⭐ wire data queries to controls

This creates the internal wiring to collect data queries for controls. It connects each datapoint that a query produces to all the reporting job of the control that it is mapped to. Follow-up: I noticed that we don't do a decent job on printing just yet, e.g. we only print if a control passes or fails bound to its score. That's why there isn't a good place to add datapoints yet, considering we already print all data that is executed for a policy. Definitely looking to improve the CLI experience. Signed-off-by: Dominik Richter <[email protected]>
mondoohq · Oct 15, 2023 · 945498d · 945498d
1 parent eb31637
commit 945498d
Show file tree

Hide file tree

Showing 5 changed files with 924 additions and 850 deletions.
diff --git a/examples/compliance.mql.yaml b/examples/compliance.mql.yaml
@@ -19,6 +19,10 @@ policies:
       title: SSH config editing should be limited to admins
       mql: sshd.config.file.permissions.mode == 0644
       impact: 100
+    queries:
+    - uid: sshd-params
+      title: SSHd configuration
+      mql: sshd.config.params
 
 frameworks:
 - uid: compliance-x
@@ -27,7 +31,7 @@ frameworks:
   - title: System hardening
     controls:
     - uid: compliance-x-01
-      title: Only use strong ciphers
+      title: Securely configure your SSH
     - uid: compliance-x-02
       title: Limit access to system configuration
     - uid: compliance-x-03
@@ -46,6 +50,8 @@ framework_maps:
     checks:
     - uid: sshd-ciphers-01
     - uid: sshd-ciphers-02
+    queries:
+    - uid: sshd-params
   - uid: compliance-x-02
     checks:
     - uid: sshd-config-permissions