Skip to content

feat(preflight): build preflight package for GCP #1718

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
PengyuanZhao merged 3 commits into from
Jun 10, 2025
Merged

feat(preflight): build preflight package for GCP #1718

PengyuanZhao merged 3 commits into from
Jun 10, 2025

Conversation

@PengyuanZhao
Copy link
Contributor

@PengyuanZhao PengyuanZhao commented Jun 3, 2025
edited
Loading

Summary

This PR creates the package which serves functions to do preflight checks for GCP integrations including Agentless, AuditLog and Config

Depend on #1716

How did you test this change?

Run integration test: preflight_gcp_test.go

Run the following and check the output:

package main

import (
	"fmt"
	"os"

	"github.com/lacework/go-sdk/v2/lwpreflight/gcp"
)

func main() {
	preflight, err := gcp.New(gcp.Params{
		Agentless: true,
		Config:    true,
		AuditLog:  true,
		Region:    "us-west2",
		ProjectID: "abc-demo-project-123",
		CredentialsFile: "/Users/pengyuan/.config/gcloud/application_default_credentials.json",
	})
	if err != nil {
		fmt.Println(err)
		return
	}

	result, err := preflight.Run()
	if err != nil {
		fmt.Println(err)
		return
	}

	fmt.Printf("%#v\n", result)
}

@PengyuanZhao PengyuanZhao requested a review from a team as a code owner June 3, 2025 15:04
@PengyuanZhao PengyuanZhao requested review from lwmobeent, marktabry and michaelhsiehlw and removed request for a team June 3, 2025 15:04
@PengyuanZhao PengyuanZhao changed the base branch from main to pengyuan/CAD-841 June 3, 2025 15:04
@github-actions
Copy link

github-actions bot commented Jun 3, 2025
edited
Loading

Lacework Code Security found potential new issues in this PR.

sca found potential 2 new issues 
		if limit := int64(maxReceiveMessageSize); limit < math.MaxInt64 {
			dcReader = io.LimitReader(dcReader, limit+1)
		}
		out, err := mem.ReadAll(dcReader, pool)
		if err != nil {
			out.Free()
			return nil, status.Errorf(codes.Internal, "grpc: failed to read decompressed data: %v", err)
		}

		if out.Len() > maxReceiveMessageSize {
			out.Free()
			return nil, status.Errorf(codes.ResourceExhausted, "grpc: received message after decompression larger than max %d", maxReceiveMessageSize)
		}

Base automatically changed from pengyuan/CAD-841 to main June 9, 2025 16:46
@lacework-code-security
Copy link

lacework-code-security bot commented Jun 9, 2025

(Audit Mode) Lacework IAC found 2 new violations
Violation Severity File Guidelines
Ensure that HEALTHCHECK instructions have been added to container images Low dependencies.Dockerfile VIEW
Ensure that a user for the container has been created Low dependencies.Dockerfile VIEW

@lacework-code-security
Copy link

lacework-code-security bot commented Jun 9, 2025

(Audit Mode) sca found potential 2 new issues 
		if limit := int64(maxReceiveMessageSize); limit < math.MaxInt64 {
			dcReader = io.LimitReader(dcReader, limit+1)
		}
		out, err := mem.ReadAll(dcReader, pool)
		if err != nil {
			out.Free()
			return nil, status.Errorf(codes.Internal, "grpc: failed to read decompressed data: %v", err)
		}

		if out.Len() > maxReceiveMessageSize {
			out.Free()
			return nil, status.Errorf(codes.ResourceExhausted, "grpc: received message after decompression larger than max %d", maxReceiveMessageSize)
		}

lokesh-vadlamudi
lokesh-vadlamudi approved these changes Jun 9, 2025
View reviewed changes
Copy link
Collaborator

@lokesh-vadlamudi lokesh-vadlamudi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@PengyuanZhao PengyuanZhao merged commit cf972bd into main Jun 10, 2025
13 checks passed
@PengyuanZhao PengyuanZhao deleted the pengyuan/CAD-842 branch June 10, 2025 16:10
@lacework-releng lacework-releng mentioned this pull request Jun 10, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lokesh-vadlamudi lokesh-vadlamudi lokesh-vadlamudi approved these changes

@marktabry marktabry Awaiting requested review from marktabry marktabry was automatically assigned from lacework/eng-product-platform

@lwmobeent lwmobeent Awaiting requested review from lwmobeent lwmobeent was automatically assigned from lacework/eng-product-platform

@michaelhsiehlw michaelhsiehlw Awaiting requested review from michaelhsiehlw michaelhsiehlw was automatically assigned from lacework/eng-product-platform

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PengyuanZhao @lokesh-vadlamudi