-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ New vulnmgmt resources #2654
✨ New vulnmgmt resources #2654
Conversation
This requires mondoohq/mondoo-go#10 |
64afd6a
to
7e2abf6
Compare
This comment has been minimized.
This comment has been minimized.
7e2abf6
to
31170b9
Compare
This comment has been minimized.
This comment has been minimized.
@@ -0,0 +1,208 @@ | |||
package gql |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The GQL queries are in core cnquery, because I assume we need to use them in different providers. Currently it is only os, but vsphere will follow and perhaps more.
f4387f5
to
77491b1
Compare
4049cd3
to
c6a7a55
Compare
c6a7a55
to
9fa7001
Compare
providers/os/resources/vulnmgmt.go
Outdated
} | ||
|
||
// get new gql client | ||
mondooClient, err := gql.NewClient(mcc.UpstreamConfig, mcc.HttpClient) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you are creating a new GQL client in multiple functions. Isn't it better to make the GQL client part of the connection or part of the mqlVulnmgmt
instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice idea.
I added it to a cache, so we can re-use it, but do not need to create it upfront.
} | ||
|
||
func (v *mqlVulnmgmt) stats() (*mqlAuditCvss, error) { | ||
return nil, v.populateData() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't that return also the actual value?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not needed. That's some MQL black magic: https://github.com/mondoohq/cnquery/blob/main/providers/os/resources/command.go#L58
But a comment might also be helpful here. I added it.
3a70b52
to
ee06411
Compare
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Co-authored-by: Ivan Milchev <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
Signed-off-by: Christian Zunker <[email protected]>
ee06411
to
7a0e9f7
Compare
This moves the vuln scanning server-side and adds new resources.
E.g.: