From 249ba161d3ff9092e6f47c26386fa6cbd072e1c2 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Wed, 4 Oct 2023 13:54:36 -0700 Subject: [PATCH] Restore docs generation + lr updates - Get make working for docs generation - Backport some missing fixes in LR files that went into v8 Signed-off-by: Tim Smith --- Makefile | 140 ++++++++++--------- providers/aws/resources/aws.lr.manifest.yaml | 8 +- providers/azure/resources/azure.lr | 4 +- providers/oci/resources/oci.lr | 36 ++--- providers/vcd/resources/vcd.lr.manifest.yaml | 114 --------------- 5 files changed, 99 insertions(+), 203 deletions(-) diff --git a/Makefile b/Makefile index 0512e3db13..8765ef35dc 100644 --- a/Makefile +++ b/Makefile @@ -354,102 +354,112 @@ lr/docs/serve: # TODO: migrate .PHONY: lr/docs/markdown -lr/docs/markdown: lr/build - ./lr markdown resources/packs/aws/aws.lr \ +lr/docs/markdown: providers/lr + ./lr markdown providers/arista/resources/arista.lr \ + --pack-name "Arista EOS" \ + --description "The Arista EOS resource pack lets you use MQL to query and assess the security of your Arista EOS network devices." \ + --docs-file providers/arista/resources/arista.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/arista-pack + ./lr markdown providers/aws/resources/aws.lr \ --pack-name "Amazon Web Services (AWS)" \ --description "The Amazon Web Services (AWS) resource pack lets you use MQL to query and assess the security of your AWS cloud services." \ - --docs-file resources/packs/aws/aws.lr.manifest.yaml \ + --docs-file providers/aws/resources/aws.lr.manifest.yaml \ --output ../docs/docs/mql/resources/aws-pack - ./lr markdown resources/packs/azure/azure.lr \ + ./lr markdown providers/azure/resources/azure.lr \ --pack-name "Azure" \ --description "The Azure resource pack lets you use MQL to query and assess the security of your Azure cloud services." \ - --docs-file resources/packs/azure/azure.lr.manifest.yaml \ + --docs-file providers/azure/resources/azure.lr.manifest.yaml \ --output ../docs/docs/mql/resources/azure-pack - ./lr markdown resources/packs/core/core.lr \ + ./lr markdown providers/core/resources/core.lr \ --pack-name "Core" \ --description "The Core pack provides basic MQL resources that let you query and assess the security." \ - --docs-file resources/packs/core/core.lr.manifest.yaml \ + --docs-file providers/core/resources/core.lr.manifest.yaml \ --output ../docs/docs/mql/resources/core-pack - ./lr markdown resources/packs/gcp/gcp.lr \ + ./lr markdown providers/equinix/resources/equinix.lr \ + --pack-name "Equinix" \ + --description "The Equinix resource pack lets you use MQL to query and assess the security of your Equinix Metal services." \ + --docs-file providers/equinix/resources/equinix.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/equinix-pack + ./lr markdown providers/gcp/resources/gcp.lr \ --pack-name "Google Cloud Platform (GCP)" \ --description "The Google Cloud Platform (GCP) resource pack lets you use MQL to query and assess the security of your GCP cloud services." \ - --docs-file resources/packs/gcp/gcp.lr.manifest.yaml \ + --docs-file providers/gcp/resources/gcp.lr.manifest.yaml \ --output ../docs/docs/mql/resources/gcp-pack - ./lr markdown resources/packs/github/github.lr \ + ./lr markdown providers/github/resources/github.lr \ --pack-name "GitHub" \ --description "The GitHub resource pack lets you use MQL to query and assess the security of your GitHub organization and repositories." \ - --docs-file resources/packs/github/github.lr.manifest.yaml \ + --docs-file providers/github/resources/github.lr.manifest.yaml \ --output ../docs/docs/mql/resources/github-pack - ./lr markdown resources/packs/gitlab/gitlab.lr \ + ./lr markdown providers/gitlab/resources/gitlab.lr \ --pack-name "GitLab" \ --description "The GitLab resource pack lets you use MQL to query and assess the security of your GitLab organization and repositories." \ - --docs-file resources/packs/gitlab/gitlab.lr.manifest.yaml \ + --docs-file providers/gitlab/resources/gitlab.lr.manifest.yaml \ --output ../docs/docs/mql/resources/gitlab-pack - ./lr markdown resources/packs/k8s/k8s.lr \ + ./lr markdown providers/googleworkspace/resources/googleworkspace.lr \ + --pack-name "Google Workspace" \ + --description "The Google Workspace resource pack lets you use MQL to query and assess the security of your Google Workspace identities and configuration." \ + --docs-file providers/googleworkspace/resources/googleworkspace.