/** * @file src/shared/templates/rule-templates.ts * @description Templates for generating rule configuration files */ /** * @constant DEFAULT_PRAETORIAN_CONFIG * @description Default praetorian.yaml configuration template */ export declare const DEFAULT_PRAETORIAN_CONFIG = "# Praetorian Configuration\n# This file defines validation rules for your configuration files\n\n# Configuration files to validate\nfiles:\n - config-dev.yaml\n - config-prod.yaml\n - config-staging.yaml\n\n# Environment-specific configurations\nenvironments:\n dev: config-dev.yaml\n prod: config-prod.yaml\n staging: config-staging.yaml\n\n# Keys to ignore during validation\nignore_keys:\n - debug\n - temp\n - timestamp\n\n# Required keys that must be present\nrequired_keys:\n - database.url\n - api.token\n - version\n\n# Schema validation rules\nschema:\n database.port: number\n api.timeout: number\n service.enabled: boolean\n\n# Pattern validation rules\npatterns:\n api.token: \"^[A-Za-z0-9_-]{20,}$\"\n version: '^[0-9]+\\.[0-9]+\\.[0-9]+$'\n\n# Forbidden keys\nforbidden_keys:\n - password_plaintext\n - secret_key\n\n# Rule system configuration (NEW)\n# Only rules listed here will be applied - no exclusions, just active rules\nruleSets:\n - \"@praetorian/core/all\" # Include all core rules\n - \"./rules/structure.yaml\" # Custom structure rules\n - \"./rules/security.yaml\" # Custom security rules\n\n# Rule overrides (optional)\n# Override specific properties of existing rules\noverrideRules:\n # - id: \"version-format\"\n # severity: \"warning\" # Example: change severity\n\n# Additional custom rules (optional)\n# Add completely new rules\ncustomRules:\n # - id: \"my-custom-rule\"\n # name: \"My Custom Rule\"\n # description: \"Validates my custom requirement\"\n # type: \"structure\"\n # severity: \"error\"\n # enabled: true\n # category: \"custom\"\n # requiredProperties: [\"myField\"]\n\n# Validation options\noptions:\n failOnError: true\n showWarnings: true\n verbose: false\n"; /** * @constant STRUCTURE_RULES_TEMPLATE * @description Template for structure validation rules */ export declare const STRUCTURE_RULES_TEMPLATE = "# Structure Validation Rules\n# Rules for validating configuration file structure\n\nrules:\n - id: \"required-api-config\"\n name: \"API Configuration Required\"\n description: \"Ensures API configuration is present\"\n type: \"structure\"\n severity: \"error\"\n enabled: true\n category: \"structure\"\n tags: [\"api\", \"required\"]\n requiredProperties: [\"api\"]\n\n - id: \"no-deprecated-fields\"\n name: \"No Deprecated Fields\"\n description: \"Prevents use of deprecated configuration fields\"\n type: \"structure\"\n severity: \"warning\"\n enabled: true\n category: \"structure\"\n tags: [\"deprecated\"]\n forbiddenProperties: [\"oldField\", \"legacyConfig\"]\n\n - id: \"max-nesting-level\"\n name: \"Maximum Nesting Level\"\n description: \"Limits configuration nesting depth\"\n type: \"structure\"\n severity: \"warning\"\n enabled: true\n category: \"structure\"\n tags: [\"depth\", \"complexity\"]\n maxDepth: 5\n"; /** * @constant FORMAT_RULES_TEMPLATE * @description Template for format validation rules */ export declare const FORMAT_RULES_TEMPLATE = "# Format Validation Rules\n# Rules for validating data formats and patterns\n\nrules:\n - id: \"api-url-format\"\n name: \"API URL Format\"\n description: \"Validates API URL format\"\n type: \"format\"\n severity: \"error\"\n enabled: true\n category: \"format\"\n tags: [\"api\", \"url\"]\n propertyPath: \"api.url\"\n format: \"uri\"\n required: true\n\n - id: \"timeout-range\"\n name: \"Timeout Range Validation\"\n description: \"Validates timeout values are within reasonable range\"\n type: \"format\"\n severity: \"warning\"\n enabled: true\n category: \"format\"\n tags: [\"timeout\", \"range\"]\n propertyPath: \"api.timeout\"\n pattern: \"^[1-9][0-9]{3,5}$\"\n required: false\n\n - id: \"environment-format\"\n name: \"Environment Name Format\"\n description: \"Validates environment names\"\n type: \"format\"\n severity: \"warning\"\n enabled: true\n category: \"format\"\n tags: [\"environment\"]\n propertyPath: \"environment\"\n pattern: \"^[a-z][a-z0-9_-]*$\"\n required: true\n"; /** * @constant SECURITY_RULES_TEMPLATE * @description Template for security validation rules */ export declare const SECURITY_RULES_TEMPLATE = "# Security Validation Rules\n# Rules for security-related validations\n\nrules:\n - id: \"no-secrets-in-config\"\n name: \"No Secrets in Configuration\"\n description: \"Detects potential secrets in configuration files\"\n type: \"security\"\n severity: \"error\"\n enabled: true\n category: \"security\"\n tags: [\"secrets\", \"security\"]\n securityType: \"secret\"\n config:\n patterns: [\"password\", \"secret\", \"key\", \"token\", \"auth\"]\n minLength: 8\n caseSensitive: false\n\n - id: \"https-only-production\"\n name: \"HTTPS Only in Production\"\n description: \"Ensures HTTPS is used in production\"\n type: \"security\"\n severity: \"error\"\n enabled: true\n category: \"security\"\n tags: [\"https\", \"production\", \"security\"]\n securityType: \"vulnerability\"\n config:\n checkHttp: true\n environments: [\"production\", \"prod\"]\n allowedDomains: [\"localhost\", \"127.0.0.1\"]\n\n - id: \"config-file-permissions\"\n name: \"Configuration File Permissions\"\n description: \"Validates file permissions for config files\"\n type: \"security\"\n severity: \"warning\"\n enabled: true\n category: \"security\"\n tags: [\"permissions\", \"files\"]\n securityType: \"permission\"\n config:\n maxPermissions: 644\n sensitivePatterns: [\".env\", \"config.json\", \"secrets.yaml\", \"*.key\"]\n"; /** * @constant SCHEMA_RULES_TEMPLATE * @description Template for schema validation rules */ export declare const SCHEMA_RULES_TEMPLATE = "# Schema Validation Rules\n# Rules for JSON Schema validation\n\nrules:\n - id: \"api-config-schema\"\n name: \"API Configuration Schema\"\n description: \"Validates API configuration structure\"\n type: \"schema\"\n severity: \"error\"\n enabled: true\n category: \"schema\"\n tags: [\"api\", \"schema\"]\n validateSchema: true\n schema:\n type: \"object\"\n properties:\n api:\n type: \"object\"\n properties:\n url:\n type: \"string\"\n format: \"uri\"\n timeout:\n type: \"number\"\n minimum: 1000\n maximum: 300000\n retries:\n type: \"number\"\n minimum: 0\n maximum: 10\n required: [\"url\", \"timeout\"]\n required: [\"api\"]\n\n - id: \"database-config-schema\"\n name: \"Database Configuration Schema\"\n description: \"Validates database configuration structure\"\n type: \"schema\"\n severity: \"error\"\n enabled: true\n category: \"schema\"\n tags: [\"database\", \"schema\"]\n validateSchema: true\n schema:\n type: \"object\"\n properties:\n database:\n type: \"object\"\n properties:\n host:\n type: \"string\"\n port:\n type: \"number\"\n minimum: 1\n maximum: 65535\n name:\n type: \"string\"\n ssl:\n type: \"boolean\"\n required: [\"host\", \"port\", \"name\"]\n required: [\"database\"]\n"; /** * Gets the appropriate template based on type * @param type - Template type * @returns Template content */ export declare function getRuleTemplate(type: 'config' | 'structure' | 'format' | 'security' | 'schema'): string; /** * Gets all available template types * @returns Array of template types */ export declare function getAvailableTemplateTypes(): string[]; //# sourceMappingURL=rule-templates.d.ts.map