Skip to content

Update the plugin to use SDK v0.2.0 #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ssherar merged 6 commits into from
Jul 15, 2025
Merged

Update the plugin to use SDK v0.2.0 #4

ssherar merged 6 commits into from
Jul 15, 2025

Conversation

@ssherar
Copy link
Contributor

@ssherar ssherar commented Jul 11, 2025

No description provided.

ssherar added 3 commits July 11, 2025 10:27
@ssherar
Rewrite the plugin to move to evidence gathering
4f44d4a 
Remove the findings structure to follow the 0.2.0 SDK structure, with
gathering of inventory items alongside

No NIC information gathered at the moment wuth the new structure of
gathering data in a cleaner format and letting rego make decisions
across the whole data structure instead of making decisions in the
plugin code
@ssherar
Add network configuration to the rego data
cd78bfa
@ssherar
Update readme with req'd information
59c77ca
@ssherar ssherar requested a review from Copilot July 11, 2025 14:44
Copilot AI reviewed Jul 11, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the Azure VM plugin to use SDK version 0.2.0, refactors the main evaluation logic into reusable iterators, and enhances documentation.

  • Refactored Eval to use GetVMs and GetNetworkConfig iterator functions
  • Introduced GetVMs and GetNetworkConfig for streaming VM and network data
  • Bumped dependencies in go.mod and updated configuration instructions in README.md

Reviewed Changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

File Description
main.go Refactored core logic to use Azure SDK v0.2.0, split VM and NIC collection into separate methods
go.mod Updated plugin and configuration-service SDK versions and indirect dependencies
README.md Added configuration table, build instructions, and data-structure reference
Comments suppressed due to low confidence (6)

main.go:154

  • The variable name compoents is misspelled and differs in type from the earlier components declaration. Rename it to components and ensure the correct type ([]*proto.ComponentReference).
		compoents := []*proto.Component{

main.go:234

  • Exported method GetVMs lacks a doc comment. Add a comment explaining its purpose, parameters, and return type.
func (l *CompliancePlugin) GetVMs(ctx context.Context, client *armcompute.VirtualMachinesClient) iter.Seq2[*AzureVMInstance, error] {

main.go:272

  • New method GetNetworkConfig contains significant logic for parsing and API calls. Consider adding unit tests to cover success and error paths.
func (l *CompliancePlugin) GetNetworkConfig(ctx context.Context, networkProfile *armcompute.NetworkProfile) ([]*AzureVMNetworkInterface, error) {

main.go:3

  • The unqualified import of "iter" will not compile; please use the correct module path or alias (e.g., "github.com/yourorg/iter").
import (

main.go:3

  • [nitpick] Using the standard library "slices" package requires Go 1.21+. Confirm your module's Go version or consider using "golang.org/x/exp/slices" for earlier Go versions.
import (

main.go:115

  • You cannot range over a function call. Refactor to properly invoke the iterator returned by GetVMs, for example by calling it in a loop that accepts a yield callback or channel.
	for vm, err := range l.GetVMs(ctx, vmClient) {

@ssherar
Minor bug fixes
286d69d 
* Change slices.Concat to append(...)
* Add more labels from the VM for better searching
* Spelling mistake in the actors description
chris-cmsoft
chris-cmsoft reviewed Jul 11, 2025
View reviewed changes
main.go Outdated
inventory := []*proto.InventoryItem{
{
Identifier: "azure-vm/" + vm.ID(),
Type: "virtual-machine",
Copy link

@chris-cmsoft chris-cmsoft Jul 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Type: "virtual-machine",
Type: "web-server",

virtual machine is not in the list of accepted OSCAL types (yet).

chris-cmsoft
chris-cmsoft reviewed Jul 11, 2025
View reviewed changes
chris-cmsoft
chris-cmsoft reviewed Jul 11, 2025
View reviewed changes
chris-cmsoft
chris-cmsoft reviewed Jul 11, 2025
View reviewed changes
@ssherar ssherar merged commit 3739996 into main Jul 15, 2025
1 check passed
@ssherar ssherar deleted the feature/evidence branch July 15, 2025 07:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chris-cmsoft chris-cmsoft chris-cmsoft left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ssherar @chris-cmsoft