From c6a7a5544c8194c1225d9e3d38e8cebdfa675545 Mon Sep 17 00:00:00 2001 From: Christian Zunker Date: Tue, 5 Dec 2023 12:01:40 +0100 Subject: [PATCH] Bugfixes vSphere and added stats to vulnmgmt Signed-off-by: Christian Zunker --- providers/core/resources/core.lr | 3 -- providers/core/resources/core.lr.go | 47 ------------------- providers/core/resources/core.resources.json | 2 +- providers/os/resources/asset_vuln.go | 36 +++++++------- providers/os/resources/os.lr | 4 +- providers/os/resources/os.lr.go | 24 ++++++++++ providers/os/resources/os.lr.manifest.yaml | 1 + providers/os/resources/vulnmgmt.go | 14 ++++++ providers/vsphere/resources/vsphere.lr | 4 +- providers/vsphere/resources/vsphere.lr.go | 24 ++++++++++ .../resources/vsphere.lr.manifest.yaml | 1 + providers/vsphere/resources/vulnmgmt.go | 19 ++++++-- 12 files changed, 105 insertions(+), 74 deletions(-) diff --git a/providers/core/resources/core.lr b/providers/core/resources/core.lr index 49492a39cc..478161c364 100644 --- a/providers/core/resources/core.lr +++ b/providers/core/resources/core.lr @@ -58,9 +58,6 @@ asset.eol @defaults("date") { date time } -// Vulnerability Information -vulnmgmt {} - // Date and time functions time { // The current time on the local system diff --git a/providers/core/resources/core.lr.go b/providers/core/resources/core.lr.go index 42a2c6003b..40f40a9dd4 100644 --- a/providers/core/resources/core.lr.go +++ b/providers/core/resources/core.lr.go @@ -30,10 +30,6 @@ func init() { Init: initAssetEol, Create: createAssetEol, }, - "vulnmgmt": { - // to override args, implement: initVulnmgmt(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) - Create: createVulnmgmt, - }, "time": { // to override args, implement: initTime(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) Create: createTime, @@ -382,10 +378,6 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAssetEol).Date, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error) return }, - "vulnmgmt.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { - r.(*mqlVulnmgmt).__id, ok = v.Value.(string) - return - }, "time.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlTime).__id, ok = v.Value.(string) return @@ -785,45 +777,6 @@ func (c *mqlAssetEol) GetDate() *plugin.TValue[*time.Time] { return &c.Date } -// mqlVulnmgmt for the vulnmgmt resource -type mqlVulnmgmt struct { - MqlRuntime *plugin.Runtime - __id string - // optional: if you define mqlVulnmgmtInternal it will be used here -} - -// createVulnmgmt creates a new instance of this resource -func createVulnmgmt(runtime *plugin.Runtime, args map[string]*llx.RawData) (plugin.Resource, error) { - res := &mqlVulnmgmt{ - MqlRuntime: runtime, - } - - err := SetAllData(res, args) - if err != nil { - return res, err - } - - // to override __id implement: id() (string, error) - - if runtime.HasRecording { - args, err = runtime.ResourceFromRecording("vulnmgmt", res.__id) - if err != nil || args == nil { - return res, err - } - return res, SetAllData(res, args) - } - - return res, nil -} - -func (c *mqlVulnmgmt) MqlName() string { - return "vulnmgmt" -} - -func (c *mqlVulnmgmt) MqlID() string { - return c.__id -} - // mqlTime for the time resource type mqlTime struct { MqlRuntime *plugin.Runtime diff --git a/providers/core/resources/core.resources.json b/providers/core/resources/core.resources.json index 1212447ca4..0a6ed36117 100644 --- a/providers/core/resources/core.resources.json +++ b/providers/core/resources/core.resources.json @@ -1 +1 @@ -{"resources":{"asset":{"id":"asset","name":"asset","fields":{"arch":{"name":"arch","type":"\u0007","is_mandatory":true,"title":"Architecture this OS is running on","provider":"go.mondoo.com/cnquery/v9/providers/core"},"build":{"name":"build","type":"\u0007","is_mandatory":true,"title":"Build version of the platform (optional)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"eol":{"name":"eol","type":"\u001basset.eol","title":"Information about the assets platform end-of-life.","is_implicit_resource":true,"provider":"go.mondoo.com/cnquery/v9/providers/core"},"family":{"name":"family","type":"\u0019\u0007","is_mandatory":true,"title":"List