From 9c56fa2b03ec4bd7a91fc3fc11fcc62a7cd50b43 Mon Sep 17 00:00:00 2001 From: Steven Trotter Date: Wed, 26 Mar 2025 20:13:50 +0000 Subject: [PATCH 1/4] Upgraded the plugin to latest API and agent versions --- main.go | 184 ++++++-------------------------------------------------- 1 file changed, 17 insertions(+), 167 deletions(-) diff --git a/main.go b/main.go index 3557f90..781b89a 100644 --- a/main.go +++ b/main.go @@ -2,19 +2,13 @@ package main import ( "context" - "errors" "fmt" - "time" - policyManager "github.com/compliance-framework/agent/policy-manager" "github.com/compliance-framework/agent/runner" "github.com/compliance-framework/agent/runner/proto" - "github.com/compliance-framework/configuration-service/sdk" - "github.com/google/uuid" + "github.com/compliance-framework/plugin-template/internal" "github.com/hashicorp/go-hclog" goplugin "github.com/hashicorp/go-plugin" - protolang "google.golang.org/protobuf/proto" - "google.golang.org/protobuf/types/known/timestamppb" ) type CompliancePlugin struct { @@ -45,7 +39,6 @@ type CompliancePlugin struct { // The agent will: // - Start the plugin // - Call Configure() with teh required config -// - Call PrepareForEval() so the plugin can collect the relevant state // - Call Eval() with the first policy bundles (one by one, in turn), // so the plugin can report any violations against the configuration func (l *CompliancePlugin) Configure(req *proto.ConfigureRequest) (*proto.ConfigureResponse, error) { @@ -68,177 +61,34 @@ func (l *CompliancePlugin) Eval(request *proto.EvalRequest, apiHelper runner.Api // When a user passes multiple policy bundles to the agent, each will be passed to Eval in turn to run against the // same data collected in PrepareForEval. - var errAcc error - - data := map[string]interface{}{ - "hello": "world", - } - ctx := context.TODO() - startTime := time.Now() - - evalStatus := proto.ExecutionStatus_SUCCESS - - for _, policyPath := range request.PolicyPaths { - // The Policy Manager aggregates much of the policy execution and output structuring. - results, err := policyManager.New(ctx, l.logger, policyPath).Execute(ctx, "compliance_plugin", data) - - if err != nil { - l.logger.Error("Failed to evaluate against policy bundle", "error", err) - evalStatus = proto.ExecutionStatus_FAILURE - errAcc = errors.Join(errAcc, err) - continue - } - - assessmentResult := runner.NewCallableAssessmentResult() - assessmentResult.Title = "Plugin template" - - for _, result := range results { - - // There are no violations reported from the policies. - // We'll send the observation back to the agent - if len(result.Violations) == 0 { - title := "The plugin succeeded. No compliance issues to report." - assessmentResult.AddObservation(&proto.Observation{ - Uuid: uuid.New().String(), - Title: &title, - Description: "The plugin policies did not return any violations. The configuration is in compliance with policies.", - Collected: timestamppb.New(time.Now()), - Expires: timestamppb.New(time.Now().AddDate(0, 1, 0)), // Add one month for the expiration - RelevantEvidence: []*proto.RelevantEvidence{ - { - Description: fmt.Sprintf("Policy %v was evaluated, and no violations were found on machineId: %s", result.Policy.Package.PurePackage(), "ARN:12345"), - }, - }, - Labels: map[string]string{ - "package": string(result.Policy.Package), - "type": "template", - }, - }) - assessmentResult.AddFinding(&proto.Finding{ - Title: fmt.Sprintf("No violations found on %s", result.Policy.Package.PurePackage()), - Description: fmt.Sprintf("No violations found on the %s policy within the Template Compliance Plugin.", result.Policy.Package.PurePackage()), - Target: &proto.FindingTarget{ - Status: &proto.ObjectiveStatus{ - State: runner.FindingTargetStatusSatisfied, - }, - }, - Labels: map[string]string{ - "package": string(result.Policy.Package), - "type": "template", - }, - }) - } + activities := make([]*proto.Activity, 0) - // There are violations in the policy checks. - // We'll send these observations back to the agent - if len(result.Violations) > 0 { - title := fmt.Sprintf("The plugin found violations for policy %s on machineId: %s", result.Policy.Package.PurePackage(), "ARN:12345") - observationUuid := uuid.New().String() - assessmentResult.AddObservation(&proto.Observation{ - Uuid: observationUuid, - Title: &title, - Description: fmt.Sprintf("Observed %d violation(s) for policy %s within the Plugin on machineId: %s.", len(result.Violations), result.Policy.Package.PurePackage(), "ARN:12345"), - Collected: timestamppb.New(time.Now()), - Expires: timestamppb.New(time.Now().AddDate(0, 1, 0)), // Add one month for the expiration - RelevantEvidence: []*proto.RelevantEvidence{ - { - Description: fmt.Sprintf("Policy %v was evaluated, and %d violations were found on machineId: %s", result.Policy.Package.PurePackage(), len(result.Violations), "ARN:12345"), - }, - }, - Labels: map[string]string{ - "package": string(result.Policy.Package), - "type": "template", - }, - }) + dataFetcher := internal.NewDataFetcher(l.logger, l.config) - for _, violation := range result.Violations { - assessmentResult.AddFinding(&proto.Finding{ - Title: violation.Title, - Description: violation.Description, - Remarks: &violation.Remarks, - RelatedObservations: []*proto.RelatedObservation{ - { - ObservationUuid: observationUuid, - }, - }, - Target: &proto.FindingTarget{ - Status: &proto.ObjectiveStatus{ - State: runner.FindingTargetStatusNotSatisfied, - }, - }, - Labels: map[string]string{ - "package": string(result.Policy.Package), - "type": "template", - }, - }) - } - } - - for _, risk := range result.Risks { - links := []*proto.Link{} - for _, link := range risk.Links { - links = append(links, &proto.Link{ - Href: link.URL, - Text: &link.Text, - }) - } - - assessmentResult.AddRiskEntry(&proto.Risk{ - Title: risk.Title, - Description: risk.Description, - Statement: risk.Statement, - Props: []*proto.Property{}, - Links: []*proto.Link{}, - }) - } - } - - endTime := time.Now() - - // Send the results back to the agent using the API Helper process the agent created for us - assessmentResult.Start = timestamppb.New(startTime) - assessmentResult.End = timestamppb.New(endTime) - - assessmentResult.AddLogEntry(&proto.AssessmentLog_Entry{ - Title: protolang.String("Template check"), - Description: protolang.String("Template plugin checks completed successfully"), - Start: timestamppb.New(startTime), - End: timestamppb.New(endTime), - }) + data, collectSteps, err := dataFetcher.FetchData() + if err != nil { + return &proto.EvalResponse{ + Status: proto.ExecutionStatus_FAILURE, + }, fmt.Errorf("failed to fetch data: %w", err) + } - streamId, err := sdk.SeededUUID(map[string]string{ - "type": "template", - "policy": policyPath, - }) - if err != nil { - evalStatus = proto.ExecutionStatus_FAILURE - errAcc = errors.Join(errAcc, err) - continue - } + stepActivities := append(activities, &proto.Activity{ + Title: "Collect data", + Description: "Collect data, and prepare collected data for validation in policy engine", + Steps: collectSteps, + }) - err = apiHelper.CreateResult( - streamId.String(), - map[string]string{ - "type": "template", - }, - policyPath, - assessmentResult.Result(), - ) + policyEvaluator := internal.NewPolicyEvaluator(ctx, l.logger, stepActivities) - if err != nil { - l.logger.Error("Failed to add assessment result", "error", err) - evalStatus = proto.ExecutionStatus_FAILURE - errAcc = errors.Join(errAcc, err) - } - } + evalStatus, err := policyEvaluator.Eval(data, request.PolicyPaths) resp := &proto.EvalResponse{ Status: evalStatus, } - return resp, errAcc + return resp, err } func main() { From 35526dca9ed3f78e2070edffba7cf79ea5c30a73 Mon Sep 17 00:00:00 2001 From: Steven Trotter Date: Wed, 26 Mar 2025 21:11:20 +0000 Subject: [PATCH 2/4] Adding missed internal dir --- internal/data.go | 32 +++++++ internal/eval.go | 232 +++++++++++++++++++++++++++++++++++++++++++++++ internal/util.go | 5 + 3 files changed, 269 insertions(+) create mode 100644 internal/data.go create mode 100644 internal/eval.go create mode 100644 internal/util.go diff --git a/internal/data.go b/internal/data.go new file mode 100644 index 0000000..034c092 --- /dev/null +++ b/internal/data.go @@ -0,0 +1,32 @@ +package internal + +import ( + "github.com/compliance-framework/agent/runner/proto" + "github.com/hashicorp/go-hclog" +) + +type DataFetcher struct { + logger hclog.Logger + config map[string]string +} + +func NewDataFetcher(logger hclog.Logger, config map[string]string) *DataFetcher { + return &DataFetcher{ + logger: logger, + config: config, + } +} + +func (df DataFetcher) FetchData() (map[string]any, []*proto.Step, error) { + steps := make([]*proto.Step, 0) + + steps = append(steps, &proto.Step{ + Title: "Fetch some data", + Description: "Fetch some data with more details. This should be replaced with the detailed steps you undertake to fetch data in your actual plugin.", + Remarks: StringAddressed("Put any remarks here"), + }) + + return map[string]any{ + "hello": "world", + }, steps, nil +} diff --git a/internal/eval.go b/internal/eval.go new file mode 100644 index 0000000..6a3e7b2 --- /dev/null +++ b/internal/eval.go @@ -0,0 +1,232 @@ +package internal + +import ( + "context" + "errors" + "fmt" + "maps" + "os" + "time" + + policyManager "github.com/compliance-framework/agent/policy-manager" + "github.com/compliance-framework/agent/runner" + "github.com/compliance-framework/agent/runner/proto" + "github.com/compliance-framework/configuration-service/sdk" + "github.com/google/uuid" + "github.com/hashicorp/go-hclog" + "google.golang.org/protobuf/types/known/timestamppb" +) + +type PolicyEvaluator struct { + ctx context.Context + logger hclog.Logger + stepActivities []*proto.Activity + observations []*proto.Observation + findings []*proto.Finding +} + +func NewPolicyEvaluator(ctx context.Context, logger hclog.Logger, stepActivities []*proto.Activity) *PolicyEvaluator { + return &PolicyEvaluator{ + ctx: ctx, + logger: logger, + stepActivities: stepActivities, + observations: make([]*proto.Observation, 0), + findings: make([]*proto.Finding, 0), + } +} + +func (pe *PolicyEvaluator) GetObservations() []*proto.Observation { + return pe.observations +} + +func (pe *PolicyEvaluator) GetFindings() []*proto.Finding { + return pe.findings +} + +// Eval is used to run policies against the data you've collected. You could also consider an +// `EvalAndSend` by passing in the `apiHelper` that sends the observations directly to the API. +func (pe *PolicyEvaluator) Eval(data map[string]interface{}, policyPaths []string) (proto.ExecutionStatus, error) { + var accumulatedErrors error + activities := pe.stepActivities + + evalStatus := proto.ExecutionStatus_SUCCESS + startTime := time.Now() + + for _, policyPath := range policyPaths { + steps := make([]*proto.Step, 0) + steps = append(steps, &proto.Step{ + Title: "Compile policy bundle", + Description: "Using a locally addressable policy path, compile the policy files to an in memory executable.", + }) + steps = append(steps, &proto.Step{ + Title: "Execute policy bundle", + Description: "Using previously collected JSON-formatted installed OS package data, execute the compiled policies", + }) + // The Policy Manager aggregates much of the policy execution and output structuring. + results, err := policyManager.New(pe.ctx, pe.logger, policyPath).Execute(pe.ctx, "compliance_plugin", data) + if err != nil { + pe.logger.Error("Failed to evaluate against policy bundle", "error", err) + evalStatus = proto.ExecutionStatus_FAILURE + accumulatedErrors = errors.Join(accumulatedErrors, err) + continue + } + + // The plugin should pass in some parameters here that will uniquely identify the subject. + // This could be a hostname in the case it's a machine, the identifier of a cloud resource, etc. + hostname := os.Getenv("HOSTNAME") + subjectAttributeMap := map[string]string{ + "type": "machine-instance", + "hostname": hostname, + } + subjects := []*proto.SubjectReference{ + { + Type: "machine-instance", + Attributes: subjectAttributeMap, + Title: StringAddressed("Machine Instance"), + Remarks: StringAddressed("A machine instance where we've retrieved the installed packages."), + Props: []*proto.Property{ + { + Name: "hostname", + Value: hostname, + Remarks: StringAddressed("The local hostname of the machine where the plugin has been executed"), + }, + }, + }, + } + actors := []*proto.OriginActor{ + { + Title: "The Continuous Compliance Framework", + Type: "assessment-platform", + Links: []*proto.Link{ + { + Href: "https://compliance-framework.github.io/docs/", + Rel: StringAddressed("reference"), + Text: StringAddressed("The Continuous Compliance Framework"), + }, + }, + Props: nil, + }, + { + Title: "Continuous Compliance Framework - Local APT Installed Packages Plugin", + Type: "tool", + Links: []*proto.Link{ + { + Href: "https://github.com/compliance-framework/plugin-apt-versions", + Rel: StringAddressed("reference"), + Text: StringAddressed("The Continuous Compliance Framework' Local APT Installed Packages Plugin"), + }, + }, + Props: nil, + }, + } + components := []*proto.ComponentReference{ + { + Identifier: "common-components/template", + }, + } + + activities = append(activities, &proto.Activity{ + Title: "Compile Results", + Description: "Using the output from policy execution, compile the resulting output to Observations and Findings, marking any violations, risks, and other OSCAL-familiar data", + Steps: steps, + }) + + for _, result := range results { + // Observation UUID should differ for each individual subject, but remain consistent when validating the same policy for the same subject. + // This acts as an identifier to show the history of an observation. + observationUUIDMap := map[string]string{ + "policy": result.Policy.Package.PurePackage(), + "policy_file": result.Policy.File, + "policy_path": policyPath, + } + maps.Copy(subjectAttributeMap, observationUUIDMap) + observationUUID, err := sdk.SeededUUID(observationUUIDMap) + if err != nil { + accumulatedErrors = errors.Join(accumulatedErrors, err) + // We've been unable to do much here, but let's try the next one regardless. + continue + } + + // Finding UUID should differ for each individual subject, but remain consistent when validating the same policy for the same subject. + // This acts as an identifier to show the history of a finding. + findingUUIDMap := map[string]string{ + "policy": result.Policy.Package.PurePackage(), + "policy_file": result.Policy.File, + "policy_path": policyPath, + } + maps.Copy(subjectAttributeMap, findingUUIDMap) + findingUUID, err := sdk.SeededUUID(findingUUIDMap) + if err != nil { + accumulatedErrors = errors.Join(accumulatedErrors, err) + // We've been unable to do much here, but let's try the next