guardrail-compliance 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/audit/emitter.d.ts +97 -0
  2. package/dist/audit/emitter.d.ts.map +1 -0
  3. package/dist/audit/emitter.js +197 -0
  4. package/dist/audit/events.d.ts +304 -0
  5. package/dist/audit/events.d.ts.map +1 -0
  6. package/dist/audit/events.js +267 -0
  7. package/dist/audit/index.d.ts +11 -0
  8. package/dist/audit/index.d.ts.map +1 -0
  9. package/dist/audit/index.js +51 -0
  10. package/dist/audit/storage.d.ts +93 -0
  11. package/dist/audit/storage.d.ts.map +1 -0
  12. package/dist/audit/storage.js +337 -0
  13. package/dist/automation/__tests__/compliance-scheduler.test.d.ts +2 -0
  14. package/dist/automation/__tests__/compliance-scheduler.test.d.ts.map +1 -0
  15. package/dist/automation/__tests__/compliance-scheduler.test.js +140 -0
  16. package/dist/automation/audit-logger.d.ts +129 -0
  17. package/dist/automation/audit-logger.d.ts.map +1 -0
  18. package/dist/automation/audit-logger.js +473 -0
  19. package/dist/automation/compliance-scheduler-fixed.d.ts +1 -0
  20. package/dist/automation/compliance-scheduler-fixed.d.ts.map +1 -0
  21. package/dist/automation/compliance-scheduler-fixed.js +1 -0
  22. package/dist/automation/compliance-scheduler.d.ts +83 -0
  23. package/dist/automation/compliance-scheduler.d.ts.map +1 -0
  24. package/dist/automation/compliance-scheduler.js +414 -0
  25. package/dist/automation/dashboard.d.ts +194 -0
  26. package/dist/automation/dashboard.d.ts.map +1 -0
  27. package/dist/automation/dashboard.js +768 -0
  28. package/dist/automation/email-service.d.ts +69 -0
  29. package/dist/automation/email-service.d.ts.map +1 -0
  30. package/dist/automation/email-service.js +218 -0
  31. package/dist/automation/evidence-collector.d.ts +140 -0
  32. package/dist/automation/evidence-collector.d.ts.map +1 -0
  33. package/dist/automation/evidence-collector.js +682 -0
  34. package/dist/automation/index.d.ts +8 -0
  35. package/dist/automation/index.d.ts.map +1 -0
  36. package/dist/automation/index.js +24 -0
  37. package/dist/automation/pdf-exporter.d.ts +90 -0
  38. package/dist/automation/pdf-exporter.d.ts.map +1 -0
  39. package/dist/automation/pdf-exporter.js +381 -0
  40. package/dist/automation/reporting-engine.d.ts +116 -0
  41. package/dist/automation/reporting-engine.d.ts.map +1 -0
  42. package/dist/automation/reporting-engine.js +329 -0
  43. package/dist/container/index.d.ts +4 -0
  44. package/dist/container/index.d.ts.map +1 -0
  45. package/dist/container/index.js +19 -0
  46. package/dist/container/kubernetes.d.ts +94 -0
  47. package/dist/container/kubernetes.d.ts.map +1 -0
  48. package/dist/container/kubernetes.js +268 -0
  49. package/dist/container/rules.d.ts +27 -0
  50. package/dist/container/rules.d.ts.map +1 -0
  51. package/dist/container/rules.js +216 -0
  52. package/dist/container/scanner.d.ts +50 -0
  53. package/dist/container/scanner.d.ts.map +1 -0
  54. package/dist/container/scanner.js +143 -0
  55. package/dist/frameworks/engine.d.ts +108 -0
  56. package/dist/frameworks/engine.d.ts.map +1 -0
  57. package/dist/frameworks/engine.js +206 -0
  58. package/dist/frameworks/gdpr.d.ts +6 -0
  59. package/dist/frameworks/gdpr.d.ts.map +1 -0
  60. package/dist/frameworks/gdpr.js +198 -0
  61. package/dist/frameworks/hipaa.d.ts +6 -0
  62. package/dist/frameworks/hipaa.d.ts.map +1 -0
  63. package/dist/frameworks/hipaa.js +183 -0
  64. package/dist/frameworks/index.d.ts +8 -0
  65. package/dist/frameworks/index.d.ts.map +1 -0
  66. package/dist/frameworks/index.js +30 -0
  67. package/dist/frameworks/iso27001.d.ts +63 -0
  68. package/dist/frameworks/iso27001.d.ts.map +1 -0
  69. package/dist/frameworks/iso27001.js +331 -0
