🐛 fix github discovery for v9

[vjeffrey]

fixes #1644

[czunker]

Thanks for fixing this @vjeffrey

[czunker]

I gave it a try:

cnquery run github org mondoohq --discover repos -c "github.repository.license.spdxId" --verbose                           ✔ │ 06:20:34 
DBG using provider github with connector github
DBG no need to update provider last-refresh=58.448175428s provider=github
DBG running provider plugin path=/home/christian/.config/mondoo/providers/github/github
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
DBG resolved 27 assets
DBG starting query execution qrid=Xiag1Adi3l0=
DBG finished query execution qrid=Xiag1Adi3l0=
DBG rmN/PU9BjTuMDKP3oZQ+j/kU/Cfvkp43OHrhOb+XrZl8zyhYpzNgNYLj9DnlWxhtCnFZPFGJU0gBGky8CvE4lw== finished
DBG graph has received all datapoints
rpc error: code = Unknown desc = no user provided
github.repository.license.spdxId: no data available
DBG starting query execution qrid=Xiag1Adi3l0=
DBG rmN/PU9BjTuMDKP3oZQ+j/kU/Cfvkp43OHrhOb+XrZl8zyhYpzNgNYLj9DnlWxhtCnFZPFGJU0gBGky8CvE4lw== finished
DBG graph has received all datapoints
DBG finished query execution qrid=Xiag1Adi3l0=
rpc error: code = Unknown desc = no user provided
....

To me, it looks like the discovery of the repos is working. But then some data is missing to actually create the repo resource.

[vjeffrey]

if i try to run the command you tried in v8, i also error --- i think it needs to be:

go run apps/cnquery/cnquery.go run github org mondoohq  -c "github.organization.repositories{license.spdxId }" --verbose

[czunker]

if i try to run the command you tried in v8, i also error --- i think it needs to be:

go run apps/cnquery/cnquery.go run github org mondoohq  -c "github.organization.repositories{license.spdxId }" --verbose

I did a bit more testing. My first command was wrong, but what I tried to achieve, works in v8 in case you use the correct parameters:

cnquery run github org mondoohq --discover repository -c "github.repository.license.spdxId"                                                                       
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
→ discover related assets for 1 asset(s)
→ resolved assets resolved-assets=26
Query encountered errors:
cannot cast resource to resource type: <nil>
github.repository.license.spdxId: no data available
...
github.repository.license.spdxId: "Apache-2.0"
github.repository.license.spdxId: "MPL-2.0"
github.repository.license.spdxId: "MPL-2.0"

...

In my first try, I used the wrong discovery option: --discover repo instead of --discover repository

But using the correct discovery in v9, does not show the same result as in v8.

[czunker]

Also the error message in my first try was misleading. I opened a PR to fix this: #1657

[vjeffrey]

alright, this is fixed up now,
cnquery shell github org mondoohq --discover all
cnquery shell github org mondoohq --discover repos,users

[vjeffrey]

hmm, actually i have the platform ids, they look a little off

[czunker]

alright, this is fixed up now, cnquery shell github org mondoohq --discover all cnquery shell github org mondoohq --discover repos,users

The discovery options are different for v8:

cnquery run github org mondoohq --discover repository -c "asset{ ids }" 
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
→ discover related assets for 1 asset(s)
→ resolved assets resolved-assets=26
asset: {
  ids: [
    0: "//platformid.api.mondoo.app/runtime/github/owner/mondoohq/repository/installer"
  ]
}
...

v9:

cnquery run github org mondoohq --discover repos -c "asset{ ids }" 
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
asset: {
  ids: [
    0: "//platformid.api.mondoo.app/runtime/github/organization/Mondoo Inc"
  ]
}
asset: {
  ids: [
    0: "//platformid.api.mondoo.app/runtime/github/owner/Mondoo Inc/repository/installer"
  ]
}

And as already mentioned the platformIDs: "Mondoo Inc" vs. "mondoohq"

[czunker]

Nice! That's actually a new feature. We don't have this in v8.

[czunker]

@vjeffrey I'd like your opinion on this one.

When I keep it as is, this panics:

cnquery run github repo czunker/go-vex -c "github.repository{ name branches[0]{*} commits[0]{*} }" 
! using builtin provider for github
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
! using builtin provider for github
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x1180360]

goroutine 14 [running]:
go.mondoo.com/cnquery/providers/github/resources.(*mqlGithubBranchprotection).MqlID(0x2f0000c000cd04ea?)
	/home/christian/workspace/mondoo/github.com/cnquery/providers/github/resources/github.lr.go:3937
go.mondoo.com/cnquery/llx.resource2result({0x22861a0, 0x0}, {0xc000fea348, 0x18})
	/home/christian/workspace/mondoo/github.com/cnquery/llx/data_conversions.go:313 +0x52

When I only create a resource with an ID, it prevents the panic, but I get "cannot convert" error.

In v8, this simply displayed as "null":

cnquery run github repo czunker/go-vex -c "github.repository{ name branches[0]{ name protectionRules {*} } commits[0]{ sha commit {*}} }"
...
github.repository: {
...
  name: "go-vex"
  branches[0]: {
    protectionRules: null
    name: "christian/extend_csaf_advisories"
  }
}

This change works, but is quite different from v8. Also, this might apply to other resources.

[vjeffrey]

i'll check that out, i think i ran into that before on aws

[vjeffrey]

this looks like it's an issue not limited to this resource -- returning nil in these types of situations isn't behaving the way we expect it to - so we can probably move this pr forward and fix that in a followup

[czunker]

I rebased this on main, as #1726 was merged.

I changed the field accordingly, and now it looks good:

nquery run github repo czunker/go-vex -c "github.repository{ name branches[0]{ name protectionRules {*} }}" --verbose 
DBG using provider github with connector github
DBG no need to update provider last-refresh=29.146104804s provider=github
DBG running provider plugin path=/home/christian/.config/mondoo/providers/github/github
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
DBG resolved 1 assets
...
github.repository: {
  name: "go-vex"
  branches[0]: {
    protectionRules: null
    name: "christian/extend_csaf_advisories"
  }
}

[vjeffrey]

awesome! thank you @arlimus for that fix!

[czunker]

I gave some other fields a try where we also return nil, nil, but those seem fine, e.g.:

cnquery run github repo czunker/backend -c "github.repository.openMergeRequests{*}"
...
github.repository.openMergeRequests: []

@vjeffrey I think this PR is done for now, or do you see any open topics?

[czunker]

LGTM. @vjeffrey should have another look as I also did part of the commits.

[vjeffrey]

just tested again, this is working great, lets get it in!