diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr index fe79db894e..60b3965650 100644 --- a/providers/aws/resources/aws.lr +++ b/providers/aws/resources/aws.lr @@ -1393,6 +1393,8 @@ private aws.ecr.repository { images() []aws.ecr.image // Region where the image is stored region string + // Repository option to scan on image push + imageScanOnPush bool } // AWS Elastic Container Registry Image diff --git a/providers/aws/resources/aws.lr.go b/providers/aws/resources/aws.lr.go index 9a9afd9e42..4d77886b67 100644 --- a/providers/aws/resources/aws.lr.go +++ b/providers/aws/resources/aws.lr.go @@ -2086,6 +2086,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "aws.ecr.repository.region": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEcrRepository).GetRegion()).ToDataRes(types.String) }, + "aws.ecr.repository.imageScanOnPush": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEcrRepository).GetImageScanOnPush()).ToDataRes(types.Bool) + }, "aws.ecr.image.digest": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEcrImage).GetDigest()).ToDataRes(types.String) }, @@ -5009,6 +5012,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAwsEcrRepository).Region, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "aws.ecr.repository.imageScanOnPush": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEcrRepository).ImageScanOnPush, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, "aws.ecr.image.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsEcrImage).__id, ok = v.Value.(string) return @@ -13341,6 +13348,7 @@ type mqlAwsEcrRepository struct { Public plugin.TValue[bool] Images plugin.TValue[[]interface{}] Region plugin.TValue[string] + ImageScanOnPush plugin.TValue[bool] } // createAwsEcrRepository creates a new instance of this resource @@ -13420,6 +13428,10 @@ func (c *mqlAwsEcrRepository) GetRegion() *plugin.TValue[string] { return &c.Region } +func (c *mqlAwsEcrRepository) GetImageScanOnPush() *plugin.TValue[bool] { + return &c.ImageScanOnPush +} + // mqlAwsEcrImage for the aws.ecr.image resource type mqlAwsEcrImage struct { MqlRuntime *plugin.Runtime diff --git a/providers/aws/resources/aws.lr.manifest.yaml b/providers/aws/resources/aws.lr.manifest.yaml index 7fd3c521a1..daae4157d1 100755 --- a/providers/aws/resources/aws.lr.manifest.yaml +++ b/providers/aws/resources/aws.lr.manifest.yaml @@ -1100,6 +1100,8 @@ resources: The `aws.ecr.repository` resource can be used to assess the Amazon Elastic Container Registry repositories. fields: arn: {} + imageScanOnPush: + min_mondoo_version: 8.19.0 images: {} name: {} public: {} diff --git a/providers/aws/resources/aws_ecr.go b/providers/aws/resources/aws_ecr.go index 393fafd639..ec126a0aec 100644 --- a/providers/aws/resources/aws_ecr.go +++ b/providers/aws/resources/aws_ecr.go @@ -111,15 +111,20 @@ func (a *mqlAwsEcr) getPrivateRepositories(conn *connection.AwsConnection) []*jo return nil, err } for i := range repoResp.Repositories { + imageScanOnPush := false r := repoResp.Repositories[i] + if r.ImageScanningConfiguration != nil { + imageScanOnPush = r.ImageScanningConfiguration.ScanOnPush + } mqlRepoResource, err := CreateResource(a.MqlRuntime, "aws.ecr.repository", map[string]*llx.RawData{ - "arn": llx.StringData(convert.ToString(r.RepositoryArn)), - "name": llx.StringData(convert.ToString(r.RepositoryName)), - "uri": llx.StringData(convert.ToString(r.RepositoryUri)), - "registryId": llx.StringData(convert.ToString(r.RegistryId)), - "public": llx.BoolData(false), - "region": llx.StringData(region), + "arn": llx.StringData(convert.ToString(r.RepositoryArn)), + "name": llx.StringData(convert.ToString(r.RepositoryName)), + "uri": llx.StringData(convert.ToString(r.RepositoryUri)), + "registryId": llx.StringData(convert.ToString(r.RegistryId)), + "public": llx.BoolData(false), + "region": llx.StringData(region), + "imageScanOnPush": llx.BoolData(imageScanOnPush), }) if err != nil { return nil, err @@ -276,14 +281,16 @@ func (a *mqlAwsEcr) publicRepositories() ([]interface{}, error) { } for i := range repoResp.Repositories { r := repoResp.Repositories[i] + mqlRepoResource, err := CreateResource(a.MqlRuntime, "aws.ecr.repository", map[string]*llx.RawData{ - "arn": llx.StringData(convert.ToString(r.RepositoryArn)), - "name": llx.StringData(convert.ToString(r.RepositoryName)), - "uri": llx.StringData(convert.ToString(r.RepositoryUri)), - "registryId": llx.StringData(convert.ToString(r.RegistryId)), - "public": llx.BoolData(true), - "region": llx.StringData("us-east-1"), + "arn": llx.StringData(convert.ToString(r.RepositoryArn)), + "name": llx.StringData(convert.ToString(r.RepositoryName)), + "uri": llx.StringData(convert.ToString(r.RepositoryUri)), + "registryId": llx.StringData(convert.ToString(r.RegistryId)), + "public": llx.BoolData(true), + "region": llx.StringData("us-east-1"), + "imageScanOnPush": llx.BoolData(false), }) if err != nil { return nil, err diff --git a/providers/ms365/resources/ms365.lr.manifest.yaml b/providers/ms365/resources/ms365.lr.manifest.yaml index 4cd50e5a1f..da0af3a35a 100755 --- a/providers/ms365/resources/ms365.lr.manifest.yaml +++ b/providers/ms365/resources/ms365.lr.manifest.yaml @@ -11,7 +11,7 @@ resources: serviceprincipals: {} settings: {} users: {} - min_mondoo_version: latest + min_mondoo_version: 5.15.0 microsoft.application: fields: appId: {} diff --git a/providers/terraform/resources/terraform.lr b/providers/terraform/resources/terraform.lr index 2b7ecf7c70..d168d5bf8a 100644 --- a/providers/terraform/resources/terraform.lr +++ b/providers/terraform/resources/terraform.lr @@ -24,9 +24,12 @@ terraform { outputs() []terraform.block } +// Terraform resources are all blocks with a type set to resource terraform.resources { []terraform.block + // List all Terraform resources or search by name init(filter any) + // Filter applied to this list of Terraform resources. May be a string or regex. filter any } diff --git a/providers/vcd/resources/externalnetworks.go b/providers/vcd/resources/externalnetworks.go index e481712449..f391d1cf7f 100644 --- a/providers/vcd/resources/externalnetworks.go +++ b/providers/vcd/resources/externalnetworks.go @@ -47,6 +47,17 @@ func (v *mqlVcdExternalNetwork) id() (string, error) { if v.Name.Error != nil { return "", v.Name.Error } + + // FIXME: DEPRECATED, remove in v10.0. The ID field will be removed and + // this request won't be necessary anymore. vv + urn := v.GetUrn() + if urn == nil { + v.Id = plugin.TValue[string]{State: plugin.StateIsSet | plugin.StateIsNull} + } else { + v.Id = *urn + } + // ^^ + return "vcd.externalNetwork/" + v.Name.Data, nil } diff --git a/providers/vcd/resources/vcd.lr b/providers/vcd/resources/vcd.lr index 00550ef2ae..4964cff093 100644 --- a/providers/vcd/resources/vcd.lr +++ b/providers/vcd/resources/vcd.lr @@ -120,6 +120,8 @@ vcd.networkPool { // VMware Cloud Director External Network private vcd.externalNetwork @defaults("name") { + // URN of the network. Deprecated: Please use the urn field instead. + id string // Unique name for the network name string // URN of the network diff --git a/providers/vcd/resources/vcd.lr.go b/providers/vcd/resources/vcd.lr.go index 343b31230f..a8c2659208 100644 --- a/providers/vcd/resources/vcd.lr.go +++ b/providers/vcd/resources/vcd.lr.go @@ -274,6 +274,9 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "vcd.networkPool.networkPoolType": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVcdNetworkPool).GetNetworkPoolType()).ToDataRes(types.Int) }, + "vcd.externalNetwork.id": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlVcdExternalNetwork).GetId()).ToDataRes(types.String) + }, "vcd.externalNetwork.name": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlVcdExternalNetwork).GetName()).ToDataRes(types.String) }, @@ -705,6 +708,10 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlVcdExternalNetwork).__id, ok = v.Value.(string) return }, + "vcd.externalNetwork.id": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlVcdExternalNetwork).Id, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "vcd.externalNetwork.name": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlVcdExternalNetwork).Name, ok = plugin.RawToTValue[string](v.Value, v.Error) return @@ -1625,6 +1632,7 @@ type mqlVcdExternalNetwork struct { MqlRuntime *plugin.Runtime __id string mqlVcdExternalNetworkInternal + Id plugin.TValue[string] Name plugin.TValue[string] Urn plugin.TValue[string] Description plugin.TValue[string] @@ -1668,6 +1676,10 @@ func (c *mqlVcdExternalNetwork) MqlID() string { return c.__id } +func (c *mqlVcdExternalNetwork) GetId() *plugin.TValue[string] { + return &c.Id +} + func (c *mqlVcdExternalNetwork) GetName() *plugin.TValue[string] { return &c.Name }