  70. package/dist/frameworks/nist.d.ts +62 -0
  71. package/dist/frameworks/nist.d.ts.map +1 -0
  72. package/dist/frameworks/nist.js +424 -0
  73. package/dist/frameworks/pci.d.ts +6 -0
  74. package/dist/frameworks/pci.d.ts.map +1 -0
  75. package/dist/frameworks/pci.js +201 -0
  76. package/dist/frameworks/soc2.d.ts +7 -0
  77. package/dist/frameworks/soc2.d.ts.map +1 -0
  78. package/dist/frameworks/soc2.js +248 -0
  79. package/dist/iac/drift-detector.d.ts +64 -0
  80. package/dist/iac/drift-detector.d.ts.map +1 -0
  81. package/dist/iac/drift-detector.js +134 -0
  82. package/dist/iac/index.d.ts +4 -0
  83. package/dist/iac/index.d.ts.map +1 -0
  84. package/dist/iac/index.js +19 -0
  85. package/dist/iac/rules.d.ts +17 -0
  86. package/dist/iac/rules.d.ts.map +1 -0
  87. package/dist/iac/rules.js +385 -0
  88. package/dist/iac/scanner.d.ts +104 -0
  89. package/dist/iac/scanner.d.ts.map +1 -0
  90. package/dist/iac/scanner.js +343 -0
  91. package/dist/index.d.ts +7 -0
  92. package/dist/index.d.ts.map +1 -0
  93. package/dist/index.js +28 -0
  94. package/dist/pii/data-flow.d.ts +58 -0
  95. package/dist/pii/data-flow.d.ts.map +1 -0
  96. package/dist/pii/data-flow.js +154 -0
  97. package/dist/pii/detector.d.ts +60 -0
  98. package/dist/pii/detector.d.ts.map +1 -0
  99. package/dist/pii/detector.js +267 -0
  100. package/dist/pii/index.d.ts +4 -0
  101. package/dist/pii/index.d.ts.map +1 -0
  102. package/dist/pii/index.js +19 -0
  103. package/dist/pii/patterns.d.ts +36 -0
  104. package/dist/pii/patterns.d.ts.map +1 -0
  105. package/dist/pii/patterns.js +108 -0
  106. package/dist/policy/index.d.ts +5 -0
  107. package/dist/policy/index.d.ts.map +1 -0
  108. package/dist/policy/index.js +20 -0
  109. package/dist/policy/opa-engine.d.ts +121 -0
  110. package/dist/policy/opa-engine.d.ts.map +1 -0
  111. package/dist/policy/opa-engine.js +423 -0
  112. package/package.json +31 -0
  113. package/src/audit/emitter.ts +383 -0
  114. package/src/audit/events.ts +351 -0
  115. package/src/audit/index.ts +35 -0
  116. package/src/audit/storage.ts +394 -0
  117. package/src/automation/__tests__/compliance-scheduler.test.ts +183 -0
  118. package/src/automation/audit-logger.ts +629 -0
  119. package/src/automation/compliance-scheduler-fixed.ts +0 -0
  120. package/src/automation/compliance-scheduler.ts +516 -0
  121. package/src/automation/dashboard.ts +947 -0
  122. package/src/automation/email-service.ts +230 -0
  123. package/src/automation/evidence-collector.ts +866 -0
  124. package/src/automation/index.ts +8 -0
  125. package/src/automation/pdf-exporter.ts +434 -0
  126. package/src/automation/reporting-engine.ts +462 -0
  127. package/src/container/index.ts +3 -0
  128. package/src/container/kubernetes.ts +379 -0
  129. package/src/container/rules.ts +244 -0
  130. package/src/container/scanner.ts +202 -0
  131. package/src/frameworks/engine.ts +298 -0
  132. package/src/frameworks/gdpr.ts +204 -0
  133. package/src/frameworks/hipaa.ts +209 -0
  134. package/src/frameworks/index.ts +23 -0
  135. package/src/frameworks/iso27001.ts +398 -0
  136. package/src/frameworks/nist.ts +518 -0
  137. package/src/frameworks/pci.ts +226 -0
  138. package/src/frameworks/soc2.ts +281 -0
  139. package/src/iac/drift-detector.ts +197 -0
  140. package/src/iac/index.ts +3 -0
  141. package/src/iac/rules.ts +420 -0
  142. package/src/iac/scanner.ts +445 -0
  143. package/src/index.ts +17 -0
  144. package/src/pii/data-flow.ts +216 -0
  145. package/src/pii/detector.ts +327 -0
  146. package/src/pii/index.ts +3 -0
  147. package/src/pii/patterns.ts +128 -0
  148. package/src/policy/index.ts +5 -0
  149. package/src/policy/opa-engine.ts +504 -0
package/dist/automation/reporting-engine.js ADDED
@@ -0,0 +1,329 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.reportingEngine = exports.ReportingEngine = void 0;
4
+ const database_1 = require("@guardrail/database");
5
+ const audit_logger_1 = require("./audit-logger");
6
+ /**
7
+ * Automated Compliance Reporting Engine
8
+ *
9
+ * Generates comprehensive compliance reports with evidence,
10
+ * recommendations, and visual analytics
11
+ */
12
+ class ReportingEngine {
13
+ reportTemplates = new Map();
14
+ constructor() {
15
+ this.initializeTemplates();
16
+ }
17
+ /**
18
+ * Generate compliance report
19
+ */
20
+ async generateReport(request) {
21
+ // Get project details
22
+ const project = await database_1.prisma.project.findUnique({
23
+ where: { id: request.projectId },
24
+ });
25
+ if (!project) {
26
+ throw new Error(`Project ${request.projectId} not found`);
27
+ }
28
+ // Get assessment if not provided
29
+ let assessment = request.assessment;
30
+ if (!assessment) {
31
+ const latest = await database_1.prisma.complianceAssessment.findFirst({
32
+ where: {
33
+ projectId: request.projectId,
34
+ frameworkId: request.frameworkId,
35
+ },
36
+ orderBy: { createdAt: "desc" },
37
+ });
38
+ if (!latest) {
39
+ throw new Error("No assessment found for this project and framework");
40
+ }
41
+ // Convert database record to assessment result with proper type handling
42
+ assessment = {
43
+ projectId: latest.projectId,
44
+ frameworkId: latest.frameworkId,
45
+ summary: latest.summary || {
46
+ totalControls: 0,
47
+ compliant: 0,
48
+ partial: 0,
49
+ nonCompliant: 0,
50
+ score: 0,
51
+ },
52
+ evidence: latest.evidence || [],
53
+ controls: latest.controls || [],
54
+ gaps: latest.gaps || [],
55
+ };
56
+ }
57
+ // Get evidence if requested
58
+ let evidence = request.evidence;
59
+ if (request.includeEvidence && !evidence) {
60
+ // For now, skip evidence collection if no database table exists
61
+ evidence = [];
62
+ }
63
+ // Generate report ID
64
+ const reportId = `report_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
65
+ // Build report sections based on type
66
+ if (!assessment) {
67
+ throw new Error("No assessment data available");
68
+ }
69
+ const sections = await this.buildSections(request.type, assessment, evidence);
70
+ // Generate recommendations if needed
71
+ const recommendations = request.includeRecommendations
72
+ ? await this.generateRecommendations(assessment)
73
+ : [];
74
+ // Generate charts if needed
75
+ const charts = request.includeCharts
76
+ ? await this.generateCharts(assessment)
77
+ : [];
78
+ // Create report
79
+ const report = {
80
+ id: reportId,
81
+ projectId: request.projectId,
82
+ frameworkId: request.frameworkId,
83
+ type: request.type,
84
+ format: request.format,
85
+ generatedAt: new Date(),
86
+ period: request.period,
87
+ summary: this.generateSummary(assessment),
88
+ sections, // Use the sections we already built
89
+ evidence: request.includeEvidence ? evidence : undefined,
90
+ recommendations, // Use the recommendations we already built
91
+ charts, // Use the charts we already built
92
+ metadata: {
93
+ version: "1.0",
94
+ generatedBy: "Guardrail Compliance Engine",
95
+ },
96
+ };
97
+ // Save report to database - skip if table doesn't exist
98
+ try {
99
+ await this.saveReport(report);
100
+ }
101
+ catch (error) {
102
+ console.warn("Could not save report to database:", error);
103
+ }
104
+ // Log report generation
105
+ await audit_logger_1.auditLogger.logEvent({
106
+ type: "report_generated",
107
+ category: "compliance",
108
+ projectId: request.projectId,
109
+ frameworkId: request.frameworkId,
110
+ timestamp: new Date(),
111
+ severity: "low",
112
+ source: "reporting-engine",
113
+ metadata: {
114
+ reportId,
115
+ type: request.type,
116
+ format: request.format,
117
+ includeEvidence: request.includeEvidence,
118
+ recipientCount: request.recipients?.length || 0,
119
+ },
120
+ details: {
121
+ action: "Compliance report generated",
122
+ reportId,
123
+ type: request.type,
124
+ score: report.summary.overallScore,
125
+ },
126
+ });
127
+ // Send report if recipients specified
128
+ if (request.recipients?.length) {
129
+ await this.sendReport(report, request.recipients);
130
+ }
131
+ return report;
132
+ }
133
+ /**
134
+ * Get report by ID
135
+ */
136
+ async getReport(reportId) {
137
+ try {
138
+ const report = await database_1.prisma.complianceReport.findUnique({
139
+ where: { id: reportId },
140
+ });
141
+ if (!report)
142
+ return null;
143
+ // Convert database report to ComplianceReport format
144
+ // @ts-ignore - Prisma client type issue
145
+ return {
146
+ id: report.id,
147
+ projectId: report.projectId,
148
+ frameworkId: report.frameworkId,
149
+ type: report.type,
150
+ format: report.format,
151
+ generatedAt: report.generatedAt || report.createdAt,
152
+ period: report.period,
153
+ summary: report.summary,
154
+ sections: report.sections || [],
155
+ evidence: report.evidence || undefined,
156
+ recommendations: report.recommendations || [],
157
+ charts: report.charts || [],
158
+ metadata: report.metadata || {
159
+ version: "1.0",
160
+ generatedBy: "Guardrail Compliance Engine",
161
+ },
162
+ };
163
+ }
164
+ catch (error) {
165
+ console.warn("Could not retrieve report from database:", error);
166
+ return null;
167
+ }
168
+ }
169
+ /**
170
+ * List reports for project
171
+ */
172
+ async listReports(projectId, frameworkId, limit = 50) {
173
+ try {
174
+ const reports = await database_1.prisma.complianceReport.findMany({
175
+ where: {
176
+ projectId,
177
+ ...(frameworkId && { frameworkId }),
178
+ },
179
+ orderBy: { createdAt: "desc" },
180
+ take: limit,
181
+ });
182
+ // Convert database reports to ComplianceReport format
183
+ // @ts-ignore - Prisma client type issue
184
+ return reports.map((report) => ({
185
+ id: report.id,
186
+ projectId: report.projectId,
187
+ frameworkId: report.frameworkId,
188
+ type: report.type,
189
+ format: report.format,
190
+ generatedAt: report.generatedAt || report.createdAt,
191
+ period: report.period,
192
+ summary: report.summary,
193
+ sections: report.sections || [],
194
+ evidence: report.evidence || undefined,
195
+ recommendations: report.recommendations || [],
196
+ charts: report.charts || [],
197
+ metadata: report.metadata || {
198
+ version: "1.0",
199
+ generatedBy: "Guardrail Compliance Engine",
200
+ },
201
+ }));
202
+ }
203
+ catch (error) {
204
+ console.warn("Could not retrieve reports from database:", error);
205
+ return [];
206
+ }
207
+ }
208
+ /**
209
+ * Delete report
210
+ */
211
+ async deleteReport(reportId) {
212
+ try {
213
+ await database_1.prisma.complianceReport.delete({
214
+ where: { id: reportId },
215
+ });
216
+ }
217
+ catch (error) {
218
+ console.warn("Could not delete report from database:", error);
219
+ }
220
+ }
221
+ async saveReport(report) {
222
+ // @ts-ignore - Prisma client type issue
223
+ await database_1.prisma.complianceReport.create({
224
+ data: {
225
+ projectId: report.projectId,
226
+ title: `${report.type} Report - ${report.frameworkId}`,
227
+ content: report,
228
+ summary: report.summary,
229
+ status: "draft",
230
+ },
231
+ });
232
+ }
233
+ async sendReport(report, recipients) {
234
+ // In production, implement email delivery service
235
+ console.log(`Sending report ${report.id} to ${recipients.join(", ")}`);
236
+ }
237
+ initializeTemplates() {
238
+ // Initialize report templates
239
+ this.reportTemplates.set("compliance", "standard-compliance-template");