of platform families that this platform belongs to","provider":"go.mondoo.com/cnquery/v9/providers/core"},"fqdn":{"name":"fqdn","type":"\u0007","is_mandatory":true,"title":"Fully qualified domain name (optional)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ids":{"name":"ids","type":"\u0019\u0007","is_mandatory":true,"title":"All identifiers for this asset","provider":"go.mondoo.com/cnquery/v9/providers/core"},"kind":{"name":"kind","type":"\u0007","is_mandatory":true,"title":"Kind of platform, for example:","desc":"api, baremetal, vm, vm-image, container, container-image, network, ...","provider":"go.mondoo.com/cnquery/v9/providers/core"},"labels":{"name":"labels","type":"\u001a\u0007\u0007","is_mandatory":true,"title":"Optional platform information","provider":"go.mondoo.com/cnquery/v9/providers/core"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Human readable name of the asset","provider":"go.mondoo.com/cnquery/v9/providers/core"},"platform":{"name":"platform","type":"\u0007","is_mandatory":true,"title":"Platform for this asset (redhat, windows, k8s-pod)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"runtime":{"name":"runtime","type":"\u0007","is_mandatory":true,"title":"Runtime is the specific kind of the platform. Examples include:","desc":"docker-container, podman-container, aws-ec2-instance, ...","provider":"go.mondoo.com/cnquery/v9/providers/core"},"title":{"name":"title","type":"\u0007","is_mandatory":true,"title":"Human-readable title of the platform (e.g., \"Red Hat 8, Container\")","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","is_mandatory":true,"title":"Version of the platform","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"General asset information","min_mondoo_version":"6.13.0","defaults":"name platform version","provider":"go.mondoo.com/cnquery/v9/providers/core"},"asset.eol":{"id":"asset.eol","name":"asset.eol","fields":{"date":{"name":"date","type":"\t","is_mandatory":true,"title":"End-of-Life date","provider":"go.mondoo.com/cnquery/v9/providers/core"},"docsUrl":{"name":"docsUrl","type":"\u0007","is_mandatory":true,"title":"Documentation URL","provider":"go.mondoo.com/cnquery/v9/providers/core"},"productUrl":{"name":"productUrl","type":"\u0007","is_mandatory":true,"title":"Product URL","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Information about the assets platform end-of-life.","min_mondoo_version":"latest","defaults":"date","provider":"go.mondoo.com/cnquery/v9/providers/core"},"cpe":{"id":"cpe","name":"cpe","fields":{"edition":{"name":"edition","type":"\u0007","title":"Edition of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"language":{"name":"language","type":"\u0007","title":"Language of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"other":{"name":"other","type":"\u0007","title":"Other of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"part":{"name":"part","type":"\u0007","title":"Part of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"product":{"name":"product","type":"\u0007","title":"Product of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"swEdition":{"name":"swEdition","type":"\u0007","title":"Software edition of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"targetHw":{"name":"targetHw","type":"\u0007","title":"Target hardware of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"targetSw":{"name":"targetSw","type":"\u0007","title":"Target software of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"update":{"name":"update","type":"\u0007","title":"Update of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uri":{"name":"uri","type":"\u0007","is_mandatory":true,"title":"URI binding of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"vendor":{"name":"vendor","type":"\u0007","title":"Vendor of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","title":"Version of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"init":{"args":[{"name":"uri","type":"\u0007"}]},"title":"Common Platform Enumeration (CPE) identifiers","min_mondoo_version":"latest","defaults":"uri","provider":"go.mondoo.com/cnquery/v9/providers/core"},"mondoo":{"id":"mondoo","name":"mondoo","fields":{"arch":{"name":"arch","type":"\u0007","title":"Architecture of this client (e.g., linux-amd64)","min_mondoo_version":"latest","provider":"go.mondoo.com/cnquery/v9/providers/core"},"build":{"name":"build","type":"\u0007","title":"Build of the client (e.g., production, development)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"capabilities":{"name":"capabilities","type":"\u0019\u0007","title":"Connection capabilities","provider":"go.mondoo.com/cnquery/v9/providers/core"},"jobEnvironment":{"name":"jobEnvironment","type":"\n","title":"Agent execution environment","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","title":"Version of the client running on the asset","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Contextual information about MQL runtime and environment","min_mondoo_version":"5.15.0","defaults":"version","provider":"go.mondoo.com/cnquery/v9/providers/core"},"parse":{"id":"parse","name":"parse","title":"Provides common parsers (json, ini, certs, etc)","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"regex":{"id":"regex","name":"regex","fields":{"creditCard":{"name":"creditCard","type":"\u0008","title":"Matches credit card numbers","provider":"go.mondoo.com/cnquery/v9/providers/core"},"email":{"name":"email","type":"\u0008","title":"Matches email addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"emoji":{"name":"emoji","type":"\u0008","title":"Matches emojis","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ipv4":{"name":"ipv4","type":"\u0008","title":"Matches IPv4 addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ipv6":{"name":"ipv6","type":"\u0008","title":"Matches IPv6 addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"mac":{"name":"mac","type":"\u0008","title":"Matches MAC addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"semver":{"name":"semver","type":"\u0008","title":"Matches semantic version numbers","provider":"go.mondoo.com/cnquery/v9/providers/core"},"url":{"name":"url","type":"\u0008","title":"Matches URL addresses (HTTP/HTTPS)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uuid":{"name":"uuid","type":"\u0008","title":"Matches hyphen-deliminated UUIDs","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Built-in regular expression functions","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"time":{"id":"time","name":"time","fields":{"day":{"name":"day","type":"\t","title":"One day, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"hour":{"name":"hour","type":"\t","title":"One hour, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"minute":{"name":"minute","type":"\t","title":"One minute, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"now":{"name":"now","type":"\t","title":"The current time on the local system","provider":"go.mondoo.com/cnquery/v9/providers/core"},"second":{"name":"second","type":"\t","title":"One second, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"today":{"name":"today","type":"\t","title":"The current day starting at midnight","provider":"go.mondoo.com/cnquery/v9/providers/core"},"tomorrow":{"name":"tomorrow","type":"\t","title":"The next day starting at midnight","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Date and time functions","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uuid":{"id":"uuid","name":"uuid","fields":{"urn":{"name":"urn","type":"\u0007","title":"URN returns the RFC 2141 URN form of uuid","provider":"go.mondoo.com/cnquery/v9/providers/core"},"value":{"name":"value","type":"\u0007","is_mandatory":true,"title":"Canonical string representation xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","provider":"go.mondoo.com/cnquery/v9/providers/core"},"variant":{"name":"variant","type":"\u0007","title":"Variant encoded in UUID","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0005","title":"Version of UUID","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"init":{"args":[{"name":"value","type":"\u0007"}]},"title":"UUIDs based on RFC 4122 and DCE 1.1","min_mondoo_version":"5.15.0","defaults":"value","provider":"go.mondoo.com/cnquery/v9/providers/core"},"vulnmgmt":{"id":"vulnmgmt","name":"vulnmgmt","title":"Vulnerability Information","min_mondoo_version":"latest","provider":"go.mondoo.com/cnquery/v9/providers/core"}}} \ No newline at end of file +{"resources":{"asset":{"id":"asset","name":"asset","fields":{"arch":{"name":"arch","type":"\u0007","is_mandatory":true,"title":"Architecture this OS is running on","provider":"go.mondoo.com/cnquery/v9/providers/core"},"build":{"name":"build","type":"\u0007","is_mandatory":true,"title":"Build version of the platform (optional)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"eol":{"name":"eol","type":"\u001basset.eol","title":"Information about the assets platform end-of-life.","is_implicit_resource":true,"provider":"go.mondoo.com/cnquery/v9/providers/core"},"family":{"name":"family","type":"\u0019\u0007","is_mandatory":true,"title":"List of platform families that this platform belongs to","provider":"go.mondoo.com/cnquery/v9/providers/core"},"fqdn":{"name":"fqdn","type":"\u0007","is_mandatory":true,"title":"Fully qualified domain name (optional)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ids":{"name":"ids","type":"\u0019\u0007","is_mandatory":true,"title":"All identifiers for this asset","provider":"go.mondoo.com/cnquery/v9/providers/core"},"kind":{"name":"kind","type":"\u0007","is_mandatory":true,"title":"Kind of platform, for example:","desc":"api, baremetal, vm, vm-image, container, container-image, network, ...","provider":"go.mondoo.com/cnquery/v9/providers/core"},"labels":{"name":"labels","type":"\u001a\u0007\u0007","is_mandatory":true,"title":"Optional platform information","provider":"go.mondoo.com/cnquery/v9/providers/core"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Human readable name of the asset","provider":"go.mondoo.com/cnquery/v9/providers/core"},"platform":{"name":"platform","type":"\u0007","is_mandatory":true,"title":"Platform for this asset (redhat, windows, k8s-pod)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"runtime":{"name":"runtime","type":"\u0007","is_mandatory":true,"title":"Runtime is the specific kind of the platform. Examples include:","desc":"docker-container, podman-container, aws-ec2-instance, ...","provider":"go.mondoo.com/cnquery/v9/providers/core"},"title":{"name":"title","type":"\u0007","is_mandatory":true,"title":"Human-readable title of the platform (e.g., \"Red Hat 8, Container\")","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","is_mandatory":true,"title":"Version of the platform","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"General asset information","min_mondoo_version":"6.13.0","defaults":"name platform version","provider":"go.mondoo.com/cnquery/v9/providers/core"},"asset.eol":{"id":"asset.eol","name":"asset.eol","fields":{"date":{"name":"date","type":"\t","is_mandatory":true,"title":"End-of-Life date","provider":"go.mondoo.com/cnquery/v9/providers/core"},"docsUrl":{"name":"docsUrl","type":"\u0007","is_mandatory":true,"title":"Documentation URL","provider":"go.mondoo.com/cnquery/v9/providers/core"},"productUrl":{"name":"productUrl","type":"\u0007","is_mandatory":true,"title":"Product URL","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Information about the assets platform end-of-life.","min_mondoo_version":"latest","defaults":"date","provider":"go.mondoo.com/cnquery/v9/providers/core"},"cpe":{"id":"cpe","name":"cpe","fields":{"edition":{"name":"edition","type":"\u0007","title":"Edition of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"language":{"name":"language","type":"\u0007","title":"Language of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"other":{"name":"other","type":"\u0007","title":"Other of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"part":{"name":"part","type":"\u0007","title":"Part of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"product":{"name":"product","type":"\u0007","title":"Product of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"swEdition":{"name":"swEdition","type":"\u0007","title":"Software edition of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"targetHw":{"name":"targetHw","type":"\u0007","title":"Target hardware of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"targetSw":{"name":"targetSw","type":"\u0007","title":"Target software of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"update":{"name":"update","type":"\u0007","title":"Update of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uri":{"name":"uri","type":"\u0007","is_mandatory":true,"title":"URI binding of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"vendor":{"name":"vendor","type":"\u0007","title":"Vendor of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","title":"Version of the CPE","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"init":{"args":[{"name":"uri","type":"\u0007"}]},"title":"Common Platform Enumeration (CPE) identifiers","min_mondoo_version":"latest","defaults":"uri","provider":"go.mondoo.com/cnquery/v9/providers/core"},"mondoo":{"id":"mondoo","name":"mondoo","fields":{"arch":{"name":"arch","type":"\u0007","title":"Architecture of this client (e.g., linux-amd64)","min_mondoo_version":"latest","provider":"go.mondoo.com/cnquery/v9/providers/core"},"build":{"name":"build","type":"\u0007","title":"Build of the client (e.g., production, development)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"capabilities":{"name":"capabilities","type":"\u0019\u0007","title":"Connection capabilities","provider":"go.mondoo.com/cnquery/v9/providers/core"},"jobEnvironment":{"name":"jobEnvironment","type":"\n","title":"Agent execution environment","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0007","title":"Version of the client running on the asset","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Contextual information about MQL runtime and environment","min_mondoo_version":"5.15.0","defaults":"version","provider":"go.mondoo.com/cnquery/v9/providers/core"},"parse":{"id":"parse","name":"parse","title":"Provides common parsers (json, ini, certs, etc)","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"regex":{"id":"regex","name":"regex","fields":{"creditCard":{"name":"creditCard","type":"\u0008","title":"Matches credit card numbers","provider":"go.mondoo.com/cnquery/v9/providers/core"},"email":{"name":"email","type":"\u0008","title":"Matches email addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"emoji":{"name":"emoji","type":"\u0008","title":"Matches emojis","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ipv4":{"name":"ipv4","type":"\u0008","title":"Matches IPv4 addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"ipv6":{"name":"ipv6","type":"\u0008","title":"Matches IPv6 addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"mac":{"name":"mac","type":"\u0008","title":"Matches MAC addresses","provider":"go.mondoo.com/cnquery/v9/providers/core"},"semver":{"name":"semver","type":"\u0008","title":"Matches semantic version numbers","provider":"go.mondoo.com/cnquery/v9/providers/core"},"url":{"name":"url","type":"\u0008","title":"Matches URL addresses (HTTP/HTTPS)","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uuid":{"name":"uuid","type":"\u0008","title":"Matches hyphen-deliminated UUIDs","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Built-in regular expression functions","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"time":{"id":"time","name":"time","fields":{"day":{"name":"day","type":"\t","title":"One day, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"hour":{"name":"hour","type":"\t","title":"One hour, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"minute":{"name":"minute","type":"\t","title":"One minute, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"now":{"name":"now","type":"\t","title":"The current time on the local system","provider":"go.mondoo.com/cnquery/v9/providers/core"},"second":{"name":"second","type":"\t","title":"One second, used for durations","provider":"go.mondoo.com/cnquery/v9/providers/core"},"today":{"name":"today","type":"\t","title":"The current day starting at midnight","provider":"go.mondoo.com/cnquery/v9/providers/core"},"tomorrow":{"name":"tomorrow","type":"\t","title":"The