161ef94b4f
Sirius CI/CD Pipeline / Merge API Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build API (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build UI (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge UI Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build Engine (${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Engine Manifest (push) Blocked by required conditions
Sirius CI/CD Pipeline / Build Infra (${{ matrix.service }}, ${{ matrix.platform }}) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-postgres) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-rabbitmq) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Merge Infra Manifest (sirius-valkey) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Integration Test (push) Blocked by required conditions
Sirius CI/CD Pipeline / Public Stack Contract (push) Blocked by required conditions
Sirius CI/CD Pipeline / Dispatch Demo Deployment (sirius-demo branch) (push) Blocked by required conditions
Sirius CI/CD Pipeline / Dispatch Demo Canary (main branch) (push) Blocked by required conditions
Check engine pin consistency / Dockerfile / CI pin consistency (push) Successful in 8s
Sirius CI/CD Pipeline / Detect Changes (push) Successful in 23s
Sirius CI/CD Pipeline / Guard Registry Namespace (push) Waiting to run
Validate Docker Configuration / Validate Docker Compose Configuration (push) Successful in 47s
6.6 KiB
6.6 KiB
title, description, template, version, last_updated, author, tags, categories, difficulty, related_docs, llm_context, search_keywords
| title | description | template | version | last_updated | author | tags | categories | difficulty | related_docs | llm_context | search_keywords | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Template System Type Reference | Quick reference for template types and module configurations | TEMPLATE.documentation-standard | 1.0.0 | 2025-10-25 | Sirius Platform Team |
|
|
beginner |
|
high |
|
Template System Type Reference
Quick reference guide for template types, module configurations, and validation rules.
Detection Step Types
| Type | Module | Config Required | Platforms |
|---|---|---|---|
file-hash |
FileHashModule | path, hash | All |
file-content |
FileContentModule | path, patterns | All |
version-cmd |
CommandVersionModule | command, version_regex | All |
Module Configurations
file-hash
type: file-hash
platforms: [linux, darwin, windows]
weight: 1.0
config:
path: "/etc/passwd" # REQUIRED: Absolute path
hash: "sha256:abc123..." # REQUIRED: Hash with prefix
algorithm: "sha256" # OPTIONAL: Algorithm
Hash Formats:
- SHA256:
sha256:+ 64 hex chars - SHA1:
sha1:+ 40 hex chars - MD5:
md5:+ 32 hex chars - SHA512:
sha512:+ 128 hex chars
file-content
type: file-content
platforms: [linux, darwin]
weight: 0.8
config:
path: "/etc/apache2/apache2.conf" # REQUIRED: File to search
patterns: # REQUIRED: Regex patterns
- "ServerTokens.*Full"
- "ServerSignature.*On"
Pattern Notes:
- Go regex (RE2 syntax)
- Case-sensitive by default
- No lookahead/lookbehind support
- Array required (even for single pattern)
version-cmd
type: version-cmd
platforms: [linux, darwin]
weight: 1.0
config:
command: "httpd -v" # REQUIRED: Shell command
version_regex: "Apache/(\\d+\\.\\d+)" # REQUIRED: Version capture
vulnerable_versions: # OPTIONAL: Constraints
- "< 2.4.52"
- ">= 2.2.0, < 2.2.34"
expected_exit_code: 0 # OPTIONAL: Exit code
Version Operators:
<,<=,>,>=,=,!=- Combine with comma:
>= 2.0, < 3.0
Platform Values
platforms: [linux] # Linux only
platforms: [darwin] # macOS only
platforms: [windows] # Windows only
platforms: [linux, darwin] # Unix-like systems
platforms: [] # All platforms (default)
Severity Values
severity: critical # Highest priority
severity: high
severity: medium
severity: low
severity: info # Lowest priority
Detection Logic
detection:
logic: all # AND - All steps must match
logic: any # OR - At least one step must match
Complete Template Example
id: apache-outdated
info:
name: Outdated Apache HTTP Server
author: security-team
severity: high
description: Detects Apache versions vulnerable to known CVEs
references:
- https://nvd.nist.gov/vuln/detail/CVE-2021-44228
cve:
- CVE-2021-44228
tags:
- apache
- web-server
- cve
version: "1.0"
detection:
logic: all
steps:
- type: version-cmd
platforms: [linux, darwin]
weight: 1.0
config:
command: "httpd -v"
version_regex: "Apache/(\\d+\\.\\d+\\.\\d+)"
vulnerable_versions:
- "< 2.4.52"
- type: file-content
platforms: [linux, darwin]
weight: 0.8
config:
path: "/etc/apache2/apache2.conf"
patterns:
- "ServerTokens.*Full"
TypeScript Interfaces
// Detection step
interface DetectionStep {
type: "file-hash" | "file-content" | "version-cmd";
platforms?: ("linux" | "darwin" | "windows")[];
weight?: number; // 0.0 to 1.0
config: FileHashConfig | FileContentConfig | CommandVersionConfig;
}
// File hash config
interface FileHashConfig {
path: string;
hash: string;
algorithm?: "sha256" | "sha1" | "md5" | "sha512";
}
// File content config
interface FileContentConfig {
path: string;
patterns: string[];
}
// Version command config
interface CommandVersionConfig {
command: string;
version_regex: string;
vulnerable_versions?: string[];
expected_exit_code?: number;
}
// Template info
interface TemplateInfo {
name: string;
author: string;
severity: "critical" | "high" | "medium" | "low" | "info";
description: string;
references?: string[];
cve?: string[];
tags?: string[];
version?: string;
}
// Detection config
interface DetectionConfig {
logic?: "all" | "any"; // defaults to "all"
steps: DetectionStep[];
}
// Complete template
interface TemplateContent {
id: string;
info: TemplateInfo;
detection: DetectionConfig;
}
Validation Rules
Template ID
- Format:
^[a-z0-9-]+$ - Length: 3-50 characters
- Cannot start/end with dash
- Cannot be reserved keyword (new, create, edit, delete, standard, custom)
CVE Format
- Pattern:
^CVE-\d{4}-\d{4,}$ - Example:
CVE-2021-44228
File Paths
- Must be absolute
- Unix: Starts with
/ - Windows: Starts with drive letter (e.g.,
C:\)
Regex Patterns
- Use Go RE2 syntax
- No backreferences
- No lookahead/lookbehind
- Named groups:
(?P<name>pattern)
Weight Values
- Range: 0.0 to 1.0
- Default: 1.0
- Affects confidence calculation
Common Errors
| Error | Cause | Fix |
|---|---|---|
| "unknown module type" | Wrong type name | Use dashes not underscores |
| "missing required field" | Config incomplete | Check module requirements |
| "invalid regex" | Bad pattern syntax | Test with Go regex tester |
| "template not found" | Wrong ID | Check exact ID in library |
Quick Tips
✅ DO:
- Use lowercase IDs with dashes
- Test regex patterns before submission
- Specify platforms when not all apply
- Include CVE references when available
- Add meaningful descriptions
❌ DON'T:
- Use underscores in type names
- Forget algorithm prefix in hashes
- Use single string for patterns (must be array)
- Use JavaScript regex features (Go RE2 only)
- Create IDs with spaces or special chars
Resources
- Full guide: README.template-ui-integration.md
- Agent system: README.agent-system.md
- Module code:
app-agent/internal/modules/
Quick Reference Version: 1.0.0
Last Updated: October 25, 2025