✨ provide annotations upon registration. read passed in annotations f…

…rom the scan cmd and send those upstream. (#2039)
mondoohq · Oct 3, 2023 · 6f1fa5f · 6f1fa5f
1 parent 2bdc01c
commit 6f1fa5f
Show file tree

Hide file tree

Showing 6 changed files with 69 additions and 22 deletions.
diff --git a/apps/cnquery/cmd/login.go b/apps/cnquery/cmd/login.go
@@ -23,6 +23,7 @@ import (
 func init() {
 	rootCmd.AddCommand(LoginCmd)
 	LoginCmd.Flags().StringP("token", "t", "", "Set a client registration token.")
+	LoginCmd.Flags().StringToString("annotation", nil, "Set the client annotations.")
 	LoginCmd.Flags().String("name", "", "Set asset name.")
 	LoginCmd.Flags().String("api-endpoint", "", "Set the Mondoo API endpoint.")
 }
@@ -47,11 +48,12 @@ You remain logged in until you explicitly log out using the 'logout' subcommand.
 	},
 	Run: func(cmd *cobra.Command, args []string) {
 		token, _ := cmd.Flags().GetString("token")
-		register(token)
+		annotations, _ := cmd.Flags().GetStringToString("annotation")
+		register(token, annotations)
 	},
 }
 
-func register(token string) {
+func register(token string, annotations map[string]string) {
 	var err error
 	var credential *upstream.ServiceAccountCredentials
 
@@ -142,7 +144,7 @@ func register(token string) {
 		viper.Set("mrn", confirmation.Credential.Mrn)
 		viper.Set("private_key", confirmation.Credential.PrivateKey)
 		viper.Set("certificate", confirmation.Credential.Certificate)
-
+		viper.Set("annotations", annotations)
 		credential = confirmation.Credential
 	} else {
 		// try to read local options

diff --git a/apps/cnquery/cmd/scan.go b/apps/cnquery/cmd/scan.go
@@ -146,6 +146,8 @@ type scanConfig struct {
 	Props          map[string]string
 	Bundle         *explorer.Bundle
 	runtime        *providers.Runtime
+	// annotations that will be applied to all discovered assets
+	annotations map[string]string
 
 	IsIncognito bool
 }
@@ -167,6 +169,20 @@ func getCobraScanConfig(cmd *cobra.Command, runtime *providers.Runtime, cliRes *
 	if err != nil {
 		log.Fatal().Err(err).Msg("failed to parse inventory")
 	}
+
+	annotations, err := cmd.Flags().GetStringToString("annotation")
+	if err != nil {
+		log.Fatal().Err(err).Msg("failed to parse annotations")
+	}
+
+	// merge the config and the user-provided annotations with the latter having precedence
+	optAnnotations := opts.Annotations
+	if optAnnotations == nil {
+		optAnnotations = map[string]string{}
+	}
+	for k, v := range annotations {
+		optAnnotations[k] = v
+	}
 	conf := scanConfig{
 		Features:       opts.GetFeatures(),
 		IsIncognito:    viper.GetBool("incognito"),
@@ -175,6 +191,7 @@ func getCobraScanConfig(cmd *cobra.Command, runtime *providers.Runtime, cliRes *
 		QueryPackNames: viper.GetStringSlice("querypacks"),
 		Props:          props,
 		runtime:        runtime,
+		annotations:    optAnnotations,
 	}
 
 	// if users want to get more information on available output options,
@@ -292,6 +309,7 @@ func RunScan(config *scanConfig) (*explorer.ReportCollection, error) {
 				Bundle:           config.Bundle,
 				QueryPackFilters: config.QueryPackNames,
 				Props:            config.Props,
+				Annotations:      config.annotations,
 			})
 	}
 	return scanner.Run(
@@ -301,6 +319,7 @@ func RunScan(config *scanConfig) (*explorer.ReportCollection, error) {
 			Bundle:           config.Bundle,
 			QueryPackFilters: config.QueryPackNames,
 			Props:            config.Props,
+			Annotations:      config.annotations,
 		})
 }
 

diff --git a/cli/config/config.go b/cli/config/config.go
@@ -199,6 +199,9 @@ type CommonOpts struct {
 
 	// labels that will be applied to all assets
 	Labels map[string]string `json:"labels,omitempty" mapstructure:"labels"`
+
+	// annotations that will be applied to all assets
+	Annotations map[string]string `json:"annotations,omitempty" mapstructure:"annotations"`
 }
 
 type CliConfigAuthentication struct {

diff --git a/explorer/scan/cnquery_explorer_scan.pb.go b/explorer/scan/cnquery_explorer_scan.pb.go
diff --git a/explorer/scan/cnquery_explorer_scan.proto b/explorer/scan/cnquery_explorer_scan.proto
@@ -16,5 +16,7 @@ message Job {
   bool do_record = 20;
   repeated string query_pack_filters = 21;
   map<string,string> props = 22;
+  // annotations that will be applied to all assets in the job
+  map<string,string> annotations = 23;
 }
 
diff --git a/explorer/scan/local_scanner.go b/explorer/scan/local_scanner.go
@@ -263,6 +263,7 @@ func (s *LocalScanner) distributeJob(job *Job, ctx context.Context, upstream *up
 
 	justAssets := []*inventory.Asset{}
 	for _, asset := range assets {
+		asset.asset.AddAnnotations(job.GetAnnotations())
 		asset.asset.KindString = asset.asset.GetPlatform().Kind
 		justAssets = append(justAssets, asset.asset)
 	}