Files
wehub-resource-sync 161ef94b4f
Sirius CI/CD Pipeline / Merge API Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build API (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build UI (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge UI Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build Engine (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Engine Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build Infra (${{ matrix.service }}, ${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-postgres) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-rabbitmq) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-valkey) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Integration Test (push) Blocked by required conditions
Sirius CI/CD Pipeline / Public Stack Contract (push) Blocked by required conditions
Sirius CI/CD Pipeline / Dispatch Demo Deployment (sirius-demo branch) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Dispatch Demo Canary (main branch) (push) Blocked by required conditions
Check engine pin consistency / Dockerfile / CI pin consistency (push) Successful in 8s
Sirius CI/CD Pipeline / Detect Changes (push) Successful in 23s
Sirius CI/CD Pipeline / Guard Registry Namespace (push) Waiting to run
Validate Docker Configuration / Validate Docker Compose Configuration (push) Successful in 47s
chore: import upstream snapshot with attribution
2026-07-13 12:32:25 +08:00

6.6 KiB

title, description, template, version, last_updated, author, tags, categories, difficulty, related_docs, llm_context, search_keywords
title description template version last_updated author tags categories difficulty related_docs llm_context search_keywords
Template System Type Reference Quick reference for template types and module configurations TEMPLATE.documentation-standard 1.0.0 2025-10-25 Sirius Platform Team
templates
types
reference
quick-guide
reference
templates
beginner
architecture/README.template-ui-integration.md
architecture/README.agent-system.md
high
template
types
config
module
reference

Template System Type Reference

Quick reference guide for template types, module configurations, and validation rules.

Detection Step Types

Type Module Config Required Platforms
file-hash FileHashModule path, hash All
file-content FileContentModule path, patterns All
version-cmd CommandVersionModule command, version_regex All

Module Configurations

file-hash

type: file-hash
platforms: [linux, darwin, windows]
weight: 1.0
config:
  path: "/etc/passwd" # REQUIRED: Absolute path
  hash: "sha256:abc123..." # REQUIRED: Hash with prefix
  algorithm: "sha256" # OPTIONAL: Algorithm

Hash Formats:

  • SHA256: sha256: + 64 hex chars
  • SHA1: sha1: + 40 hex chars
  • MD5: md5: + 32 hex chars
  • SHA512: sha512: + 128 hex chars

file-content

type: file-content
platforms: [linux, darwin]
weight: 0.8
config:
  path: "/etc/apache2/apache2.conf" # REQUIRED: File to search
  patterns: # REQUIRED: Regex patterns
    - "ServerTokens.*Full"
    - "ServerSignature.*On"

Pattern Notes:

  • Go regex (RE2 syntax)
  • Case-sensitive by default
  • No lookahead/lookbehind support
  • Array required (even for single pattern)

version-cmd

type: version-cmd
platforms: [linux, darwin]
weight: 1.0
config:
  command: "httpd -v" # REQUIRED: Shell command
  version_regex: "Apache/(\\d+\\.\\d+)" # REQUIRED: Version capture
  vulnerable_versions: # OPTIONAL: Constraints
    - "< 2.4.52"
    - ">= 2.2.0, < 2.2.34"
  expected_exit_code: 0 # OPTIONAL: Exit code

Version Operators:

  • <, <=, >, >=, =, !=
  • Combine with comma: >= 2.0, < 3.0

Platform Values

platforms: [linux]           # Linux only
platforms: [darwin]          # macOS only
platforms: [windows]         # Windows only
platforms: [linux, darwin]   # Unix-like systems
platforms: []                # All platforms (default)

Severity Values

severity: critical  # Highest priority
severity: high
severity: medium
severity: low
severity: info      # Lowest priority

Detection Logic

detection:
  logic: all  # AND - All steps must match
  logic: any  # OR - At least one step must match

Complete Template Example

id: apache-outdated
info:
  name: Outdated Apache HTTP Server
  author: security-team
  severity: high
  description: Detects Apache versions vulnerable to known CVEs
  references:
    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
  cve:
    - CVE-2021-44228
  tags:
    - apache
    - web-server
    - cve
  version: "1.0"

detection:
  logic: all
  steps:
    - type: version-cmd
      platforms: [linux, darwin]
      weight: 1.0
      config:
        command: "httpd -v"
        version_regex: "Apache/(\\d+\\.\\d+\\.\\d+)"
        vulnerable_versions:
          - "< 2.4.52"

    - type: file-content
      platforms: [linux, darwin]
      weight: 0.8
      config:
        path: "/etc/apache2/apache2.conf"
        patterns:
          - "ServerTokens.*Full"

TypeScript Interfaces

// Detection step
interface DetectionStep {
  type: "file-hash" | "file-content" | "version-cmd";
  platforms?: ("linux" | "darwin" | "windows")[];
  weight?: number; // 0.0 to 1.0
  config: FileHashConfig | FileContentConfig | CommandVersionConfig;
}

// File hash config
interface FileHashConfig {
  path: string;
  hash: string;
  algorithm?: "sha256" | "sha1" | "md5" | "sha512";
}

// File content config
interface FileContentConfig {
  path: string;
  patterns: string[];
}

// Version command config
interface CommandVersionConfig {
  command: string;
  version_regex: string;
  vulnerable_versions?: string[];
  expected_exit_code?: number;
}

// Template info
interface TemplateInfo {
  name: string;
  author: string;
  severity: "critical" | "high" | "medium" | "low" | "info";
  description: string;
  references?: string[];
  cve?: string[];
  tags?: string[];
  version?: string;
}

// Detection config
interface DetectionConfig {
  logic?: "all" | "any"; // defaults to "all"
  steps: DetectionStep[];
}

// Complete template
interface TemplateContent {
  id: string;
  info: TemplateInfo;
  detection: DetectionConfig;
}

Validation Rules

Template ID

  • Format: ^[a-z0-9-]+$
  • Length: 3-50 characters
  • Cannot start/end with dash
  • Cannot be reserved keyword (new, create, edit, delete, standard, custom)

CVE Format

  • Pattern: ^CVE-\d{4}-\d{4,}$
  • Example: CVE-2021-44228

File Paths

  • Must be absolute
  • Unix: Starts with /
  • Windows: Starts with drive letter (e.g., C:\)

Regex Patterns

  • Use Go RE2 syntax
  • No backreferences
  • No lookahead/lookbehind
  • Named groups: (?P<name>pattern)

Weight Values

  • Range: 0.0 to 1.0
  • Default: 1.0
  • Affects confidence calculation

Common Errors

Error Cause Fix
"unknown module type" Wrong type name Use dashes not underscores
"missing required field" Config incomplete Check module requirements
"invalid regex" Bad pattern syntax Test with Go regex tester
"template not found" Wrong ID Check exact ID in library

Quick Tips

DO:

  • Use lowercase IDs with dashes
  • Test regex patterns before submission
  • Specify platforms when not all apply
  • Include CVE references when available
  • Add meaningful descriptions

DON'T:

  • Use underscores in type names
  • Forget algorithm prefix in hashes
  • Use single string for patterns (must be array)
  • Use JavaScript regex features (Go RE2 only)
  • Create IDs with spaces or special chars

Resources


Quick Reference Version: 1.0.0
Last Updated: October 25, 2025