next day starting at midnight","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"title":"Date and time functions","min_mondoo_version":"5.15.0","provider":"go.mondoo.com/cnquery/v9/providers/core"},"uuid":{"id":"uuid","name":"uuid","fields":{"urn":{"name":"urn","type":"\u0007","title":"URN returns the RFC 2141 URN form of uuid","provider":"go.mondoo.com/cnquery/v9/providers/core"},"value":{"name":"value","type":"\u0007","is_mandatory":true,"title":"Canonical string representation xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","provider":"go.mondoo.com/cnquery/v9/providers/core"},"variant":{"name":"variant","type":"\u0007","title":"Variant encoded in UUID","provider":"go.mondoo.com/cnquery/v9/providers/core"},"version":{"name":"version","type":"\u0005","title":"Version of UUID","provider":"go.mondoo.com/cnquery/v9/providers/core"}},"init":{"args":[{"name":"value","type":"\u0007"}]},"title":"UUIDs based on RFC 4122 and DCE 1.1","min_mondoo_version":"5.15.0","defaults":"value","provider":"go.mondoo.com/cnquery/v9/providers/core"}}} \ No newline at end of file diff --git a/providers/os/resources/asset_vuln.go b/providers/os/resources/asset_vuln.go index e88c2bdfd2..278b9a3e08 100644 --- a/providers/os/resources/asset_vuln.go +++ b/providers/os/resources/asset_vuln.go @@ -5,14 +5,15 @@ package resources import ( "context" + "errors" "time" - "github.com/mitchellh/mapstructure" "github.com/rs/zerolog/log" "go.mondoo.com/cnquery/v9/llx" "go.mondoo.com/cnquery/v9/logger" "go.mondoo.com/cnquery/v9/providers-sdk/v1/plugin" "go.mondoo.com/cnquery/v9/providers-sdk/v1/resources" + "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/gql" "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/mvd" "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/mvd/cvss" "go.mondoo.com/cnquery/v9/providers-sdk/v1/util/convert" @@ -115,31 +116,30 @@ func (p *mqlAsset) vulnerabilityReport() (interface{}, error) { } func getAdvisoryReport(runtime *plugin.Runtime) (*mvd.VulnReport, error) { - obj, err := CreateResource(runtime, "asset", map[string]*llx.RawData{}) - if err != nil { - return nil, err + mcc := runtime.Upstream + if mcc == nil || mcc.ApiEndpoint == "" { + return nil, resources.MissingUpstreamError{} } - asset := obj.(*mqlAsset) - r := asset.GetVulnerabilityReport() - if r.Error != nil { - return nil, r.Error + // get new gql client + mondooClient, err := gql.NewClient(mcc.UpstreamConfig, mcc.HttpClient) + if err != nil { + return nil, err } - rawReport := r.Data - var vulnReport mvd.VulnReport - cfg := &mapstructure.DecoderConfig{ - Metadata: nil, - Result: &vulnReport, - TagName: "json", - } - decoder, _ := mapstructure.NewDecoder(cfg) - err = decoder.Decode(rawReport) + gqlVulnReport, err := mondooClient.GetVulnCompactReport(runtime.Upstream.AssetMrn) if err != nil { return nil, err } - return &vulnReport, nil + log.Debug().Interface("gqlReport", gqlVulnReport).Msg("search for asset vuln report") + if gqlVulnReport == nil { + return nil, errors.New("no vulnerability report available") + } + + vulnReport := gql.ConvertToMvdVulnReport(gqlVulnReport) + + return vulnReport, nil } func (a *mqlPlatformAdvisories) id() (string, error) { diff --git a/providers/os/resources/os.lr b/providers/os/resources/os.lr index 924b383272..649bfe9fb0 100644 --- a/providers/os/resources/os.lr +++ b/providers/os/resources/os.lr @@ -63,7 +63,7 @@ platform { } // Vulnerability Information -extend vulnmgmt { +vulnmgmt { // List of all CVEs affecting the asset cves() []vuln.cve // List of all Advisories affecting the asset @@ -72,6 +72,8 @@ extend vulnmgmt { packages() []vuln.package // Last time the vulnerability information was updated lastAssessment() time + // Statistics about the vulnerabilities + stats() audit.cvss } // CVE information diff --git a/providers/os/resources/os.lr.go b/providers/os/resources/os.lr.go index 523ec4d5e5..545170a99d 100644 --- a/providers/os/resources/os.lr.go +++ b/providers/os/resources/os.lr.go @@ -534,6 +534,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "vulnmgmt.lastAssessment": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVulnmgmt).GetLastAssessment()).ToDataRes(types.Time) }, + "vulnmgmt.stats": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlVulnmgmt).GetStats()).ToDataRes(types.Resource("audit.cvss")) + }, "vuln.cve.