🐛 Replace fsconn with local connection for docker files, allow runnin…

…g commands (#3889)

* 🐛 Replace fsconn with local connection for docker files, allow running commands to evaluate the file properties.

Signed-off-by: Preslav <preslav@mondoo.com>

* Only support docker file in docker, local and ssh connections.

Signed-off-by: Preslav <preslav@mondoo.com>

---------

Signed-off-by: Preslav <preslav@mondoo.com>

providers/os/connection/docker/dockerfile.go → providers/os/connection/docker/dockerfile_connection.go

@@ -11,7 +11,7 @@ import (
 	"path/filepath"
 
 	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
-	"go.mondoo.com/cnquery/v11/providers/os/connection/fs"
+	"go.mondoo.com/cnquery/v11/providers/os/connection/local"
 	"go.mondoo.com/cnquery/v11/providers/os/connection/shared"
 	"go.mondoo.com/cnquery/v11/utils/multierr"
 	"go.mondoo.com/cnquery/v11/utils/urlx"
@@ -20,11 +20,11 @@ import (
 var _ shared.Connection = &DockerfileConnection{}
 
 type DockerfileConnection struct {
-	*fs.FileSystemConnection
+	*local.LocalConnection
 	Filename string
 }
 
-func NewDockerfile(id uint32, conf *inventory.Config, asset *inventory.Asset) (*DockerfileConnection, error) {
+func NewDockerfileConnection(id uint32, conf *inventory.Config, asset *inventory.Asset, localConn *local.LocalConnection, localFamily []string) (*DockerfileConnection, error) {
 	if conf == nil {
 		return nil, errors.New("missing configuration to create dockerfile connection")
 	}
@@ -53,21 +53,17 @@ func NewDockerfile(id uint32, conf *inventory.Config, asset *inventory.Asset) (*
 		conf.Path = absSrc
 	}
 
-	fsconn, err := fs.NewConnection(id, conf, asset)
-	if err != nil {
-		return nil, err
-	}
-
 	asset.Platform = &inventory.Platform{
 		Name:    "dockerfile",
 		Title:   "Dockerfile",
 		Family:  []string{"docker"},
 		Kind:    "code",
 		Runtime: "docker",
 	}
+	// this helps with running commands against the local connection
+	asset.Platform.Family = append(asset.Platform.Family, localFamily...)
 
-	url, ok := asset.Connections[0].Options["ssh-url"]
-	if ok {
+	if url, ok := asset.Connections[0].Options["ssh-url"]; ok {
 		domain, org, repo, err := urlx.ParseGitSshUrl(url)
 		if err != nil {
 			return nil, err
@@ -88,8 +84,10 @@ func NewDockerfile(id uint32, conf *inventory.Config, asset *inventory.Asset) (*
 		asset.Name = "Dockerfile analysis " + filename
 	}
 
-	return &DockerfileConnection{
-		FileSystemConnection: fsconn,
-		Filename:             filename,
-	}, nil
+	conn := &DockerfileConnection{
+		LocalConnection: localConn,
+		Filename:        filename,
+	}
+
+	return conn, nil
 }

providers/os/provider/provider.go

@@ -26,6 +26,7 @@ import (
 	"go.mondoo.com/cnquery/v11/providers/os/connection/tar"
 	"go.mondoo.com/cnquery/v11/providers/os/connection/vagrant"
 	"go.mondoo.com/cnquery/v11/providers/os/connection/winrm"
+	"go.mondoo.com/cnquery/v11/providers/os/detector"
 	"go.mondoo.com/cnquery/v11/providers/os/id"
 	"go.mondoo.com/cnquery/v11/providers/os/resources"
 	"go.mondoo.com/cnquery/v11/providers/os/resources/discovery/docker_engine"
@@ -402,7 +403,15 @@ func (s *Service) connect(req *plugin.ConnectReq, callback plugin.ProviderCallba
 			conn, err = docker.NewContainerImageConnection(connId, conf, asset)
 
 		case shared.Type_DockerFile.String():
-			conn, err = docker.NewDockerfile(connId, conf, asset)
+			local := local.NewConnection(connId, conf, asset)
+			// we need to identify the local OS family so that we're able to resolve the file details
+			// properly
+			localFamily := []string{}
+			os, ok := detector.DetectOS(local)
+			if ok {
+				localFamily = os.Family
+			}
+			conn, err = docker.NewDockerfileConnection(connId, conf, asset, local, localFamily)
 
 		case shared.Type_DockerRegistry.String(), shared.Type_ContainerRegistry.String():
 			conn, err = container.NewRegistryConnection(connId, asset)

providers/os/resources/docker_file.go

@@ -16,11 +16,23 @@ import (
 	"go.mondoo.com/cnquery/v11/llx"
 	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
 	"go.mondoo.com/cnquery/v11/providers/os/connection/docker"
+	"go.mondoo.com/cnquery/v11/providers/os/connection/local"
+	"go.mondoo.com/cnquery/v11/providers/os/connection/ssh"
 	"go.mondoo.com/cnquery/v11/types"
 	"go.mondoo.com/cnquery/v11/utils/multierr"
 )
 
 func initDockerFile(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) {
+	// the dockerfile connection is a wrapper around the local one
+	// NOTE: we might have to extend this in the future if we start supporting docker files from other connections (e.g. tar)
+	_, isDockerConn := runtime.Connection.(*docker.DockerfileConnection)
+	_, isSshConn := runtime.Connection.(*ssh.Connection)
+	_, isLocalConn := runtime.Connection.(*local.LocalConnection)
+	// if neither, we set the file to nil.
+	if !isDockerConn && !isSshConn && !isLocalConn {
+		return args, nil, nil
+	}
+
 	// if users supply a file, we don't have to run any fancy initialization,
 	// since most of this function deals with trying to find the dockerfile
 	if _, ok := args["file"]; ok {

providers/os/resources/user.go

@@ -16,6 +16,7 @@ import (
 	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
 	"go.mondoo.com/cnquery/v11/providers/os/connection/shared"
 	"go.mondoo.com/cnquery/v11/providers/os/resources/users"
+	"go.mondoo.com/cnquery/v11/utils/multierr"
 )
 
 func (x *mqlUser) id() (string, error) {
@@ -118,13 +119,16 @@ func (x *mqlUsers) list() ([]interface{}, error) {
 
 	conn := x.MqlRuntime.Connection.(shared.Connection)
 	um, err := users.ResolveManager(conn)
-	if um == nil || err != nil {
+	if err != nil {
+		return nil, multierr.Wrap(err, "cannot resolve users manager")
+	}
+	if um == nil {
 		return nil, errors.New("cannot find users manager")
 	}
 
 	users, err := um.List()
 	if err != nil {
-		return nil, errors.New("could not retrieve users list")
+		return nil, multierr.Wrap(err, "could not retrieve users list")
 	}
 
 	var res []interface{}