Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⭐️ use cnspec for policy execution #48

Merged
merged 7 commits into from
Nov 30, 2022
Merged

⭐️ use cnspec for policy execution #48

merged 7 commits into from
Nov 30, 2022

Conversation

chris-rock
Copy link
Member

@chris-rock chris-rock commented Nov 21, 2022
edited

  • update to go 1.19
  • remove dependency on external mondoo binary
  • switch to use inventory instead of config piping to external binary

cty dependency downgrade

Packer and Terraform use different versions of go cty. The problem is that packer does not work with the latest version of go-cty as documented here:

There are two issues, we cannot bundle both go-cty versions due to the fact that it is not labeled a major change. Out only option to get this working for now is to downgrade cty in cnquery and cnspec.

TODOs

@github-actions

This comment has been minimized.

Sign in to view
This was referenced Nov 21, 2022
Merged
Merged
chris-rock added a commit to mondoohq/cnquery that referenced this pull request Nov 21, 2022
@chris-rock
🐛 downgrade to cty 1.10.0 (#499)
a3fd595 
This is required to switch our packer plugin to use cnquery / cnspec.
See mondoohq/packer-plugin-cnspec#48 for more
details.
chris-rock added a commit to mondoohq/cnspec that referenced this pull request Nov 22, 2022
@chris-rock
🧹 move the worst score calculation to the ReportCollection (#202)
f4d581a 
- allow other components to easily reuse the worst score calculation
- is going to be used in
mondoohq/packer-plugin-cnspec#48 once merged
@scottford-io scottford-io self-requested a review November 23, 2022 17:33
scottford-io
scottford-io reviewed Nov 25, 2022
View reviewed changes
Copy link
Contributor

@scottford-io scottford-io left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@chris-rock I have tested both unregistered and registered builds on Linux and Windows. Linux works fine but Windows scans always produce the error:

    mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: scan packer build
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: scan failed: failed to resolve multiple assets
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: failed to resolve multiple assets
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: Stopping the source instance...

I am happy to take a crack at the README if you are ok with me adding to this branch. Just let me know.

README.md Outdated Show resolved Hide resolved
provisioner/provisioner.go Outdated Show resolved Hide resolved
@chris-rock chris-rock marked this pull request as ready for review November 28, 2022 16:06
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
@github-actions

This comment has been minimized.

Sign in to view
@chris-rock
⭐️ use cnspec for policy execution
63ba723 
- update to go 1.19
- remove dependency on external binary
- switch to use inventory instead of option piping
@github-actions

This comment has been minimized.

Sign in to view
scottford-io
scottford-io approved these changes Nov 29, 2022
View reviewed changes
Copy link
Contributor

@scottford-io scottford-io left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

preslavgerchev
preslavgerchev reviewed Nov 29, 2022
View reviewed changes
provisioner/provisioner.go Show resolved Hide resolved
provisioner/provisioner.go Show resolved Hide resolved
provisioner/provisioner.go Outdated Show resolved Hide resolved
provisioner/provisioner.go Show resolved Hide resolved
provisioner/provisioner.go Outdated Show resolved Hide resolved
chris-rock and others added 2 commits November 29, 2022 22:57
@chris-rock @scottford-io
🧹 Update README.md
643cd2f 
Co-authored-by: Scott Ford <49754039+scottford-io@users.noreply.github.com>
@chris-rock
🧹 update github action workflow
ce8c7fe
@preslavgerchev
Copy link
Contributor

lgtm!

@chris-rock chris-rock merged commit 62bd615 into main Nov 30, 2022
@chris-rock chris-rock deleted the chris-rock/cnspec branch November 30, 2022 18:26
@github-actions github-actions bot locked and limited conversation to collaborators Nov 30, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tas50 tas50 tas50 left review comments

@preslavgerchev preslavgerchev preslavgerchev approved these changes

@scottford-io scottford-io scottford-io approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@chris-rock @preslavgerchev @tas50 @scottford-io