one regardless. + continue + } + + observation := proto.Observation{ + ID: uuid.New().String(), + UUID: observationUUID.String(), + Collected: timestamppb.New(startTime), + Expires: timestamppb.New(startTime.Add(24 * time.Hour)), + Origins: []*proto.Origin{{Actors: actors}}, + Subjects: subjects, + Activities: activities, + Components: components, + RelevantEvidence: []*proto.RelevantEvidence{ + { + Description: fmt.Sprintf("Policy %v was executed against the Local SSH configuration, using the Local SSH Compliance Plugin", result.Policy.Package.PurePackage()), + }, + }, + } + + newFinding := func() *proto.Finding { + return &proto.Finding{ + ID: uuid.New().String(), + UUID: findingUUID.String(), + Collected: timestamppb.New(time.Now()), + Labels: map[string]string{ + "type": "ssh", + "host": hostname, + "_policy": result.Policy.Package.PurePackage(), + "_policy_path": result.Policy.File, + }, + Origins: []*proto.Origin{{Actors: actors}}, + Subjects: subjects, + Components: components, + RelatedObservations: []*proto.RelatedObservation{{ObservationUUID: observation.ID}}, + Controls: nil, + } + } + + if len(result.Violations) == 0 { + observation.Title = StringAddressed(fmt.Sprintf("Plugin validation on %s passed.", result.Policy.Package.PurePackage())) + observation.Description = fmt.Sprintf("Observed no violations on the %s policy within the Template Compliance Plugin.", result.Policy.Package.PurePackage()) + pe.observations = append(pe.observations, &observation) + + finding := newFinding() + finding.Title = fmt.Sprintf("No violations found on %s", result.Policy.Package.PurePackage()) + finding.Description = fmt.Sprintf("No violations found on the %s policy within the Template Compliance Plugin.", result.Policy.Package.PurePackage()) + finding.Status = &proto.FindingStatus{ + State: runner.FindingTargetStatusSatisfied, + } + pe.findings = append(pe.findings, finding) + } else { + observation.Title = StringAddressed(fmt.Sprintf("The plugin found violations for policy %s.", result.Policy.Package.PurePackage())) + observation.Description = fmt.Sprintf("Observed %d violation(s) on the %s policy within the Template Compliance Plugin.", len(result.Violations), result.Policy.Package.PurePackage()) + pe.observations = append(pe.observations, &observation) + + for _, violation := range result.Violations { + finding := newFinding() + finding.Title = violation.Title + finding.Description = violation.Description + finding.Remarks = StringAddressed(violation.Remarks) + finding.Status = &proto.FindingStatus{ + State: runner.FindingTargetStatusNotSatisfied, + } + pe.findings = append(pe.findings, finding) + } + } + } + } + + return evalStatus, accumulatedErrors +} diff --git a/internal/util.go b/internal/util.go new file mode 100644 index 0000000..f9d3492 --- /dev/null +++ b/internal/util.go @@ -0,0 +1,5 @@ +package internal + +func StringAddressed(str string) *string { + return &str +} From e3c08c8ebfef99a5fa234ee058b711f540f69465 Mon Sep 17 00:00:00 2001 From: Steven Trotter Date: Thu, 27 Mar 2025 09:28:19 +0000 Subject: [PATCH 3/4] Package upgrade --- go.mod | 50 ++++++++++++++++++++++++++------------------------ go.sum | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 24 deletions(-) diff --git a/go.mod b/go.mod index 505e644..a221c3d 100644 --- a/go.mod +++ b/go.mod @@ -1,22 +1,24 @@ module github.com/compliance-framework/plugin-template -go 1.23.2 +go 1.23.6 + +toolchain go1.24.1 require ( - github.com/compliance-framework/agent v0.1.1 + github.com/compliance-framework/agent v0.1.2 github.com/compliance-framework/configuration-service v0.1.1 github.com/google/uuid v1.6.0 - github.com/hashicorp/go-hclog v1.5.0 - github.com/hashicorp/go-plugin v1.6.2 - google.golang.org/protobuf v1.35.2 + github.com/hashicorp/go-hclog v1.6.3 + github.com/hashicorp/go-plugin v1.6.3 + google.golang.org/protobuf v1.36.6 ) require ( github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/agnivade/levenshtein v1.2.0 // indirect + github.com/agnivade/levenshtein v1.2.1 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/fatih/color v1.15.0 // indirect + github.com/fatih/color v1.18.0 // indirect github.com/go-ini/ini v1.67.0 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect @@ -24,32 +26,32 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/gorilla/mux v1.8.1 // indirect - github.com/hashicorp/yamux v0.1.1 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect + github.com/hashicorp/yamux v0.1.2 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/oklog/run v1.0.0 // indirect - github.com/open-policy-agent/opa v1.0.0 // indirect - github.com/prometheus/client_golang v1.20.5 // indirect + github.com/oklog/run v1.1.0 // indirect + github.com/open-policy-agent/opa v1.2.0 // indirect + github.com/prometheus/client_golang v1.21.1 // indirect github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.57.0 // indirect - github.com/prometheus/procfs v0.15.1 // indirect + github.com/prometheus/common v0.63.0 // indirect + github.com/prometheus/procfs v0.16.0 // indirect github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect github.com/sirupsen/logrus v1.9.3 // indirect - github.com/tchap/go-patricia/v2 v2.3.1 // indirect + github.com/tchap/go-patricia/v2 v2.3.2 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect - go.opentelemetry.io/otel v1.33.0 // indirect - go.opentelemetry.io/otel/metric v1.33.0 // indirect - go.opentelemetry.io/otel/sdk v1.33.0 // indirect - go.opentelemetry.io/otel/trace v1.33.0 // indirect - golang.org/x/net v0.34.0 // indirect - golang.org/x/sys v0.29.0 // indirect - golang.org/x/text v0.21.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect - google.golang.org/grpc v1.69.2 // indirect + go.opentelemetry.io/otel v1.35.0 // indirect + go.opentelemetry.io/otel/metric v1.35.0 // indirect + go.opentelemetry.io/otel/sdk v1.35.0 // indirect + go.opentelemetry.io/otel/trace v1.35.0 // indirect + golang.org/x/net v0.37.0 // indirect + golang.org/x/sys v0.31.0 // indirect + golang.org/x/text v0.23.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463 // indirect + google.golang.org/grpc v1.71.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 375f723..df46b0a 100644 --- a/go.sum +++ b/go.sum @@ -14,6 +14,8 @@ github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/agnivade/levenshtein v1.2.0 h1:U9L4IOT0Y3i0TIlUIDJ7rVUziKi/zPbrJGaFrtYH3SY= github.com/agnivade/levenshtein v1.2.0/go.mod h1:QVVI16kDrtSuwcpd0p1+xMC6Z/VfhtCyDIjcwga4/DU= +github.com/agnivade/levenshtein v1.2.1 h1:EHBY3UOn1gwdy/VbFwgo4cxecRznFk7fKWN1KOX7eoM= +github.com/agnivade/levenshtein v1.2.1/go.mod h1:QVVI16kDrtSuwcpd0p1+xMC6Z/VfhtCyDIjcwga4/DU= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -30,6 +32,8 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UF github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/compliance-framework/agent v0.1.1 h1:uQ4idgwOMqrgM0JeYCtBv20HZoMymsH2nownrkl457w= github.com/compliance-framework/agent v0.1.1/go.mod h1:jy/26xgTx9+at64ipTV1oo80pTVyhtlZaSMViQ3cVVQ= +github.com/compliance-framework/agent v0.1.2 h1:XIn6ccsSXh040boPKEcvObNAkCKHrN+krzfiPbTZuJ4= +github.com/compliance-framework/agent v0.1.2/go.mod h1:jy/26xgTx9+at64ipTV1oo80pTVyhtlZaSMViQ3cVVQ= github.com/compliance-framework/configuration-service v0.1.1 h1:p/r5vq1FLe0S8j/kLhth4Dvda8xajVPOBjnO9QauMjM= github.com/compliance-framework/configuration-service v0.1.1/go.mod