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/googleworkspace-pack + ./lr markdown providers/ipmi/resources/ipmi.lr \ + --pack-name "IPMI" \ + --description "The IPMI resource pack lets you use MQL to query and assess the security of your IPMI devices." \ + --docs-file providers/ipmi/resources/ipmi.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/ipmi-pack + ./lr markdown providers/k8s/resources/k8s.lr \ --pack-name "Kubernetes (K8s)" \ - --description "The Kubernetes resource pack lets you use MQL to query and assess the security of your Kubernetes workloads." \ - --docs-file resources/packs/k8s/k8s.lr.manifest.yaml \ + --description "The Kubernetes resource pack lets you use MQL to query and assess the security of your Kubernetes cluster and workloads." \ + --docs-file providers/k8s/resources/k8s.lr.manifest.yaml \ --output ../docs/docs/mql/resources/k8s-pack - ./lr markdown resources/packs/ms365/ms365.lr \ + ./lr markdown providers/ms365/resources/ms365.lr \ --pack-name "Microsoft 365 (MS365)" \ - --description "The Microsoft 365 (MS365) resource pack lets you use MQL to query and assess the security of your MS365 identities and configuration." \ - --docs-file resources/packs/ms365/ms365.lr.manifest.yaml \ + --description "The Microsoft 365 (MS365) resource pack lets you use MQL to query and assess the security of your Microsoft 365 identities and configuration." \ + --docs-file providers/ms365/ms365.lr.manifest.yaml \ --output ../docs/docs/mql/resources/ms365-pack - ./lr markdown resources/packs/os/os.lr \ + ./lr markdown providers/network/resources/network.lr \ + --pack-name "Network" \ + --description "The network resource pack lets you use MQL to query and assess the security of domains and network services." \ + --docs-file providers/network/resources/network.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/network-pack + ./lr markdown providers/oci/resources/oci.lr \ + --pack-name "Oracle Cloud Infrastructure (OCI)" \ + --description "The Oracle Cloud Infrastructure (OCI) resource pack lets you use MQL to query and assess the security of your OCI cloud services." \ + --docs-file providers/oci/resources/oci.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/oci-pack + ./lr markdown providers/okta/resources/okta.lr \ + --pack-name "Okta" \ + --description "The Okta resource pack lets you use MQL to query and assess the security of your Okta identities and configuration." \ + --docs-file providers/okta/resources/okta.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/okta-pack + ./lr markdown providers/opcua/resources/opcua.lr \ + --pack-name "OPC UA" \ + --description "The OPC-UA resource pack lets you use MQL to query and assess the security of your OPC-UA servers." \ + --docs-file providers/opcua/resources/opcua.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/opcua-pack + ./lr markdown providers/os/resources/os.lr \ --pack-name "Operating Systems (OS)" \ --description "The Operating Systems (OS) resource pack lets you use MQL to query and assess the security of your operating system packages and configuration." \ - --docs-file resources/packs/os/os.lr.manifest.yaml \ + --docs-file providers/os/os.lr.manifest.yaml \ --output ../docs/docs/mql/resources/os-pack - ./lr markdown resources/packs/terraform/terraform.lr \ + ./lr markdown providers/slack/resources/slack.lr \ + --pack-name "Slack" \ + --description "The Slack resource pack lets you use MQL to query and assess the security of your Slack identities and configuration." \ + --docs-file providers/slack/resources/slack.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/slack-pack + ./lr markdown providers/terraform/resources/terraform.lr \ --pack-name "Terraform IaC" \ --description "The Terraform IaC resource pack lets you use MQL to query and assess the security of your Terraform HCL, plan and state resources." \ - --docs-file resources/packs/terraform/terraform.lr.manifest.yaml \ + --docs-file providers/terraform/resources/terraform.lr.manifest.yaml \ --output ../docs/docs/mql/resources/terraform-pack - ./lr markdown resources/packs/vsphere/vsphere.lr \ + ./lr markdown providers/vcd/resources/vcd.lr \ + --pack-name "VMware Cloud Director" \ + --description "The VMware Cloud Director resource pack lets you use MQL to query and assess the security of your VMware Cloud Director configuration." \ + --docs-file providers/vcd/resources/vcd.lr.manifest.yaml \ + --output ../docs/docs/mql/resources/vcd-pack \ + ./lr markdown providers/vsphere/resources/vsphere.lr \ --pack-name "VMware vSphere" \ --description "The VMware vSphere resource pack lets you use MQL to query and assess the security of your VMware vSphere hosts and services." \ - --docs-file resources/packs/vsphere/vsphere.lr.manifest.yaml \ + --docs-file providers/vsphere/resources/vsphere.lr.manifest.yaml \ --output ../docs/docs/mql/resources/vsphere-pack - ./lr markdown resources/packs/okta/okta.lr \ - --pack-name "Okta" \ - --description "The Okta resource pack lets you use MQL to query and assess the security of your Okta identities and configuration." \ - --docs-file resources/packs/okta/okta.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/okta-pack - ./lr markdown resources/packs/googleworkspace/googleworkspace.lr \ - --pack-name "Google Workspace" \ - --description "The Google Workspace resource pack lets you use MQL to query and assess the security of your Google Workspace identities and configuration." \ - --docs-file resources/packs/googleworkspace/googleworkspace.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/googleworkspace-pack - ./lr markdown resources/packs/slack/slack.lr \ - --pack-name "Slack" \ - --description "The Slack resource pack lets you use MQL to query and assess the security of your Slack identities and configuration." \ - --docs-file resources/packs/slack/slack.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/slack-pack - ./lr markdown resources/packs/vcd/vcd.lr \ - --pack-name "VMware Cloud Director" \ - --description "The VMware Cloud Director resource pack lets you use MQL to query and assess the security of your VMware Cloud Director configuration." \ - --docs-file resources/packs/vcd/vcd.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/vcd-pack - ./lr markdown resources/packs/arista/arista.lr \ - --pack-name "Arista EOS" \ - --description "The Arista EOS resource pack lets you use MQL to query and assess the security of your Arista EOS network devices." \ - --docs-file resources/packs/arista/arista.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/arista-pack - ./lr markdown resources/packs/ipmi/ipmi.lr \ - --pack-name "IPMI" \ - --description "The IPMI resource pack lets you use MQL to query and assess the security of your IPMI devices." \ - --docs-file resources/packs/ipmi/ipmi.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/ipmi-pack - ./lr markdown resources/packs/oci/oci.lr \ - --pack-name "Oracle Cloud Infrastructure (OCI)" \ - --description "The Oracle Cloud Infrastructure (OCI) resource pack lets you use MQL to query and assess the security of your OCI cloud services." \ - --docs-file resources/packs/oci/oci.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/oci-pack - ./lr markdown resources/packs/opcua/opcua.lr \ - --pack-name "OPC UA" \ - --description "The OPC-UA resource pack lets you use MQL to query and assess the security of your OPC-UA servers." \ - --docs-file resources/packs/opcua/opcua.lr.manifest.yaml \ - --output ../docs/docs/mql/resources/opcua-pack llx/generate: go generate ./llx diff --git a/providers/aws/resources/aws.lr.manifest.yaml b/providers/aws/resources/aws.lr.manifest.yaml index 7fd3c521a1..9de1ae9ab0 100755 --- a/providers/aws/resources/aws.lr.manifest.yaml +++ b/providers/aws/resources/aws.lr.manifest.yaml @@ -1866,7 +1866,7 @@ resources: aws.redshift: docs: desc: | - The `aws.redshift` resource can be used to assess the configuration of AWS RedShift deployments. The resource returns lists of `aws.rds.dbcluster`, `aws.rds.dbinstance`, and `aws.rds.snapshot` resources, each with fields for assessing the