🧹 bring back v8 ProviderType (#2020)

* change connection config backend to int32 Signed-off-by: Ivan Milchev <[email protected]> * drop usage of Backend accross the code Signed-off-by: Ivan Milchev <[email protected]> * fix test Signed-off-by: Ivan Milchev <[email protected]> * bring back v8 ProviderType Signed-off-by: Ivan Milchev <[email protected]> * do not check the value of backend Signed-off-by: Ivan Milchev <[email protected]> --------- Signed-off-by: Ivan Milchev <[email protected]>
mondoohq · Oct 2, 2023 · 0740965 · 0740965
1 parent 266817c
commit 0740965
Show file tree

Hide file tree

Showing 16 changed files with 676 additions and 272 deletions.
diff --git a/providers-sdk/v1/inventory/inventory.go b/providers-sdk/v1/inventory/inventory.go
@@ -55,8 +55,8 @@ func InventoryFromYAML(data []byte) (*Inventory, error) {
 	if err == nil && res.Spec != nil {
 		for _, asset := range res.Spec.Assets {
 			for _, conn := range asset.Connections {
-				if conn.Backend != "" && conn.Type == "" {
-					conn.Type = conn.Backend
+				if conn.Type == "" {
+					conn.Type = connBackendToType(conn.Backend)
 				}
 			}
 		}

diff --git a/providers-sdk/v1/inventory/inventory.pb.go b/providers-sdk/v1/inventory/inventory.pb.go
diff --git a/providers-sdk/v1/inventory/inventory.proto b/providers-sdk/v1/inventory/inventory.proto
@@ -77,12 +77,52 @@ message Asset {
   string kind_string = 36;
 }
 
+// FIXME: DEPRECATED, remove in v10.0 (or later) vv
+enum ProviderType {
+  LOCAL_OS = 0;
+  DOCKER_ENGINE_IMAGE = 1;
+  DOCKER_ENGINE_CONTAINER = 2;
+  SSH = 3;
+  WINRM = 4;
+  AWS_SSM_RUN_COMMAND = 5;
+  CONTAINER_REGISTRY = 6;
+  TAR = 7;
+  MOCK = 8;
+  VSPHERE = 9;
+  ARISTAEOS = 10;
+  reserved 11;
+  AWS = 12;
+  GCP = 13;
+  AZURE = 14;
+  MS365 = 15;
+  IPMI = 16;
+  VSPHERE_VM = 17;
+  FS = 18;
+  K8S = 19;
+  EQUINIX_METAL = 20;
+  DOCKER = 21; // unspecified if this is a container or image
+  GITHUB = 22;
+  VAGRANT = 23;
+  AWS_EC2_EBS = 24;
+  GITLAB = 25;
+  TERRAFORM = 26;
+  HOST = 27;
+  UNKNOWN = 28;
+  OKTA = 29;
+  GOOGLE_WORKSPACE = 30;
+  SLACK = 31;
+  VCD = 32;
+  OCI = 33;
+  OPCUA = 34;
+  GCP_COMPUTE_INSTANCE_SNAPSHOT =35;
+}
+
 message Config {
   reserved 6, 7, 9, 10, 20;
   // FIXME: DEPRECATED, remove in v10.0 (or later) vv
   // This is replaced by type. We use a different number here so it doesn't
   // conflict with the old "backend" while allowing us to load the field from yaml.
-  string backend = 28;
+  ProviderType backend = 28;
   // ^^
 
   string host = 2;

