go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/_motor/discovery/common/credentials.go

go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/_motor/discovery/common/credentials.go (about)

     1  // Copyright (c) Mondoo, Inc.
     2  // SPDX-License-Identifier: BUSL-1.1
     3  
     4  package common
     5  
     6  import (
     7  	"github.com/rs/zerolog/log"
     8  	inventory "go.mondoo.com/cnquery/motor/inventory/v1"
     9  	"go.mondoo.com/cnquery/motor/vault"
    10  )
    11  
    12  type (
    13  	// QuerySecretFn is used during discovery phase to identify a secret for an asset
    14  	QuerySecretFn func(a *inventory.Asset) (*vault.Credential, error)
    15  )
    16  
    17  func EnrichAssetWithSecrets(a *inventory.Asset, sfn QuerySecretFn) {
    18  	for j := range a.Connections {
    19  		conn := a.Connections[j]
    20  
    21  		// NOTE: for now we only add credentials for ssh, we may revisit that in the future
    22  		if len(conn.Credentials) == 0 && conn.Type == "ssh" {
    23  			creds, err := sfn(a)
    24  			if err == nil && creds != nil {
    25  				conn.Credentials = []*vault.Credential{creds}
    26  			} else {
    27  				log.Warn().Str("name", a.Name).Msg("could not determine credentials for asset")
    28  			}
    29  		}
    30  	}
    31  }