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVulnCve).GetId()).ToDataRes(types.String) }, @@ -2092,6 +2095,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlVulnmgmt).LastAssessment, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error) return }, + "vulnmgmt.stats": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlVulnmgmt).Stats, ok = plugin.RawToTValue[*mqlAuditCvss](v.Value, v.Error) + return + }, "vuln.cve.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlVulnCve).__id, ok = v.Value.(string) return @@ -4723,6 +4730,7 @@ type mqlVulnmgmt struct { Advisories plugin.TValue[[]interface{}] Packages plugin.TValue[[]interface{}] LastAssessment plugin.TValue[*time.Time] + Stats plugin.TValue[*mqlAuditCvss] } // createVulnmgmt creates a new instance of this resource @@ -4811,6 +4819,22 @@ func (c *mqlVulnmgmt) GetLastAssessment() *plugin.TValue[*time.Time] { }) } +func (c *mqlVulnmgmt) GetStats() *plugin.TValue[*mqlAuditCvss] { + return plugin.GetOrCompute[*mqlAuditCvss](&c.Stats, func() (*mqlAuditCvss, error) { + if c.MqlRuntime.HasRecording { + d, err := c.MqlRuntime.FieldResourceFromRecording("vulnmgmt", c.__id, "stats") + if err != nil { + return nil, err + } + if d != nil { + return d.Value.(*mqlAuditCvss), nil + } + } + + return c.stats() + }) +} + // mqlVulnCve for the vuln.cve resource type mqlVulnCve struct { MqlRuntime *plugin.Runtime diff --git a/providers/os/resources/os.lr.manifest.yaml b/providers/os/resources/os.lr.manifest.yaml index d4aae8728b..139c3feffc 100644 --- a/providers/os/resources/os.lr.manifest.yaml +++ b/providers/os/resources/os.lr.manifest.yaml @@ -925,6 +925,7 @@ resources: cves: {} lastAssessment: {} packages: {} + stats: {} min_mondoo_version: latest windows: fields: diff --git a/providers/os/resources/vulnmgmt.go b/providers/os/resources/vulnmgmt.go index 99e1f86adf..1761637a31 100644 --- a/providers/os/resources/vulnmgmt.go +++ b/providers/os/resources/vulnmgmt.go @@ -67,6 +67,10 @@ func (v *mqlVulnmgmt) packages() ([]interface{}, error) { return nil, v.populateData() } +func (v *mqlVulnmgmt) stats() (*mqlAuditCvss, error) { + return nil, v.populateData() +} + func (v *mqlVulnmgmt) populateData() error { vulnReport, err := v.getReport() if err != nil { @@ -147,9 +151,19 @@ func (v *mqlVulnmgmt) populateData() error { mqlVulnPackages[i] = mqlVulnPackage } + res, err := CreateResource(v.MqlRuntime, "audit.cvss", map[string]*llx.RawData{ + "score": llx.FloatData(float64(vulnReport.Stats.Score.Value) / 10), + "vector": llx.StringData(vulnReport.Stats.Score.Vector), + }) + if err != nil { + return err + } + statsCvssScore := res.(*mqlAuditCvss) + v.Advisories = plugin.TValue[[]interface{}]{Data: mqlVulAdvisories, State: plugin.StateIsSet} v.Cves = plugin.TValue[[]interface{}]{Data: mqlVulnCves, State: plugin.StateIsSet} v.Packages = plugin.TValue[[]interface{}]{Data: mqlVulnPackages, State: plugin.StateIsSet} + v.Stats = plugin.TValue[*mqlAuditCvss]{Data: statsCvssScore, State: plugin.StateIsSet} return nil } diff --git a/providers/vsphere/resources/vsphere.lr b/providers/vsphere/resources/vsphere.lr index 93b0fff920..81fcaecdf5 100644 --- a/providers/vsphere/resources/vsphere.lr +++ b/providers/vsphere/resources/vsphere.lr @@ -21,7 +21,7 @@ platform { } // Vulnerability Information -extend vulnmgmt { +vulnmgmt { // List of all CVEs affecting the asset cves() []vuln.cve // List of all Advisories affecting the asset @@ -30,6 +30,8 @@ extend vulnmgmt { packages() []vuln.package // Last time the vulnerability information was updated lastAssessment() time + // Statistics about the vulnerabilities + stats() audit.cvss } // CVE information diff --git a/providers/vsphere/resources/vsphere.lr.go b/providers/vsphere/resources/vsphere.lr.go index ee667f57d5..b6af6abebf 100644 --- a/providers/vsphere/resources/vsphere.lr.go +++ b/providers/vsphere/resources/vsphere.lr.go @@ -203,6 +203,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "vulnmgmt.lastAssessment": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVulnmgmt).GetLastAssessment()).ToDataRes(types.Time) }, + "vulnmgmt.stats": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlVulnmgmt).GetStats()).ToDataRes(types.Resource("audit.cvss")) + }, "vuln.cve.