🐛 ensure ebs connection config has type filesystem (#2293)

* 🐛 ensure ebs connection config has type filesystem * 🐛 ensure we do not try to mount a boot volume * 🐛 region fix for ebs scan with no region specified
mondoohq · Oct 19, 2023 · ddaf59c · ddaf59c
1 parent c0d0560
commit ddaf59c
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 6 deletions.
diff --git a/providers/aws/connection/awsec2ebsconn/provider.go b/providers/aws/connection/awsec2ebsconn/provider.go
@@ -67,9 +67,15 @@ func NewAwsEbsConnection(id uint32, conf *inventory.Config, asset *inventory.Ass
  cfg.Region = i.Region
  scannerSvc := ec2.NewFromConfig(cfg)
 
+ targetRegion := conf.Options["region"]
+ if targetRegion == "" {
+ log.Info().Msg("flag --region not specified, using scanner instance region")
+ targetRegion = i.Region
+ }
+
  // ec2 client for the target region
  cfgCopy := cfg.Copy()
- cfgCopy.Region = conf.Options["region"]
+ cfgCopy.Region = targetRegion
  targetSvc := ec2.NewFromConfig(cfgCopy)
 
  // 2. create provider instance
@@ -78,7 +84,7 @@ func NewAwsEbsConnection(id uint32, conf *inventory.Config, asset *inventory.Ass
  opts: conf.Options,
  target: awsec2ebstypes.TargetInfo{
  PlatformId: conf.PlatformId,
- Region: conf.Options["region"],
+ Region: targetRegion,
  Id: conf.Options["id"],
  },
  targetType: conf.Options["type"],
@@ -102,6 +108,10 @@ func NewAwsEbsConnection(id uint32, conf *inventory.Config, asset *inventory.Ass
  return c, errors.Wrap(err, "unable to validate")
  }
 
+ // In case of an error, c.Close() needs this:
+ asset.Connections[0].Options["scanner-id"] = c.scannerInstance.Id
+ asset.Connections[0].Options["scanner-region"] = c.scannerInstance.Region
+
  // 4. setup the volume for scanning
  // check if we got the no setup override option. this implies the target volume is already attached to the instance
  // this is used in cases where we need to test a snapshot created from a public marketplace image. the volume gets attached to a brand
@@ -170,9 +180,10 @@ func NewAwsEbsConnection(id uint32, conf *inventory.Config, asset *inventory.Ass
  }
 
  log.Debug().Interface("info", c.target).Str("type", c.targetType).Msg("target")
-
  // Create and initialize fs provider
+ conf.Options["path"] = volumeMounter.ScanDir
  fsConn, err := connection.NewFileSystemConnection(id, &inventory.Config{
+ Type: "filesystem",
  Path: volumeMounter.ScanDir,
  PlatformId: conf.PlatformId,
  Options: conf.Options,
@@ -193,8 +204,6 @@ func NewAwsEbsConnection(id uint32, conf *inventory.Config, asset *inventory.Ass
  }
  asset.Id = conf.Type
  asset.Platform.Runtime = c.Runtime()
- asset.Connections[0].Options["scanner-id"] = c.scannerInstance.Id
- asset.Connections[0].Options["scanner-region"] = c.scannerInstance.Region
  return c, nil
 }
 

diff --git a/providers/os/connection/snapshot/blockdevices.go b/providers/os/connection/snapshot/blockdevices.go
@@ -112,7 +112,7 @@ func (blockEntries blockDevices) GetUnmountedBlockEntry() (*fsInfo, error) {
 }
 
 func (entry blockDevice) IsNoBootVolume() bool {
- return entry.Uuid != "" && entry.FsType != "" && entry.FsType != "vfat" && entry.Label != "EFI"
+ return entry.Uuid != "" && entry.FsType != "" && entry.FsType != "vfat" && entry.Label != "EFI" && entry.Label != "boot"
 }
 
 func (entry blockDevice) IsNoBootVolumeAndUnmounted() bool {