-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
⭐️ use cnspec for policy execution #48
Conversation
This comment has been minimized.
This comment has been minimized.
9941d5d
to
edd0ba7
Compare
This is required to switch our packer plugin to use cnquery / cnspec. See mondoohq/packer-plugin-cnspec#48 for more details.
- allow other components to easily reuse the worst score calculation - is going to be used in mondoohq/packer-plugin-cnspec#48 once merged
edd0ba7
to
3282702
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chris-rock I have tested both unregistered and registered builds on Linux and Windows. Linux works fine but Windows scans always produce the error:
mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: scan packer build
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: scan failed: failed to resolve multiple assets
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: failed to resolve multiple assets
==> mondoo-windows2019-secure-base-20221125182801.amazon-ebs.windows2019: Stopping the source instance...
I am happy to take a crack at the README
if you are ok with me adding to this branch. Just let me know.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
ccf4c8d
to
7966b00
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
132dbc2
to
47ab464
Compare
- update to go 1.19 - remove dependency on external binary - switch to use inventory instead of option piping
47ab464
to
1bbcfb2
Compare
This comment has been minimized.
This comment has been minimized.
1bbcfb2
to
dc9ea79
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
…o have better debug-ability Co-authored-by: Scott Ford <49754039+scottford-io@users.noreply.github.com>
Co-authored-by: Scott Ford <49754039+scottford-io@users.noreply.github.com>
dc9ea79
to
ce8c7fe
Compare
lgtm! |
cty dependency downgrade
Packer and Terraform use different versions of go cty. The problem is that packer does not work with the latest version of go-cty as documented here:
There are two issues, we cannot bundle both go-cty versions due to the fact that it is not labeled a major change. Out only option to get this working for now is to downgrade cty in cnquery and cnspec.
TODOs