refactor(cli): migrate cmd compliance aws|gcp|azure get-report

Signed-off-by: Darren Murray <[email protected]>

cli/cmd/compliance.go

@@ -180,7 +180,7 @@ func init() {
 	complianceCmd.AddCommand(complianceGcpCmd)
 }
 
-func complianceReportSummaryTable(summaries []api.ComplianceSummary) [][]string {
+func complianceReportSummaryTable(summaries []api.ReportSummary) [][]string {
 	if len(summaries) == 0 {
 		return [][]string{}
 	}
@@ -194,7 +194,7 @@ func complianceReportSummaryTable(summaries []api.ComplianceSummary) [][]string
 	}
 }
 
-func complianceReportRecommendationsTable(recommendations []api.ComplianceRecommendation) [][]string {
+func complianceReportRecommendationsTable(recommendations []api.RecommendationV2) [][]string {
 	out := [][]string{}
 	for _, recommend := range recommendations {
 		out = append(out, []string{
@@ -235,7 +235,7 @@ type complianceCSVReportDetails struct {
 	ReportTime time.Time
 
 	// Recommendations
-	Recommendations []api.ComplianceRecommendation
+	Recommendations []api.RecommendationV2
 }
 
 func (c complianceCSVReportDetails) GetAccountDetails() []string {
@@ -379,8 +379,8 @@ func buildComplianceReportTable(detailsTable, summaryTable, recommendationsTable
 	return mainReport.String()
 }
 
-func filterRecommendations(recommendations []api.ComplianceRecommendation) ([]api.ComplianceRecommendation, string) {
-	var filtered []api.ComplianceRecommendation
+func filterRecommendations(recommendations []api.RecommendationV2) ([]api.RecommendationV2, string) {
+	var filtered []api.RecommendationV2
 	for _, r := range recommendations {
 		if matchRecommendationsFilters(r) {
 			filtered = append(filtered, r)
@@ -394,7 +394,7 @@ func filterRecommendations(recommendations []api.ComplianceRecommendation) ([]ap
 	return filtered, fmt.Sprintf("%v of %v recommendations showing \n", len(filtered), len(recommendations))
 }
 
-func matchRecommendationsFilters(r api.ComplianceRecommendation) bool {
+func matchRecommendationsFilters(r api.RecommendationV2) bool {
 	var results []bool
 
 	// severity returns specified threshold and above
@@ -448,7 +448,7 @@ func validRecommendationID(s string) bool {
 	return match
 }
 
-func outputResourcesByRecommendationID(report api.CloudComplianceReport) error {
+func outputResourcesByRecommendationID(report api.CloudComplianceReportV2) error {
 	recommendation := report.GetComplianceRecommendation(compCmdState.RecommendationID)
 	violations := recommendation.Violations
 	affectedResources := len(recommendation.Violations)
@@ -495,7 +495,7 @@ func outputResourcesByRecommendationID(report api.CloudComplianceReport) error {
 	return nil
 }
 
-func violationsToTable(violations []api.ComplianceViolation) (resourceTable [][]string) {
+func violationsToTable(violations []api.ComplianceViolationV2) (resourceTable [][]string) {
 	for _, v := range violations {
 		resourceTable = append(resourceTable, []string{v.Resource, v.Region, strings.Join(v.Reasons, ",")})
 	}

cli/cmd/compliance_aws.go

@@ -61,7 +61,6 @@ var (
 			if compCmdState.Csv {
 				cli.EnableCSVOutput()
 			}
-
 			if len(args) > 1 {
 				compCmdState.RecommendationID = args[1]
 				if !validRecommendationID(compCmdState.RecommendationID) {
@@ -76,10 +75,14 @@ var (
 			case "SOC_Rev2":
 				compCmdState.Type = fmt.Sprintf("AWS_%s", compCmdState.Type)
 				return nil
-			case "AWS_CIS_S3", "NIST_800-53_Rev4", "NIST_800-171_Rev2", "ISO_2700", "HIPAA", "SOC", "AWS_SOC_Rev2", "PCI":
+			case "AWS_CIS_S3", "NIST_800-53_Rev4", "NIST_800-171_Rev2", "ISO_2700", "HIPAA", "SOC", "AWS_SOC_Rev2",
+				"PCI", "AWS_CIS_14", "AWS_CMMC_1.02", "AWS_HIPAA", "AWS_ISO_27001:2013", "AWS_NIST_CSF", "AWS_NIST_800-171_rev2",
+				"AWS_NIST_800-53_rev5", "AWS_PCI_DSS_3.2.1", "AWS_SOC_2", "LW_AWS_SEC_ADD_1_0":
 				return nil
 			default:
-				return errors.New("supported report types are: CIS, NIST_800-53_Rev4, NIST_800-171_Rev2, ISO_2700, HIPAA, SOC, SOC_Rev2, or PCI")
+				return errors.New(`supported report types are: AWS_CIS_S3', 'NIST_800-53_Rev4', 'NIST_800-171_Rev2', 
+'ISO_2700', 'HIPAA', 'SOC', 'AWS_SOC_Rev2', 'PCI', 'AWS_CIS_14', 'AWS_CMMC_1.02', 'AWS_HIPAA', 'AWS_ISO_27001:2013', 
+'AWS_NIST_CSF', 'AWS_NIST_800-171_rev2', 'AWS_NIST_800-53_rev5', 'AWS_PCI_DSS_3.2.1', 'AWS_SOC_2', 'LW_AWS_SEC_ADD_1_0'`)
 			}
 		},
 		Short: "Get the latest AWS compliance report",
@@ -101,13 +104,18 @@ To show recommendation details and affected resources for a recommendation id:
 `,
 		Args: cobra.RangeArgs(1, 2),
 		RunE: func(_ *cobra.Command, args []string) error {
+			reportType, err := api.NewAwsReportType(compCmdState.Type)
+			if err != nil {
+				return errors.Errorf("invalid report type %q", compCmdState.Type)
+			}
+
 			var (
 				// clean the AWS account ID if it was provided
 				// with an Alias in between parentheses
 				awsAccountID, _ = splitIDAndAlias(args[0])
-				config          = api.ComplianceAwsReportConfig{
+				config          = api.AwsReportConfig{
 					AccountID: awsAccountID,
-					Type:      compCmdState.Type,
+					Type:      reportType,
 				}
 			)
 
@@ -120,7 +128,7 @@ To show recommendation details and affected resources for a recommendation id:
 				)
 
 				cli.StartProgress("Downloading compliance report...")
-				err := cli.LwApi.Compliance.DownloadAwsReportPDF(pdfName, config)
+				err := cli.LwApi.V2.Reports.Aws.DownloadPDF(pdfName, config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get aws pdf compliance report")
@@ -146,13 +154,13 @@ To show recommendation details and affected resources for a recommendation id:
 			}
 
 			var (
-				report   api.ComplianceAwsReport
-				cacheKey = fmt.Sprintf("compliance/aws/%s/%s", config.AccountID, config.Type)
+				report   api.AwsReport
+				cacheKey = fmt.Sprintf("compliance/aws/v2/%s/%s", config.AccountID, config.Type)
 			)
 			expired := cli.ReadCachedAsset(cacheKey, &report)
 			if expired {
 				cli.StartProgress("Getting compliance report...")
-				response, err := cli.LwApi.Compliance.GetAwsReport(config)
+				response, err := cli.LwApi.V2.Reports.Aws.Get(config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get aws compliance report")
@@ -215,6 +223,7 @@ To show recommendation details and affected resources for a recommendation id:
 		},
 	}
 
+	// Todo(v2): deprecate??
 	// complianceAwsRunAssessmentCmd represents the run-assessment sub-command inside the aws command
 	complianceAwsRunAssessmentCmd = &cobra.Command{
 		Use:     "run-assessment <account_id>",
@@ -223,6 +232,7 @@ To show recommendation details and affected resources for a recommendation id:
 		Long:    `Run a compliance assessment for the provided AWS account.`,
 		Args:    cobra.ExactArgs(1),
 		RunE: func(_ *cobra.Command, args []string) error {
+			// Todo(v2): replace with v2
 			response, err := cli.LwApi.Compliance.RunAwsReport(args[0])
 			if err != nil {
 				return errors.Wrap(err, "unable to run aws compliance assessment")
@@ -603,7 +613,7 @@ func complianceAwsDisableReportDisplayChanges() (bool, error) {
 	return answer == 0, nil
 }
 
-func complianceAwsReportDetailsTable(report *api.ComplianceAwsReport) [][]string {
+func complianceAwsReportDetailsTable(report *api.AwsReport) [][]string {
 	return [][]string{
 		[]string{"Report Type", report.ReportType},
 		[]string{"Report Title", report.ReportTitle},

cli/cmd/compliance_azure.go

@@ -142,15 +142,20 @@ To show recommendation details and affected resources for a recommendation id:
 `,
 		Args: cobra.RangeArgs(2, 3),
 		RunE: func(_ *cobra.Command, args []string) error {
+			reportType, err := api.NewAzureReportType(compCmdState.Type)
+			if err != nil {
+				return errors.Errorf("invalid report type %q", compCmdState.Type)
+			}
+
 			var (
 				// clean tenantID and subscriptionID if they were provided
 				// with an Alias in between parentheses
 				tenantID, _       = splitIDAndAlias(args[0])
 				subscriptionID, _ = splitIDAndAlias(args[1])
-				config            = api.ComplianceAzureReportConfig{
+				config            = api.AzureReportConfig{
 					TenantID:       tenantID,
 					SubscriptionID: subscriptionID,
-					Type:           compCmdState.Type,
+					Type:           reportType,
 				}
 			)
 
@@ -164,7 +169,7 @@ To show recommendation details and affected resources for a recommendation id:
 				)
 
 				cli.StartProgress("Downloading compliance report...")
-				err := cli.LwApi.Compliance.DownloadAzureReportPDF(pdfName, config)
+				err := cli.LwApi.V2.Reports.Azure.DownloadPDF(pdfName, config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get azure pdf compliance report")
@@ -190,14 +195,14 @@ To show recommendation details and affected resources for a recommendation id:
 			}
 
 			var (
-				report   api.ComplianceAzureReport
-				cacheKey = fmt.Sprintf("compliance/azure/%s/%s/%s",
+				report   api.AzureReport
+				cacheKey = fmt.Sprintf("compliance/azure/v2/%s/%s/%s",
 					config.TenantID, config.SubscriptionID, config.Type)
 			)
 			expired := cli.ReadCachedAsset(cacheKey, &report)
 			if expired {
 				cli.StartProgress("Getting compliance report...")
-				response, err := cli.LwApi.Compliance.GetAzureReport(config)
+				response, err := cli.LwApi.V2.Reports.Azure.Get(config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get azure compliance report")
@@ -569,7 +574,7 @@ func complianceAzureDisableReportDisplayChanges(arg string) (bool, error) {
 	return answer == 0, nil
 }
 
-func complianceAzureReportDetailsTable(report *api.ComplianceAzureReport) [][]string {
+func complianceAzureReportDetailsTable(report *api.AzureReport) [][]string {
 	return [][]string{
 		[]string{"Report Type", report.ReportType},
 		[]string{"Report Title", report.ReportTitle},

cli/cmd/compliance_gcp.go

@@ -147,15 +147,20 @@ To show recommendation details and affected resources for a recommendation id:
 `,
 		Args: cobra.RangeArgs(2, 3),
 		RunE: func(_ *cobra.Command, args []string) error {
+			reportType, err := api.NewGcpReportType(compCmdState.Type)
+			if err != nil {
+				return errors.Errorf("invalid report type %q", compCmdState.Type)
+			}
+
 			var (
 				// clean projectID and orgID if they were provided
 				// with an Alias in between parentheses
 				orgID, _     = splitIDAndAlias(args[0])
 				projectID, _ = splitIDAndAlias(args[1])
-				config       = api.ComplianceGcpReportConfig{
+				config       = api.GcpReportConfig{
 					OrganizationID: orgID,
 					ProjectID:      projectID,
-					Type:           compCmdState.Type,
+					Type:           reportType,
 				}
 			)
 
@@ -169,7 +174,7 @@ To show recommendation details and affected resources for a recommendation id:
 				)
 
 				cli.StartProgress(" Downloading compliance report...")
-				err := cli.LwApi.Compliance.DownloadGcpReportPDF(pdfName, config)
+				err := cli.LwApi.V2.Reports.Gcp.DownloadPDF(pdfName, config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get gcp pdf compliance report")
@@ -202,14 +207,14 @@ To show recommendation details and affected resources for a recommendation id:
 			}
 
 			var (
-				report   api.ComplianceGcpReport
-				cacheKey = fmt.Sprintf("compliance/google/%s/%s/%s",
+				report   api.GcpReport
+				cacheKey = fmt.Sprintf("compliance/google/v2/%s/%s/%s",
 					orgIDForCache, config.ProjectID, config.Type)
 			)
 			expired := cli.ReadCachedAsset(cacheKey, &report)
 			if expired {
 				cli.StartProgress(" Getting compliance report...")
-				response, err := cli.LwApi.Compliance.GetGcpReport(config)
+				response, err := cli.LwApi.V2.Reports.Gcp.Get(config)
 				cli.StopProgress()
 				if err != nil {
 					return errors.Wrap(err, "unable to get gcp compliance report")
@@ -582,7 +587,7 @@ func complianceGcpDisableReportDisplayChanges(arg string) (bool, error) {
 	return answer == 0, nil
 }
 
-func complianceGcpReportDetailsTable(report *api.ComplianceGcpReport) [][]string {
+func complianceGcpReportDetailsTable(report *api.GcpReport) [][]string {
 	return [][]string{
 		[]string{"Report Type", report.ReportType},
 		[]string{"Report Title", report.ReportTitle},