Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] ⭐️ atlassian provider #2042

Closed
wants to merge 76 commits into from
Closed

[WIP] ⭐️ atlassian provider #2042

wants to merge 76 commits into from

Conversation

mariuskimmina
Copy link
Contributor

Work in progress

@mariuskimmina mariuskimmina marked this pull request as draft October 2, 2023 15:40
@mariuskimmina mariuskimmina self-assigned this Oct 3, 2023
@mariuskimmina
Copy link
Contributor Author

Connecting to atlassian and receiving organizations is working at this point

cnquery> atlassian.admin.organizations
atlassian.admin.organizations: [
  0: atlassian.admin.organization id="4j1ack42-6c9d-1552-k55a-c2j536j31066"
]

@mariuskimmina
Copy link
Contributor Author

mariuskimmina commented Oct 4, 2023
edited
Loading

Atlassian APIs seem to have a few limitations, for example it doesn't seem possible to get all users within an organization but only managed users with verified domains
https://community.developer.atlassian.com/t/organisation-rest-api-get-users-returns-empty-list/50816

@mariuskimmina
Copy link
Contributor Author

Atlassian APIs seem to have a few limitations, for example it doesn't seem possible to get all users within an organization but only managed users with verified domains https://community.developer.atlassian.com/t/organisation-rest-api-get-users-returns-empty-list/50816

Found out that the organization.users is an aggregation of users from jira and confluence. So we need to get them from those apis.

@mariuskimmina
Copy link
Contributor Author

Got receiving users from jira to work - I still need to figure out limits / pagination for this

cnquery> atlassian.jira.users
atlassian.jira.users: [
  0: atlassian.jira.user id="5dd64082af96bc0efbe55103"
  1: atlassian.jira.user id="630db2cd9796033b256bc349"
  2: atlassian.jira.user id="5cb4ae0e4b97ab11a18e00c7"
  3: atlassian.jira.user id="557058:f58131cb-b67d-43c7-b30d-6b58d40bd077"
  4: atlassian.jira.user id="712020:1bdc8553-00fa-4e1c-8d14-317bbafece92"
  5: atlassian.jira.user id="6183312e3e3753006f8c7baf"
  6: atlassian.jira.user id="626b14efc72f140069fc636c"
  7: atlassian.jira.user id="5b70c8b80fd0ac05d389f5e9"
  8: atlassian.jira.user id="5e6a646f5df5fb0cfee33989"
  9: atlassian.jira.user id="557058:cbc04d7b-be84-46eb-90e4-e567aa5332c6"
  10: atlassian.jira.user id="712020:45d1ce6f-7b4b-4190-8d93-1d709d7203f9"
  11: atlassian.jira.user id="5d53f3cbc6b9320d9ea5bdc2"
  12: atlassian.jira.user id="557058:950f9f5b-3d6d-4e1d-954a-21367ae9ac75"
  13: atlassian.jira.user id="5cf112d31552030f1e3a5905"
  14: atlassian.jira.user id="712020:f4b1ca94-1967-48c6-9c22-b04a9e999fae"
  15: atlassian.jira.user id="6035864ce2020c0070b5285b"
  16: atlassian.jira.user id="60e5a86a471e61006a4c51fd"
  17: atlassian.jira.user id="5d9b2860cd50b80dcea8a5b7"
  18: atlassian.jira.user id="5d9afe0010f4800c341a2bba"
  19: atlassian.jira.user id="626b1500b31e6f006863c12d"
]
cnquery> atlassian.jira.users.first.name
atlassian.jira.users.first.name: "Alert Integration"
cnquery> atlassian.jira.users[9].name
atlassian.jira.users[9].name: "Confluence Analytics (System)"
cnquery> atlassian.jira.users[15].name
atlassian.jira.users[15].name: "Microsoft Teams for Confluence Cloud"
cnquery> atlassian.jira.users[19].name
atlassian.jira.users[19].name: "Patrick Münch"

@mariuskimmina mariuskimmina force-pushed the atlassian-provider branch 2 times, most recently from be777c9 to 4840891 Compare October 6, 2023 14:13
imilchev
imilchev reviewed Oct 16, 2023
View reviewed changes
providers/atlassian/provider/provider.go Outdated Show resolved Hide resolved
providers/atlassian/provider/provider.go Outdated
asset.Name = conn.Host()

asset.Platform = conn.PlatformInfo()
asset.PlatformIds = []string{"//platformid.api.mondoo.app/runtime/atlassian"}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this won't work. Each asset needs to have a unique and consistent platform ID. This provider can produce 3 different assets now - jira, confluence and admin. Each of them needs to have unique platform ID that also contains the specific ID of the product instance that is being scanned. For example, when I scan 2 different Jira instances I need to have 2 different platform IDs. What probably makes most sense is to generate the platform ID in the specific connection

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be looking better now

providers/atlassian/resources/atlassian.lr Outdated Show resolved Hide resolved
providers/atlassian/resources/atlassian.lr Show resolved Hide resolved
providers/atlassian/resources/atlassian.lr Show resolved Hide resolved
providers/atlassian/resources/atlassian_admin.go Outdated Show resolved Hide resolved
providers/atlassian/resources/atlassian_admin.go Outdated Show resolved Hide resolved
providers/atlassian/resources/atlassian_jira.go
conn := a.MqlRuntime.Connection.(*jira.JiraConnection)
jira := conn.Client()
validate := ""
jql := "order by created DESC"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: this can be defined as a const

providers/atlassian/resources/atlassian_jira.go Outdated
mqlAtlassianJiraIssue, err := CreateResource(a.MqlRuntime, "atlassian.jira.issue",
map[string]*llx.RawData{
"id": llx.StringData(issue.ID),
"project": llx.StringData(issue.Fields.Project.Name),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i guess we can get more than this data. At least the name/description would be nice

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added the description, I actually can't find a field name or title or anything similar

providers/atlassian/connection/connection.go
var conn shared.Connection
var err error
fmt.Println("Product: ", conf.Options["product"])
switch conf.Options["product"] {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not use the conf.Type field for this. This is exactly what it is intended for

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Type just ends up being "atlassian" all the time, looking into it

@mariuskimmina mariuskimmina mentioned this pull request Oct 16, 2023
Merged
@github-actions github-actions bot locked and limited conversation to collaborators Oct 16, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@imilchev imilchev imilchev left review comments

Assignees

@mariuskimmina mariuskimmina

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mariuskimmina @imilchev