⭐ add the mondoo provider

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

Makefile

@@ -211,7 +211,8 @@ providers/build: \
 	providers/build/cloudformation \
 	providers/build/shodan \
 	providers/build/ansible \
-	providers/build/snowflake
+	providers/build/snowflake \
+	providers/build/mondoo
 
 .PHONY: providers/install
 # Note we need \ to escape the target line into multiple lines
@@ -240,7 +241,8 @@ providers/install: \
 	providers/install/cloudformation \
 	providers/install/shodan \
 	providers/install/ansible \
-	providers/install/snowflake
+	providers/install/snowflake \
+	providers/install/mondoo
 
 providers/build/mock: providers/lr
 	./lr go providers-sdk/v1/testutils/mockprovider/resources/mockprovider.lr
@@ -373,6 +375,11 @@ providers/build/snowflake: providers/lr
 providers/install/snowflake:
 	@$(call installProvider, providers/snowflake)
 
+providers/build/mondoo: providers/lr
+	@$(call buildProvider, providers/mondoo)
+providers/install/mondoo:
+	@$(call installProvider, providers/mondoo)
+
 providers/dist:
 	@$(call buildProviderDist, providers/network)
 	@$(call buildProviderDist, providers/os)
@@ -399,6 +406,7 @@ providers/dist:
 	@$(call buildProviderDist, providers/shodan)
 	@$(call buildProviderDist, providers/ansible)
 	@$(call buildProviderDist, providers/snowflake)
+	@$(call buildProviderDist, providers/mondoo)
 
 providers/bundle:
 	@$(call bundleProvider, providers/network)
@@ -426,6 +434,7 @@ providers/bundle:
 	@$(call bundleProvider, providers/shodan)
 	@$(call bundleProvider, providers/ansible)
 	@$(call bundleProvider, providers/snowflake)
+	@$(call bundleProvider, providers/mondoo)
 
 providers/test:
 	@$(call testProvider, providers/core)
@@ -454,6 +463,7 @@ providers/test:
 	@$(call testGoModProvider, providers/shodan)
 	@$(call testGoModProvider, providers/ansible)
 	@$(call testGoModProvider, providers/snowflake)
+	@$(call testGoModProvider, providers/mondoo)
 
 lr/test:
 	go test ./resources/lr/...
@@ -577,11 +587,6 @@ lr/docs/markdown: providers/lr
 		--description "The Slack resource pack lets you use MQL to query and assess the security of your Slack identities and configuration." \
 		--docs-file providers/slack/resources/slack.lr.manifest.yaml \
 		--output ../docs/docs/mql/resources/slack-pack
-	./lr markdown providers/snowflake/resources/snowflake.lr \
-		--pack-name "Snowflake" \
-		--description "The Snowflake resource pack lets you use MQL to query and assess the security of your Snowflake identities and configuration." \
-		--docs-file providers/snowflake/resources/snowflake.lr.manifest.yaml \
-		--output ../docs/docs/mql/resources/snowflake-pack
 	./lr markdown providers/terraform/resources/terraform.lr \
 		--pack-name "Terraform IaC" \
 		--description "The Terraform IaC resource pack lets you use MQL to query and assess the security of your Terraform HCL, plan, and state resources." \
@@ -597,6 +602,16 @@ lr/docs/markdown: providers/lr
 		--description "The VMware vSphere resource pack lets you use MQL to query and assess the security of your VMware vSphere hosts and services." \
 		--docs-file providers/vsphere/resources/vsphere.lr.manifest.yaml \
 		--output ../docs/docs/mql/resources/vsphere-pack
+	./lr markdown providers/snowflake/resources/snowflake.lr \
+		--pack-name "Snowflake" \
+		--description "The Snowflake resource pack lets you use MQL to query and assess the security of your Snowflake identities and configuration." \
+		--docs-file providers/snowflake/resources/snowflake.lr.manifest.yaml \
+		--output ../docs/docs/mql/resources/snowflake-pack
+	./lr markdown providers/mondoo/resources/mondoo.lr \
+		--pack-name "Mondoo" \
+		--description "The Mondoo resource pack lets you interact with the Mondoo platform and its assets and resources." \
+		--docs-file providers/mondoo/resources/mondoo.lr.manifest.yaml \
+		--output ../docs/docs/mql/resources/mondoo-pack
 
 lr/docs/stats:
 	@echo "Please remember to re-run before using this:"

providers/mondoo/config/config.go

@@ -0,0 +1,27 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package config
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/mondoo/provider"
+)
+
+var Config = plugin.Provider{
+	Name:            "mondoo",
+	ID:              "go.mondoo.com/cnquery/v11/providers/mondoo",
+	Version:         "11.0.0",
+	ConnectionTypes: []string{provider.DefaultConnectionType},
+	Connectors: []plugin.Connector{
+		{
+			Name:      "mondoo",
+			Use:       "mondoo",
+			Short:     "a Mondoo platform",
+			MinArgs:   0,
+			MaxArgs:   4,
+			Discovery: []string{},
+			Flags:     []plugin.Flag{},
+		},
+	},
+}

