Merge branch 'main' into email_integration

infralovers · Dec 9, 2024 · e4e35cb · e4e35cb
2 parents 805df29 + 8272dc9
commit e4e35cb
Show file tree

Hide file tree

Showing 10 changed files with 580 additions and 62 deletions.
diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns
@@ -10,35 +10,46 @@
 # PR links left in the release notes
 \bhttps:\/\/github.com\/mondoohq\/.*\/pull\/\d*
 
+#
+# Overly formal style
+#
+
+# s.b. Whether
+\bIndicates whether\b
+\bIndicates if\b
+\bIndicates\b
+\bWhether or not\b
+\bDenotes if\b
+
 #
 # Terms to avoid
 #
 
 # s.b. Allow list
-\s[Ww]hitelist\b
-\s[Ww]hitelisting\b
-\s[Ww]hitelisted\b
-\s[Ww]hite list\b
-\s[Ww]hite listing\b
-\s[Ww]hite listed\b
+\b[Ww]hitelist\b
+\b[Ww]hitelisting\b
+\b[Ww]hitelisted\b
+\b[Ww]hite list\b
+\b[Ww]hite listing\b
+\b[Ww]hite listed\b
 
 # s.b. Block list
-\s[Bb]lacklist\b
-\s[Bb]lacklisting\b
-\s[Bb]lacklisted\b
-\s[Bb]lack list\b
-\s[Bb]lack listing\b
-\s[Bb]lack listed\b
+\b[Bb]lacklist\b
+\b[Bb]lacklisting\b
+\b[Bb]lacklisted\b
+\b[Bb]lack list\b
+\b[Bb]lack listing\b
+\b[Bb]lack listed\b
 
 #
 # Our Terms
 #
 
 # s.b. Mondoo Platform
-\sMondoo platform\b
+\bMondoo platform\b
 
 # s.b. Compliance Hub
-\s[Cc]ompliance hub\b
+\b[Cc]ompliance hub\b
 
 #
 # Compliance Terms
@@ -47,13 +58,19 @@
 # s.b. SOC 2
 \bSOC2\b
 
+# s.b. NIS2
+\bNIS 2\b
+
 # s.b. ISO 270001
 \bISO270001\b
 
 #
 # Industry Terms
 #
 
+# s.b. NetFlow
+\bNetflow\b
+
 # s.b. Side scanning
 \b[Ss]idescanning\b
 
@@ -66,6 +83,7 @@
 
 # s.b. Docker Hub
 \bDocker[Hh]ub\b
+\bdocker hub\b
 
 # s.b. REST API
 \b[Rr]est API\b
@@ -87,6 +105,12 @@
 # Product Names
 #
 
+# s.b. Cloudflare
+\bCloudFlare\b
+
+# s.b. Memcached
+\bMemCached\b
+
 # s.b. Jira
 \bJIRA\b
 
@@ -150,6 +174,10 @@
 # s.b. AlmaLinux
 \bAlma Linux\b
 
+# s.b. CloudLinux
+\bCloud Linux\b
+\bCloudlinux\b
+
 # s.b. openSUSE
 \bOpenSUSE\b
 
@@ -196,13 +224,25 @@
 
 # s.b. SentinelOne
 \bSentinal[Oo]ne\b
-\bSentinelone\b
-\bSentinal One\b
+\bSentin[ae]lone\b
+\bSentin[ae]l One\b
 
 # s.b. CrowdStrike
 \bCrowd Strike\b
 \b[Cc]rowdstrike\b
 
+# s.b. Zendesk
+\bZenDesk\b
+
+# s.b. ServiceNow
+\bService Now\b
+\bServicenow\b
+
+# disabled due to docs false positives
+# s.b. name server
+# \bnameserver\b
+# \bnameservers\b
+
 #
 # Kubernetes Terms
 #
@@ -290,6 +330,13 @@
 \bLinked In\b
 \bLinkedin\b
 
+# s.b. Microsoft IIS
+\bIIS Server\b
+
+# s.b. Microsoft SQL Server
+\bSQL server\b
+\bMSSQL\b
+
 #
 # VMware Products
 #
@@ -459,7 +506,7 @@
 \bWorkmail\b
 
