Skip to content

Commit

Permalink
🐛 fix cnspec scan (#716)
Browse files Browse the repository at this point in the history
- shell + run + scan did not attach providers at all; added
- scan had a list of copy-paste mistakes from cnquery (where it
referenced querypacks instead of policies)
- scanning did not work, the first succesful scan is now executed

Signed-off-by: Dominik Richter <[email protected]>
  • Loading branch information
arlimus authored Sep 11, 2023
1 parent a4f2856 commit ccd74cf
Show file tree
Hide file tree
Showing 3 changed files with 225 additions and 76 deletions.
37 changes: 32 additions & 5 deletions apps/cnspec/cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,25 +5,29 @@ package cmd

import (
"fmt"
"net/http"
"os"
"regexp"
"runtime"
"strings"

"github.com/muesli/termenv"
"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
"github.com/spf13/cobra"
"github.com/spf13/cobra/doc"
"github.com/spf13/viper"
"go.mondoo.com/cnquery"
cnquery_app "go.mondoo.com/cnquery/apps/cnquery/cmd"
"go.mondoo.com/cnquery/cli/config"
"go.mondoo.com/cnquery/cli/providers"
"go.mondoo.com/cnquery/cli/sysinfo"
"go.mondoo.com/cnquery/cli/theme"
"go.mondoo.com/cnquery/cli/theme/colors"
"go.mondoo.com/cnquery/logger"
"go.mondoo.com/cnspec"
"go.mondoo.com/ranger-rpc"
"go.mondoo.com/ranger-rpc/plugins/scope"
"net/http"
"os"
"regexp"
"runtime"
"strings"
)

const (
Expand Down Expand Up @@ -78,6 +82,29 @@ var rootCmd = &cobra.Command{
// Execute adds all child commands to the root command and sets flags appropriately.
// This is called by main.main(). It only needs to happen once to the rootCmd.
func Execute() {
err := providers.AttachCLIs(
rootCmd,
&providers.Command{
Command: shellCmd,
Run: shellRun,
Action: "Interactive shell with ",
},
&providers.Command{
Command: cnquery_app.RunCmd,
Run: cnquery_app.RunCmdRun,
Action: "Run a query with ",
},
&providers.Command{
Command: scanCmd,
Run: scanCmdRun,
Action: "Scan ",
},
)
if err != nil {
log.Error().Msg(err.Error())
os.Exit(1)
}

// normal cli handling
if err := rootCmd.Execute(); err != nil {
fmt.Println(err)
Expand Down
34 changes: 17 additions & 17 deletions apps/cnspec/cmd/scan.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,11 @@ func init() {

// bundles, packs & incognito mode
scanCmd.Flags().Bool("incognito", false, "Run in incognito mode. Do not report scan results to Mondoo Platform.")
scanCmd.Flags().StringSlice("querypack", nil, "Set the query packs to execute. This requires `querypack-bundle`. You can specify multiple UIDs.")
scanCmd.Flags().StringSliceP("querypack-bundle", "f", nil, "Path to local query pack file")
scanCmd.Flags().StringSlice("policy", nil, "Lists policies to execute. This requires --policy-bundle. You can pass multiple policies using --policy POLICY.")
scanCmd.Flags().StringSliceP("policy-bundle", "f", nil, "Path to local policy file")
// flag completion command
scanCmd.RegisterFlagCompletionFunc("querypack", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
return getQueryPacksForCompletion(), cobra.ShellCompDirectiveDefault
scanCmd.RegisterFlagCompletionFunc("policy", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
return getPoliciesForCompletion(), cobra.ShellCompDirectiveDefault
})
scanCmd.Flags().String("asset-name", "", "User-override for the asset name")
scanCmd.Flags().StringToString("annotation", nil, "Add an annotation to the asset.") // user-added, editable
Expand All @@ -59,14 +59,14 @@ var scanCmd = &cobra.Command{
Use: "scan",
Short: "Scan assets with one or more policies.",
Long: `
This command scans an asset using a query pack. For example, you can scan
the local system with its pre-configured query pack:
This command scans an asset using a policy. For example, you can scan
the local system with its pre-configured policies:
$ cnquery scan local
$ cnspec scan local
To manually configure a query pack, use this:
To manually configure a policy, use this:
$ cnquery scan local -f bundle.mql.yaml --incognito
$ cnspec scan local -f bundle.mql.yaml --incognito
`,
PreRun: func(cmd *cobra.Command, args []string) {
Expand All @@ -84,14 +84,14 @@ To manually configure a query pack, use this:
viper.BindPFlag("inventory-file", cmd.Flags().Lookup("inventory-file"))
viper.BindPFlag("inventory-ansible", cmd.Flags().Lookup("inventory-ansible"))
viper.BindPFlag("inventory-domainlist", cmd.Flags().Lookup("inventory-domainlist"))
viper.BindPFlag("querypack-bundle", cmd.Flags().Lookup("querypack-bundle"))
viper.BindPFlag("policy-bundle", cmd.Flags().Lookup("policy-bundle"))
viper.BindPFlag("detect-cicd", cmd.Flags().Lookup("detect-cicd"))
viper.BindPFlag("category", cmd.Flags().Lookup("category"))

// for all assets
viper.BindPFlag("incognito", cmd.Flags().Lookup("incognito"))
viper.BindPFlag("insecure", cmd.Flags().Lookup("insecure"))
viper.BindPFlag("querypacks", cmd.Flags().Lookup("querypack"))
viper.BindPFlag("policies", cmd.Flags().Lookup("policy"))
viper.BindPFlag("sudo.active", cmd.Flags().Lookup("sudo"))
viper.BindPFlag("record", cmd.Flags().Lookup("record"))

Expand All @@ -113,7 +113,7 @@ var scanCmdRun = func(cmd *cobra.Command, runtime *providers.Runtime, cliRes *pl

err = conf.loadPolicies()
if err != nil {
log.Fatal().Err(err).Msg("failed to resolve query packs")
log.Fatal().Err(err).Msg("failed to resolve policies")
}

report, err := RunScan(conf)
Expand All @@ -124,14 +124,14 @@ var scanCmdRun = func(cmd *cobra.Command, runtime *providers.Runtime, cliRes *pl
printReports(report, conf, cmd)
}

// helper method to retrieve the list of query packs for autocomplete
func getQueryPacksForCompletion() []string {
querypackList := []string{}
// helper method to retrieve the list of policies for autocomplete
func getPoliciesForCompletion() []string {
policyList := []string{}

// TODO: autocompletion
sort.Strings(querypackList)
sort.Strings(policyList)

return querypackList
return policyList
}

type scanConfig struct {
Expand Down
Loading

0 comments on commit ccd74cf

Please sign in to comment.