff --git a/operator/config/samples/execution_v1_parsedefinition.yaml b/operator/config/samples/execution_v1_parsedefinition.yaml index c9f55825..bc1528df 100644 --- a/operator/config/samples/execution_v1_parsedefinition.yaml +++ b/operator/config/samples/execution_v1_parsedefinition.yaml @@ -1,7 +1,6 @@ -apiVersion: execution.experimental.securecodebox.io/v1 +apiVersion: execution.securecodebox.io/v1 kind: ParseDefinition metadata: name: "nmap-xml" spec: - handlesResultsType: nmap-xml - image: scbexperimental/nmap-parser + image: securecodebox/nmap-parser diff --git a/operator/config/samples/execution_v1_readandwritehook.yaml b/operator/config/samples/execution_v1_readandwritehook.yaml index 50a8b098..53f7f097 100644 --- a/operator/config/samples/execution_v1_readandwritehook.yaml +++ b/operator/config/samples/execution_v1_readandwritehook.yaml @@ -1,4 +1,4 @@ -apiVersion: execution.experimental.securecodebox.io/v1 +apiVersion: execution.securecodebox.io/v1 kind: ScanCompletionHook metadata: name: "sleep-rw" diff --git a/operator/config/samples/execution_v1_readonlyhook.yaml b/operator/config/samples/execution_v1_readonlyhook.yaml index 76273547..a118f223 100644 --- a/operator/config/samples/execution_v1_readonlyhook.yaml +++ b/operator/config/samples/execution_v1_readonlyhook.yaml @@ -1,4 +1,4 @@ -apiVersion: execution.experimental.securecodebox.io/v1 +apiVersion: execution.securecodebox.io/v1 kind: ScanCompletionHook metadata: name: "echo-r" diff --git a/operator/config/samples/execution_v1_scantype.yaml b/operator/config/samples/execution_v1_scantype.yaml index 16eff814..c4570e3a 100644 --- a/operator/config/samples/execution_v1_scantype.yaml +++ b/operator/config/samples/execution_v1_scantype.yaml @@ -1,4 +1,4 @@ -apiVersion: execution.experimental.securecodebox.io/v1 +apiVersion: execution.securecodebox.io/v1 kind: ScanType metadata: name: "nmap" @@ -14,5 +14,5 @@ spec: restartPolicy: OnFailure containers: - name: nmap - image: scbexperimental/nmap:7.80 + image: securecodebox/nmap:7.80 command: ["nmap", "-oX", "/home/securecodebox/nmap-results.xml"] diff --git a/operator/config/samples/execution_v1_scheduledscan.yaml b/operator/config/samples/execution_v1_scheduledscan.yaml index 13136fb1..469e6b61 100644 --- a/operator/config/samples/execution_v1_scheduledscan.yaml +++ b/operator/config/samples/execution_v1_scheduledscan.yaml @@ -1,10 +1,10 @@ -apiVersion: execution.experimental.securecodebox.io/v1 +apiVersion: execution.securecodebox.io/v1 kind: ScheduledScan metadata: name: scheduled-nmap-localhost spec: interval: 1m - historyLimit: 2 + successfulJobsHistoryLimit: 2 scanSpec: scanType: "nmap" parameters: diff --git a/operator/config/samples/targets_v1_host.yaml b/operator/config/samples/targets_v1_host.yaml deleted file mode 100644 index 1c5a7a6f..00000000 --- a/operator/config/samples/targets_v1_host.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: targets.experimental.securecodebox.io/v1 -kind: Host -metadata: - name: www.iteratec.de -spec: - hostname: www.iteratec.de - ports: - - type: ssh - port: 22 - - type: http - port: 80 - - type: https - port: 443 diff --git a/operator/controllers/execution/scans/hook_reconciler.go b/operator/controllers/execution/scans/hook_reconciler.go index c7aee9f1..9fdd768f 100644 --- a/operator/controllers/execution/scans/hook_reconciler.go +++ b/operator/controllers/execution/scans/hook_reconciler.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - util "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/utils" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" + util "github.com/secureCodeBox/secureCodeBox-v2/operator/utils" batch "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -82,20 +82,20 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error switch nonCompletedHook.State { case executionv1.Pending: - rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) + rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile, defaultPresignDuration) if err != nil { return err } - findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json") + findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json", defaultPresignDuration) if err != nil { return err } - rawFileUploadURL, err := r.PresignedPutURL(scan.UID, scan.Status.RawResultFile) + rawFileUploadURL, err := r.PresignedPutURL(scan.UID, scan.Status.RawResultFile, defaultPresignDuration) if err != nil { return err } - findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json") + findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json", defaultPresignDuration) if err != nil { return err } @@ -107,8 +107,8 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error } jobs, err := r.getJobsForScan(scan, client.MatchingLabels{ - "experimental.securecodebox.io/job-type": "read-and-write-hook", - "experimental.securecodebox.io/hook-name": nonCompletedHook.HookName, + "securecodebox.io/job-type": "read-and-write-hook", + "securecodebox.io/hook-name": nonCompletedHook.HookName, }) if err != nil { return err @@ -138,8 +138,8 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error return err case executionv1.InProgress: jobStatus, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{ - "experimental.securecodebox.io/job-type": "read-and-write-hook", - "experimental.securecodebox.io/hook-name": nonCompletedHook.HookName, + "securecodebox.io/job-type": "read-and-write-hook", + "securecodebox.io/hook-name": nonCompletedHook.HookName, }) if err != nil { r.Log.Error(err, "Failed to check job status for ReadAndWrite Hook") @@ -183,7 +183,7 @@ func containsJobForHook(jobs *batch.JobList, hook executionv1.ScanCompletionHook } for _, job := range jobs.Items { - if job.ObjectMeta.Labels["experimental.securecodebox.io/hook-name"] == hook.Name { + if job.ObjectMeta.Labels["securecodebox.io/hook-name"] == hook.Name { return true } } @@ -217,6 +217,8 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { if len(readOnlyHooks) == 0 { r.Log.Info("Marked scan as done as without running ReadOnly hooks as non were configured", "ScanName", scan.Name) scan.Status.State = "Done" + var now metav1.Time = metav1.Now() + scan.Status.FinishedAt = &now if err := r.Status().Update(ctx, scan); err != nil { r.Log.Error(err, "Unable to update Scan status") return err @@ -226,7 +228,7 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { // Get all read-only-hooks for scan to later check that they weren't already created jobs, err := r.getJobsForScan(scan, client.MatchingLabels{ - "experimental.securecodebox.io/job-type": "read-only-hook", + "securecodebox.io/job-type": "read-only-hook", }) if err != nil { return err @@ -240,11 +242,11 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { continue } - rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) + rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile, defaultPresignDuration) if err != nil { return err } - findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json") + findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json", defaultPresignDuration) if err != nil { return err } @@ -273,7 +275,7 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { func (r *ScanReconciler) checkIfReadOnlyHookIsCompleted(scan *executionv1.Scan) error { ctx := context.Background() - readOnlyHookCompletion, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"experimental.securecodebox.io/job-type": "read-only-hook"}) + readOnlyHookCompletion, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"securecodebox.io/job-type": "read-only-hook"}) if err != nil { return err } @@ -281,6 +283,8 @@ func (r *ScanReconciler) checkIfReadOnlyHookIsCompleted(scan *executionv1.Scan) if readOnlyHookCompletion == completed { r.Log.V(7).Info("All ReadOnlyHooks have completed") scan.Status.State = "Done" + var now metav1.Time = metav1.Now() + scan.Status.FinishedAt = &now if err := r.Status().Update(ctx, scan); err != nil { r.Log.Error(err, "Unable to update Scan status") return err @@ -311,12 +315,12 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, // Check and create a serviceAccount for the hook in its namespace, if it doesn't already exist. rules := []rbacv1.PolicyRule{ { - APIGroups: []string{"execution.experimental.securecodebox.io"}, + APIGroups: []string{"execution.securecodebox.io"}, Resources: []string{"scans"}, Verbs: []string{"get"}, }, { - APIGroups: []string{"execution.experimental.securecodebox.io"}, + APIGroups: []string{"execution.securecodebox.io"}, Resources: []string{"scans/status"}, Verbs: []string{"get", "patch"}, }, @@ -351,13 +355,15 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, labels = make(map[string]string) } if hook.Spec.Type == executionv1.ReadAndWrite { - labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + labels["securecodebox.io/job-type"] = "read-and-write-hook" } else if hook.Spec.Type == executionv1.ReadOnly { - labels["experimental.securecodebox.io/job-type"] = "read-only-hook" + labels["securecodebox.io/job-type"] = "read-only-hook" } - labels["experimental.securecodebox.io/hook-name"] = hook.Name + labels["securecodebox.io/hook-name"] = hook.Name var backOffLimit int32 = 3 + truePointer := true + falsePointer := false job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ Annotations: make(map[string]string), @@ -370,7 +376,8 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - "auto-discovery.experimental.securecodebox.io/ignore": "true", + "auto-discovery.securecodebox.io/ignore": "true", + "sidecar.istio.io/inject": "false", }, }, Spec: corev1.PodSpec{ @@ -383,7 +390,7 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, Image: hook.Spec.Image, Args: cliArgs, Env: append(hook.Spec.Env, standardEnvVars...), - ImagePullPolicy: "IfNotPresent", + ImagePullPolicy: "Always", Resources: corev1.ResourceRequirements{ Requests: corev1.ResourceList{ corev1.ResourceCPU: resource.MustParse("200m"), @@ -394,6 +401,15 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, corev1.ResourceMemory: resource.MustParse("200Mi"), }, }, + SecurityContext: &corev1.SecurityContext{ + RunAsNonRoot: &truePointer, + AllowPrivilegeEscalation: &falsePointer, + ReadOnlyRootFilesystem: &truePointer, + Privileged: &falsePointer, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + }, + }, }, }, }, diff --git a/operator/controllers/execution/scans/job.go b/operator/controllers/execution/scans/job.go index c1ccb3aa..2f202ea3 100644 --- a/operator/controllers/execution/scans/job.go +++ b/operator/controllers/execution/scans/job.go @@ -3,7 +3,7 @@ package scancontrollers import ( "context" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" batch "k8s.io/api/batch/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/operator/controllers/execution/scans/parse_reconciler.go b/operator/controllers/execution/scans/parse_reconciler.go index b3022b9d..6fcdf032 100644 --- a/operator/controllers/execution/scans/parse_reconciler.go +++ b/operator/controllers/execution/scans/parse_reconciler.go @@ -5,8 +5,8 @@ import ( "fmt" "strings" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - util "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/utils" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" + util "github.com/secureCodeBox/secureCodeBox-v2/operator/utils" batch "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -22,7 +22,7 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { namespacedName := fmt.Sprintf("%s/%s", scan.Namespace, scan.Name) log := r.Log.WithValues("scan_parse", namespacedName) - jobs, err := r.getJobsForScan(scan, client.MatchingLabels{"experimental.securecodebox.io/job-type": "parser"}) + jobs, err := r.getJobsForScan(scan, client.MatchingLabels{"securecodebox.io/job-type": "parser"}) if err != nil { return err } @@ -49,19 +49,19 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { } log.Info("Matching ParseDefinition Found", "ParseDefinition", parseType) - findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json") + findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json", defaultPresignDuration) if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return err } - rawResultDownloadURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) + rawResultDownloadURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile, defaultPresignDuration) if err != nil { return err } rules := []rbacv1.PolicyRule{ { - APIGroups: []string{"execution.experimental.securecodebox.io"}, + APIGroups: []string{"execution.securecodebox.io"}, Resources: []string{"scans/status"}, Verbs: []string{"get", "patch"}, }, @@ -77,9 +77,11 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { if labels == nil { labels = make(map[string]string) } - labels["experimental.securecodebox.io/job-type"] = "parser" + labels["securecodebox.io/job-type"] = "parser" automountServiceAccountToken := true var backOffLimit int32 = 3 + truePointer := true + falsePointer := false job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ Annotations: make(map[string]string), @@ -92,7 +94,8 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - "auto-discovery.experimental.securecodebox.io/ignore": "true", + "auto-discovery.securecodebox.io/ignore": "true", + "sidecar.istio.io/inject": "false", }, }, Spec: corev1.PodSpec{ @@ -132,6 +135,15 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { corev1.ResourceMemory: resource.MustParse("200Mi"), }, }, + SecurityContext: &corev1.SecurityContext{ + RunAsNonRoot: &truePointer, + AllowPrivilegeEscalation: &falsePointer, + ReadOnlyRootFilesystem: &truePointer, + Privileged: &falsePointer, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + }, + }, }, }, AutomountServiceAccountToken: &automountServiceAccountToken, @@ -165,7 +177,7 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { func (r *ScanReconciler) checkIfParsingIsCompleted(scan *executionv1.Scan) error { ctx := context.Background() - status, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"experimental.securecodebox.io/job-type": "parser"}) + status, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"securecodebox.io/job-type": "parser"}) if err != nil { return err } diff --git a/operator/controllers/execution/scans/scan_controller.go b/operator/controllers/execution/scans/scan_controller.go index ae543dab..c9ff667e 100644 --- a/operator/controllers/execution/scans/scan_controller.go +++ b/operator/controllers/execution/scans/scan_controller.go @@ -32,7 +32,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "github.com/minio/minio-go/v6" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" ) // ScanReconciler reconciles a Scan object @@ -50,13 +50,15 @@ var ( // Finalizer to delete related files in s3 when the scan gets deleted // https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#finalizers -var s3StorageFinalizer = "s3.storage.experimental.securecodebox.io" +var s3StorageFinalizer = "s3.storage.securecodebox.io" -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scans,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scans/status,verbs=get;update;patch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scantypes,verbs=get;list;watch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=parsedefinitions,verbs=get;list;watch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scancompletionhooks,verbs=get;list;watch +const defaultPresignDuration = 12 * time.Hour + +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scantypes,verbs=get;list;watch +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=parsedefinitions,verbs=get;list;watch +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scancompletionhooks,verbs=get;list;watch // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete // Permissions needed to create service accounts for lurcher, parser and scanCompletionHooks @@ -147,11 +149,11 @@ func (r *ScanReconciler) handleFinalizer(scan *executionv1.Scan) error { } // PresignedGetURL returns a presigned URL from the s3 (or compatible) serice. -func (r *ScanReconciler) PresignedGetURL(scanID types.UID, filename string) (string, error) { +func (r *ScanReconciler) PresignedGetURL(scanID types.UID, filename string, duration