240
+ this.reportTemplates.set("audit", "audit-report-template");
241
+ this.reportTemplates.set("executive", "executive-summary-template");
242
+ this.reportTemplates.set("technical", "technical-detail-template");
243
+ this.reportTemplates.set("remediation", "remediation-plan-template");
244
+ }
245
+ async buildSections(_type, assessment, evidence) {
246
+ const sections = [
247
+ {
248
+ id: "summary",
249
+ title: "Executive Summary",
250
+ type: "summary",
251
+ content: assessment.summary,
252
+ order: 1,
253
+ },
254
+ {
255
+ id: "details",
256
+ title: "Compliance Details",
257
+ type: "details",
258
+ content: {
259
+ controls: assessment.controls,
260
+ gaps: assessment.gaps,
261
+ },
262
+ order: 2,
263
+ },
264
+ ];
265
+ if (evidence && evidence.length > 0) {
266
+ sections.push({
267
+ id: "evidence",
268
+ title: "Evidence",
269
+ type: "evidence",
270
+ content: evidence,
271
+ order: 3,
272
+ });
273
+ }
274
+ return sections;
275
+ }
276
+ async generateRecommendations(assessment) {
277
+ // Generate recommendations based on gaps and failed controls
278
+ const recommendations = [];
279
+ for (const gap of assessment.gaps) {
280
+ recommendations.push({
281
+ id: `rec_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`,
282
+ controlId: gap.controlId,
283
+ priority: gap.severity,
284
+ category: "compliance",
285
+ title: `Address compliance gap for ${gap.controlId}`,
286
+ description: gap.description,
287
+ impact: "Non-compliance risk",
288
+ effort: "medium",
289
+ status: "open",
290
+ });
291
+ }
292
+ return recommendations;
293
+ }
294
+ async generateCharts(assessment) {
295
+ return [
296
+ {
297
+ id: "chart_compliance_score",
298
+ type: "pie",
299
+ title: "Compliance Score Distribution",
300
+ data: {
301
+ compliant: assessment.summary.compliant,
302
+ partial: assessment.summary.partial,
303
+ nonCompliant: assessment.summary.nonCompliant,
304
+ },
305
+ },
306
+ ];
307
+ }
308
+ generateSummary(assessment) {
309
+ return {
310
+ overallScore: assessment.summary.score,
311
+ status: assessment.summary.score >= 90
312
+ ? "compliant"
313
+ : assessment.summary.score >= 70
314
+ ? "partial"
315
+ : "non-compliant",
316
+ totalControls: assessment.summary.totalControls,
317
+ compliantControls: assessment.summary.compliant,
318
+ partialControls: assessment.summary.partial,
319
+ nonCompliantControls: assessment.summary.nonCompliant,
320
+ highRiskGaps: assessment.gaps.filter((g) => g.severity === "high").length,
321
+ mediumRiskGaps: assessment.gaps.filter((g) => g.severity === "medium")
322
+ .length,
323
+ lowRiskGaps: assessment.gaps.filter((g) => g.severity === "low").length,
324
+ };
325
+ }
326
+ }
327
+ exports.ReportingEngine = ReportingEngine;
328
+ // Export singleton instance
329
+ exports.reportingEngine = new ReportingEngine();
package/dist/container/index.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ export * from './scanner';
2
+ export * from './kubernetes';
3
+ export * from './rules';
4
+ //# sourceMappingURL=index.d.ts.map
package/dist/container/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/container/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,cAAc,CAAC;AAC7B,cAAc,SAAS,CAAC"}
package/dist/container/index.js ADDED
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
+ };
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ __exportStar(require("./scanner"), exports);
18
+ __exportStar(require("./kubernetes"), exports);
19
+ __exportStar(require("./rules"), exports);
package/dist/container/kubernetes.d.ts ADDED
@@ -0,0 +1,94 @@
1
+ export interface K8sManifest {
2
+ apiVersion: string;
3
+ kind: string;
4
+ metadata: {
5
+ name: string;
6
+ namespace?: string;
7
+ };
8
+ spec: any;
9
+ }