h1:tLKJKXbQbY9Pg/e3BJtJVkqxaejXJMHoE8Yp0NW4lDE= github.com/containerd/containerd v1.7.24 h1:zxszGrGjrra1yYJW/6rhm9cJ1ZQ8rkKBR48brqsa7nA= @@ -65,6 +69,8 @@ github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+m github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= @@ -125,10 +131,16 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0 h1:TmHmbvxPmaegwhDubVz0lICL0J5 github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0/go.mod h1:qztMSjm835F2bXf+5HKAPIS5qsmQDqZna/PgVt4rWtI= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-plugin v1.6.2 h1:zdGAEd0V1lCaU0u+MxWQhtSDQmahpkwOun8U8EiRVog= github.com/hashicorp/go-plugin v1.6.2/go.mod h1:CkgLQ5CZqNmdL9U9JzM532t8ZiYQ35+pj3b1FD37R0Q= +github.com/hashicorp/go-plugin v1.6.3 h1:xgHB+ZUSYeuJi96WtxEjzi23uh7YQpznjGh0U0UUrwg= +github.com/hashicorp/go-plugin v1.6.3/go.mod h1:MRobyh+Wc/nYy1V4KAXUiYfzxoYhs7V1mlH1Z7iY2h0= github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= +github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8= +github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -155,6 +167,8 @@ github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= @@ -182,8 +196,12 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= +github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= +github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= github.com/open-policy-agent/opa v1.0.0 h1:fZsEwxg1knpPvUn0YDJuJZBcbVg4G3zKpWa3+CnYK+I= github.com/open-policy-agent/opa v1.0.0/go.mod h1:+JyoH12I0+zqyC1iX7a2tmoQlipwAEGvOhVJMhmy+rM= +github.com/open-policy-agent/opa v1.2.0 h1:88NDVCM0of1eO6Z4AFeL3utTEtMuwloFmWWU7dRV1z0= +github.com/open-policy-agent/opa v1.2.0/go.mod h1:30euUmOvuBoebRCcJ7DMF42bRBOPznvt0ACUMYDUGVY= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= @@ -197,12 +215,18 @@ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.21.1 h1:DOvXXTqVzvkIewV/CDPFdejpMCGeMcbGCQ8YOmu+Ibk= +github.com/prometheus/client_golang v1.21.1/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= +github.com/prometheus/common v0.63.0 h1:YR/EIY1o3mEFP/kZCD7iDMnLPlGyuU2Gb3HIcXnA98k= +github.com/prometheus/common v0.63.0/go.mod h1:VVFF/fBIoToEnWRVkYoXEkq3R3paCoxG9PXP74SnV18= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/prometheus/procfs v0.16.0 h1:xh6oHhKwnOJKMYiYBDWmkHqQPyiY40sny36Cmx2bbsM= +github.com/prometheus/procfs v0.16.0/go.mod h1:8veyXUu3nGP7oaCxhX6yeaM5u4stL2FeMXnCqhDthZg= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= @@ -226,6 +250,8 @@ github.com/swaggo/swag v1.16.4 h1:clWJtd9LStiG3VeijiCfOVODP6VpHtKdQy9ELFG3s1A= github.com/swaggo/swag v1.16.4/go.mod h1:VBsHJRsDvfYvqoiMKnsdwhNV9LEMHgEDZcyVYX0sxPg= github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= +github.com/tchap/go-patricia/v2 v2.3.2 h1:xTHFutuitO2zqKAQ5rCROYgUb7Or/+IC3fts9/Yc7nM= +github.com/tchap/go-patricia/v2 v2.3.2/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= github.com/testcontainers/testcontainers-go v0.35.0 h1:uADsZpTKFAtp8SLK+hMwSaa+X+JiERHtd4sQAFmXeMo= github.com/testcontainers/testcontainers-go v0.35.0/go.mod h1:oEVBj5zrfJTrgjwONs1SsRbnBtH9OKl+IGl3UMcr2B4= github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU= @@ -262,18 +288,26 @@ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0 h1:yd02MEj go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0/go.mod h1:umTcuxiv1n/s/S6/c2AT/g2CQ7u5C59sHDNmfSwgz7Q= go.opentelemetry.io/otel v1.33.0 h1:/FerN9bax5LoK51X/sI0SVYrjSE0/yUL7DpxW4K3FWw= go.opentelemetry.io/otel v1.33.0/go.mod h1:SUUkR6csvUQl+yjReHu5uM3EtVV7MBm5FHKRlNx4I8I= +go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= +go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0 h1:Vh5HayB/0HHfOQA7Ctx69E/Y/DcQSMPpKANYVMQ7fBA= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0/go.mod