providers/mondoo/connection/connection.go

@@ -0,0 +1,46 @@
+package connection
+
+import (
+	"encoding/json"
+
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/upstream"
+	"go.mondoo.com/cnquery/v11/utils/multierr"
+	"go.mondoo.com/mondoo-go"
+	"go.mondoo.com/mondoo-go/option"
+)
+
+type Connection struct {
+	plugin.Connection
+	Upstream *upstream.UpstreamClient
+	Client   *mondoogql.Client
+}
+
+func New(id uint32, asset *inventory.Asset, conf *inventory.Config, upstream *upstream.UpstreamClient) (*Connection, error) {
+	creds := upstream.GetCreds()
+	rawCreds, err := json.Marshal(creds)
+	if err != nil {
+		return nil, multierr.Wrap(err, "failed to wrap credentials for Mondoo API client")
+	}
+
+	client, err := mondoogql.NewClient(
+		option.UseUSRegion(),
+		// option.WithAPIToken(os.Getenv("MONDOO_API_TOKEN")),
+		option.WithHTTPClient(upstream.HttpClient),
+		option.WithServiceAccount(rawCreds),
+	)
+	if err != nil {
+		return nil, multierr.Wrap(err, "failed to initialize Mondoo API client")
+	}
+
+	return &Connection{
+		Connection: plugin.NewConnection(id, asset),
+		Client:     client,
+		Upstream:   upstream,
+	}, nil
+}
+
+func (c Connection) Name() string {
+	return "mondoo"
+}

providers/mondoo/gen/main.go

@@ -0,0 +1,13 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package main
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin/gen"
+	"go.mondoo.com/cnquery/v11/providers/mondoo/config"
+)
+
+func main() {
+	gen.CLI(&config.Config)
+}

providers/mondoo/go.mod

@@ -0,0 +1,150 @@
+module go.mondoo.com/cnquery/v11/providers/mondoo
+
+replace go.mondoo.com/cnquery/v11 => ../..
+
+go 1.22.0
+
+toolchain go1.22.3
+
+require (
+	go.mondoo.com/cnquery/v11 v11.0.0-00010101000000-000000000000
+	go.mondoo.com/mondoo-go v0.0.0-20240716062427-ec95d879cbe7
+)
+
+require (
+	cloud.google.com/go v0.115.0 // indirect
+	cloud.google.com/go/auth v0.7.1 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.3 // indirect
+	cloud.google.com/go/compute/metadata v0.5.0 // indirect
+	cloud.google.com/go/iam v1.1.11 // indirect
+	cloud.google.com/go/kms v1.18.3 // indirect
+	cloud.google.com/go/longrunning v0.5.10 // indirect
+	cloud.google.com/go/secretmanager v1.13.4 // indirect
+	cloud.google.com/go/storage v1.43.0 // indirect
+	dario.cat/mergo v1.0.0 // indirect
+	github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
+	github.com/99designs/keyring v1.2.2 // indirect
+	github.com/GoogleCloudPlatform/berglas v1.0.3 // indirect
+	github.com/Masterminds/semver v1.5.0 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProtonMail/go-crypto v1.0.0 // indirect
+	github.com/aws/aws-sdk-go v1.54.20 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.30.3 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.27.27 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.27 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.32.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssm v1.52.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
+	github.com/aws/smithy-go v1.20.3 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
+	github.com/cloudflare/circl v1.3.9 // indirect
+	github.com/cockroachdb/errors v1.11.3 // indirect
+	github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b // indirect
+	github.com/cockroachdb/redact v1.1.5 // indirect
+	github.com/cyphar/filepath-securejoin v0.3.0 // indirect
+	github.com/danieljoos/wincred v1.2.2 // indirect
+	github.com/dvsekhvalnov/jose2go v1.7.0 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/fatih/color v1.17.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/getsentry/sentry-go v0.28.1 // indirect
+	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
+	github.com/go-git/go-billy/v5 v5.5.0 // indirect
+	github.com/go-git/go-git/v5 v5.12.0 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.3 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
+	github.com/gofrs/uuid v4.4.0+incompatible // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/s2a-go v0.1.7 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/gax-go/v2 v2.12.5 // indirect
+	github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-hclog v1.6.3 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-plugin v1.6.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hashicorp/vault/api v1.14.0 // indirect
+	github.com/hashicorp/yamux v0.1.1 // indirect
+	github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f // indirect
+	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/kevinburke/ssh_config v1.2.0 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/mtibben/percent v0.2.1 // indirect
+	github.com/muesli/termenv v0.15.2 // indirect
+	github.com/oklog/run v1.1.0 // indirect
+	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/rogpeppe/go-internal v1.12.0 // indirect
+	github.com/rs/zerolog v1.33.0 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/segmentio/fasthash v1.0.3 // indirect
+	github.com/segmentio/ksuid v1.0.4 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
+	github.com/sethvargo/go-retry v0.2.4 // indirect
+	github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	go.mondoo.com/ranger-rpc v0.6.2 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
+	go.opentelemetry.io/otel v1.28.0 // indirect
+	go.opentelemetry.io/otel/metric v1.28.0 // indirect
+	go.opentelemetry.io/otel/trace v1.28.0 // indirect
+	go.uber.org/mock v0.4.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/oauth2 v0.21.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
+	google.golang.org/api v0.188.0 // indirect
+	google.golang.org/genproto v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/grpc v1.65.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	gopkg.in/warnings.v0 v0.1.2 // indirect
+	moul.io/http2curl v1.0.0 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)