diff --git a/providers-sdk/v1/inventory/v8_inventory.go b/providers-sdk/v1/inventory/v8_inventory.go
@@ -0,0 +1,192 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package inventory
+
+import (
+	"encoding/json"
+	"errors"
+	"strings"
+)
+
+// FIXME: this file can be deleted in v10
+
+const (
+	ProviderID_LOCAL                = "local"
+	ProviderID_WINRM                = "winrm"
+	ProviderID_SSH                  = "ssh"
+	ProviderID_DOCKER               = "docker"
+	ProviderID_DOCKER_IMAGE         = "docker+image"
+	ProviderID_DOCKER_CONTAINER     = "docker+container"
+	ProviderID_TAR                  = "tar"
+	ProviderID_K8S                  = "k8s"
+	ProviderID_GCR                  = "gcr" // TODO: this is not part of the transports, merge with cr
+	ProviderID_GCP                  = "gcp"
+	ProviderID_CONTAINER_REGISTRY   = "cr"
+	ProviderID_AZURE                = "az"
+	ProviderID_AWS                  = "aws"
+	ProviderID_AWS_SSM              = "aws+ssm"
+	ProviderID_VAGRANT              = "vagrant"
+	ProviderID_MOCK                 = "mock"
+	ProviderID_VSPHERE              = "vsphere"
+	ProviderID_VSPHERE_VM           = "vsphere+vm"
+	ProviderID_ARISTA               = "arista"
+	ProviderID_MS365                = "ms365"
+	ProviderID_IPMI                 = "ipmi"
+	ProviderID_FS                   = "fs"
+	ProviderID_EQUINIX              = "equinix"
+	ProviderID_GITHUB               = "github"
+	ProviderID_AWS_EC2_EBS          = "aws-ec2-ebs"
+	ProviderID_GITLAB               = "gitlab"
+	ProviderID_TERRAFORM            = "terraform"
+	ProviderID_HOST                 = "host"
+	ProviderID_TLS                  = "tls"
+	ProviderID_OKTA                 = "okta"
+	ProviderID_GOOGLE_WORKSPACE     = "googleworkspace"
+	ProviderID_SLACK                = "slack"
+	ProviderID_VCD                  = "vcd"
+	ProviderID_OCI                  = "oci"
+	ProviderID_OPCUA                = "opc-ua"
+	ProviderID_GCP_COMPUTE_INSTANCE = "gcp-compute-instance"
+
+	// NOTE: its not mapped directly to a transport, it is transformed into ssh
+	ProviderID_AWS_EC2_INSTANCE_CONNECT = "aws-ec2-connect"
+	ProviderID_AWS_EC2_SSM_SESSION      = "aws-ec2-ssm"
+	ProviderID_TERRAFORM_STATE          = "tfstate"
+)
+
+var ProviderType_idvalue = map[string]ProviderType{
+	ProviderID_LOCAL:                    ProviderType_LOCAL_OS,
+	ProviderID_SSH:                      ProviderType_SSH,
+	ProviderID_WINRM:                    ProviderType_WINRM,
+	ProviderID_DOCKER:                   ProviderType_DOCKER,
+	ProviderID_DOCKER_IMAGE:             ProviderType_DOCKER_ENGINE_IMAGE,
+	ProviderID_DOCKER_CONTAINER:         ProviderType_DOCKER_ENGINE_CONTAINER,
+	ProviderID_AWS_SSM:                  ProviderType_AWS_SSM_RUN_COMMAND,
+	ProviderID_CONTAINER_REGISTRY:       ProviderType_CONTAINER_REGISTRY,
+	ProviderID_TAR:                      ProviderType_TAR,
+	ProviderID_MOCK:                     ProviderType_MOCK,
+	ProviderID_VSPHERE:                  ProviderType_VSPHERE,
+	ProviderID_ARISTA:                   ProviderType_ARISTAEOS,
+	ProviderID_AWS:                      ProviderType_AWS,
+	ProviderID_GCP:                      ProviderType_GCP,
+	ProviderID_AZURE:                    ProviderType_AZURE,
+	ProviderID_MS365:                    ProviderType_MS365,
+	ProviderID_IPMI:                     ProviderType_IPMI,
+	ProviderID_VSPHERE_VM:               ProviderType_VSPHERE_VM,
+	ProviderID_FS:                       ProviderType_FS,
+	ProviderID_K8S:                      ProviderType_K8S,
+	ProviderID_EQUINIX:                  ProviderType_EQUINIX_METAL,
+	ProviderID_GITHUB:                   ProviderType_GITHUB,
+	ProviderID_VAGRANT:                  ProviderType_VAGRANT,
+	ProviderID_AWS_EC2_EBS:              ProviderType_AWS_EC2_EBS,
+	ProviderID_GITLAB:                   ProviderType_GITLAB,
+	ProviderID_TERRAFORM:                ProviderType_TERRAFORM,
+	ProviderID_HOST:                     ProviderType_HOST,
+	ProviderID_AWS_EC2_INSTANCE_CONNECT: ProviderType_SSH,
+	ProviderID_AWS_EC2_SSM_SESSION:      ProviderType_SSH,
+	ProviderID_OKTA:                     ProviderType_OKTA,
+	ProviderID_GOOGLE_WORKSPACE:         ProviderType_GOOGLE_WORKSPACE,
+	ProviderID_SLACK:                    ProviderType_SLACK,
+	ProviderID_VCD:                      ProviderType_VCD,
+	ProviderID_OCI:                      ProviderType_OCI,
+	ProviderID_OPCUA:                    ProviderType_OPCUA,
+	ProviderID_GCP_COMPUTE_INSTANCE:     ProviderType_GCP_COMPUTE_INSTANCE_SNAPSHOT,
+}
+
+// UnmarshalJSON parses either an int or a string representation of
+// CredentialType into the struct
+func (s *ProviderType) UnmarshalJSON(data []byte) error {
+	// check if we have a number
+	var code int32
+	err := json.Unmarshal(data, &code)
+	if err == nil {
+		*s = ProviderType(code)
+	} else {
+		var name string
+		err = json.Unmarshal(data, &name)
+		code, ok := ProviderType_idvalue[strings.TrimSpace(name)]
+		if !ok {
+			return errors.New("unknown backend value: " + string(data))
+		}
+		*s = code
+	}
+	return nil
+}
+
+func connBackendToType(backend ProviderType) string {
+	switch backend {
+	case ProviderType_LOCAL_OS:
+		return "os"
+	case ProviderType_DOCKER_ENGINE_IMAGE:
+		return "docker-image"
+	case ProviderType_DOCKER_ENGINE_CONTAINER:
+		return "docker-container"
+	case ProviderType_SSH:
+		return "ssh"
+	case ProviderType_WINRM:
+		return "winrm"
+	case ProviderType_AWS_SSM_RUN_COMMAND:
+		return "aws-ssm-run-command"
+	case ProviderType_CONTAINER_REGISTRY:
+		return "container-registry"
+	case ProviderType_TAR:
+		return "tar"
+	case ProviderType_MOCK:
+		return "mock"
+	case ProviderType_VSPHERE:
+		return "vsphere"
+	case ProviderType_ARISTAEOS:
+		return "arista-eos"
+	case ProviderType_AWS:
+		return "aws"
+	case ProviderType_GCP:
+		return "gcp"
+	case ProviderType_AZURE:
+		return "azure"
+	case ProviderType_MS365:
+		return "ms365"
+	case ProviderType_IPMI:
+		return "ipmi"
+	case ProviderType_VSPHERE_VM:
+		return "vsphere-vm"
+	case ProviderType_FS:
+		return "fs"
+	case ProviderType_K8S:
+		return "k8s"
+	case ProviderType_EQUINIX_METAL:
+		return "equinix-metal"
+	case ProviderType_DOCKER:
+		return "docker"
+	case ProviderType_GITHUB:
+		return "github"
+	case ProviderType_VAGRANT:
+		return "vagrant"
+	case ProviderType_AWS_EC2_EBS:
+		return "aws-ec2-ebs"
+	case ProviderType_GITLAB:
+		return "gitlab"
+	case ProviderType_TERRAFORM:
+		return "terraform"
+	case ProviderType_HOST:
+		return "host"
+	case ProviderType_UNKNOWN:
+		return "unknown"
+	case ProviderType_OKTA:
+		return "okta"
+	case ProviderType_GOOGLE_WORKSPACE:
+		return "google-workspace"
+	case ProviderType_SLACK:
+		return "slack"
+	case ProviderType_VCD:
+		return "vcd"
+	case ProviderType_OCI:
+		return "oci"
+	case ProviderType_OPCUA:
+		return "opcua"
+	case ProviderType_GCP_COMPUTE_INSTANCE_SNAPSHOT:
+		return "gcp-compute-instance-snapshot"
+	default:
+		return ""
+	}
+}
diff --git a/providers/aws/resources/discovery_conversion.go b/providers/aws/resources/discovery_conversion.go
@@ -249,7 +249,6 @@ func addConnectionInfoToEc2Asset(instance *mqlAwsEc2Instance, accountId string,
 		}
 		probableUsername := getProbableUsernameFromImageName(imageName)
 		asset.Connections = []*inventory.Config{{
-			Backend:  "ssh",
 			Type:     "ssh",
 			Host:     instance.PublicIp.Data,
 			Insecure: true,
@@ -326,7 +325,6 @@ func addSSMConnectionInfoToEc2Asset(instance *mqlAwsEc2Instance, accountId strin
 	}
 	if ssm == string(ssmtypes.PingStatusOnline) {
 		asset.Connections = []*inventory.Config{{
-			Backend:     "ssh",
 			Host:        host,
 			Insecure:    true,
 			Runtime:     "aws_ec2",
@@ -409,7 +407,6 @@ func addConnectionInfoToSSMAsset(instance *mqlAwsSsmInstance, accountId string,
 	if strings.HasPrefix(instance.InstanceId.Data, "i-") && instance.PingStatus.Data == string(ssmtypes.PingStatusOnline) {
 		creds[0].Type = vault.CredentialType_aws_ec2_ssm_session // this will only work for ec2 instances
 		asset.Connections = []*inventory.Config{{
-			Backend:     "ssh",
 			Host:        host,
 			Insecure:    true,
 			Runtime:     "aws_ec2",
@@ -476,9 +473,8 @@ func addConnectionInfoToEcrAsset(image *mqlAwsEcrImage, conn *connection.AwsConn
 		tag := image.Tags.Data[i].(string)
 		imageTags = append(imageTags, tag)
 		a.Connections = append(a.Connections, &inventory.Config{
-			Type:    "registry-image",
-			Backend: "registry-image",
-			Host:    image.Uri.Data + ":" + tag,
+			Type: "registry-image",
+			Host: image.Uri.Data + ":" + tag,
 			Options: map[string]string{
 				"region":  image.Region.Data,
 				"profile": conn.Profile(),
@@ -556,8 +552,7 @@ func addConnectionInfoToECSContainerAsset(container *mqlAwsEcsContainer, account
 