 #
-# GCP Products
+# Google Cloud Products
 #
 
 # s.b. AlloyDB
@@ -470,9 +517,11 @@
 
 # s.b. BigLake
 \bBig Lake\b
+\bBiglake\b
 
 # s.b. BigQuery
 \bBig Query\b
+\bBigquery\b
 
 # s.b. Cloud Build
 \bCloudBuild\b
@@ -532,6 +581,16 @@
 \bVMware engine\b
 \bVMWare Engine\b
 
+# s.b. Bigtable
+\bBigTable\b
+\bBig Table\b
+
+# s.b. Datastore
+\bDataStore\b
+
+# s.b. Memorystore
+\bMemoryStore\b
+
 #
 # Azure Products
 #

diff --git a/.github/actions/spelling/reject.txt b/.github/actions/spelling/reject.txt
@@ -12,3 +12,4 @@ Sorce
 ^wether.*
 deets
 organisation
+
diff --git a/docs/resources/integration_gitlab.md b/docs/resources/integration_gitlab.md
@@ -0,0 +1,82 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "mondoo_integration_gitlab Resource - terraform-provider-mondoo"
+subcategory: ""
+description: |-
+  Continuously scan GitLab for misconfigurations.
+---
+
+# mondoo_integration_gitlab (Resource)
+
+Continuously scan GitLab for misconfigurations.
+
+## Example Usage
+
+```terraform
+variable "gitlab_token" {
+  description = "The GitLab Token"
+  type        = string
+  sensitive   = true
+}
+
+provider "mondoo" {
+  space = "hungry-poet-123456"
+}
+
+# Setup the GitLab integration
+resource "mondoo_integration_gitlab" "gitlab_integration" {
+  name = "GitLab Integration"
+
+  # base_url = "https://my-self-hosted-gitlab.com"
+  # group    = "my-group"
+
+  # configure discovery options  
+  discovery = {
+    groups        = true
+    projects      = true
+    terraform     = true
+    k8s_manifests = true
+  }
+
+  credentials = {
+    token = var.gitlab_token
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `credentials` (Attributes) (see [below for nested schema](#nestedatt--credentials))
+- `name` (String) Name of the integration.
+
+### Optional
+
+- `base_url` (String) Base URL of the GitLab instance (only set this if your instance is self-hosted).
+- `discovery` (Attributes) (see [below for nested schema](#nestedatt--discovery))
+- `group` (String) Group to assign the integration to (by default all groups are discovered).
+- `space_id` (String) Mondoo Space Identifier. If it is not provided, the provider space is used.
+
+### Read-Only
+
+- `mrn` (String) Integration identifier
+
+<a id="nestedatt--credentials"></a>
+### Nested Schema for `credentials`
+
+Required:
+
+- `token` (String, Sensitive) Token for GitLab integration.
+
+
+<a id="nestedatt--discovery"></a>
+### Nested Schema for `discovery`
+
+Optional:
+
+- `groups` (Boolean) Enable discovery of GitLab groups.
+- `k8s_manifests` (Boolean) Enable discovery of Kubernetes manifests.
+- `projects` (Boolean) Enable discovery of GitLab projects.
+- `terraform` (Boolean) Enable discovery of Terraform configurations.
diff --git a/examples/resources/mondoo_integration_gitlab/main.tf b/examples/resources/mondoo_integration_gitlab/main.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    mondoo = {
+      source  = "mondoohq/mondoo"
+      version = ">= 0.19"
+    }
+  }
+}
diff --git a/examples/resources/mondoo_integration_gitlab/resource.tf b/examples/resources/mondoo_integration_gitlab/resource.tf
@@ -0,0 +1,29 @@
+variable "gitlab_token" {
+  description = "The GitLab Token"
+  type        = string
+  sensitive   = true
+}
+
+provider "mondoo" {
+  space = "hungry-poet-123456"
+}
+
+# Setup the GitLab integration
+resource "mondoo_integration_gitlab" "gitlab_integration" {
+  name = "GitLab Integration"
+
+  # base_url = "https://my-self-hosted-gitlab.com"
+  # group    = "my-group"
+
+  # configure discovery options  
+  discovery = {
+    groups        = true
+    projects      = true
+    terraform     = true
+    k8s_manifests = true
+  }
+
+  credentials = {
+    token = var.gitlab_token
+  }
+}
diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/hashicorp/terraform-plugin-testing v1.11.0
 	github.com/stretchr/testify v1.10.0
-	go.mondoo.com/cnquery/v11 v11.32.0
+	go.mondoo.com/cnquery/v11 v11.33.0
 	go.mondoo.com/mondoo-go v0.0.0-20241118222255-5299c9adc97c
 	gopkg.in/yaml.v2 v2.4.0
 )
@@ -25,24 +25,24 @@ require (
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver/v3 v3.2.0 // indirect
 	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
-	github.com/ProtonMail/go-crypto v1.1.2 // indirect
+	github.com/ProtonMail/go-crypto v1.1.3 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
-	github.com/aws/aws-sdk-go-v2 v1.32.5 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.28.5 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.46 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.32.6 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.28.6 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.47 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.25 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.25 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssm v1.56.0 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssm v1.56.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.24.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.33.2 // indirect
 	github.com/aws/smithy-go v1.22.1 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/bgentry/speakeasy v0.1.0 // indirect
@@ -169,7 +169,7 @@ require (
 	golang.org/x/text v0.20.0 // indirect
 	golang.org/x/tools v0.27.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
 	google.golang.org/grpc v1.68.0 // indirect
 	google.golang.org/protobuf v1.35.2 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect