From 1a93e86f7be72af52d2fe6c0f978470b7ad3e541 Mon Sep 17 00:00:00 2001 From: Ivan Milchev Date: Mon, 4 Sep 2023 18:21:16 +0300 Subject: [PATCH] fix handling of cross-provider assets discovery for run command Signed-off-by: Ivan Milchev --- apps/cnquery/cmd/plugin.go | 44 +++++++++++++++++++++++++++- providers/k8s/resources/discovery.go | 16 ---------- 2 files changed, 43 insertions(+), 17 deletions(-) diff --git a/apps/cnquery/cmd/plugin.go b/apps/cnquery/cmd/plugin.go index 289a529e12..3711f398e7 100644 --- a/apps/cnquery/cmd/plugin.go +++ b/apps/cnquery/cmd/plugin.go @@ -117,7 +117,49 @@ func (c *cnqueryPlugin) RunQuery(conf *run.RunQueryConfig, runtime *providers.Ru } } - for i := range filteredAssets { + for _, asset := range filteredAssets { + // If the assets have platform IDs, then we have already connected to them via the + // current provider. + if len(asset.PlatformIds) > 0 { + continue + } + + // Make sure the provider for the asset is present + if err := runtime.DetectProvider(asset); err != nil { + return err + } + + err := runtime.Connect(&pp.ConnectReq{ + Features: config.Features, + Asset: asset, + Upstream: upstreamConfig, + }) + if err != nil { + return err + } + } + + // TODO: filter unique assets by platform ID + uniqueAssets := []*inventory.Asset{} + platformIds := map[string]struct{}{} + for _, asset := range filteredAssets { + found := false + for _, platformId := range asset.PlatformIds { + if _, ok := platformIds[platformId]; ok { + found = true + } + } + if found { + continue + } + + uniqueAssets = append(uniqueAssets, asset) + for _, platformId := range asset.PlatformIds { + platformIds[platformId] = struct{}{} + } + } + + for i := range uniqueAssets { connectAsset := filteredAssets[i] if err := runtime.DetectProvider(connectAsset); err != nil { return err diff --git a/providers/k8s/resources/discovery.go b/providers/k8s/resources/discovery.go index 1355600791..6c639da227 100644 --- a/providers/k8s/resources/discovery.go +++ b/providers/k8s/resources/discovery.go @@ -623,22 +623,6 @@ func discoverContainerImages(runtime *plugin.Runtime, invConfig *inventory.Confi }) } - // Convert the container images to assets. - // assets := make(map[string]*inventory.Asset) - // for _, i := range runningImages { - // a, err := newPodImageAsset(i) - // if err != nil { - // log.Error().Err(err).Msg("failed to convert container image to asset") - // continue - // } - - // // It is still possible to have unique images at this point. There might be - // // multiple image tags that actually point to the same digest. If we are scanning - // // a manifest, where there is no container status, we can only know that the 2 images - // // are identical after we resolve them with the container registry. - // assets[a.Labels["docker.io/digest"]] = a - // log.Debug().Str("name", a.Name).Str("image", a.Connections[0].Host).Msg("resolved pod") - // } return assetList, nil }