 	if publicIp != "" {
 		a.Connections = []*inventory.Config{{
-			Backend: "ssh",
-			Host:    publicIp,
+			Host: publicIp,
 			Options: map[string]string{
 				"region":         region,
 				"container_name": container.Name.Data,
@@ -589,7 +584,7 @@ func addConnectionInfoToECSContainerInstanceAsset(inst *mqlAwsEcsInstance, accou
 	}
 	a := MqlObjectToAsset(accountId, m, conn)
 	a.Connections = append(a.Connections, &inventory.Config{
-		Backend: "ssh", // fallback to ssh
+		Type: "ssh", // fallback to ssh
 		Options: map[string]string{
 			"region": inst.Region.Data,
 		},

diff --git a/providers/azure/resources/discovery.go b/providers/azure/resources/discovery.go
@@ -255,7 +255,6 @@ func discoverInstances(runtime *plugin.Runtime, subsWithConfigs []subWithConfig)
 				// this is the OS representation of the VM itself
 				asset.Connections = append(asset.Connections, &inventory.Config{
 					Type:     "ssh",
-					Backend:  "ssh",
 					Host:     ipAddress.IpAddress.Data,
 					Insecure: true,
 				})

diff --git a/providers/gcp/connection/gcpinstancesnapshot/provider.go b/providers/gcp/connection/gcpinstancesnapshot/provider.go
@@ -217,7 +217,6 @@ func NewGcpSnapshotConnection(id uint32, conf *inventory.Config, asset *inventor
 	// create and initialize fs provider
 	fsConn, err := connection.NewFileSystemConnection(id, &inventory.Config{
 		Path:       volumeMounter.ScanDir,
-		Backend:    "fs",
 		PlatformId: conf.PlatformId,
 		Options:    conf.Options,
 		Type:       conf.Type,

diff --git a/providers/os/connection/docker_snapshot.go b/providers/os/connection/docker_snapshot.go
@@ -47,7 +47,7 @@ func NewFromDockerEngine(id uint32, conf *inventory.Config, asset *inventory.Ass
 	}
 
 	tarConnection, err := NewWithClose(id, &inventory.Config{
-		Backend: "tar",
+		Type: "tar",
 		Options: map[string]string{
 			OPTION_FILE: f.Name(),
 		},

diff --git a/providers/os/connection/tar.go b/providers/os/connection/tar.go
@@ -181,7 +181,7 @@ func NewWithReader(id uint32, conf *inventory.Config, asset *inventory.Asset, rc
 	}
 
 	return NewWithClose(id, &inventory.Config{
-		Backend: "tar",
+		Type:    "tar",
 		Runtime: "docker-image",
 		Options: map[string]string{
 			OPTION_FILE: filename,
@@ -229,7 +229,7 @@ func NewWithClose(id uint32, conf *inventory.Config, asset *inventory.Asset, clo
 			asset:           asset,
 			Fs:              provider_tar.NewFs(filename),
 			CloseFN:         closeFn,
-			PlatformKind:    conf.Backend,
+			PlatformKind:    conf.Type,
 			PlatformRuntime: conf.Runtime,
 		}
 
@@ -279,7 +279,7 @@ func newWithFlattenedImage(id uint32, conf *inventory.Config, asset *inventory.A
 			log.Debug().Str("tar", imageFilename).Msg("tar> remove temporary flattened image file on connection close")
 			os.Remove(imageFilename)
 		},
-		PlatformKind:    conf.Backend,
+		PlatformKind:    conf.Type,
 		PlatformRuntime: conf.Runtime,
 		conf: &inventory.Config{
 			Options: map[string]string{