Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql column of the introspection table steampipe_control returns null #3148

Closed
misraved opened this issue Feb 24, 2023 · 4 comments
Closed

sql column of the introspection table steampipe_control returns null #3148

misraved opened this issue Feb 24, 2023 · 4 comments
Assignees
@kaidaguerre
Labels
bug Something isn't working stale No recent activity has been detected on this issue/PR and it will be closed

Comments

@misraved
Copy link
Contributor

Describe the bug
The sql column of the introspection table steampipe_control returns null when controls use query = query.<query_file_name> format for linking to the SQL query.

This issue doesn't come up if the old format of query reference is used -
sql = query.<query_file_name>.sql

Steampipe version (steampipe -v)
Example: v0.19.0-rc.3

To reproduce

  1. In the steampipe-mod-aws-compliance folder, run steampipe query
  2. Run the query - select resource_name, SQL from steampipe_control where resource_name = 'cis_v130_2_1_2'
  3. Output:
+----------------+--------+
| resource_name  | sql    |
+----------------+--------+
| cis_v130_2_1_2 | <null> |
+----------------+--------+

Expected behavior
The control should return the associated query.

Additional context
Workaround:
You could revert to an earlier version of the compliance mod - Please run git checkout v0.54 (This change was implemented in v0.55)

Running the same query -

> select resource_name, sql from steampipe_control where resource_name = 'cis_v130_2_1_2'
+----------------+---------------------------------------------------------------------------+
| resource_name  | sql                                                                       |
+----------------+---------------------------------------------------------------------------+
| cis_v130_2_1_2 | with ssl_ok as (                                                          |
|                |   select                                                                  |
|                |     distinct name,                                                        |
|                |     arn,                                                                  |
|                |     'ok' as status                                                        |
|                |   from                                                                    |
|                |     aws_s3_bucket,                                                        |
|                |     jsonb_array_elements(policy_std -> 'Statement') as s,                 |
|                |     jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p,            |
|                |     jsonb_array_elements_text(s -> 'Action') as a,                        |
|                |     jsonb_array_elements_text(s -> 'Resource') as r,                      |
|                |     jsonb_array_elements_text(                                            |
|                |       s -> 'Condition' -> 'Bool' -> 'aws:securetransport'                 |
|                |     ) as ssl                                                              |
|                |   where                                                                   |
|                |     p = '*'                                                               |
|                |     and s ->> 'Effect' = 'Deny'                                           |
|                |     and ssl :: bool = false                                               |
|                | )                                                                         |
|                | select                                                                    |
|                |   -- Required Columns                                                     |
|                |   b.arn as resource,                                                      |
|                |   case                                                                    |
|                |     when ok.status = 'ok' then 'ok'                                       |
|                |     else 'alarm'                                                          |
|                |   end status,                                                             |
|                |   case                                                                    |
|                |     when ok.status = 'ok' then b.name || ' bucket policy enforces HTTPS.' |
|                |     else b.name || ' bucket policy does not enforce HTTPS.'               |
|                |   end reason,                                                             |
|                |   -- Additional Dimensions                                                |
|                |   b.region,                                                               |
|                |   b.account_id                                                            |
|                | from                                                                      |
|                |   aws_s3_bucket as b                                                      |
|                |   left join ssl_ok as ok on ok.name = b.name;                             |
+----------------+---------------------------------------------------------------------------+

Relevant slack thread - https://steampipe.slack.com/archives/C01UECB59A7/p1677219398282809
@misraved misraved added the bug Something isn't working label Feb 24, 2023
@pskrbasu pskrbasu mentioned this issue Feb 27, 2023
Closed
@github-actions
Copy link

'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.'

@github-actions github-actions bot added the stale No recent activity has been detected on this issue/PR and it will be closed label Apr 25, 2023
@github-actions
Copy link

This issue was closed because it has been stalled for 90 days with no activity.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 25, 2023
@kaidaguerre kaidaguerre reopened this Dec 22, 2023
@github-actions github-actions bot removed the stale No recent activity has been detected on this issue/PR and it will be closed label Dec 23, 2023
@github-actions GitHub Actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

@github-actions github-actions bot added the stale No recent activity has been detected on this issue/PR and it will be closed label Feb 21, 2024
@kaidaguerre
Copy link
Contributor

closing as introspection tables are deprecated in steampipe

@kaidaguerre kaidaguerre closed this as not planned Won't fix, can't repro, duplicate, stale Mar 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kaidaguerre kaidaguerre

Labels
bug Something isn't working stale No recent activity has been detected on this issue/PR and it will be closed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kaidaguerre @misraved