time.Duration) (string, error) { bucketName := os.Getenv("S3_BUCKET") reqParams := make(url.Values) - rawResultDownloadURL, err := r.MinioClient.PresignedGetObject(bucketName, fmt.Sprintf("scan-%s/%s", string(scanID), filename), 12*time.Hour, reqParams) + rawResultDownloadURL, err := r.MinioClient.PresignedGetObject(bucketName, fmt.Sprintf("scan-%s/%s", string(scanID), filename), duration, reqParams) if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return "", err @@ -160,10 +162,10 @@ func (r *ScanReconciler) PresignedGetURL(scanID types.UID, filename string) (str } // PresignedPutURL returns a presigned URL from the s3 (or compatible) serice. -func (r *ScanReconciler) PresignedPutURL(scanID types.UID, filename string) (string, error) { +func (r *ScanReconciler) PresignedPutURL(scanID types.UID, filename string, duration time.Duration) (string, error) { bucketName := os.Getenv("S3_BUCKET") - rawResultDownloadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", string(scanID), filename), 12*time.Hour) + rawResultDownloadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", string(scanID), filename), duration) if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return "", err diff --git a/operator/controllers/execution/scans/scan_reconciler.go b/operator/controllers/execution/scans/scan_reconciler.go index 2e3b6e6d..0117f1d4 100644 --- a/operator/controllers/execution/scans/scan_reconciler.go +++ b/operator/controllers/execution/scans/scan_reconciler.go @@ -7,9 +7,10 @@ import ( "os" "path/filepath" "strings" + "time" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - util "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/utils" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" + util "github.com/secureCodeBox/secureCodeBox-v2/operator/utils" batch "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -26,7 +27,7 @@ func (r *ScanReconciler) startScan(scan *executionv1.Scan) error { namespacedName := fmt.Sprintf("%s/%s", scan.Namespace, scan.Name) log := r.Log.WithValues("scan_init", namespacedName) - jobs, err := r.getJobsForScan(scan, client.MatchingLabels{"experimental.securecodebox.io/job-type": "scanner"}) + jobs, err := r.getJobsForScan(scan, client.MatchingLabels{"securecodebox.io/job-type": "scanner"}) if err != nil { return err } @@ -49,7 +50,7 @@ func (r *ScanReconciler) startScan(scan *executionv1.Scan) error { log.V(7).Info("Unable to fetch ScanType") scan.Status.State = "Errored" - scan.Status.ErrorDescription = fmt.Sprintf("Configured ScanType '%s' not found in Scans Namespace. You'll likely need to deploy the ScanType.", scan.Spec.ScanType) + scan.Status.ErrorDescription = fmt.Sprintf("Configured ScanType '%s' not found in '%s' namespace. You'll likely need to deploy the ScanType.", scan.Spec.ScanType, scan.Namespace) if err := r.Status().Update(ctx, scan); err != nil { r.Log.Error(err, "unable to update Scan status") return err @@ -89,6 +90,19 @@ func (r *ScanReconciler) startScan(scan *executionv1.Scan) error { scan.Status.State = "Scanning" scan.Status.RawResultType = scanType.Spec.ExtractResults.Type scan.Status.RawResultFile = filepath.Base(scanType.Spec.ExtractResults.Location) + + findingsDownloadURL, err := r.PresignedGetURL(scan.UID, "findings.json", 7*24*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return err + } + scan.Status.FindingDownloadLink = findingsDownloadURL + rawResultDownloadURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile, 7*24*time.Hour) + if err != nil { + return err + } + scan.Status.RawResultDownloadLink = rawResultDownloadURL + if err := r.Status().Update(ctx, scan); err != nil { log.Error(err, "unable to update Scan status") return err @@ -102,7 +116,7 @@ func (r *ScanReconciler) startScan(scan *executionv1.Scan) error { func (r *ScanReconciler) checkIfScanIsCompleted(scan *executionv1.Scan) error { ctx := context.Background() - status, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"experimental.securecodebox.io/job-type": "scanner"}) + status, err := r.checkIfJobIsCompleted(scan, client.MatchingLabels{"securecodebox.io/job-type": "scanner"}) if err != nil { return err } @@ -129,7 +143,7 @@ func (r *ScanReconciler) checkIfScanIsCompleted(scan *executionv1.Scan) error { func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *executionv1.ScanType) (*batch.Job, error) { filename := filepath.Base(scanType.Spec.ExtractResults.Location) - resultUploadURL, err := r.PresignedPutURL(scan.UID, filename) + resultUploadURL, err := r.PresignedPutURL(scan.UID, filename, defaultPresignDuration) if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return nil, err @@ -143,7 +157,7 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e if labels == nil { labels = make(map[string]string) } - labels["experimental.securecodebox.io/job-type"] = "scanner" + labels["securecodebox.io/job-type"] = "scanner" job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ Labels: labels, @@ -157,7 +171,9 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e if podAnnotations == nil { podAnnotations = make(map[string]string) } - podAnnotations["experimental.securecodebox.io/job-type"] = "scanner" + podAnnotations["securecodebox.io/job-type"] = "scanner" + // Ensuring that istio doesn't inject a sidecar proxy. + podAnnotations["sidecar.istio.io/inject"] = "false" job.Spec.Template.Annotations = podAnnotations job.Spec.Template.Spec.ServiceAccountName = "lurcher" @@ -188,7 +204,7 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e // Get lurcher image config from env lurcherImage := os.Getenv("LURCHER_IMAGE") if lurcherImage == "" { - lurcherImage = "scbexperimental/lurcher:latest" + lurcherImage = "securecodebox/lurcher:latest" } lurcherPullPolicyRaw := os.Getenv("LURCHER_PULL_POLICY") var lurcherPullPolicy corev1.PullPolicy @@ -205,6 +221,9 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e return nil, fmt.Errorf("Unknown imagePull Policy for lurcher: %s", lurcherPullPolicyRaw) } + falsePointer := false + truePointer := true + lurcherSidecar := &corev1.Container{ Name: "lurcher", Image: lurcherImage, @@ -244,6 +263,15 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e ReadOnly: true, }, }, + SecurityContext: &corev1.SecurityContext{ + RunAsNonRoot: &truePointer, + AllowPrivilegeEscalation: &falsePointer, + ReadOnlyRootFilesystem: &truePointer, + Privileged: &falsePointer, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + }, + }, } job.Spec.Template.Spec.Containers = append(job.Spec.Template.Spec.Containers, *lurcherSidecar) diff --git a/operator/controllers/execution/scheduledscan_controller.go b/operator/controllers/execution/scheduledscan_controller.go index cb676b97..e0b9cb53 100644 --- a/operator/controllers/execution/scheduledscan_controller.go +++ b/operator/controllers/execution/scheduledscan_controller.go @@ -29,7 +29,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" ) var ( @@ -44,10 +44,10 @@ type ScheduledScanReconciler struct { Scheme *runtime.Scheme } -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scheduledscans,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scheduledscans/status,verbs=get;update;patch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scans,verbs=get;list;create -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scans/status,verbs=get +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scheduledscans,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scheduledscans/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans,verbs=get;list;create +// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans/status,verbs=get // Reconcile comapares the ScheduledScan Resource with the State of the Cluster and updates both accordingly func (r *ScheduledScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { @@ -96,8 +96,13 @@ func (r *ScheduledScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro } // Delete Old Scans when exceeding the history limit + var historyLimit int32 = 3 + if scheduledScan.Spec.SuccessfulJobsHistoryLimit != nil { + historyLimit = *scheduledScan.Spec.SuccessfulJobsHistoryLimit + } + for i, scan := range completedScans { - if int64(i) >= int64(len(completedScans))-scheduledScan.Spec.HistoryLimit { + if int32(i) >= int32(len(completedScans))-historyLimit { break } if err := r.Delete(ctx, &scan, client.PropagationPolicy(metav1.DeletePropagationBackground)); (err) != nil { diff --git a/operator/controllers/execution/suite_test.go b/operator/controllers/execution/suite_test.go index d7a043a9..b71e8cba 100644 --- a/operator/controllers/execution/suite_test.go +++ b/operator/controllers/execution/suite_test.go @@ -30,7 +30,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log/zap" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" // +kubebuilder:scaffold:imports ) diff --git a/operator/controllers/targets/host_controller.go b/operator/controllers/targets/host_controller.go deleted file mode 100644 index 9ac2c2f5..00000000 --- a/operator/controllers/targets/host_controller.go +++ /dev/null @@ -1,236 +0,0 @@ -/* -Copyright 2020 iteratec GmbH. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controllers - -import ( - "context" - "fmt" - "reflect" - "time" - - "github.com/go-logr/logr" - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - ctrl "sigs.k8s.io/controller-runtime" - - "sigs.k8s.io/controller-runtime/pkg/client" - - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - targetsv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/targets/v1" -) - -var ( - ownerKey = ".metadata.controller" - apiGVStr = targetsv1.GroupVersion.String() -) - -// HostReconciler reconciles a Host object -type HostReconciler struct { - client.Client - Log logr.Logger - Scheme *runtime.Scheme -} - -type ScanTemplates struct { - Port int32 - Type string - ScanSpec executionv1.ScanSpec -} - -// +kubebuilder:rbac:groups=targets.experimental.securecodebox.io,resources=hosts,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=targets.experimental.securecodebox.io,resources=hosts/status,verbs=get;update;patch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scheduledscans,verbs=get;list;create -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scheduledscans/status,verbs=get - -// Reconcile comapares the Host Resource with the State of the Cluster and updates both accordingly -func (r *HostReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { - ctx := context.Background() - log := r.Log.WithValues("host", req.NamespacedName) - - var host targetsv1.Host - if err := r.Get(ctx, req.NamespacedName, &host); err != nil { - // we'll ignore not-found errors, since they can't be fixed by an immediate - // requeue (we'll need to wait for a new notification), and we can get them - // on deleted requests. - log.V(7).Info("Unable to fetch Host") - return ctrl.Result{}, client.IgnoreNotFound(err) - } - - scanTemplates := CreateScanTemplatesForHost(host) - - for _, scanTemplate := range scanTemplates { - scanName := fmt.Sprintf("%s-%s-%d", host.Name, scanTemplate.ScanSpec.ScanType, scanTemplate.Port) - - var scan executionv1.ScheduledScan - err := r.Get(ctx, types.NamespacedName{Name: scanName, Namespace: req.Namespace}, &scan) - if err != nil && apierrors.IsNotFound(err) { - // Scan doesn't exists yet. Thats allright, as we are going to create it directly after this :) - } else if err != nil { - log.Error(err, "Failed to lookup ScheduledScan for Host") - return ctrl.Result{}, err - } else { - log.V(4).Info("Wont create Scan for Host as the Scan already exists", "ScheduledScanName", scanName) - continue - } - - scan = executionv1.ScheduledScan{ - ObjectMeta: metav1.ObjectMeta{ - Name: scanName, - Namespace: host.Namespace, - }, - Spec: executionv1.ScheduledScanSpec{ - ScanSpec: &scanTemplate.ScanSpec, - Interval: metav1.Duration{Duration: 24 * time.Hour}, - HistoryLimit: 1, - }, - } - if err := ctrl.SetControllerReference(&host, &scan, r.Scheme); err != nil { - log.Error(err, "unable to set owner reference on ScheduledScan") - return ctrl.Result{}, err - } - - if err := r.Create(ctx, &scan); err != nil { - log.Error(err, "unable to create ScheduledScan for Host", "host", host.Name) - return ctrl.Result{}, err - } - log.Info("Created ScheduledScan for Target", "ScheduledScan", scanName) - } - - // Update Targets Findings Status - var childScans executionv1.ScheduledScanList - if err := r.List(ctx, &childScans, client.InNamespace(req.Namespace), client.MatchingFields{ownerKey: req.Name}); err != nil { - log.Error(err, "unable to list child ScheduledScans") - return ctrl.Result{}, err - } - - totalStats := executionv1.FindingStats{ - Count: 0, - FindingSeverities: executionv1.FindingSeverities{ - Informational: 0, - Low: 0, - Medium: 0, - High: 0, - }, - FindingCategories: map[string]uint64{}, - } - for _, scan := range childScans.Items { - stats := scan.Status.Findings - - totalStats.Count += stats.Count - totalStats.FindingSeverities.Informational += stats.FindingSeverities.Informational - totalStats.FindingSeverities.Low += stats.FindingSeverities.Low - totalStats.FindingSeverities.Medium += stats.FindingSeverities.Medium - totalStats.FindingSeverities.High += stats.FindingSeverities.High - - for key, value := range stats.FindingCategories { - if _, ok := totalStats.FindingCategories[key]; ok { - totalStats.FindingCategories[key] += value - } else { - totalStats.FindingCategories[key] = value - } - } - } - - if !reflect.DeepEqual(host.Status.Findings, totalStats) { - log.V(0).Info("Updating ScheduledScans Findings as they appear to have changed") - host.Status.Findings = *totalStats.DeepCopy() - if err := r.Status().Update(ctx, &host); err != nil { - log.Error(err, "unable to update Host status") - return ctrl.Result{}, err - } - } - - return ctrl.Result{}, nil -} - -// CreateScanTemplatesForHost defines which scans should be created for a Host -func CreateScanTemplatesForHost(host targetsv1.Host) []ScanTemplates { - var scanTemplates []ScanTemplates - - for _, port := range host.Spec.Ports { - if port.Type == "ssh" { - scanTemplates = append(scanTemplates, ScanTemplates{ - Port: port.Port, - Type: port.Type, - ScanSpec: executionv1.ScanSpec{ - ScanType: "ssh-scan", - Parameters: []string{"--target", host.Spec.Hostname, "--port", fmt.Sprintf("%d", port.Port)}, - }, - }) - } - if port.Type == "http" || port.Type == "https" { - scanTemplates = append(scanTemplates, ScanTemplates{ - Port: port.Port, - Type: port.Type, - ScanSpec: executionv1.ScanSpec{ - ScanType: "zap-baseline", - Parameters: []string{"-t", fmt.Sprintf("%s://%s:%d", port.Type, host.Spec.Hostname, port.Port)}, - }, - }) - } - if port.Type == "http" || port.Type == "https" { - scanTemplates = append(scanTemplates, ScanTemplates{ - Port: port.Port, - Type: port.Type, - ScanSpec: executionv1.ScanSpec{ - ScanType: "nikto", - Parameters: []string{"-h", fmt.Sprintf("%s://%s:%d", port.Type, host.Spec.Hostname, port.Port), "-Tuning", "1,2,3,5,7,b"}, - }, - }) - } - if port.Type == "https" { - scanTemplates = append(scanTemplates, ScanTemplates{ - Port: port.Port, - Type: port.Type, - ScanSpec: executionv1.ScanSpec{ - ScanType: "sslyze", - Parameters: []string{"--regular", fmt.Sprintf("%s:%d", host.Spec.Hostname, port.Port)}, - }, - }) - } - } - - return scanTemplates -} - -// SetupWithManager sets up the controller and initializes every thing it needs -func (r *HostReconciler) SetupWithManager(mgr ctrl.Manager) error { - if err := mgr.GetFieldIndexer().IndexField(&executionv1.ScheduledScan{}, ownerKey, func(rawObj runtime.Object) []string { - // grab the scan object, extract the owner... - scheduledScan := rawObj.(*executionv1.ScheduledScan) - owner := metav1.GetControllerOf(scheduledScan) - if owner == nil { - return nil - } - // ...make sure it's a Scan belonging to a Host... - if owner.APIVersion != apiGVStr || owner.Kind != "Host" { - return nil - } - - // ...and if so, return it - return []string{owner.Name} - }); err != nil { - return err - } - - return ctrl.NewControllerManagedBy(mgr). - For(&targetsv1.Host{}). - Owns(&executionv1.ScheduledScan{}). - Complete(r) -} diff --git a/operator/controllers/targets/suite_test.go b/operator/controllers/targets/suite_test.go deleted file mode 100644 index 7f9147dd..00000000 --- a/operator/controllers/targets/suite_test.go +++ /dev/null @@ -1,81 +0,0 @@ -/* -Copyright 2020 iteratec GmbH. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controllers - -import ( - "path/filepath" - "testing" - - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" - "k8s.io/client-go/kubernetes/scheme" - "k8s.io/client-go/rest" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/envtest" - "sigs.k8s.io/controller-runtime/pkg/envtest/printer" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - - targetsv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/targets/v1" - // +kubebuilder:scaffold:imports -) - -// These tests use Ginkgo (BDD-style Go testing framework). Refer to -// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. - -var cfg *rest.Config -var k8sClient client.Client -var testEnv *envtest.Environment - -func TestAPIs(t *testing.T) { - RegisterFailHandler(Fail) - - RunSpecsWithDefaultAndCustomReporters(t, - "Controller Suite", - []Reporter{printer.NewlineReporter{}}) -} - -var _ = BeforeSuite(func(done Done) { - logf.SetLogger(zap.LoggerTo(GinkgoWriter, true)) - - By("bootstrapping test environment") - testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, - } - - var err error - cfg, err = testEnv.Start() - Expect(err).ToNot(HaveOccurred()) - Expect(cfg).ToNot(BeNil()) - - err = targetsv1.AddToScheme(scheme.Scheme) - Expect(err).NotTo(HaveOccurred()) - - // +kubebuilder:scaffold:scheme - - k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) - Expect(err).ToNot(HaveOccurred()) - Expect(k8sClient).ToNot(BeNil()) - - close(done) -}, 60) - -var _ = AfterSuite(func() { - By("tearing down the test environment") - err := testEnv.Stop() - Expect(err).ToNot(HaveOccurred()) -}) diff --git a/operator/config/crd/bases/cascading.experimental.securecodebox.io_cascadingrules.yaml b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml similarity index 99% rename from operator/config/crd/bases/cascading.experimental.securecodebox.io_cascadingrules.yaml rename to operator/crds/cascading.securecodebox.io_cascadingrules.yaml index 6f882ef0..7fc15ea5 100644 --- a/operator/config/crd/bases/cascading.experimental.securecodebox.io_cascadingrules.yaml +++ b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: cascadingrules.cascading.experimental.securecodebox.io + name: cascadingrules.cascading.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.scanSpec.scanType @@ -23,7 +23,7 @@ spec: 'light' or 'medium' name: Intensiveness type: string - group: cascading.experimental.securecodebox.io + group: cascading.securecodebox.io names: kind: CascadingRule listKind: CascadingRuleList diff --git a/operator/crds/execution.experimental.securecodebox.io_parsedefinitions.yaml b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml similarity index 84% rename from operator/crds/execution.experimental.securecodebox.io_parsedefinitions.yaml rename to operator/crds/execution.securecodebox.io_parsedefinitions.yaml index 00293fec..11d8db42 100644 --- a/operator/crds/execution.experimental.securecodebox.io_parsedefinitions.yaml +++ b/operator/crds/execution.securecodebox.io_parsedefinitions.yaml @@ -6,18 +6,14 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: parsedefinitions.execution.experimental.securecodebox.io + name: parsedefinitions.execution.securecodebox.io spec: additionalPrinterColumns: - - JSONPath: .spec.handlesResultsType - description: Which result file type the parser is able to handle - name: Handles Type - type: string - JSONPath: .spec.image description: Scanner Container Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ParseDefinition listKind: ParseDefinitionList @@ -44,13 +40,12 @@ spec: spec: description: ParseDefinitionSpec defines the desired state of ParseDefinition properties: - handlesResultsType: - description: Foo is an example field of ParseDefinition. Edit ParseDefinition_types.go - to remove/update - type: string image: + description: Image is the reference to the parser container image which + ca transform the raw scan report into findings type: string imagePullSecrets: + description: ImagePullSecrets used to access private parser images items: description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml similarity index 97% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml rename to operator/crds/execution.securecodebox.io_scancompletionhooks.yaml index 6e74e988..4c96e092 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml +++ b/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scancompletionhooks.execution.experimental.securecodebox.io + name: scancompletionhooks.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.type @@ -17,7 +17,7 @@ spec: description: ScanCompletionHook Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScanCompletionHook listKind: ScanCompletionHookList @@ -160,8 +160,8 @@ spec: description: ServiceAccountName Name of the serviceAccount Name used. Should only be used if your hook needs specifc RBAC Access. Otherwise the hook is run using a "scan-completion-hook" service account. The - service account should have at least "get" rights on scans.execution.experimental.securecodebox.io, - and "get" & "patch" scans.execution.experimental.securecodebox.io/status + service account should have at least "get" rights on scans.execution.securecodebox.io, + and "get" & "patch" scans.execution.securecodebox.io/status type: string type: description: HookType Defines weather the hook should be able to change diff --git a/operator/crds/execution.experimental.securecodebox.io_scans.yaml b/operator/crds/execution.securecodebox.io_scans.yaml similarity index 97% rename from operator/crds/execution.experimental.securecodebox.io_scans.yaml rename to operator/crds/execution.securecodebox.io_scans.yaml index a5ee337a..847ca6ed 100644 --- a/operator/crds/execution.experimental.securecodebox.io_scans.yaml +++ b/operator/crds/execution.securecodebox.io_scans.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scans.execution.experimental.securecodebox.io + name: scans.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .metadata.uid @@ -31,7 +31,7 @@ spec: name: Parameters priority: 1 type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: Scan listKind: ScanList @@ -252,6 +252,11 @@ spec: type: integer type: object type: object + finishedAt: + description: FinishedAt contains the time where the scan (including + parser & hooks) has been marked as "Done" + format: date-time + type: string rawResultFile: description: RawResultFile Filename of the result file of the scanner. e.g. `nmap-result.xml` diff --git a/operator/crds/execution.experimental.securecodebox.io_scantypes.yaml b/operator/crds/execution.securecodebox.io_scantypes.yaml similarity index 99% rename from operator/crds/execution.experimental.securecodebox.io_scantypes.yaml rename to operator/crds/execution.securecodebox.io_scantypes.yaml index 97a148b3..668c328a 100644 --- a/operator/crds/execution.experimental.securecodebox.io_scantypes.yaml +++ b/operator/crds/execution.securecodebox.io_scantypes.yaml @@ -6,14 +6,14 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scantypes.execution.experimental.securecodebox.io + name: scantypes.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .spec.jobTemplate.spec.template.spec.containers[0].image description: Scanner Container Image name: Image type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScanType listKind: ScanTypeList diff --git a/operator/crds/execution.experimental.securecodebox.io_scheduledscans.yaml b/operator/crds/execution.securecodebox.io_scheduledscans.yaml similarity index 95% rename from operator/crds/execution.experimental.securecodebox.io_scheduledscans.yaml rename to operator/crds/execution.securecodebox.io_scheduledscans.yaml index 2bb27a8f..a51d9f3e 100644 --- a/operator/crds/execution.experimental.securecodebox.io_scheduledscans.yaml +++ b/operator/crds/execution.securecodebox.io_scheduledscans.yaml @@ -6,7 +6,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: scheduledscans.execution.experimental.securecodebox.io + name: scheduledscans.execution.securecodebox.io spec: additionalPrinterColumns: - JSONPath: .metadata.uid @@ -31,7 +31,7 @@ spec: name: Parameters priority: 1 type: string - group: execution.experimental.securecodebox.io + group: execution.securecodebox.io names: kind: ScheduledScan listKind: ScheduledScanList @@ -59,20 +59,12 @@ spec: spec: description: ScheduledScanSpec defines the desired state of ScheduledScan properties: - historyLimit: - description: HistoryLimit determines how many past Scans will be kept - until the oldest one will be delted, defaults to 3. When set to 0 - Scans will be deleted directly after completion - format: int64 - type: integer interval: description: 'Interval describes how often the scan should be repeated - Examples: ''12h'', ''7d'', ''30m'' (only days, hours and minutes supported, - specified as integers)' + Examples: ''12h'', ''30m''' type: string scanSpec: - description: Foo is an example field of ScheduledScan. Edit ScheduledScan_types.go - to remove/update + description: ScanSpec describes the scan which should be started regularly properties: cascades: description: A label selector is a label query over a set of resources. @@ -232,6 +224,13 @@ spec: scanType: type: string type: object + successfulJobsHistoryLimit: + description: SuccessfulJobsHistoryLimit determines how many past Scans + will be kept until the oldest one will be deleted, defaults to 3. + When set to 0, Scans will be deleted directly after completion + format: int32 + minimum: 0 + type: integer required: - interval - scanSpec diff --git a/operator/crds/targets.experimental.securecodebox.io_hosts.yaml b/operator/crds/targets.experimental.securecodebox.io_hosts.yaml deleted file mode 100644 index 4079b62c..00000000 --- a/operator/crds/targets.experimental.securecodebox.io_hosts.yaml +++ /dev/null @@ -1,124 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.4 - creationTimestamp: null - name: hosts.targets.experimental.securecodebox.io -spec: - additionalPrinterColumns: - - JSONPath: .spec.hostname - name: Hostname - type: string - - JSONPath: .spec.ports - description: Ports of the Host - name: Ports - type: string - - JSONPath: .status.findings.count - description: Total Finding Count - name: Findings - type: string - group: targets.experimental.securecodebox.io - names: - kind: Host - listKind: HostList - plural: hosts - singular: host - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Host is the Schema for the hosts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HostSpec defines the desired state of Host - properties: - hostname: - description: 'Hostname contains the dns name of the host TODO: Add an - IPAddress Field' - type: string - ports: - items: - description: HostPort describes a Port of a Host - properties: - port: - description: The port number - format: int32 - minimum: 0 - type: integer - type: - type: string - required: - - port - - type - type: object - type: array - required: - - hostname - - ports - type: object - status: - description: HostStatus defines the observed state of Host - properties: - findings: - description: FindingStats contains the general stats about the results - of the scan - properties: - categories: - additionalProperties: - format: int64 - type: integer - description: FindingCategories indicates the count of finding broken - down by their categories - type: object - count: - description: Count indicates how many findings were identified in - total - format: int64 - type: integer - severities: - description: FindingSeverities indicates the count of finding with - the respective severity - properties: - high: - format: int64 - type: integer - informational: - format: int64 - type: integer - low: - format: int64 - type: integer - medium: - format: int64 - type: integer - type: object - type: object - type: object - type: object - version: v1 - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/operator/go.mod b/operator/go.mod index 97c7be87..1049ceba 100644 --- a/operator/go.mod +++ b/operator/go.mod @@ -1,6 +1,6 @@ -module github.com/secureCodeBox/secureCodeBox-v2-alpha/operator +module github.com/secureCodeBox/secureCodeBox-v2/operator -go 1.13 +go 1.15 require ( github.com/go-logr/logr v0.1.0 diff --git a/operator/go.sum b/operator/go.sum index 5643d29d..5083a63c 100644 --- a/operator/go.sum +++ b/operator/go.sum @@ -254,7 +254,8 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/secureCodeBox/secureCodeBox-v2-alpha v0.0.0-20200526134830-4f0a0ddfccc0 h1:cmPDEtYAxHRmOmMuKUKe90RjJUjALqiXnJtPB4VGe44= +github.com/secureCodeBox/secureCodeBox-v2 v0.0.0-20200526134830-4f0a0ddfccc0 h1:cmPDEtYAxHRmOmMuKUKe90RjJUjALqiXnJtPB4VGe44= +github.com/secureCodeBox/secureCodeBox-v2 v2.0.0-rc.1+incompatible h1:beH1o7Y/nuUUkE0OutEPMkJ6ml+jnq27CFGWJq1NFS0= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= diff --git a/operator/helm2.Chart.yaml b/operator/helm2.Chart.yaml new file mode 100644 index 00000000..82a33722 --- /dev/null +++ b/operator/helm2.Chart.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +name: operator +description: secureCodeBox Operator to automate the execution of security scans on kubernetes + +type: application + +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +kubeVersion: ">=v1.11.0" + +keywords: + - security + - secureCodeBox + - operator +home: https://docs.securecodebox.io/docs/getting-started/installation +icon: https://docs.securecodebox.io/img/Logo_Color.svg +sources: + - https://github.com/secureCodeBox/secureCodeBox-v2 +maintainers: + - name: iteratec GmbH + email: secureCodeBox@iteratec.com + +dependencies: + - name: minio + version: 5.0.19 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: minio.enabled diff --git a/operator/helm2.requirements.lock b/operator/helm2.requirements.lock new file mode 100644 index 00000000..19603208 --- /dev/null +++ b/operator/helm2.requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: minio + repository: https://kubernetes-charts.storage.googleapis.com/ + version: 5.0.19 +digest: sha256:13a3a902e7ac7dcc7124ab858344b5bebe9ab623d06ee9c8d5a1cc3f467a36bb +generated: "2020-08-10T13:09:59.053995+02:00" \ No newline at end of file diff --git a/operator/helm2.requirements.yaml b/operator/helm2.requirements.yaml new file mode 100644 index 00000000..332ba206 --- /dev/null +++ b/operator/helm2.requirements.yaml @@ -0,0 +1,5 @@ +dependencies: + - name: minio + version: 5.0.19 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: minio.enabled diff --git a/operator/internal/telemetry/telemetry.go b/operator/internal/telemetry/telemetry.go new file mode 100644 index 00000000..4ad69b46 --- /dev/null +++ b/operator/internal/telemetry/telemetry.go @@ -0,0 +1,101 @@ +package telemetry + +import ( + "bytes" + "context" + "encoding/json" + "net/http" + "os" + "time" + + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/go-logr/logr" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var telemetryInterval = 24 * time.Hour + +// officialScanTypes contains the list of official secureCodeBox Scan Types. +// Unofficial Scan Types should be reported as "other" to avoid leakage of confidential data via the scan-types name +var officialScanTypes map[string]bool = map[string]bool{ + "amass": true, + "kube-hunter": true, + "kubeaudit": true, + "ncrack": true, + "nikto": true, + "nmap": true, + "ssh-scan": true, + "sslyze": true, + "trivy": true, + "wpscan": true, + "zap-baseline": true, + "zap-api-scan": true, + "zap-full-scan": true, +} + +// telemetryData submitted by operator +type telemetryData struct { + Version string `json:"version"` + InstalledScanTypes []string `json:"installedScanTypes"` +} + +// Loop Submits Telemetry Data in a regular interval +func Loop(apiClient client.Client, log logr.Logger) { + log.Info("The Operator sends anonymous telemetry data, to give the team an overview how much the secureCodeBox is used. Find out more at https://www.securecodebox.io/telemetry") + + // Wait 1hour to give users time to uninstall / disable telemetry + time.Sleep(1 * time.Hour) + + for { + var version string + if envVersion, ok := os.LookupEnv("VERSION"); ok { + version = envVersion + } else { + version = "unkown" + } + + ctx := context.Background() + + installedScanTypes := map[string]bool{} + var scanTypes executionv1.ScanTypeList + err := apiClient.List(ctx, &scanTypes, client.InNamespace(metav1.NamespaceAll)) + + if err != nil { + log.Error(err, "Failed to list ScanTypes") + } + for _, scanType := range scanTypes.Items { + installedScanTypes[scanType.Name] = true + } + + installedScanTypesList := []string{} + for key := range installedScanTypes { + if _, ok := officialScanTypes[key]; ok { + installedScanTypesList = append(installedScanTypesList, key) + } else { + installedScanTypesList = append(installedScanTypesList, "other") + } + } + + log.Info("Submitting Anonymous Telemetry Data", "Version", version, "InstalledScanTypes", installedScanTypesList) + + reqBody, err := json.Marshal(telemetryData{ + Version: version, + InstalledScanTypes: installedScanTypesList, + }) + + if err != nil { + log.Error(err, "Failed to encode telemetry data to json") + } + response, err := http.Post("https://telemetry.chase.securecodebox.io/v1/submit", "application/json", bytes.NewBuffer(reqBody)) + if err != nil { + log.Error(err, "Failed to send telemetry data") + } + if response != nil { + response.Body.Close() + } + + time.Sleep(telemetryInterval) + } +} diff --git a/operator/main.go b/operator/main.go index 4551bac9..2c02cc25 100644 --- a/operator/main.go +++ b/operator/main.go @@ -26,12 +26,11 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/log/zap" - cascadingv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/cascading/v1" - executionv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/execution/v1" - targetsv1 "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/apis/targets/v1" - executioncontroller "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/controllers/execution" - scancontroller "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/controllers/execution/scans" - targetscontroller "github.com/secureCodeBox/secureCodeBox-v2-alpha/operator/controllers/targets" + cascadingv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/cascading/v1" + executionv1 "github.com/secureCodeBox/secureCodeBox-v2/operator/apis/execution/v1" + executioncontroller "github.com/secureCodeBox/secureCodeBox-v2/operator/controllers/execution" + scancontroller "github.com/secureCodeBox/secureCodeBox-v2/operator/controllers/execution/scans" + "github.com/secureCodeBox/secureCodeBox-v2/operator/internal/telemetry" // +kubebuilder:scaffold:imports ) @@ -44,7 +43,6 @@ func init() { _ = clientgoscheme.AddToScheme(scheme) _ = executionv1.AddToScheme(scheme) - _ = targetsv1.AddToScheme(scheme) _ = cascadingv1.AddToScheme(scheme) // +kubebuilder:scaffold:scheme } @@ -65,7 +63,7 @@ func main() { MetricsBindAddress: metricsAddr, Port: 9443, LeaderElection: enableLeaderElection, - LeaderElectionID: "e341d981.experimental.securecodebox.io", + LeaderElectionID: "e341d981.securecodebox.io", }) if err != nil { setupLog.Error(err, "unable to start manager") @@ -88,16 +86,12 @@ func main() { setupLog.Error(err, "unable to create controller", "controller", "ScheduledScan") os.Exit(1) } - if err = (&targetscontroller.HostReconciler{ - Client: mgr.GetClient(), - Log: ctrl.Log.WithName("controllers").WithName("Host"), - Scheme: mgr.GetScheme(), - }).SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "Host") - os.Exit(1) - } // +kubebuilder:scaffold:builder + if enabled, ok := os.LookupEnv("TELEMETRY_ENABLED"); ok && enabled == "true" { + go telemetry.Loop(mgr.GetClient(), ctrl.Log.WithName("telemetry")) + } + setupLog.Info("starting manager") if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { setupLog.Error(err, "problem running manager") diff --git a/operator/templates/NOTES.txt b/operator/templates/NOTES.txt new file mode 100644 index 00000000..98256c15 --- /dev/null +++ b/operator/templates/NOTES.txt @@ -0,0 +1,15 @@ +secureCodeBox Operator Deployed ๐Ÿš€ + +The operator can orchestrate the execution of various security scanning tools inside of your cluster. +You can find a list of all officially supported scanners here: https://www.securecodebox.io/integrations/ +The website also lists other integrations, like persisting scan results to DefectDojo or Elasticsearch. + +{{ if .Values.telemetryEnabled -}} +The operator send out regular telemetry pings to a central service. +This lets us, the secureCodeBox team, get a grasp on how much the secureCodeBox is used. +The submitted data is chosen to be as anonymous as possible. +You can find a complete report of the data submitted and links to the source-code at: https://www.securecodebox.io/telemetry +The first ping is send one hour after the install, you can prevent this by upgrading the chart and setting `telemetryEnabled` to `false`. +{{ else -}} +Telemetry data collection has been disabled. +{{ end -}} \ No newline at end of file diff --git a/operator/templates/manager/manager.yaml b/operator/templates/manager/manager.yaml index 2ee84703..75b7a795 100644 --- a/operator/templates/manager/manager.yaml +++ b/operator/templates/manager/manager.yaml @@ -20,14 +20,14 @@ spec: - /manager args: - --enable-leader-election - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager env: + - name: TELEMETRY_ENABLED + value: {{ .Values.telemetryEnabled | quote }} + - name: VERSION + value: {{ .Chart.Version | quote }} # TODO: integrate with cert manager and auto gen a cert for minio {{- if .Values.minio.enabled }} - name: S3_USE_SSL @@ -64,22 +64,19 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.keySecret }} - key: accesskey + key: {{ .Values.s3.secretAttributeNames.accesskey }} - name: S3_SECRET_KEY valueFrom: secretKeyRef: name: {{ .Values.s3.keySecret }} - key: secretkey - {{- end }} - {{- if .Values.lurcher.image.digest }} + key: {{ .Values.s3.secretAttributeNames.secretkey }} + {{- end }} - name: LURCHER_IMAGE - value: "{{ .Values.lurcher.image.registry }}/{{ .Values.lurcher.image.repository }}@{{ .Values.lurcher.image.digest }}" - {{- else }} - - name: LURCHER_IMAGE - value: "{{ .Values.lurcher.image.registry }}/{{ .Values.lurcher.image.repository }}:{{ .Values.lurcher.image.tag }}" - {{- end }} + value: "{{ .Values.lurcher.image.repository }}:{{ .Values.lurcher.image.tag | default .Chart.Version }}" - name: LURCHER_PULL_POLICY value: {{ .Values.lurcher.image.pullPolicy }} resources: {{- toYaml .Values.resources | nindent 12 }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} terminationGracePeriodSeconds: 10 diff --git a/operator/templates/rbac/host_editor_role.yaml b/operator/templates/rbac/host_editor_role.yaml deleted file mode 100644 index 95ef4241..00000000 --- a/operator/templates/rbac/host_editor_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to edit hosts. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: host-editor-role -rules: -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get diff --git a/operator/templates/rbac/host_viewer_role.yaml b/operator/templates/rbac/host_viewer_role.yaml deleted file mode 100644 index a8d063cb..00000000 --- a/operator/templates/rbac/host_viewer_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# permissions for end users to view hosts. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: host-viewer-role -rules: -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - get - - list - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get diff --git a/operator/templates/rbac/parsedefinition_editor_role.yaml b/operator/templates/rbac/parsedefinition_editor_role.yaml index 51759daf..e1beeb6a 100644 --- a/operator/templates/rbac/parsedefinition_editor_role.yaml +++ b/operator/templates/rbac/parsedefinition_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: parsedefinition-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions/status verbs: diff --git a/operator/templates/rbac/parsedefinition_viewer_role.yaml b/operator/templates/rbac/parsedefinition_viewer_role.yaml index a4d6b98d..fca9d3e1 100644 --- a/operator/templates/rbac/parsedefinition_viewer_role.yaml +++ b/operator/templates/rbac/parsedefinition_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: parsedefinition-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions/status verbs: diff --git a/operator/templates/rbac/role.yaml b/operator/templates/rbac/role.yaml index b1bd525a..b4209542 100644 --- a/operator/templates/rbac/role.yaml +++ b/operator/templates/rbac/role.yaml @@ -34,7 +34,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - parsedefinitions verbs: @@ -42,7 +42,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scancompletionhooks verbs: @@ -50,7 +50,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -62,7 +62,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: @@ -70,7 +70,7 @@ rules: - patch - update - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -78,7 +78,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -90,7 +90,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: @@ -115,23 +115,3 @@ rules: - get - list - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - targets.experimental.securecodebox.io - resources: - - hosts/status - verbs: - - get - - patch - - update diff --git a/operator/templates/rbac/scan_editor_role.yaml b/operator/templates/rbac/scan_editor_role.yaml index 7d318019..da18687f 100644 --- a/operator/templates/rbac/scan_editor_role.yaml +++ b/operator/templates/rbac/scan_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scan-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: diff --git a/operator/templates/rbac/scan_viewer_role.yaml b/operator/templates/rbac/scan_viewer_role.yaml index e2fde72a..9252998e 100644 --- a/operator/templates/rbac/scan_viewer_role.yaml +++ b/operator/templates/rbac/scan_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scan-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scans/status verbs: diff --git a/operator/templates/rbac/scantype_editor_role.yaml b/operator/templates/rbac/scantype_editor_role.yaml index b9127ef1..d94247b9 100644 --- a/operator/templates/rbac/scantype_editor_role.yaml +++ b/operator/templates/rbac/scantype_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scantype-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes/status verbs: diff --git a/operator/templates/rbac/scantype_viewer_role.yaml b/operator/templates/rbac/scantype_viewer_role.yaml index 94175088..d1c09aa2 100644 --- a/operator/templates/rbac/scantype_viewer_role.yaml +++ b/operator/templates/rbac/scantype_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scantype-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scantypes/status verbs: diff --git a/operator/templates/rbac/scheduledscan_editor_role.yaml b/operator/templates/rbac/scheduledscan_editor_role.yaml index 91183cc2..5ec1b65f 100644 --- a/operator/templates/rbac/scheduledscan_editor_role.yaml +++ b/operator/templates/rbac/scheduledscan_editor_role.yaml @@ -5,7 +5,7 @@ metadata: name: scheduledscan-editor-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -17,7 +17,7 @@ rules: - update - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: diff --git a/operator/templates/rbac/scheduledscan_viewer_role.yaml b/operator/templates/rbac/scheduledscan_viewer_role.yaml index 94a400db..14c781bf 100644 --- a/operator/templates/rbac/scheduledscan_viewer_role.yaml +++ b/operator/templates/rbac/scheduledscan_viewer_role.yaml @@ -5,7 +5,7 @@ metadata: name: scheduledscan-viewer-role rules: - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans verbs: @@ -13,7 +13,7 @@ rules: - list - watch - apiGroups: - - execution.experimental.securecodebox.io + - execution.securecodebox.io resources: - scheduledscans/status verbs: diff --git a/operator/values.yaml b/operator/values.yaml index 2a6e396d..d1bb333d 100644 --- a/operator/values.yaml +++ b/operator/values.yaml @@ -2,47 +2,75 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# telemetryEnabled -- The Operator sends anonymous telemetry data, to give the team an overview how much the secureCodeBox is used. Find out more at https://www.securecodebox.io/telemetry +telemetryEnabled: true + image: - registry: docker.io - repository: scbexperimental/operator - tag: latest - digest: null + # image.repository -- The operator image repository + repository: docker.io/securecodebox/operator + # image.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null + # image.pullPolicy -- Image pull policy pullPolicy: Always +securityContext: + # securityContext.runAsNonRoot -- Enforces that the Operator image is run as a non root user + runAsNonRoot: true + # securityContext.readOnlyRootFilesystem -- Prevents write access to the containers file system + readOnlyRootFilesystem: true + # securityContext.allowPrivilegeEscalation -- Ensure that users privileges cannot be escalated + allowPrivilegeEscalation: false + # securityContext.privileged -- Ensures that the operator container is not run in privileged mode + privileged: false + capabilities: + drop: + # securityContext.capabilities.drop[0] -- This drops all linux privileges from the operator container. They are not required + - all + lurcher: image: - registry: docker.io - repository: scbexperimental/lurcher + # lurcher.image.repository -- The operator image repository + repository: docker.io/securecodebox/lurcher + # lurcher.image.tag -- Parser image tag + # @default -- defaults to the charts version tag: null - digest: "sha256:0e9f18f85809fb8c042543657d340949db14e81fc727bf9fab4421befd317850" - pullPolicy: IfNotPresent + # lurcher.image.pullPolicy -- Image pull policy + pullPolicy: Always minio: + # minio.enabled Enable this to use minio as storage backend instead of a cloud bucket provider like AWS S3, Google Cloud Storage, DigitalOcean Spaces etc. enabled: true defaultBucket: enabled: true name: "securecodebox" # Config for external s3 systems -# enable this and disable minio if you want to directly connect agains AWS S3, Google Cloud Storage, DigitalOcean Spaces etc. s3: + # s3.enabled Enable this and disable minio if you want to directly connect agains AWS S3, Google Cloud Storage, DigitalOcean Spaces etc. enabled: false endpoint: "fra1.digitaloceanspaces.com" bucket: "my-bucket" # Implicit 443. You probably only need to change this when the system uses a non default port port: null - # Name to a k8s secret with 'accesskey' and 'secretkey' as attributes in the same namespace as this release + # Name to a k8s secret in the same namespace as this release with credentials to the s3 bucket + # By default this assumes to have 'accesskey' and 'secretkey' as attributes # Example creation via kubectl: # kubectl create secret generic my-secret --from-literal=accessKey="******" --from-literal=secretKey="******" keySecret: my-secret + # Names to the attributes in the s3 secret + secretAttributeNames: + accesskey: accesskey + secretkey: secretkey # # Config for the operator ressource limits # +# resources -- CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) resources: limits: cpu: 100m memory: 30Mi requests: cpu: 100m - memory: 20Mi \ No newline at end of file + memory: 20Mi diff --git a/package.json b/package.json index 11ccfe50..e8abf5b9 100644 --- a/package.json +++ b/package.json @@ -2,22 +2,39 @@ "name": "securecodebox", "version": "1.0.0", "description": "", + "homepage": "https://github.com/secureCodeBox/secureCodeBox-v2#readme", + "repository": { + "type": "git", + "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2.git" + }, "main": "index.js", "scripts": { "test": "jest", "lint": "eslint **/*.js" }, - "repository": { - "type": "git", - "url": "git+https://github.com/secureCodeBox/secureCodeBox-v2-alpha.git" + "keywords": [ + "secureCodeBox", + "security" + ], + "author": { + "name": "iteratec GmbH", + "email": "security@iteratec.com", + "url": "https://www.iteratec.com" }, - "keywords": [], - "author": "", - "license": "ISC", + "contributors": [ + { + "name" : "Jannik Hollenbach", + "url" : "https://github.com/J12934" + }, + { + "name" : "Robert Seedorff", + "url" : "https://github.com/rseedorff" + } + ], "bugs": { - "url": "https://github.com/secureCodeBox/secureCodeBox-v2-alpha/issues" + "url": "https://github.com/secureCodeBox/secureCodeBox-v2/issues" }, - "homepage": "https://github.com/secureCodeBox/secureCodeBox-v2-alpha#readme", + "license": "Apache-2.0", "devDependencies": { "eslint": "^6.8.0", "eslint-config-oclif": "^3.1.0", diff --git a/parser-sdk/nodejs/Dockerfile b/parser-sdk/nodejs/Dockerfile index 23aa0dd6..7382046e 100644 --- a/parser-sdk/nodejs/Dockerfile +++ b/parser-sdk/nodejs/Dockerfile @@ -5,10 +5,10 @@ RUN npm ci --production FROM node:12-alpine ARG NODE_ENV -RUN addgroup -S app && adduser app -S -G app +RUN addgroup --system --gid 1001 app && adduser app --system --uid 1001 --ingroup app WORKDIR /home/app/parser-wrapper/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ COPY --chown=app:app ./parser-wrapper.js ./parser-wrapper.js -USER app +USER 1001 ENV NODE_ENV ${NODE_ENV:-production} -ENTRYPOINT ["node", "/home/app/parser-wrapper/parser-wrapper.js"] \ No newline at end of file +ENTRYPOINT ["node", "/home/app/parser-wrapper/parser-wrapper.js"] diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index 993fb019..388ed01a 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -457,13 +457,15 @@ } }, "@kubernetes/client-node": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.0.tgz", - "integrity": "sha512-u57q5IaZl91f7YZoZOsgCa31hHyowHxFG88XZXd8arI8heSxbdHWHineo/8mLZbeSbHkge9Awae1stQZzuTnjg==", + "version": "0.12.2", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.2.tgz", + "integrity": "sha512-J0UwyFl1Iv/IZ6WMP7LaizBEoKPnqwtc8tIO2q/X+EuDT7eGpPPAMHXSEOC/EI9JGIf0FaJEcDHhB/Dio/mKhw==", "requires": { "@types/js-yaml": "^3.12.1", "@types/node": "^10.12.0", "@types/request": "^2.47.1", + "@types/stream-buffers": "^3.0.3", + "@types/tar": "^4.0.3", "@types/underscore": "^1.8.9", "@types/ws": "^6.0.1", "byline": "^5.0.0", @@ -471,29 +473,35 @@ "isomorphic-ws": "^4.0.1", "js-yaml": "^3.13.1", "jsonpath-plus": "^0.19.0", - "openid-client": "2.5.0", + "openid-client": "^4.1.1", "request": "^2.88.0", "rfc4648": "^1.3.0", "shelljs": "^0.8.2", + "stream-buffers": "^3.0.2", + "tar": "^6.0.2", + "tmp-promise": "^3.0.2", "tslib": "^1.9.3", "underscore": "^1.9.1", - "ws": "^6.1.0" - }, - "dependencies": { - "ws": { - "version": "6.2.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz", - "integrity": "sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==", - "requires": { - "async-limiter": "~1.0.0" - } - } + "ws": "^7.3.1" } }, + "@panva/asn1.js": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz", + "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw==" + }, "@sindresorhus/is": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.7.0.tgz", - "integrity": "sha512-ONhaKPIufzzrlNbqtWFFd+jlnemX6lJAgq9ZeiZtS7I1PIf/la7CW4m83rTXRnVnsMbW2k56pGYu7AUFJD9Pow==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.2.tgz", + "integrity": "sha512-JiX9vxoKMmu8Y3Zr2RVathBL1Cdu4Nt4MuNWemt1Nc06A0RAin9c5FArkhGsyMBWfCu4zj+9b+GxtjAnE4qqLQ==" + }, + "@szmarczak/http-timer": { + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-4.0.5.tgz", + "integrity": "sha512-PyRA9sm1Yayuj5OIoJ1hGt2YISX45w9WcFbh6ddT0Z/0yaFxOtGLInr4jUfU1EAFVs0Yfyfev4RNwBlUaHdlDQ==", + "requires": { + "defer-to-connect": "^2.0.0" + } }, "@types/babel__core": { "version": "7.1.6", @@ -536,11 +544,27 @@ "@babel/types": "^7.3.0" } }, + "@types/cacheable-request": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/@types/cacheable-request/-/cacheable-request-6.0.1.tgz", + "integrity": "sha512-ykFq2zmBGOCbpIXtoVbz4SKY5QriWPh3AjyU4G74RYbtt5yOc5OfaY75ftjg7mikMOla1CTGpX3lLbuJh8DTrQ==", + "requires": { + "@types/http-cache-semantics": "*", + "@types/keyv": "*", + "@types/node": "*", + "@types/responselike": "*" + } + }, "@types/caseless": { "version": "0.12.2", "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" }, + "@types/http-cache-semantics": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.0.tgz", + "integrity": "sha512-c3Xy026kOF7QOTn00hbIllV1dLR9hG9NkSrLQgCVs8NF6sBU+VGWjD3wLPhmh1TYAc7ugCFsvHYMN4VcBN1U1A==" + }, "@types/istanbul-lib-coverage": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.1.tgz", @@ -567,14 +591,30 @@ } }, "@types/js-yaml": { - "version": "3.12.4", - "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.4.tgz", - "integrity": "sha512-fYMgzN+9e28R81weVN49inn/u798ruU91En1ZnGvSZzCRc5jXx9B2EDhlRaWmcO1RIxFHL8AajRXzxDuJu93+A==" + "version": "3.12.5", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.5.tgz", + "integrity": "sha512-JCcp6J0GV66Y4ZMDAQCXot4xprYB+Zfd3meK9+INSJeVZwJmHAW30BBEEkPzXswMXuiyReUGOP3GxrADc9wPww==" + }, + "@types/keyv": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/@types/keyv/-/keyv-3.1.1.tgz", + "integrity": "sha512-MPtoySlAZQ37VoLaPcTHCu1RWJ4llDkULYZIzOYxlhxBqYPB0RsRlmMU0R6tahtFe27mIdkHV+551ZWV4PLmVw==", + "requires": { + "@types/node": "*" + } + }, + "@types/minipass": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@types/minipass/-/minipass-2.2.0.tgz", + "integrity": "sha512-wuzZksN4w4kyfoOv/dlpov4NOunwutLA/q7uc00xU02ZyUY+aoM5PWIXEKBMnm0NHd4a+N71BMjq+x7+2Af1fg==", + "requires": { + "@types/node": "*" + } }, "@types/node": { - "version": "10.17.26", - "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.26.tgz", - "integrity": "sha512-myMwkO2Cr82kirHY8uknNRHEVtn0wV3DTQfkrjx17jmkstDRZ24gNUdl8AHXVyVclTYI/bNjgTPTAWvWLqXqkw==" + "version": "10.17.35", + "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.35.tgz", + "integrity": "sha512-gXx7jAWpMddu0f7a+L+txMplp3FnHl53OhQIF9puXKq3hDGY/GjH+MF04oWnV/adPSCrbtHumDCFwzq2VhltWA==" }, "@types/request": { "version": "2.48.5", @@ -587,21 +627,46 @@ "form-data": "^2.5.0" } }, + "@types/responselike": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@types/responselike/-/responselike-1.0.0.tgz", + "integrity": "sha512-85Y2BjiufFzaMIlvJDvTTB8Fxl2xfLo4HgmHzVBz08w4wDePCTjYw66PdrolO0kzli3yam/YCgRufyo1DdQVTA==", + "requires": { + "@types/node": "*" + } + }, "@types/stack-utils": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", "dev": true }, + "@types/stream-buffers": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/@types/stream-buffers/-/stream-buffers-3.0.3.tgz", + "integrity": "sha512-NeFeX7YfFZDYsCfbuaOmFQ0OjSmHreKBpp7MQ4alWQBHeh2USLsj7qyMyn9t82kjqIX516CR/5SRHnARduRtbQ==", + "requires": { + "@types/node": "*" + } + }, + "@types/tar": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/@types/tar/-/tar-4.0.3.tgz", + "integrity": "sha512-Z7AVMMlkI8NTWF0qGhC4QIX0zkV/+y0J8x7b/RsHrN0310+YNjoJd8UrApCiGBCWtKjxS9QhNqLi2UJNToh5hA==", + "requires": { + "@types/minipass": "*", + "@types/node": "*" + } + }, "@types/tough-cookie": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.0.tgz", "integrity": "sha512-I99sngh224D0M7XgW1s120zxCt3VYQ3IQsuw3P3jbq5GG4yc79+ZjyKznyOGIQrflfylLgcfekeZW/vk0yng6A==" }, "@types/underscore": { - "version": "1.10.1", - "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.1.tgz", - "integrity": "sha512-RRQWytGzPUhybKdf7jhfcySkdEHMDsVZ0gU3XVIxeqms1UKu3+ICaTXNaNGAkcUbIJ8SUKpmUIS1z9mDVc7seg==" + "version": "1.10.23", + "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.23.tgz", + "integrity": "sha512-vX1NPekXhrLquFWskH2thcvFAha187F/lM6xYOoEMZWwJ/6alSk0/ttmGP/YRqcqtCv0TMbZjYAdZyHAEcuU4g==" }, "@types/ws": { "version": "6.0.4", @@ -663,12 +728,12 @@ "dev": true }, "aggregate-error": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-1.0.0.tgz", - "integrity": "sha1-iINE2tAiCnLjr1CQYRf0h3GSX6w=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", + "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", "requires": { - "clean-stack": "^1.0.0", - "indent-string": "^3.0.0" + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" } }, "ajv": { @@ -779,7 +844,8 @@ "async-limiter": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", - "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" + "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==", + "dev": true }, "asynckit": { "version": "0.4.0", @@ -803,11 +869,11 @@ "integrity": "sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug==" }, "axios": { - "version": "0.19.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz", - "integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==", + "version": "0.20.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.20.0.tgz", + "integrity": "sha512-ANA4rr2BDcmmAQLOKft2fufrtuvlqR+cXNNinUmvfeSNCOF98PZL+7M/v1zIdGo7OLjEA9J2gXJL+j4zGsl0bA==", "requires": { - "follow-redirects": "1.5.10" + "follow-redirects": "^1.10.0" } }, "babel-jest": { @@ -916,11 +982,6 @@ } } }, - "base64-js": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", - "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" - }, "base64url": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", @@ -1005,14 +1066,6 @@ } } }, - "browserify-zlib": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz", - "integrity": "sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==", - "requires": { - "pako": "~1.0.5" - } - }, "bser": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", @@ -1022,15 +1075,6 @@ "node-int64": "^0.4.0" } }, - "buffer": { - "version": "5.6.0", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz", - "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==", - "requires": { - "base64-js": "^1.0.2", - "ieee754": "^1.1.4" - } - }, "buffer-from": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", @@ -1059,29 +1103,32 @@ "unset-value": "^1.0.0" } }, + "cacheable-lookup": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-5.0.3.tgz", + "integrity": "sha512-W+JBqF9SWe18A72XFzN/V/CULFzPm7sBXzzR6ekkE+3tLG72wFZrBiBZhrZuDoYexop4PHJVdFAKb/Nj9+tm9w==" + }, "cacheable-request": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-2.1.4.tgz", - "integrity": "sha1-DYCIAbY0KtM8kd+dC0TcCbkeXD0=", - "requires": { - "clone-response": "1.0.2", - "get-stream": "3.0.0", - "http-cache-semantics": "3.8.1", - "keyv": "3.0.0", - "lowercase-keys": "1.0.0", - "normalize-url": "2.0.1", - "responselike": "1.0.2" + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-7.0.1.tgz", + "integrity": "sha512-lt0mJ6YAnsrBErpTMWeu5kl/tg9xMAWjavYTN6VQXM1A/teBITuNcccXsCxF0tDQQJf9DfAaX5O4e0zp0KlfZw==", + "requires": { + "clone-response": "^1.0.2", + "get-stream": "^5.1.0", + "http-cache-semantics": "^4.0.0", + "keyv": "^4.0.0", + "lowercase-keys": "^2.0.0", + "normalize-url": "^4.1.0", + "responselike": "^2.0.0" }, "dependencies": { "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - }, - "lowercase-keys": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.0.tgz", - "integrity": "sha1-TjNms55/VFfjXxMkvfb4jQv8cwY=" + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz", + "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==", + "requires": { + "pump": "^3.0.0" + } } } }, @@ -1122,6 +1169,11 @@ "supports-color": "^5.3.0" } }, + "chownr": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", + "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==" + }, "ci-info": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", @@ -1152,9 +1204,9 @@ } }, "clean-stack": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-1.3.0.tgz", - "integrity": "sha1-noIVAa6XmYbEax1m0tQy2y/UrjE=" + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==" }, "cliui": { "version": "5.0.0", @@ -1312,14 +1364,6 @@ } } }, - "debug": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", - "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", - "requires": { - "ms": "2.0.0" - } - }, "decamelize": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", @@ -1329,14 +1373,22 @@ "decode-uri-component": { "version": "0.2.0", "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", - "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=" + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=", + "dev": true }, "decompress-response": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz", - "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", "requires": { - "mimic-response": "^1.0.0" + "mimic-response": "^3.1.0" + }, + "dependencies": { + "mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==" + } } }, "deep-is": { @@ -1345,6 +1397,11 @@ "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", "dev": true }, + "defer-to-connect": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.0.tgz", + "integrity": "sha512-bYL2d05vOSf1JEZNx5vSAtPuBMkX8K9EUutg7zlKvTqKXHt7RhWJFbmd7qakVuf13i+IkGmp6FwSsONOf6VYIg==" + }, "define-properties": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", @@ -1421,11 +1478,6 @@ "webidl-conversions": "^4.0.2" } }, - "duplexer3": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz", - "integrity": "sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=" - }, "ecc-jsbn": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", @@ -1488,11 +1540,6 @@ "is-symbol": "^1.0.2" } }, - "es6-promise": { - "version": "4.2.8", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", - "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" - }, "escape-string-regexp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", @@ -1774,12 +1821,9 @@ } }, "follow-redirects": { - "version": "1.5.10", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz", - "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==", - "requires": { - "debug": "=3.1.0" - } + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.0.tgz", + "integrity": "sha512-aq6gF1BEKje4a9i9+5jimNFIpq4Q1WiwBToeRK5NvZBd/TRsmW8BsJfOEGkr76TbOyPVD3OVDN910EcUNtRYEA==" }, "for-in": { "version": "1.0.2", @@ -1811,13 +1855,12 @@ "map-cache": "^0.2.2" } }, - "from2": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", - "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", + "fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", "requires": { - "inherits": "^2.0.1", - "readable-stream": "^2.0.0" + "minipass": "^3.0.0" } }, "fs.realpath": { @@ -2436,34 +2479,21 @@ "dev": true }, "got": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/got/-/got-8.3.2.tgz", - "integrity": "sha512-qjUJ5U/hawxosMryILofZCkm3C84PLJS/0grRIpjAwu+Lkxxj5cxeCU25BG0/3mDSpXKTyZr8oh8wIgLaH0QCw==", - "requires": { - "@sindresorhus/is": "^0.7.0", - "cacheable-request": "^2.1.1", - "decompress-response": "^3.3.0", - "duplexer3": "^0.1.4", - "get-stream": "^3.0.0", - "into-stream": "^3.1.0", - "is-retry-allowed": "^1.1.0", - "isurl": "^1.0.0-alpha5", - "lowercase-keys": "^1.0.0", - "mimic-response": "^1.0.0", - "p-cancelable": "^0.4.0", - "p-timeout": "^2.0.1", - "pify": "^3.0.0", - "safe-buffer": "^5.1.1", - "timed-out": "^4.0.1", - "url-parse-lax": "^3.0.0", - "url-to-options": "^1.0.1" - }, - "dependencies": { - "get-stream": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", - "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" - } + "version": "11.7.0", + "resolved": "https://registry.npmjs.org/got/-/got-11.7.0.tgz", + "integrity": "sha512-7en2XwH2MEqOsrK0xaKhbWibBoZqy+f1RSUoIeF1BLcnf+pyQdDsljWMfmOh+QKJwuvDIiKx38GtPh5wFdGGjg==", + "requires": { + "@sindresorhus/is": "^3.1.1", + "@szmarczak/http-timer": "^4.0.5", + "@types/cacheable-request": "^6.0.1", + "@types/responselike": "^1.0.0", + "cacheable-lookup": "^5.0.3", + "cacheable-request": "^7.0.1", + "decompress-response": "^6.0.0", + "http2-wrapper": "^1.0.0-beta.5.2", + "lowercase-keys": "^2.0.0", + "p-cancelable": "^2.0.0", + "responselike": "^2.0.0" } }, "graceful-fs": { @@ -2507,25 +2537,12 @@ "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", "dev": true }, - "has-symbol-support-x": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz", - "integrity": "sha512-3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw==" - }, "has-symbols": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz", "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==", "dev": true }, - "has-to-string-tag-x": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz", - "integrity": "sha512-vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw==", - "requires": { - "has-symbol-support-x": "^1.4.1" - } - }, "has-value": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", @@ -2580,9 +2597,9 @@ "dev": true }, "http-cache-semantics": { - "version": "3.8.1", - "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz", - "integrity": "sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w==" + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz", + "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ==" }, "http-signature": { "version": "1.2.0", @@ -2594,6 +2611,15 @@ "sshpk": "^1.7.0" } }, + "http2-wrapper": { + "version": "1.0.0-beta.5.2", + "resolved": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-1.0.0-beta.5.2.tgz", + "integrity": "sha512-xYz9goEyBnC8XwXDTuC/MZ6t+MrKVQZOk4s7+PaDkwIsQd8IwqvM+0M6bA/2lvG8GHXcPdf+MejTUeO2LCPCeQ==", + "requires": { + "quick-lru": "^5.1.1", + "resolve-alpn": "^1.0.0" + } + }, "iconv-lite": { "version": "0.4.24", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", @@ -2603,11 +2629,6 @@ "safer-buffer": ">= 2.1.2 < 3" } }, - "ieee754": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", - "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" - }, "import-local": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-2.0.0.tgz", @@ -2625,9 +2646,9 @@ "dev": true }, "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" }, "inflight": { "version": "1.0.6", @@ -2648,15 +2669,6 @@ "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz", "integrity": "sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==" }, - "into-stream": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-3.1.0.tgz", - "integrity": "sha1-lvsKk2wSur1v8XUqF9BWFqvQlMY=", - "requires": { - "from2": "^2.1.1", - "p-is-promise": "^1.1.0" - } - }, "invariant": { "version": "2.2.4", "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.4.tgz", @@ -2796,16 +2808,6 @@ } } }, - "is-object": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", - "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" - }, - "is-plain-obj": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", - "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" - }, "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", @@ -2824,11 +2826,6 @@ "has": "^1.0.3" } }, - "is-retry-allowed": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" - }, "is-stream": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", @@ -2863,7 +2860,8 @@ "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -2976,15 +2974,6 @@ "html-escaper": "^2.0.0" } }, - "isurl": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz", - "integrity": "sha512-1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w==", - "requires": { - "has-to-string-tag-x": "^1.2.0", - "is-object": "^1.0.1" - } - }, "jest": { "version": "24.9.0", "resolved": "https://registry.npmjs.org/jest/-/jest-24.9.0.tgz", @@ -3411,6 +3400,14 @@ } } }, + "jose": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.2.tgz", + "integrity": "sha512-yD93lsiMA1go/qxSY/vXWBodmIZJIxeB7QhFi8z1yQ3KUwKENqI9UA8VCHlQ5h3x1zWuWZjoY87ByQzkQbIrQg==", + "requires": { + "@panva/asn1.js": "^1.0.0" + } + }, "js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -3483,9 +3480,9 @@ "dev": true }, "json-buffer": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", - "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==" }, "json-parse-better-errors": { "version": "1.0.2", @@ -3534,11 +3531,11 @@ } }, "keyv": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz", - "integrity": "sha512-eguHnq22OE3uVoSYG0LVWNP+4ppamWr9+zWBe1bsNcovIMy6huUJFPgy4mGwCd/rnl3vOLGW1MTlu4c57CT1xA==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.0.3.tgz", + "integrity": "sha512-zdGa2TOpSZPq5mU6iowDARnMBZgtCqJ11dJROFi6tg6kTn4nuUdU09lFyLFSaHrWqpIJ+EBq4E8/Dc0Vx5vLdA==", "requires": { - "json-buffer": "3.0.0" + "json-buffer": "3.0.1" } }, "kind-of": { @@ -3600,7 +3597,8 @@ "lodash": { "version": "4.17.19", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" + "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==", + "dev": true }, "lodash.sortby": { "version": "4.7.0", @@ -3608,11 +3606,6 @@ "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", "dev": true }, - "long": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", - "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" - }, "loose-envify": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz", @@ -3623,16 +3616,16 @@ } }, "lowercase-keys": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", - "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz", + "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==" }, "lru-cache": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", - "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", "requires": { - "yallist": "^3.0.2" + "yallist": "^4.0.0" } }, "make-dir": { @@ -3653,6 +3646,11 @@ } } }, + "make-error": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==" + }, "makeerror": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", @@ -3736,6 +3734,23 @@ "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", "dev": true }, + "minipass": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", + "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", + "requires": { + "yallist": "^4.0.0" + } + }, + "minizlib": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", + "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "requires": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + } + }, "mixin-deep": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", @@ -3769,7 +3784,8 @@ "ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true }, "nan": { "version": "2.14.0", @@ -3808,34 +3824,12 @@ "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" }, - "node-forge": { - "version": "0.8.5", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.8.5.tgz", - "integrity": "sha512-vFMQIWt+J/7FLNyKouZ9TazT74PRV3wgv9UT4cRjC8BffxFbKXkgIWR42URCPSnHm/QDz6BOlb2Q0U4+VQT67Q==" - }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", "dev": true }, - "node-jose": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/node-jose/-/node-jose-1.1.4.tgz", - "integrity": "sha512-L31IFwL3pWWcMHxxidCY51ezqrDXMkvlT/5pLTfNw5sXmmOLJuN6ug7txzF/iuZN55cRpyOmoJrotwBQIoo5Lw==", - "requires": { - "base64url": "^3.0.1", - "browserify-zlib": "^0.2.0", - "buffer": "^5.5.0", - "es6-promise": "^4.2.8", - "lodash": "^4.17.15", - "long": "^4.0.0", - "node-forge": "^0.8.5", - "process": "^0.11.10", - "react-zlib-js": "^1.0.4", - "uuid": "^3.3.3" - } - }, "node-modules-regexp": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", @@ -3877,14 +3871,9 @@ } }, "normalize-url": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-2.0.1.tgz", - "integrity": "sha512-D6MUW4K/VzoJ4rJ01JFKxDrtY1v9wrgzCX5f2qj/lzH1m/lW6MhUZFKerVsnyjOhOsYzI9Kqqak+10l4LvLpMw==", - "requires": { - "prepend-http": "^2.0.0", - "query-string": "^5.0.1", - "sort-keys": "^2.0.0" - } + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz", + "integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==" }, "npm-run-path": { "version": "2.0.2", @@ -3905,11 +3894,6 @@ "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" }, - "object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" - }, "object-copy": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", @@ -3942,9 +3926,9 @@ } }, "object-hash": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-1.3.1.tgz", - "integrity": "sha512-OSuu/pU4ENM9kmREg0BdNrUDIl1heYa4mBZacJc+vVWz4GtAwu7jO8s4AIt2aGRUTqxykpWzI3Oqnsm13tTMDA==" + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.0.3.tgz", + "integrity": "sha512-JPKn0GMu+Fa3zt3Bmr66JhokJU5BaNBIh4ZeTlaCBzrBsOeXzwcKKAK1tbLiPKgvwmPXsDvvLHoWh5Bm7ofIYg==" }, "object-inspect": { "version": "1.7.0", @@ -3999,9 +3983,9 @@ } }, "oidc-token-hash": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-3.0.2.tgz", - "integrity": "sha512-dTzp80/y/da+um+i+sOucNqiPpwRL7M/xPwj7pH1TFA2/bqQ+OK2sJahSXbemEoLtPkHcFLyhLhLWZa9yW5+RA==" + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.0.tgz", + "integrity": "sha512-8Yr4CZSv+Tn8ZkN3iN2i2w2G92mUKClp4z7EGUfdsERiYSbj7P4i/NHm72ft+aUdsiFx9UdIPSTwbyzQ6C4URg==" }, "once": { "version": "1.4.0", @@ -4012,18 +3996,18 @@ } }, "openid-client": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-2.5.0.tgz", - "integrity": "sha512-t3hFD7xEoW1U25RyBcRFaL19fGGs6hNVTysq9pgmiltH0IVUPzH/bQV9w24pM5Q7MunnGv2/5XjIru6BQcWdxg==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.1.1.tgz", + "integrity": "sha512-/qch3I3v8UtO0A7wVgyXJJjGX/knR8bv06DQpLuKQqLG5u4AHcgusGuVKPKAcneLZvHKbKovF2+3e2ngXyuudA==", "requires": { - "base64url": "^3.0.0", - "got": "^8.3.2", - "lodash": "^4.17.11", - "lru-cache": "^5.1.1", - "node-jose": "^1.1.0", - "object-hash": "^1.3.1", - "oidc-token-hash": "^3.0.1", - "p-any": "^1.1.0" + "base64url": "^3.0.1", + "got": "^11.6.2", + "jose": "^2.0.2", + "lru-cache": "^6.0.0", + "make-error": "^1.3.6", + "object-hash": "^2.0.1", + "oidc-token-hash": "^5.0.0", + "p-any": "^3.0.0" } }, "optionator": { @@ -4041,17 +4025,18 @@ } }, "p-any": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-any/-/p-any-1.1.0.tgz", - "integrity": "sha512-Ef0tVa4CZ5pTAmKn+Cg3w8ABBXh+hHO1aV8281dKOoUHfX+3tjG2EaFcC+aZyagg9b4EYGsHEjz21DnEE8Og2g==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-any/-/p-any-3.0.0.tgz", + "integrity": "sha512-5rqbqfsRWNb0sukt0awwgJMlaep+8jV45S15SKKB34z4UuzjcofIfnriCBhWjZP2jbVtjt9yRl7buB6RlKsu9w==", "requires": { - "p-some": "^2.0.0" + "p-cancelable": "^2.0.0", + "p-some": "^5.0.0" } }, "p-cancelable": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.4.1.tgz", - "integrity": "sha512-HNa1A8LvB1kie7cERyy21VNeHb2CWJJYqyyC2o3klWFfMGlFmWv2Z7sFgZH8ZiaYL95ydToKTFVXgMV/Os0bBQ==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.0.0.tgz", + "integrity": "sha512-wvPXDmbMmu2ksjkB4Z3nZWTSkJEb9lqVdMaCKpZUGJG9TMiNp9XcbG3fn9fPKjem04fJMJnXoyFPk2FmgiaiNg==" }, "p-each-series": { "version": "1.0.0", @@ -4067,11 +4052,6 @@ "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" }, - "p-is-promise": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz", - "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=" - }, "p-limit": { "version": "2.2.2", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.2.2.tgz", @@ -4097,19 +4077,12 @@ "dev": true }, "p-some": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-some/-/p-some-2.0.1.tgz", - "integrity": "sha1-Zdh8ixVO289SIdFnd4ttLhUPbwY=", - "requires": { - "aggregate-error": "^1.0.0" - } - }, - "p-timeout": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/p-timeout/-/p-timeout-2.0.1.tgz", - "integrity": "sha512-88em58dDVB/KzPEx1X0N3LwFfYZPyDc4B6eF38M1rk9VTZMbxXXgjugz8mmwpS9Ox4BDZ+t6t3QP5+/gazweIA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/p-some/-/p-some-5.0.0.tgz", + "integrity": "sha512-Js5XZxo6vHjB9NOYAzWDYAIyyiPvva0DWESAIWIK7uhSpGsyg5FwUPxipU/SOQx5x9EqhOh545d1jo6cVkitig==", "requires": { - "p-finally": "^1.0.0" + "aggregate-error": "^3.0.0", + "p-cancelable": "^2.0.0" } }, "p-try": { @@ -4118,11 +4091,6 @@ "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", "dev": true }, - "pako": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", - "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" - }, "parse-json": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", @@ -4183,7 +4151,8 @@ "pify": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", - "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=", + "dev": true }, "pirates": { "version": "4.0.1", @@ -4221,11 +4190,6 @@ "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", "dev": true }, - "prepend-http": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz", - "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" - }, "pretty-format": { "version": "24.9.0", "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-24.9.0.tgz", @@ -4238,16 +4202,6 @@ "react-is": "^16.8.4" } }, - "process": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", - "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" - }, - "process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" - }, "prompts": { "version": "2.3.2", "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", @@ -4282,15 +4236,10 @@ "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" }, - "query-string": { + "quick-lru": { "version": "5.1.1", - "resolved": "https://registry.npmjs.org/query-string/-/query-string-5.1.1.tgz", - "integrity": "sha512-gjWOsm2SoGlgLEdAGt7a6slVOk9mGiXmPFMqrEhLQ68rhQuBnpfs3+EmlvqKyxnCo9/PPlF+9MtY02S1aFg+Jw==", - "requires": { - "decode-uri-component": "^0.2.0", - "object-assign": "^4.1.0", - "strict-uri-encode": "^1.0.0" - } + "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==" }, "react-is": { "version": "16.13.1", @@ -4298,11 +4247,6 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", "dev": true }, - "react-zlib-js": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/react-zlib-js/-/react-zlib-js-1.0.4.tgz", - "integrity": "sha512-ynXD9DFxpE7vtGoa3ZwBtPmZrkZYw2plzHGbanUjBOSN4RtuXdektSfABykHtTiWEHMh7WdYj45LHtp228ZF1A==" - }, "read-pkg": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-3.0.0.tgz", @@ -4324,27 +4268,6 @@ "read-pkg": "^3.0.0" } }, - "readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - }, - "dependencies": { - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - } - } - }, "realpath-native": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-1.1.0.tgz", @@ -4469,6 +4392,11 @@ "path-parse": "^1.0.6" } }, + "resolve-alpn": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.0.0.tgz", + "integrity": "sha512-rTuiIEqFmGxne4IovivKSDzld2lWW9QCjqv80SYjPgf+gS35eaCAjaP54CCwGAwBtnCsvNLYtqxe1Nw+i6JEmA==" + }, "resolve-cwd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-2.0.0.tgz", @@ -4491,11 +4419,11 @@ "dev": true }, "responselike": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", - "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/responselike/-/responselike-2.0.0.tgz", + "integrity": "sha512-xH48u3FTB9VsZw7R+vvgaKeLKzT6jOogbQhEe/jewwnZgzPcnyWui2Av6JpoYZF/91uueC+lqhWqeURw5/qhCw==", "requires": { - "lowercase-keys": "^1.0.0" + "lowercase-keys": "^2.0.0" } }, "ret": { @@ -4505,9 +4433,9 @@ "dev": true }, "rfc4648": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.3.0.tgz", - "integrity": "sha512-x36K12jOflpm1V8QjPq3I+pt7Z1xzeZIjiC8J2Oxd7bE1efTrOG241DTYVJByP/SxR9jl1t7iZqYxDX864jgBQ==" + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.4.0.tgz", + "integrity": "sha512-3qIzGhHlMHA6PoT6+cdPKZ+ZqtxkIvg8DZGKA5z6PQ33/uuhoJ+Ws/D/J9rXW6gXodgH8QYlz2UCl+sdUDmNIg==" }, "rimraf": { "version": "2.7.1", @@ -4768,14 +4696,6 @@ } } }, - "sort-keys": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-2.0.0.tgz", - "integrity": "sha1-ZYU1WEhh7JfXMNbPQYIuH1ZoQSg=", - "requires": { - "is-plain-obj": "^1.0.0" - } - }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", @@ -4906,10 +4826,10 @@ "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", "dev": true }, - "strict-uri-encode": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", - "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" + "stream-buffers": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/stream-buffers/-/stream-buffers-3.0.2.tgz", + "integrity": "sha512-DQi1h8VEBA/lURbSwFtEHnSTb9s2/pwLEaFuNhXwy1Dx3Sa0lOuYT2yNUr4/j2fs8oCAMANtrZ5OrPZtyVs3MQ==" }, "string-length": { "version": "2.0.0", @@ -4991,21 +4911,6 @@ "es-abstract": "^1.17.5" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "requires": { - "safe-buffer": "~5.1.0" - }, - "dependencies": { - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - } - } - }, "strip-ansi": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", @@ -5041,6 +4946,26 @@ "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", "dev": true }, + "tar": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.0.5.tgz", + "integrity": "sha512-0b4HOimQHj9nXNEAA7zWwMM91Zhhba3pspja6sQbgTpynOJf+bkjBnfybNYzbpLbnwXnbyB4LOREvlyXLkCHSg==", + "requires": { + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "minipass": "^3.0.0", + "minizlib": "^2.1.1", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + }, + "dependencies": { + "mkdirp": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", + "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==" + } + } + }, "test-exclude": { "version": "5.2.3", "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-5.2.3.tgz", @@ -5059,10 +4984,31 @@ "integrity": "sha1-iQN8vJLFarGJJua6TLsgDhVnKmo=", "dev": true }, - "timed-out": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz", - "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=" + "tmp": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz", + "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==", + "requires": { + "rimraf": "^3.0.0" + }, + "dependencies": { + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "requires": { + "glob": "^7.1.3" + } + } + } + }, + "tmp-promise": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz", + "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==", + "requires": { + "tmp": "^0.2.0" + } }, "tmpl": { "version": "1.0.4", @@ -5164,9 +5110,9 @@ } }, "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.11.0.tgz", + "integrity": "sha512-xY96SsN3NA461qIRKZ/+qox37YXPtSBswMGfiNptr+wrt6ds4HaMw23TP612fEyGekRE6LNRiLYr/aqbHXNedw==" }, "union-value": { "version": "1.0.1", @@ -5234,30 +5180,12 @@ "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", "dev": true }, - "url-parse-lax": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz", - "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=", - "requires": { - "prepend-http": "^2.0.0" - } - }, - "url-to-options": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz", - "integrity": "sha1-FQWgOiiaSMvXpDTvuu7FBV9WM6k=" - }, "use": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", "dev": true }, - "util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" - }, "util.promisify": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.1.tgz", @@ -5410,9 +5338,9 @@ "dev": true }, "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "yargs": { "version": "13.3.2", diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 365741a0..bda7e796 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -10,8 +10,8 @@ "author": "iteratec GmbH", "license": "Apache-2.0", "dependencies": { - "@kubernetes/client-node": "^0.12.0", - "axios": "^0.19.0", + "@kubernetes/client-node": "^0.12.2", + "axios": "^0.20.0", "uuid": "^3.3.3", "ws": "^7.3.1" }, diff --git a/parser-sdk/nodejs/parser-wrapper.js b/parser-sdk/nodejs/parser-wrapper.js index 526671c4..40cd101d 100644 --- a/parser-sdk/nodejs/parser-wrapper.js +++ b/parser-sdk/nodejs/parser-wrapper.js @@ -28,7 +28,7 @@ async function updateScanStatus(findings) { } await k8sApi.patchNamespacedCustomObjectStatus( - "execution.experimental.securecodebox.io", + "execution.securecodebox.io", "v1", namespace, "scans", diff --git a/scanners/amass/Chart.yaml b/scanners/amass/Chart.yaml index 798af42a..a8df7f9f 100644 --- a/scanners/amass/Chart.yaml +++ b/scanners/amass/Chart.yaml @@ -3,18 +3,20 @@ name: amass description: A Helm chart for the Amass security scanner that integrates with the secureCodeBox. type: application -version: 0.1.0 -appVersion: 3.8.2 +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: 3.10.4 +kubeVersion: ">=v1.11.0" keywords: - security - amass - scanner - secureCodeBox -home: https://www.securecodebox.io/scanners/amass -icon: https://www.securecodebox.io/scannerIcons/Amass.svg +home: https://docs.securecodebox.io/docs/scanners/Amass +icon: https://docs.securecodebox.io/img/integrationIcons/Amass.svg sources: - - https://github.com/secureCodeBox/secureCodeBox + - https://github.com/secureCodeBox/secureCodeBox-v2 maintainers: - name: iteratec GmbH - email: security@iteratec.com + email: secureCodeBox@iteratec.com diff --git a/scanners/amass/README.md b/scanners/amass/README.md index 835b11c7..61730430 100644 --- a/scanners/amass/README.md +++ b/scanners/amass/README.md @@ -4,7 +4,7 @@ path: "scanners/amass" category: "scanner" type: "Network" state: "released" -appVersion: "3.7.2" +appVersion: "3.10.4" usecase: "Subdomain Enumeration Scanner" --- @@ -22,42 +22,34 @@ The AMASS scanType can be deployed via helm: helm upgrade --install amass ./scanners/amass/ ``` -## Examples - -A set of examples can be found in the [examples](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/tree/master/scanners/amass/examples) folder. - -* Example *secureCodeBox.io* [scan](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/blob/master/scanners/amass/examples/secureCodeBox.io/scan.yaml) -* Example *example.com* [scan](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/blob/master/scanners/amass/examples/example.com/scan.yaml) - -## Configuration +## Scanner Configuration The following security scan configuration example are based on the [Amass User Guide], please take a look at the original documentation for more configuration examples. -* The most basic use of the tool for subdomain enumeration: `amass enum -d example.com` -* Typical parameters for DNS enumeration: `amass enum -v -src -ip -brute -min-for-recursive 2 -d example.com` +- The most basic use of the tool for subdomain enumeration: `amass enum -d example.com` +- Typical parameters for DNS enumeration: `amass enum -v -src -ip -brute -min-for-recursive 2 -d example.com` Special command line options: -* Disable generation of altered names `amass enum -noalts -d example.com` -* Turn off recursive brute forcing `amass enum -brute -norecursive -d example.com` -* Disable saving data into a local database `amass enum -nolocaldb -d example.com` -* Domain names separated by commas (can be used multiple times) `amass enum -d example.com` - -## Development - -### Local setup - -1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` -2. Ensure you have node.js installed - * On MacOs with brew package manager: `brew install node` - -### Parser Development - -1. Install the dependencies `npm install` -2. Update the parser function here: `./parser/parser.js` -3. Update the parser tests here: `./parser/parser.test.js` -4. Run the test suite: `npm test` - -[OWASP_Amass_Project]: https://owasp.org/www-project-amass/ -[Amass GitHub]: https://github.com/OWASP/Amass -[Amass User Guide]: https://github.com/OWASP/Amass/blob/master/doc/user_guide.md +- Disable generation of altered names `amass enum -noalts -d example.com` +- Turn off recursive brute forcing `amass enum -brute -norecursive -d example.com` +- Disable saving data into a local database `amass enum -nolocaldb -d example.com` +- Domain names separated by commas (can be used multiple times) `amass enum -d example.com` + +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| parserImage.repository | string | `"docker.io/securecodebox/parser-amass"` | Parser image repository | +| parserImage.tag | string | defaults to the charts version | Parser image tag | +| scannerJob.env | list | `[]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | +| scannerJob.extraContainers | list | `[]` | Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) | +| scannerJob.extraVolumeMounts | list | `[{"mountPath":"/amass/output/config.ini","name":"amass-config","subPath":"config.ini"}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | +| scannerJob.extraVolumes | list | `[{"configMap":{"name":"amass-config"},"name":"amass-config"}]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | +| scannerJob.resources | object | `{}` | CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) | +| scannerJob.securityContext | object | `{}` | Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | +| scannerJob.ttlSecondsAfterFinished | string | `nil` | Defines how long the scanner job after finishing will be available (see: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) | + +[owasp_amass_project]: https://owasp.org/www-project-amass/ +[amass github]: https://github.com/OWASP/Amass +[amass user guide]: https://github.com/OWASP/Amass/blob/master/doc/user_guide.md \ No newline at end of file diff --git a/scanners/amass/README.md.gotmpl b/scanners/amass/README.md.gotmpl new file mode 100644 index 00000000..025de4ca --- /dev/null +++ b/scanners/amass/README.md.gotmpl @@ -0,0 +1,45 @@ +--- +title: "Amass" +path: "scanners/amass" +category: "scanner" +type: "Network" +state: "released" +appVersion: "3.10.4" +usecase: "Subdomain Enumeration Scanner" +--- + +![owasp logo](https://owasp.org/assets/images/logo.png) + +The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. To learn more about the Amass scanner itself visit [OWASP_Amass_Project] or [Amass GitHub]. + + + +## Deployment + +The AMASS scanType can be deployed via helm: + +```bash +helm upgrade --install amass ./scanners/amass/ +``` + +## Scanner Configuration + +The following security scan configuration example are based on the [Amass User Guide], please take a look at the original documentation for more configuration examples. + +- The most basic use of the tool for subdomain enumeration: `amass enum -d example.com` +- Typical parameters for DNS enumeration: `amass enum -v -src -ip -brute -min-for-recursive 2 -d example.com` + +Special command line options: + +- Disable generation of altered names `amass enum -noalts -d example.com` +- Turn off recursive brute forcing `amass enum -brute -norecursive -d example.com` +- Disable saving data into a local database `amass enum -nolocaldb -d example.com` +- Domain names separated by commas (can be used multiple times) `amass enum -d example.com` + +## Chart Configuration + +{{ template "chart.valuesTable" . }} + +[owasp_amass_project]: https://owasp.org/www-project-amass/ +[amass github]: https://github.com/OWASP/Amass +[amass user guide]: https://github.com/OWASP/Amass/blob/master/doc/user_guide.md \ No newline at end of file diff --git a/scanners/amass/examples/example.com/README.md b/scanners/amass/examples/example.com/README.md new file mode 100644 index 00000000..dfc0783e --- /dev/null +++ b/scanners/amass/examples/example.com/README.md @@ -0,0 +1,7 @@ +--- +title: "example.com" +--- + +> โœ **Page under construction.** + +the frontmatter requires the name of the scantarget as 'title' diff --git a/scanners/amass/examples/example.com/scan.yaml b/scanners/amass/examples/example.com/scan.yaml index c112a67f..0eaa27e7 100644 --- a/scanners/amass/examples/example.com/scan.yaml +++ b/scanners/amass/examples/example.com/scan.yaml @@ -1,4 +1,4 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: name: "amass-example.com" diff --git a/scanners/amass/examples/secureCodeBox.io/scan.yaml b/scanners/amass/examples/secureCodeBox.io/scan.yaml index a607f69e..5b546de1 100644 --- a/scanners/amass/examples/secureCodeBox.io/scan.yaml +++ b/scanners/amass/examples/secureCodeBox.io/scan.yaml @@ -1,4 +1,4 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: name: "amass-securecodebox.io" diff --git a/scanners/amass/helm2.Chart.yaml b/scanners/amass/helm2.Chart.yaml new file mode 100644 index 00000000..0ccd0c02 --- /dev/null +++ b/scanners/amass/helm2.Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +name: amass +description: A Helm chart for the Amass security scanner that integrates with the secureCodeBox. + +type: application +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: 3.10.4 +kubeVersion: ">=v1.11.0" + +keywords: + - security + - amass + - scanner + - secureCodeBox +home: https://docs.securecodebox.io/docs/scanners/Amass +icon: https://docs.securecodebox.io/img/integrationIcons/Amass.svg +sources: + - https://github.com/secureCodeBox/secureCodeBox-v2 +maintainers: + - name: iteratec GmbH + email: secureCodeBox@iteratec.com diff --git a/scanners/amass/parser/Dockerfile b/scanners/amass/parser/Dockerfile index 2b6bab47..59250684 100644 --- a/scanners/amass/parser/Dockerfile +++ b/scanners/amass/parser/Dockerfile @@ -1,4 +1,4 @@ ARG baseImageTag -FROM scbexperimental/parser-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ COPY --chown=app:app ./parser.js ./parser.js diff --git a/scanners/amass/templates/amass-parse-definition.yaml b/scanners/amass/templates/amass-parse-definition.yaml index 5b23234b..70b344cc 100644 --- a/scanners/amass/templates/amass-parse-definition.yaml +++ b/scanners/amass/templates/amass-parse-definition.yaml @@ -1,7 +1,7 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ParseDefinition metadata: name: "amass-jsonl" spec: handlesResultsType: amass-jsonl - image: "{{ .Values.parserImage.registry }}/{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag }}" + image: "{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag | default .Chart.Version }}" diff --git a/scanners/amass/templates/amass-scan-type.yaml b/scanners/amass/templates/amass-scan-type.yaml index 6387eb03..546a2f0d 100644 --- a/scanners/amass/templates/amass-scan-type.yaml +++ b/scanners/amass/templates/amass-scan-type.yaml @@ -1,4 +1,4 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ScanType metadata: name: "amass" @@ -10,7 +10,9 @@ spec: location: "/home/securecodebox/amass-results.jsonl" jobTemplate: spec: - ttlSecondsAfterFinished: 10 + {{- if .Values.scannerJob.ttlSecondsAfterFinished }} + ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }} + {{- end }} template: spec: restartPolicy: OnFailure @@ -22,16 +24,19 @@ spec: - "enum" - "-json" - "/home/securecodebox/amass-results.jsonl" - volumeMounts: - - name: "amass-config" - mountPath: "/amass/output/config.ini" - subPath: "config.ini" resources: {{- toYaml .Values.scannerJob.resources | nindent 16 }} + securityContext: + {{- toYaml .Values.scannerJob.securityContext | nindent 16 }} + env: + {{- toYaml .Values.scannerJob.env | nindent 16 }} + volumeMounts: + {{- toYaml .Values.scannerJob.extraVolumeMounts | nindent 16 }} + {{- if .Values.scannerJob.extraContainers }} + {{- toYaml .Values.scannerJob.extraContainers | nindent 12 }} + {{- end }} volumes: - - name: "amass-config" - configMap: - name: "amass-config" + {{- toYaml .Values.scannerJob.extraVolumeMounts | nindent 12 }} --- apiVersion: v1 kind: ConfigMap diff --git a/scanners/amass/values.yaml b/scanners/amass/values.yaml index 52a79560..aaf00c6d 100644 --- a/scanners/amass/values.yaml +++ b/scanners/amass/values.yaml @@ -1,15 +1,42 @@ parserImage: - registry: docker.io - repository: scbexperimental/parser-amass - tag: latest + # parserImage.tag - defaults to the charts version + # parserImage.repository -- Parser image repository + repository: docker.io/securecodebox/parser-amass + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null scannerJob: + # scannerJob.ttlSecondsAfterFinished -- Defines how long the scanner job after finishing will be available (see: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) + ttlSecondsAfterFinished: null + + # scannerJob.resources -- CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) resources: {} -# scannerJob: -# resources: -# requests: -# memory: "256Mi" -# cpu: "250m" -# limits: -# memory: "512Mi" -# cpu: "500m" + # resources: + # requests: + # memory: "256Mi" + # cpu: "250m" + # limits: + # memory: "512Mi" + # cpu: "500m" + + # scannerJob.env -- Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) + env: [] + + # scannerJob.extraVolumes -- Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) + extraVolumes: + - name: "amass-config" + configMap: + name: "amass-config" + + # scannerJob.extraVolumeMounts -- Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) + extraVolumeMounts: + - name: "amass-config" + mountPath: "/amass/output/config.ini" + subPath: "config.ini" + + # scannerJob.extraContainers -- Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) + extraContainers: [] + + # scannerJob.securityContext -- Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) + securityContext: {} diff --git a/scanners/kube-hunter/Chart.yaml b/scanners/kube-hunter/Chart.yaml index 78d55e6e..0618ecb8 100644 --- a/scanners/kube-hunter/Chart.yaml +++ b/scanners/kube-hunter/Chart.yaml @@ -3,18 +3,21 @@ name: kube-hunter description: A Helm chart for the kube-hunter security scanner that integrates with the secureCodeBox. type: application -version: 0.1.0 -appVersion: 0.1.0 +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: v0.3.0 +kubeVersion: ">=v1.11.0" keywords: -- security -- kube-hunter -- scanner -- secureCodeBox -home: https://www.securecodebox.io/scanners/kube-hunter -icon: https://www.securecodebox.io/scannerIcons/kube-hunter.svg + - security + - kube-hunter + - scanner + - secureCodeBox +home: https://docs.securecodebox.io/docs/scanners/kube-hunter +icon: https://docs.securecodebox.io/img/integrationIcons/kube-hunter.svg sources: -- https://github.com/secureCodeBox/secureCodeBox + - https://github.com/secureCodeBox/secureCodeBox-v2 maintainers: -- name: iteratec GmbH - email: security@iteratec.com + - name: iteratec GmbH + email: secureCodeBox@iteratec.com + diff --git a/scanners/kube-hunter/README.md b/scanners/kube-hunter/README.md index 15b843ed..6c7e047f 100644 --- a/scanners/kube-hunter/README.md +++ b/scanners/kube-hunter/README.md @@ -22,13 +22,7 @@ The kube-hunter ScanType can be deployed via helm: helm upgrade --install kube-hunter ./scanners/kube-hunter/ ``` -## Examples - -A set of examples can be found in the [examples](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/tree/master/scanners/kube-hunter/examples) folder. - -* Example *in-cluster* [scan](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/blob/master/scanners/kube-hunter/examples/in-cluster/scan.yaml) and [findings](https://github.com/secureCodeBox/secureCodeBox-v2-alpha/blob/master/scanners/kube-hunter/examples/in-cluster/findings.json) - -## Configuration +## Scanner Configuration The following security scan configuration example are based on the [kube-hunter Documentation], please take a look at the original documentation for more configuration examples. @@ -36,20 +30,21 @@ The following security scan configuration example are based on the [kube-hunter * To specify interface scanning, you can use the --interface option (this will scan all of the machine's network interfaces). Example: `kube-hunter --interface` * To specify a specific CIDR to scan, use the --cidr option. Example: `kube-hunter --cidr 192.168.0.0/24` -## Development - -### Local setup - -1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` -2. Ensure you have node.js installed - * On MacOs with brew package manager: `brew install node` - -### Parser Development - -1. Install the dependencies `npm install` -2. Update the parser function here: `./parser/parser.js` -3. Update the parser tests here: `./parser/parser.test.js` -4. Run the test suite: `npm test` +## Chart Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image.repository | string | `"docker.io/securecodebox/scanner-kube-hunter"` | | +| image.tag | string | `nil` | | +| parserImage.repository | string | `"docker.io/securecodebox/parser-kube-hunter"` | Parser image repository | +| parserImage.tag | string | defaults to the charts version | Parser image tag | +| scannerJob.env | list | `[]` | Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) | +| scannerJob.extraContainers | list | `[]` | Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) | +| scannerJob.extraVolumeMounts | list | `[]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | +| scannerJob.extraVolumes | list | `[]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | +| scannerJob.resources | object | `{}` | CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) | +| scannerJob.securityContext | object | `{}` | Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | +| scannerJob.ttlSecondsAfterFinished | string | `nil` | Defines how long the scanner job after finishing will be available (see: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) | [kube-hunter Website]: https://kube-hunter.aquasec.com/ [kube-hunter GitHub]: https://github.com/aquasecurity/kube-hunter diff --git a/scanners/kube-hunter/README.md.gotmpl b/scanners/kube-hunter/README.md.gotmpl new file mode 100644 index 00000000..c6646967 --- /dev/null +++ b/scanners/kube-hunter/README.md.gotmpl @@ -0,0 +1,39 @@ +--- +title: "kube-hunter" +path: "scanners/kube-hunter" +category: "scanner" +type: "Kubernetes" +state: "released" +appVersion: "0.3.1" +usecase: "Kubernetes Vulnerability Scanner" +--- + +kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own! + +To learn more about the kube-hunter scanner itself visit [kube-hunter GitHub] or [kube-hunter Website]. + + + +## Deployment + +The kube-hunter ScanType can be deployed via helm: + +```bash +helm upgrade --install kube-hunter ./scanners/kube-hunter/ +``` + +## Scanner Configuration + +The following security scan configuration example are based on the [kube-hunter Documentation], please take a look at the original documentation for more configuration examples. + +* To specify remote machines for hunting, select option 1 or use the --remote option. Example: `kube-hunter --remote some.node.com` +* To specify interface scanning, you can use the --interface option (this will scan all of the machine's network interfaces). Example: `kube-hunter --interface` +* To specify a specific CIDR to scan, use the --cidr option. Example: `kube-hunter --cidr 192.168.0.0/24` + +## Chart Configuration + +{{ template "chart.valuesTable" . }} + +[kube-hunter Website]: https://kube-hunter.aquasec.com/ +[kube-hunter GitHub]: https://github.com/aquasecurity/kube-hunter +[kube-hunter Documentation]: https://github.com/aquasecurity/kube-hunter#scanning-options diff --git a/scanners/kube-hunter/cascading-rules/remote-kubernetes.yaml b/scanners/kube-hunter/cascading-rules/remote-kubernetes.yaml index 55b29aaa..8eeb15f0 100644 --- a/scanners/kube-hunter/cascading-rules/remote-kubernetes.yaml +++ b/scanners/kube-hunter/cascading-rules/remote-kubernetes.yaml @@ -1,4 +1,4 @@ -apiVersion: "cascading.experimental.securecodebox.io/v1" +apiVersion: "cascading.securecodebox.io/v1" kind: CascadingRule metadata: name: "kubernetes-control-plane" @@ -24,7 +24,7 @@ spec: - "--remote" - "{{$.hostOrIP}}" --- -apiVersion: "cascading.experimental.securecodebox.io/v1" +apiVersion: "cascading.securecodebox.io/v1" kind: CascadingRule metadata: name: "kubernetes-node" diff --git a/scanners/kube-hunter/examples/in-cluster/scan.yaml b/scanners/kube-hunter/examples/in-cluster/scan.yaml index e1b8aa8d..c6d88a81 100644 --- a/scanners/kube-hunter/examples/in-cluster/scan.yaml +++ b/scanners/kube-hunter/examples/in-cluster/scan.yaml @@ -1,4 +1,4 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: Scan metadata: name: "kube-hunter-in-cluster" diff --git a/scanners/kube-hunter/helm2.Chart.yaml b/scanners/kube-hunter/helm2.Chart.yaml new file mode 100644 index 00000000..aad800a8 --- /dev/null +++ b/scanners/kube-hunter/helm2.Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +name: kube-hunter +description: A Helm chart for the kube-hunter security scanner that integrates with the secureCodeBox. + +type: application +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: v0.3.0 +kubeVersion: ">=v1.11.0" + +keywords: + - security + - kube-hunter + - scanner + - secureCodeBox +home: https://docs.securecodebox.io/docs/scanners/kube-hunter +icon: https://docs.securecodebox.io/img/integrationIcons/kube-hunter.svg +sources: + - https://github.com/secureCodeBox/secureCodeBox-v2 +maintainers: + - name: iteratec GmbH + email: secureCodeBox@iteratec.com diff --git a/scanners/kube-hunter/parser/Dockerfile b/scanners/kube-hunter/parser/Dockerfile index 2b6bab47..59250684 100644 --- a/scanners/kube-hunter/parser/Dockerfile +++ b/scanners/kube-hunter/parser/Dockerfile @@ -1,4 +1,4 @@ ARG baseImageTag -FROM scbexperimental/parser-sdk-nodejs:${baseImageTag:-latest} +FROM securecodebox/parser-sdk-nodejs:${baseImageTag:-latest} WORKDIR /home/app/parser-wrapper/parser/ COPY --chown=app:app ./parser.js ./parser.js diff --git a/scanners/kube-hunter/templates/kube-hunter-parse-definition.yaml b/scanners/kube-hunter/templates/kube-hunter-parse-definition.yaml index 872c952c..dbfb2fcb 100644 --- a/scanners/kube-hunter/templates/kube-hunter-parse-definition.yaml +++ b/scanners/kube-hunter/templates/kube-hunter-parse-definition.yaml @@ -1,7 +1,7 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: "execution.securecodebox.io/v1" kind: ParseDefinition metadata: name: "kube-hunter-json" spec: handlesResultsType: kube-hunter-json - image: "{{ .Values.parserImage.registry }}/{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag }}" + image: "{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag | default .Chart.Version }}" diff --git a/scanners/kube-hunter/templates/kubehunter-scan-type.yaml b/scanners/kube-hunter/templates/kubehunter-scan-type.yaml index 34ecc29f..007102fc 100644 --- a/scanners/kube-hunter/templates/kubehunter-scan-type.yaml +++ b/scanners/kube-hunter/templates/kubehunter-scan-type.yaml @@ -1,4 +1,4 @@ -apiVersion: 'execution.experimental.securecodebox.io/v1' +apiVersion: 'execution.securecodebox.io/v1' kind: ScanType metadata: name: 'kube-hunter' @@ -8,13 +8,15 @@ spec: location: '/home/securecodebox/kube-hunter-results.json' jobTemplate: spec: - ttlSecondsAfterFinished: 10 + {{- if .Values.scannerJob.ttlSecondsAfterFinished }} + ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }} + {{- end }} template: spec: restartPolicy: Never containers: - name: kube-hunter - image: scbexperimental/kube-hunter:latest + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}" command: - 'sh' - '/wrapper.sh' @@ -22,3 +24,14 @@ spec: - 'json' resources: {{- toYaml .Values.scannerJob.resources | nindent 16 }} + securityContext: + {{- toYaml .Values.scannerJob.securityContext | nindent 16 }} + env: + {{- toYaml .Values.scannerJob.env | nindent 16 }} + volumeMounts: + {{- toYaml .Values.scannerJob.extraVolumeMounts | nindent 16 }} + {{- if .Values.scannerJob.extraContainers }} + {{- toYaml .Values.scannerJob.extraContainers | nindent 12 }} + {{- end }} + volumes: + {{- toYaml .Values.scannerJob.extraVolumes | nindent 12 }} diff --git a/scanners/kube-hunter/values.yaml b/scanners/kube-hunter/values.yaml index b19fabbe..d94a8923 100644 --- a/scanners/kube-hunter/values.yaml +++ b/scanners/kube-hunter/values.yaml @@ -1,7 +1,41 @@ parserImage: - registry: docker.io - repository: scbexperimental/parser-kube-hunter - tag: latest + # parserImage.tag - defaults to the charts version + # parserImage.repository -- Parser image repository + repository: docker.io/securecodebox/parser-kube-hunter + # parserImage.tag -- Parser image tag + # @default -- defaults to the charts version + tag: null + +image: + repository: docker.io/securecodebox/scanner-kube-hunter + # image.tag - defaults to the charts version + tag: null scannerJob: + # scannerJob.ttlSecondsAfterFinished -- Defines how long the scanner job after finishing will be available (see: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) + ttlSecondsAfterFinished: null + + # scannerJob.resources -- CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) resources: {} + # resources: + # requests: + # memory: "256Mi" + # cpu: "250m" + # limits: + # memory: "512Mi" + # cpu: "500m" + + # scannerJob.env -- Optional environment variables mapped into each scanJob (see: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) + env: [] + + # scannerJob.extraVolumes -- Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) + extraVolumes: [] + + # scannerJob.extraVolumeMounts -- Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) + extraVolumeMounts: [] + + # scannerJob.extraContainers -- Optional additional Containers started with each scanJob (see: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) + extraContainers: [] + + # scannerJob.securityContext -- Optional securityContext set on scanner container (see: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) + securityContext: {} diff --git a/scanners/kubeaudit/README.md b/scanners/kubeaudit/README.md index 86250880..38177cbf 100644 --- a/scanners/kubeaudit/README.md +++ b/scanners/kubeaudit/README.md @@ -14,8 +14,7 @@ To learn more about the kubeaudit scanner itself visit [kubeaudit GitHub]. -## Deployment -The secureCodeBox core team is working on an integration of kubeaudit. We will keep you informed. +> ๐Ÿ”ง The secureCodeBox core team is working on an integration of kubeaudit. We will keep you informed. [kubeaudit GitHub]: https://github.com/Shopify/kubeaudit [kubeaudit Documentation]: https://github.com/Shopify/kubeaudit#quick-start diff --git a/scanners/ncrack/.helmignore b/scanners/ncrack/.helmignore new file mode 100644 index 00000000..bfc32a88 --- /dev/null +++ b/scanners/ncrack/.helmignore @@ -0,0 +1,6 @@ +.DS_Store + +parser/ +scanner/ +examples/ + diff --git a/scanners/ncrack/Chart.yaml b/scanners/ncrack/Chart.yaml new file mode 100644 index 00000000..fc0d650c --- /dev/null +++ b/scanners/ncrack/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: ncrack +description: A Helm chart for the NCRACK security Scanner that integrates with the secureCodeBox. + +type: application +# version - gets automatically set to the secureCodeBox release version when the helm charts gets published +version: latest +appVersion: 0.7 +kubeVersion: ">=v1.11.0" + +keywords: + - security + - ncrack + - scanner + - secureCodeBox +home: https://docs.securecodebox.io/docs/scanners/Ncrack +icon: https://docs.securecodebox.io/img/integrationIcons/Ncrack.svg +sources: + - https://github.com/secureCodeBox/secureCodeBox-v2 +maintainers: + - name: iteratec GmbH + email: secureCodeBox@iteratec.com diff --git a/scanners/ncrack/README.md b/scanners/ncrack/README.md index 6177fbf5..07384f88 100644 --- a/scanners/ncrack/README.md +++ b/scanners/ncrack/README.md @@ -14,8 +14,149 @@ To learn more about the Ncrack scanner itself visit [Ncrack GitHub] or [Ncrack W -## Deployment -The secureCodeBox core team is working on an integration of Ncrack. We will keep you informed. +## Ncrack Deployment & Configuration + +#### Setup with custom files: +If you want to use your own files within the ncrack scan, you have to create a secret first: + +```bash +kubectl create secret generic --from-file users.txt --from-file passwords.txt ncrack-lists +``` + + IMPORTANT: Use an extra empty line at the end of your files, otherwise the last letter of the last line will be omitted (due to a bug in k8) + +Now we created a secret named "ncrack-lists". +But before we can use the files, we have to install the ncrack ScanType: + +```bash +cat <` in the scan.yaml. + +For a full example on how to configure ncrack with your custom files against a ssh service, see the "dummy-ssh" example. + +#### Basic setup (no files can be mounted): + +The Ncrack ScanType can be deployed via helm: + +```bash +helm upgrade --install ncrack ./scanners/ncrack/ +``` + +#### Delete Ncrack ScanType: + +```bash +helm delete ncrack +``` + +## Scanner Configuration + +The following security scan configuration example are based on the [Ncrack Documentation], please take a look at the original documentation for more configuration examples. + +This options summary is printed when Ncrack is run with no arguments. It helps people remember the most common options, but is no substitute for the in-depth documentation in the rest of this manual. + +``` +Ncrack 0.7 ( http://ncrack.org ) +Usage: ncrack [Options] {target and service specification} +TARGET SPECIFICATION: + Can pass hostnames, IP addresses, networks, etc. + Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 + -iX : Input from Nmap's -oX XML output format + -iN : Input from Nmap's -oN Normal output format + -iL : Input from list of hosts/networks + --exclude : Exclude hosts/networks + --excludefile : Exclude list from file +SERVICE SPECIFICATION: + Can pass target specific services in ://target (standard) notation or + using -p which will be applied to all hosts in non-standard notation. + Service arguments can be specified to be host-specific, type of service-specific + (-m) or global (-g). Ex: ssh://10.0.0.10,at=10,cl=30 -m ssh:at=50 -g cd=3000 + Ex2: ncrack -p ssh,ftp:3500,25 10.0.0.10 scanme.nmap.org google.com:80,ssl + -p : services will be applied to all non-standard notation hosts + -m :: options will be applied to all services of this type + -g : options will be applied to every service globally + Misc options: + ssl: enable SSL over this service + path : used in modules like HTTP ('=' needs escaping if used) + db : used in modules like MongoDB to specify the database + domain : used in modules like WinRM to specify the domain +TIMING AND PERFORMANCE: + Options which take