h1:cpgtDBaqD/6ok/UG0jT15/uKjAY8mRA53diogHBg3UI= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.33.0 h1:5pojmb1U1AogINhN3SurB+zm/nIcusopeBNp42f45QM= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.33.0/go.mod h1:57gTHJSE5S1tqg+EKsLPlTWhpHMsWlVmer+LA926XiA= go.opentelemetry.io/otel/metric v1.33.0 h1:r+JOocAyeRVXD8lZpjdQjzMadVZp2M4WmQ+5WtEnklQ= go.opentelemetry.io/otel/metric v1.33.0/go.mod h1:L9+Fyctbp6HFTddIxClbQkjtubW6O9QS3Ann/M82u6M= +go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M= +go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE= go.opentelemetry.io/otel/sdk v1.33.0 h1:iax7M131HuAm9QkZotNHEfstof92xM+N8sr3uHXc2IM= go.opentelemetry.io/otel/sdk v1.33.0/go.mod h1:A1Q5oi7/9XaMlIWzPSxLRWOI8nG3FnzHJNbiENQuihM= +go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY= +go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg= go.opentelemetry.io/otel/sdk/metric v1.31.0 h1:i9hxxLJF/9kkvfHppyLL55aW7iIJz4JjxTeYusH7zMc= go.opentelemetry.io/otel/sdk/metric v1.31.0/go.mod h1:CRInTMVvNhUKgSAMbKyTMxqOBC0zgyxzW55lZzX43Y8= go.opentelemetry.io/otel/trace v1.33.0 h1:cCJuF7LRjUFso9LPnEAHJDB2pqzp+hbO8eu1qqW2d/s= go.opentelemetry.io/otel/trace v1.33.0/go.mod h1:uIcdVUZMpTAmz0tI1z04GoVSezK37CbGV4fr1f2nBck= +go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs= +go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= go.opentelemetry.io/proto/otlp v1.4.0 h1:TA9WRvW6zMwP+Ssb6fLoUIuirti1gGbP28GcKG1jgeg= go.opentelemetry.io/proto/otlp v1.4.0/go.mod h1:PPBWZIP98o2ElSqI35IHfu7hIhSwvc5N38Jw8pXuGFY= go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= @@ -286,6 +320,8 @@ golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= +golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c= +golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -298,8 +334,12 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg= golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= @@ -308,10 +348,16 @@ google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 h1: google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576/go.mod h1:1R3kvZ1dtP3+4p4d3G8uJ8rFk/fWlScl38vanWACI08= google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY= google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463 h1:e0AIkUUhxyBKh6ssZNrAMeqhA7RKUj42346d1y02i2g= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= google.golang.org/grpc v1.69.2 h1:U3S9QEtbXC0bYNvRtcoklF3xGtLViumSYxWykJS+7AU= google.golang.org/grpc v1.69.2/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= +google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg= +google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec= google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= +google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= From 8dc2ef82855b24a0d869b7bf43cacf81864c5b46 Mon Sep 17 00:00:00 2001 From: Steven Trotter Date: Thu, 27 Mar 2025 21:45:49 +0000 Subject: [PATCH 4/4] Update internal/eval.go Co-authored-by: harrylincoln-CS --- internal/eval.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/internal/eval.go b/internal/eval.go index 6a3e7b2..90a2663 100644 --- a/internal/eval.go +++ b/internal/eval.go @@ -73,7 +73,10 @@ func (pe *PolicyEvaluator) Eval(data map[string]interface{}, policyPaths []strin // The plugin should pass in some parameters here that will uniquely identify the subject. // This could be a hostname in the case it's a machine, the identifier of a cloud resource, etc. - hostname := os.Getenv("HOSTNAME") + hostname, err := os.Hostname() + if err != nil { + hostname = "fallback-val" + } subjectAttributeMap := map[string]string{ "type": "machine-instance", "hostname": hostname,