Skip to content

Commit

Permalink
🐛 Add incognito flag to run command (#1912)
Browse files Browse the repository at this point in the history
Fixes #1889

Signed-off-by: Christian Zunker <[email protected]>
  • Loading branch information
czunker authored Sep 26, 2023
1 parent a2b4ee9 commit 32f3551
Show file tree
Hide file tree
Showing 5 changed files with 40 additions and 29 deletions.
24 changes: 12 additions & 12 deletions apps/cnquery/cmd/plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,10 +78,21 @@ func (c *cnqueryPlugin) RunQuery(conf *run.RunQueryConfig, runtime *providers.Ru
return nil
}

var upstreamConfig *upstream.UpstreamConfig
serviceAccount := opts.GetServiceCredential()
if serviceAccount != nil {
upstreamConfig = &upstream.UpstreamConfig{
SpaceMrn: opts.GetParentMrn(),
ApiEndpoint: opts.UpstreamApiEndpoint(),
Incognito: conf.Incognito,
Creds: serviceAccount,
}
}

err := runtime.Connect(&pp.ConnectReq{
Features: config.Features,
Asset: conf.Inventory.Spec.Assets[0],
Upstream: nil,
Upstream: upstreamConfig,
})
if err != nil {
return err
Expand All @@ -91,17 +102,6 @@ func (c *cnqueryPlugin) RunQuery(conf *run.RunQueryConfig, runtime *providers.Ru
out.WriteString("[")
}

var upstreamConfig *upstream.UpstreamConfig
serviceAccount := opts.GetServiceCredential()
if serviceAccount != nil {
upstreamConfig = &upstream.UpstreamConfig{
SpaceMrn: opts.GetParentMrn(),
ApiEndpoint: opts.UpstreamApiEndpoint(),
Incognito: true,
Creds: serviceAccount,
}
}

// FIXME: workaround for gcp-snapshot
// For a gcp-snapshot asset, we start with a GCP connection.
// This get's overridden by a filesystem connection. The filesystem connection is what we need for the scan
Expand Down
1 change: 1 addition & 0 deletions apps/cnquery/cmd/run.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ var RunCmdRun = func(cmd *cobra.Command, runtime *providers.Runtime, cliRes *plu
Assets: []*inventory.Asset{cliRes.Asset},
},
}
conf.Incognito, _ = cmd.Flags().GetBool("incognito")

x := cnqueryPlugin{}
w := shared.IOWriter{Writer: os.Stdout}
Expand Down
4 changes: 2 additions & 2 deletions providers/os/resources/platform_advisories.go
Original file line number Diff line number Diff line change
Expand Up @@ -289,8 +289,8 @@ func (a *mqlPlatformCves) list() ([]interface{}, error) {
"state": llx.StringData(cve.State.String()),
"summary": llx.StringData(cve.Summary),
"unscored": llx.BoolData(cve.Unscored),
"published": llx.TimeData(*published),
"modified": llx.TimeData(*modified),
"published": llx.TimeDataPtr(published),
"modified": llx.TimeDataPtr(modified),
"worstScore": llx.ResourceData(cvssScore, "audit.cvss"),
})
if err != nil {
Expand Down
39 changes: 24 additions & 15 deletions shared/proto/cnquery.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions shared/proto/cnquery.proto
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ message RunQueryConfig {
bool do_record = 7;
string format = 8;
string platform_id = 9;
bool incognito = 10;
}

message Empty {}
Expand Down

0 comments on commit 32f3551

Please sign in to comment.