create-vellaveto 4.0.2 → 4.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/generators/helm.js +14 -5
- package/dist/generators/toml.js +25 -6
- package/package.json +1 -1
package/dist/generators/helm.js
CHANGED
|
@@ -47,12 +47,12 @@ function generateValues(state) {
|
|
|
47
47
|
yaml += " strictMode: true\n\n";
|
|
48
48
|
yaml += " injection:\n";
|
|
49
49
|
yaml += ` enabled: ${state.injectionEnabled}\n`;
|
|
50
|
-
yaml += `
|
|
50
|
+
yaml += ` blockOnInjection: ${state.injectionBlocking}\n\n`;
|
|
51
51
|
yaml += " dlp:\n";
|
|
52
52
|
yaml += ` enabled: ${state.dlpEnabled}\n`;
|
|
53
|
-
yaml += `
|
|
53
|
+
yaml += ` blockOnFinding: ${state.dlpBlocking}\n\n`;
|
|
54
54
|
yaml += " audit:\n";
|
|
55
|
-
yaml += ` redactionLevel: "${
|
|
55
|
+
yaml += ` redactionLevel: "${mapRedactionLevel(state.redactionLevel)}"\n\n`;
|
|
56
56
|
yaml += " # API key should be provided via Kubernetes Secret:\n";
|
|
57
57
|
yaml += " # kubectl create secret generic vellaveto-api-key --from-literal=api-key=<YOUR_KEY>\n";
|
|
58
58
|
yaml += " extraEnv:\n";
|
|
@@ -95,6 +95,15 @@ function generateConfigMap(state) {
|
|
|
95
95
|
yaml += "\n";
|
|
96
96
|
return yaml;
|
|
97
97
|
}
|
|
98
|
-
function
|
|
99
|
-
|
|
98
|
+
function mapRedactionLevel(level) {
|
|
99
|
+
switch (level) {
|
|
100
|
+
case "off":
|
|
101
|
+
return "Off";
|
|
102
|
+
case "low":
|
|
103
|
+
return "KeysOnly";
|
|
104
|
+
case "high":
|
|
105
|
+
return "KeysAndPatterns";
|
|
106
|
+
default:
|
|
107
|
+
return level;
|
|
108
|
+
}
|
|
100
109
|
}
|
package/dist/generators/toml.js
CHANGED
|
@@ -6,6 +6,19 @@
|
|
|
6
6
|
* this CLI wizard.
|
|
7
7
|
*/
|
|
8
8
|
import { escapeTomlString } from "../utils.js";
|
|
9
|
+
/** Map wizard redaction level names to server-accepted values. */
|
|
10
|
+
function mapRedactionLevel(level) {
|
|
11
|
+
switch (level) {
|
|
12
|
+
case "off":
|
|
13
|
+
return "Off";
|
|
14
|
+
case "low":
|
|
15
|
+
return "KeysOnly";
|
|
16
|
+
case "high":
|
|
17
|
+
return "KeysAndPatterns";
|
|
18
|
+
default:
|
|
19
|
+
return level;
|
|
20
|
+
}
|
|
21
|
+
}
|
|
9
22
|
export function generateToml(state) {
|
|
10
23
|
let toml = "";
|
|
11
24
|
// Header
|
|
@@ -36,13 +49,13 @@ export function generateToml(state) {
|
|
|
36
49
|
toml += "[injection]\n";
|
|
37
50
|
toml += `enabled = ${state.injectionEnabled}\n`;
|
|
38
51
|
if (state.injectionEnabled) {
|
|
39
|
-
toml += `
|
|
52
|
+
toml += `block_on_injection = ${state.injectionBlocking}\n`;
|
|
40
53
|
}
|
|
41
54
|
toml += "\n";
|
|
42
55
|
toml += "[dlp]\n";
|
|
43
56
|
toml += `enabled = ${state.dlpEnabled}\n`;
|
|
44
57
|
if (state.dlpEnabled) {
|
|
45
|
-
toml += `
|
|
58
|
+
toml += `block_on_finding = ${state.dlpBlocking}\n`;
|
|
46
59
|
}
|
|
47
60
|
toml += "\n";
|
|
48
61
|
if (state.behavioralEnabled) {
|
|
@@ -52,17 +65,23 @@ export function generateToml(state) {
|
|
|
52
65
|
// Audit
|
|
53
66
|
toml += "# ─── Audit ──────────────────────────────────────────────────\n\n";
|
|
54
67
|
toml += "[audit]\n";
|
|
55
|
-
toml += `redaction_level = "${escapeTomlString(state.redactionLevel)}"\n`;
|
|
68
|
+
toml += `redaction_level = "${escapeTomlString(mapRedactionLevel(state.redactionLevel))}"\n`;
|
|
56
69
|
toml += "\n";
|
|
57
70
|
if (state.checkpointInterval > 0) {
|
|
58
71
|
toml += `# Checkpoint interval: set VELLAVETO_CHECKPOINT_INTERVAL=${state.checkpointInterval} env var\n\n`;
|
|
59
72
|
}
|
|
60
73
|
// Audit export
|
|
61
74
|
if (state.auditExportFormat !== "none") {
|
|
75
|
+
// Map "webhook" format to "jsonl" (webhook is delivery, not format)
|
|
76
|
+
const exportFormat = state.auditExportFormat === "webhook" ? "jsonl" : state.auditExportFormat;
|
|
62
77
|
toml += "[audit_export]\n";
|
|
63
|
-
toml += `format = "${escapeTomlString(
|
|
64
|
-
|
|
65
|
-
|
|
78
|
+
toml += `format = "${escapeTomlString(exportFormat)}"\n`;
|
|
79
|
+
// webhook_url is only valid for webhook delivery (must be https://)
|
|
80
|
+
if (state.auditExportFormat === "webhook" && state.auditExportTarget) {
|
|
81
|
+
toml += `webhook_url = "${escapeTomlString(state.auditExportTarget)}"\n`;
|
|
82
|
+
}
|
|
83
|
+
else if (state.auditExportTarget && state.auditExportFormat !== "webhook") {
|
|
84
|
+
toml += `# Export file: ${escapeTomlString(state.auditExportTarget)}\n`;
|
|
66
85
|
}
|
|
67
86
|
toml += "\n";
|
|
68
87
|
}
|