From c4adb5008bc3f933c7bc301c4af79131e5b3f9d7 Mon Sep 17 00:00:00 2001 From: Ivan Milchev Date: Tue, 6 Feb 2024 15:42:59 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20set=20runtime=20labels=20for=20s?= =?UTF-8?q?cannable=20root=20assets=20(#3215)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ivan Milchev --- explorer/scan/discovery.go | 7 ++++--- explorer/scan/discovery_test.go | 23 +++++++++++++++++++++++ 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/explorer/scan/discovery.go b/explorer/scan/discovery.go index 7f8dd6fac9..129b0bb702 100644 --- a/explorer/scan/discovery.go +++ b/explorer/scan/discovery.go @@ -112,6 +112,7 @@ func DiscoverAssets(ctx context.Context, inv *inventory.Inventory, upstream *ups // If the root asset has platform IDs, then it is a scannable asset, so we need to add it if len(resolvedRootAsset.PlatformIds) > 0 { + prepareAsset(resolvedRootAsset, resolvedRootAsset, runtimeLabels) if !discoveredAssets.Add(rootAssetWithRuntime.Asset, rootAssetWithRuntime.Runtime) { rootAssetWithRuntime.Runtime.Close() } @@ -188,10 +189,10 @@ func prepareAsset(a *inventory.Asset, rootAsset *inventory.Asset, runtimeLabels a.AddAnnotations(rootAsset.GetAnnotations()) a.ManagedBy = rootAsset.ManagedBy a.KindString = a.GetPlatform().Kind + if a.Labels == nil { + a.Labels = map[string]string{} + } for k, v := range runtimeLabels { - if a.Labels == nil { - a.Labels = map[string]string{} - } a.Labels[k] = v } } diff --git a/explorer/scan/discovery_test.go b/explorer/scan/discovery_test.go index b7a280a9c9..1e7afd4ecf 100644 --- a/explorer/scan/discovery_test.go +++ b/explorer/scan/discovery_test.go @@ -222,6 +222,29 @@ func TestDiscoverAssets(t *testing.T) { } }) + t.Run("set ci/cd labels for scannable root assets", func(t *testing.T) { + inv := getInventory() + inv.Spec.Assets[0].Connections[0].Type = "local" + + val, isSet := os.LookupEnv("GITHUB_ACTION") + defer func() { + if isSet { + require.NoError(t, os.Setenv("GITHUB_ACTION", val)) + } else { + require.NoError(t, os.Unsetenv("GITHUB_ACTION")) + } + }() + inv.Spec.Assets[0].Category = inventory.AssetCategory_CATEGORY_CICD + require.NoError(t, os.Setenv("GITHUB_ACTION", "go-test")) + discoveredAssets, err := DiscoverAssets(context.Background(), inv, nil, providers.NullRecording{}) + require.NoError(t, err) + + for _, asset := range discoveredAssets.Assets { + require.Contains(t, asset.Asset.Labels, "mondoo.com/exec-environment") + assert.Equal(t, "actions.github.com", asset.Asset.Labels["mondoo.com/exec-environment"]) + } + }) + t.Run("scannable root asset", func(t *testing.T) { inv := getInventory() inv.Spec.Assets[0].Connections[0].Type = "local"