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVulnCve).GetId()).ToDataRes(types.String) }, @@ -591,6 +594,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlVulnmgmt).LastAssessment, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error) return }, + "vulnmgmt.stats": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlVulnmgmt).Stats, ok = plugin.RawToTValue[*mqlAuditCvss](v.Value, v.Error) + return + }, "vuln.cve.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlVulnCve).__id, ok = v.Value.(string) return @@ -1265,6 +1272,7 @@ type mqlVulnmgmt struct { Advisories plugin.TValue[[]interface{}] Packages plugin.TValue[[]interface{}] LastAssessment plugin.TValue[*time.Time] + Stats plugin.TValue[*mqlAuditCvss] } // createVulnmgmt creates a new instance of this resource @@ -1353,6 +1361,22 @@ func (c *mqlVulnmgmt) GetLastAssessment() *plugin.TValue[*time.Time] { }) } +func (c *mqlVulnmgmt) GetStats() *plugin.TValue[*mqlAuditCvss] { + return plugin.GetOrCompute[*mqlAuditCvss](&c.Stats, func() (*mqlAuditCvss, error) { + if c.MqlRuntime.HasRecording { + d, err := c.MqlRuntime.FieldResourceFromRecording("vulnmgmt", c.__id, "stats") + if err != nil { + return nil, err + } + if d != nil { + return d.Value.(*mqlAuditCvss), nil + } + } + + return c.stats() + }) +} + // mqlVulnCve for the vuln.cve resource type mqlVulnCve struct { MqlRuntime *plugin.Runtime diff --git a/providers/vsphere/resources/vsphere.lr.manifest.yaml b/providers/vsphere/resources/vsphere.lr.manifest.yaml index c92ec18d63..006a450397 100644 --- a/providers/vsphere/resources/vsphere.lr.manifest.yaml +++ b/providers/vsphere/resources/vsphere.lr.manifest.yaml @@ -331,4 +331,5 @@ resources: cves: {} lastAssessment: {} packages: {} + stats: {} min_mondoo_version: latest diff --git a/providers/vsphere/resources/vulnmgmt.go b/providers/vsphere/resources/vulnmgmt.go index 399b1f0952..0b750fb6df 100644 --- a/providers/vsphere/resources/vulnmgmt.go +++ b/providers/vsphere/resources/vulnmgmt.go @@ -12,7 +12,7 @@ import ( "go.mondoo.com/cnquery/v9/providers-sdk/v1/plugin" "go.mondoo.com/cnquery/v9/providers-sdk/v1/resources" "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/gql" - "go.mondoo.com/cnquery/v9/providers/os/connection/shared" + "go.mondoo.com/cnquery/v9/providers/vsphere/connection" mondoogql "go.mondoo.com/mondoo-go" ) @@ -67,6 +67,10 @@ func (v *mqlVulnmgmt) packages() ([]interface{}, error) { return nil, v.populateData() } +func (v *mqlVulnmgmt) stats() (*mqlAuditCvss, error) { + return nil, v.populateData() +} + func (v *mqlVulnmgmt) populateData() error { vulnReport, err := v.getReport() if err != nil { @@ -133,8 +137,18 @@ func (v *mqlVulnmgmt) populateData() error { mqlVulnCves[i] = mqlVulnCve } + res, err := CreateResource(v.MqlRuntime, "audit.cvss", map[string]*llx.RawData{ + "score": llx.FloatData(float64(vulnReport.Stats.Score.Value) / 10), + "vector": llx.StringData(vulnReport.Stats.Score.Vector), + }) + if err != nil { + return err + } + statsCvssScore := res.(*mqlAuditCvss) + v.Advisories = plugin.TValue[[]interface{}]{Data: mqlVulAdvisories, State: plugin.StateIsSet} v.Cves = plugin.TValue[[]interface{}]{Data: mqlVulnCves, State: plugin.StateIsSet} + v.Stats = plugin.TValue[*mqlAuditCvss]{Data: statsCvssScore, State: plugin.StateIsSet} return nil } @@ -169,8 +183,7 @@ func (v *mqlVulnmgmt) getReport() (*gql.VulnReport, error) { } func (v *mqlVulnmgmt) getIncognitoReport(mondooClient *gql.MondooClient) (*gql.VulnReport, error) { - // FIXME: wrong connection - conn := v.MqlRuntime.Connection.(shared.Connection) + conn := v.MqlRuntime.Connection.(*connection.VsphereConnection) platform := conn.Asset().Platform gqlVulnReport, err := mondooClient.GetIncognitoVulnReport(mondoogql.PlatformInput{