configuration of those assets. + The `aws.redshift` resource can be used to assess the configuration of Amazon Redshift deployments. The resource returns lists of `aws.rds.dbcluster`, `aws.rds.dbinstance`, and `aws.rds.snapshot` resources, each with fields for assessing the configuration of those assets. fields: clusters: {} min_mondoo_version: 5.15.0 @@ -1892,7 +1892,7 @@ resources: region clusterParameterGroupNames } - title: Return a list of Amazon RedShift clusters deployed across all enabled + title: Return a list of Amazon Redshift clusters deployed across all enabled regions and the values for specified fields - query: | aws.redshift.clusters.where( encrypted == false ) { @@ -1900,8 +1900,8 @@ resources: region name } - title: Return a list of RedShift clusters that are not encrypted and the values - for the `arn` `region` and `name` fields + title: Return a list of Amazon Redshift clusters that are not encrypted and + the values for the `arn` `region` and `name` fields aws.redshift.cluster: fields: allowVersionUpgrade: {} diff --git a/providers/azure/resources/azure.lr b/providers/azure/resources/azure.lr index 31c6830ce2..94511ccaef 100644 --- a/providers/azure/resources/azure.lr +++ b/providers/azure/resources/azure.lr @@ -778,7 +778,7 @@ private azure.subscription.sqlService.virtualNetworkRule @defaults("id name") { virtualNetworkSubnetId string } -// Azure MySQL +// Azure Database for MySQL private azure.subscription.mySqlService { // The subscription identifier subscriptionId string @@ -846,7 +846,7 @@ private azure.subscription.mySqlService.flexibleServer @defaults("id name locati firewallRules() []azure.subscription.sqlService.firewallrule } -// Azure MariaDB +// Azure Database for MariaDB private azure.subscription.mariaDbService { // The subscription identifier subscriptionId string diff --git a/providers/oci/resources/oci.lr b/providers/oci/resources/oci.lr index 472e176662..1f191a3616 100644 --- a/providers/oci/resources/oci.lr +++ b/providers/oci/resources/oci.lr @@ -4,7 +4,7 @@ option provider = "go.mondoo.com/cnquery/providers/oci" option go_package = "go.mondoo.com/cnquery/providers/oci/resources" -// Oracle Cloud Infrastructure Tenant +// Oracle Cloud Infrastructure (OCI) Tenancy oci { // Regions regions() []oci.region @@ -12,7 +12,7 @@ oci { compartments() []oci.compartment } -// OCI Tenancy +// Oracle Cloud Infrastructure (OCI) Tenancy oci.tenancy @defaults("name") { // Compartment ID id string @@ -24,7 +24,7 @@ oci.tenancy @defaults("name") { retentionPeriod() time } -// OCI Region +// Oracle Cloud Infrastructure (OCI) Region private oci.region @defaults("id name") { // Region's key id string @@ -36,7 +36,7 @@ private oci.region @defaults("id name") { status string } -// OCI Compartment +// Oracle Cloud Infrastructure (OCI) Compartment private oci.compartment @defaults("name") { // Compartment ID id string @@ -50,7 +50,7 @@ private oci.compartment @defaults("name") { state string } -// OCI Identity +// Oracle Cloud Infrastructure (OCI) Identity oci.identity { // Users users() []oci.identity.user @@ -60,7 +60,7 @@ oci.identity { policies() []oci.identity.policy } -// OCI Identity User +// Oracle Cloud Infrastructure (OCI) Identity User private oci.identity.user @defaults("name") { // User ID id string @@ -96,7 +96,7 @@ private oci.identity.user @defaults("name") { groups() []oci.identity.group } -// OCI API Key a PEM-format RSA credential +// Oracle Cloud Infrastructure (OCI) API Key a PEM-format RSA credential private oci.identity.apiKey @defaults("fingerprint") { // Key ID id string @@ -110,7 +110,7 @@ private oci.identity.apiKey @defaults("fingerprint") { state string } -// OCI CustomerSecretKey for OCI Object Storage Service +// Oracle Cloud Infrastructure (OCI) CustomerSecretKey for OCI Object Storage Service private oci.identity.customerSecretKey @defaults("name") { // Key ID id string @@ -122,7 +122,7 @@ private oci.identity.customerSecretKey @defaults("name") { state string } -// OCI token string +// Oracle Cloud Infrastructure (OCI) token string private oci.identity.authToken @defaults("description") { // Token ID id string @@ -136,7 +136,7 @@ private oci.identity.authToken @defaults("description") { state string } -// OCI collection of users +// Oracle Cloud Infrastructure (OCI) collection of users private oci.identity.group @defaults("name") { // User ID id string @@ -170,7 +170,7 @@ private oci.identity.policy @defaults("name description") { statements []string } -// OCI compute +// Oracle Cloud Infrastructure (OCI) Compute oci.compute { // Instances instances() []oci.compute.instance @@ -178,7 +178,7 @@ oci.compute { images() []oci.compute.image } -// OCI Compute Instance +// Oracle Cloud Infrastructure (OCI) Compute Instance private oci.compute.instance @defaults("name") { // Instance ID id string @@ -192,7 +192,7 @@ private oci.compute.instance @defaults("name") { state string } -// OCI Compute Image +// Oracle Cloud Infrastructure (OCI) Compute Image private oci.compute.image @defaults("name") { // Image ID id string @@ -206,7 +206,7 @@ private oci.compute.image @defaults("name") { state string } -// OCI Networking +// Oracle Cloud Infrastructure (OCI) Networking oci.network { // Virtual Cloud Networks vcns() []oci.network.vcn @@ -214,7 +214,7 @@ oci.network { securityLists() []oci.network.securityList } -// OCI Virtual Cloud Network (VCN) +// Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) private oci.network.vcn @defaults("name") { // Vcn ID id string @@ -232,7 +232,7 @@ private oci.network.vcn @defaults("name") { cidrBlocks []string } -// OCI VCN SecurityList virtual firewall rules +// Oracle Cloud Infrastructure (OCI) VCN SecurityList virtual firewall rules private oci.network.securityList @defaults("name") { // SecurityList ID id string @@ -250,7 +250,7 @@ private oci.network.securityList @defaults("name") { ingressSecurityRules []dict } -// OCI Object Storage +// Oracle Cloud Infrastructure (OCI) Object Storage oci.objectStorage { // Namespace namespace() string @@ -258,7 +258,7 @@ oci.objectStorage { buckets() []oci.objectStorage.bucket } -// OCI Object Storage Bucket +// Oracle Cloud Infrastructure (OCI) Object Storage Bucket private oci.objectStorage.bucket { // Bucket namespace namespace string diff --git a/providers/vcd/resources/vcd.lr.manifest.yaml b/providers/vcd/resources/vcd.lr.manifest.yaml index 8f4e136764..d423af8d74 100755 --- a/providers/vcd/resources/vcd.lr.manifest.yaml +++ b/providers/vcd/resources/vcd.lr.manifest.yaml @@ -2,120 +2,6 @@ # SPDX-License-Identifier: BUSL-1.1 resources: - slack: - fields: - accessLogs: {} - conversations: {} - userGroups: {} - min_mondoo_version: latest - slack.conversation: - fields: - created: {} - creator: {} - id: {} - isArchived: {} - isChannel: {} - isExtShared: {} - isGroup: {} - isIM: {} - isMpim: {} - isOpen: {} - isOrgShared: {} - isPendingExtShared: {} - isPrivate: {} - isShared: {} - locale: {} - members: {} - name: {} - priority: {} - purpose: {} - topic: {} - min_mondoo_version: latest - slack.enterpriseUser: - fields: - enterpriseId: {} - enterpriseName: {} - id: {} - isAdmin: {} - isOwner: {} - min_mondoo_version: latest - slack.login: - fields: - count: {} - country: {} - dateFirst: {} - dateLast: {} - ip: {} - isp: {} - region: {} - userAgent: {} - userID: {} - username: {} - min_mondoo_version: latest - slack.organization: - fields: - id: {} - name: {} - min_mondoo_version: latest - slack.team: - fields: - domain: {} - emailDomain: {} - id: {} - name: {} - min_mondoo_version: latest - slack.user: - fields: - color: {} - deleted: {} - enterpriseUser: {} - has2FA: {} - hasFiles: {} - id: {} - isAdmin: {} - isAppUser: {} - isBot: {} - isInvitedUser: {} - isOwner: {} - isPrimaryOwner: {} - isRestricted: {} - isStranger: {} - isUltraRestricted: {} - locale: {} - name: {} - presence: {} - profile: {} - realName: {} - teamId: {} - timeZone: {} - timeZoneLabel: {} - timeZoneOffset: {} - min_mondoo_version: latest - slack.userGroup: - fields: - created: {} - createdBy: {} - deleted: {} - deletedBy: {} - description: {} - handle: {} - id: {} - isExternal: {} - members: {} - name: {} - teamId: {} - updated: {} - updatedBy: {} - userCount: {} - min_mondoo_version: latest - slack.users: - fields: - admins: {} - bots: {} - list: {} - members: {} - owners: {} - min_mondoo_version: latest vcd: fields: externalNetworks: {}