Open vjeffrey opened 1 year ago
Same happens on AWS EC2 RHEL instance:
cnspec scan local
→ no Mondoo configuration file provided, using defaults
! No credentials provided. Switching to --incognito mode.
→ discover related assets for 1 asset(s)
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── X score
Asset: //policy.api.mondoo.com/assets/2WeJXyhYBmG0UnbHy3A7e7TKm6Y
-----------------------------------------------------------------
error: failed to compile fetched bundle: failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-kubernetes-security-pod-allowprivilegeescalation: failed to compile query 'k8s.pod {
ephemeralContainers {
securityContext['allowPrivilegeEscalation'] != true
}
initContainers {
securityContext['allowPrivilegeEscalation'] != true
}
containers {
securityContext['allowPrivilegeEscalation'] != true
}
}
': cannot find field 'pod' in k8s
....
cnspec v9.0.3
i think the one you have there is a bit different @czunker -- on my error the queries are missing, they're variant queries. on yours we seem to be trying to compile queries that don't match the provider
i thought that was recently fixed :/
i thought that was recently fixed :/
That's still an issue:
cnspec scan aws --incognito
→ found a new version for 'aws' provider installed=9.0.17 latest=9.0.18
...
error: failed to compile fetched bundle: failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-iam-user-no-inline-policies-check: cannot find dependent composed query '//registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-iam-user-no-inline-policies-check-account'
failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-iam-group-has-users-check: cannot find dependent composed query '//registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-iam-group-has-users-check-account'
failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-vpc-default-security-group-closed: cannot find dependent composed query '//registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-vpc-default-security-group-closed-account'
failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-vpc-flow-logs-enabled: cannot find dependent composed query '//registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-vpc-flow-logs-enabled-account'
failed to compile //registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-s3-bucket-level-public-access-prohibited: cannot find dependent composed query '//registry.mondoo.com/namespace/mondoohq/queries/mondoo-aws-security-s3-bucket-level-public-access-prohibited-account'
this is a registry bug