10
+ export interface K8sFinding {
11
+ ruleId: string;
12
+ title: string;
13
+ description: string;
14
+ severity: 'critical' | 'high' | 'medium' | 'low';
15
+ resourceType: string;
16
+ resourceName: string;
17
+ namespace?: string;
18
+ filePath: string;
19
+ recommendation: string;
20
+ }
21
+ export interface RBACAnalysis {
22
+ roles: Array<{
23
+ name: string;
24
+ namespace?: string;
25
+ rules: any[];
26
+ riskyPermissions: string[];
27
+ }>;
28
+ roleBindings: Array<{
29
+ name: string;
30
+ namespace?: string;
31
+ subjects: any[];
32
+ roleRef: any;
33
+ }>;
34
+ findings: string[];
35
+ }
36
+ export interface PodSecurityAnalysis {
37
+ totalPods: number;
38
+ privilegedPods: number;
39
+ hostNetworkPods: number;
40
+ runAsRootPods: number;
41
+ findings: K8sFinding[];
42
+ }
43
+ export interface NetworkPolicyAnalysis {
44
+ hasNetworkPolicies: boolean;
45
+ totalPolicies: number;
46
+ unprotectedNamespaces: string[];
47
+ findings: string[];
48
+ }
49
+ export interface KubernetesScanResult {
50
+ projectId: string;
51
+ summary: {
52
+ totalResources: number;
53
+ critical: number;
54
+ high: number;
55
+ medium: number;
56
+ low: number;
57
+ };
58
+ findings: K8sFinding[];
59
+ rbacAnalysis?: RBACAnalysis;
60
+ podSecurity?: PodSecurityAnalysis;
61
+ networkPolicies?: NetworkPolicyAnalysis;
62
+ }
63
+ export declare class KubernetesScanner {
64
+ /**
65
+ * Scan Kubernetes manifests
66
+ */
67
+ scanManifests(projectPath: string, projectId: string): Promise<KubernetesScanResult>;
68
+ /**
69
+ * Analyze RBAC configuration
70
+ */
71
+ analyzeRBAC(manifests: K8sManifest[]): Promise<RBACAnalysis>;
72
+ /**
73
+ * Check pod security
74
+ */
75
+ checkPodSecurity(manifests: K8sManifest[]): Promise<PodSecurityAnalysis>;
76
+ /**
77
+ * Validate network policies
78
+ */
79
+ validateNetworkPolicies(manifests: K8sManifest[]): Promise<NetworkPolicyAnalysis>;
80
+ /**
81
+ * Scan for security issues using rules
82
+ */
83
+ private scanForSecurityIssues;
84
+ /**
85
+ * Find Kubernetes manifest files
86
+ */
87
+ private findManifestFiles;
88
+ /**
89
+ * Simple YAML parser (in production, use proper YAML library)
90
+ */
91
+ private parseYAML;
92
+ }
93
+ export declare const kubernetesScanner: KubernetesScanner;
94
+ //# sourceMappingURL=kubernetes.d.ts.map
package/dist/container/kubernetes.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"kubernetes.d.ts","sourceRoot":"","sources":["../../src/container/kubernetes.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,IAAI,EAAE,GAAG,CAAC;CACX;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,KAAK,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,KAAK,EAAE,GAAG,EAAE,CAAC;QACb,gBAAgB,EAAE,MAAM,EAAE,CAAC;KAC5B,CAAC,CAAC;IACH,YAAY,EAAE,KAAK,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,GAAG,EAAE,CAAC;QAChB,OAAO,EAAE,GAAG,CAAC;KACd,CAAC,CAAC;IACH,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,UAAU,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,kBAAkB,EAAE,OAAO,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,QAAQ,EAAE,UAAU,EAAE,CAAC;IACvB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,mBAAmB,CAAC;IAClC,eAAe,CAAC,EAAE,qBAAqB,CAAC;CACzC;AAED,qBAAa,iBAAiB;IAC5B;;OAEG;IACG,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA6E1F;;OAEG;IACG,WAAW,CAAC,SAAS,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,YAAY,CAAC;IAuDlE;;OAEG;IACG,gBAAgB,CAAC,SAAS,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAwC9E;;OAEG;IACG,uBAAuB,CAAC,SAAS,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAiCvF;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA0C7B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA0BzB;;OAEG;IACH,OAAO,CAAC,SAAS;CAQlB;AAED,eAAO,MAAM,iBAAiB,mBAA0B,CAAC"}