go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers-sdk/v1/inventory/testdata/inventory.yaml (about)

     1  apiVersion: v1
     2  kind: Inventory
     3  metadata:
     4    name: mondoo-inventory
     5    labels:
     6      environment: production
     7  spec:
     8    # credential query is always used if no credential is directly assigned
     9    credential_query: "{ id: 'secret-1' }"
    10    assets:
    11      # windows with password authentication
    12      - id: windows
    13        connections:
    14          - host: 192.168.1.1
    15            backend: ssh
    16            credentials:
    17              - # should generate implicit type: password
    18                user: username
    19                password: pass
    20              - # should generate implicit type: private_key
    21                user: username
    22                private_key_path: ./private_key_01
    23                password: password
    24              - type: credentials_query
    25  
    26      # linux with ssh agent reference
    27      - id: linux-ssh-key
    28        connections:
    29          - host: example.com
    30            backend: ssh
    31            credentials:
    32              - type: ssh_agent # todo, make this a implicit?
    33                user: username
    34                # method: ssh-agent -> also read the ssh config
    35                # if nothing is provided we may activate this as default
    36      # linux with custom identity keys
    37      - id: linux-identity-key
    38        connections:
    39          - host: x
    40            backend: ssh
    41            credentials:
    42              - user: chris # implicit type private key
    43                private_key_path: ./private_key_02
    44      - id: linux-embedded-pem
    45        connections:
    46          - host: x
    47            backend: ssh
    48            credentials:
    49              - secret_id: secret-1
    50  
    51      - id: vsphere # asset with dynamic discovery
    52        connections:
    53          - host: 192.168.1.100
    54            backend: ssh
    55            credentials:
    56              - user: root # implicit type password
    57                password: pwd
    58              - type: credentials_query
    59        options:
    60          discover: all
    61          # platform vsphere instance id
    62          # if any discovered machine does not match the asset list then the credentials-query kicks in
    63  
    64        # no platform -> ssh connected read ssh hostkey (no hostname)
    65      - connections:
    66          - host: 192.134.100.1
    67            backend: ssh
    68            credentials:
    69              - secret_id: secret-2
    70  
    71      - name: asset x
    72        platform_ids:
    73          - //platform.mondoo.app/vsphere-id
    74          - //platform.mondoo.app/ssh-hostkey
    75          - //platform.mondoo.app/hostname
    76          - //platform.mondoo.app/machine-uuid
    77        connections:
    78          - credentials:
    79              - secret_id: secret-1
    80  
    81    # external vault, needs to be pre-configured
    82    # If a vault is defined along with embedded credentials, we first query against embedded credentials
    83    # and fall-backs to the configured vault
    84    #  vault:
    85    #    name: vault-1
    86  
    87    # essentially an embedded in-memory vault
    88    # we will make no difference if the content that is embedded and a referenced vault
    89    # during processing, all embedded credentials will be extracted via a vault
    90    # all embedded credentials in asset definitions are automatically migrated to this list
    91    credentials:
    92      secret-1:
    93        type: password
    94        user: username
    95        password: password
    96      secret-2:
    97        private_key_path: ./private_key_03
    98      secret-3:
    99        private_key: |
   100          PEM encoded