feat: add support for Aqua platform login #23
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
36b719d to
cf705f0
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR introduces Aqua platform login support to Trivy MCP along with integrating Aqua scanning into existing Trivy scan functionality.
- Adds a new authentication command to securely save and verify Aqua credentials.
- Updates scanning logic to conditionally use Aqua platform credentials.
- Refactors flag and options management to support Aqua-specific parameters.
Reviewed Changes
Copilot reviewed 15 out of 17 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/tools/version_test.go | Added tests for the version handler. |
| pkg/tools/tool_options.go | Added Aqua platform flag options for API key and secret. |
| pkg/tools/scan.go | Updated scan logic to branch for Aqua platform integration. |
| pkg/tools/aqua.go | Implemented Aqua platform scanning integration. |
| pkg/mcpserver/mcp.go | Updated tools import path. |
| pkg/flag/options.go | Refactored flag options and introduced login options. |
| pkg/flag/flag.go | Updated flag handling and added Aqua login flag definitions. |
| pkg/commands/auth.go | Added new auth command for Aqua credentials input/verification. |
| pkg/commands/app.go | Integrated auth command and updated flag initialization. |
| internal/creds/verify.go | Added Aqua credentials verification via a JWT token. |
| internal/creds/aqua.go | Implemented saving and loading of Aqua credentials using keyring. |
Files not reviewed (2)
- Makefile: Language not supported
- go.mod: Language not supported
Comments suppressed due to low confidence (3)
pkg/tools/scan.go:90
- The variable 'target' is not defined in this function scope. Consider using the appropriate argument (e.g. request.Params.Arguments['target']) or define 'target' before appending it.
args = append(args, target)
pkg/commands/auth.go:52
- There is a spelling mistake in 'avaliableRegions'. It should be corrected to 'availableRegions'.
avaliableRegions := []string{
pkg/tools/aqua.go:13
- [nitpick] The imported filepath package is non-standard. Consider using Go's standard 'path/filepath' package unless the alternative package is required for a specific purpose.
github.com/opencontainers/runtime-tools/filepath
cf705f0 to
929fce3
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR introduces support for Aqua Platform login, enabling users to scan targets using Aqua Platform credentials. Key changes include:
- Adding new Aqua Platform flags and options in tool_options.go, flag/options.go, and flag/flag.go.
- Integrating Aqua Platform support into scanning and server startup by modifying scan.go, tool.go, and mcp.go.
- Implementing a new "login" command and credentials verification/storage in commands/auth.go and internal/creds.
Reviewed Changes
Copilot reviewed 16 out of 18 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/tools/version_test.go | Adds tests for the version handler. |
| pkg/tools/tool_options.go | Introduces Aqua-specific options. |
| pkg/tools/tool.go | Propagates Aqua platform usage flag into the tool configuration. |
| pkg/tools/scan.go | Implements conditional execution to scan through Aqua Platform when enabled. |
| pkg/tools/aqua.go | New file implementing Aqua Platform scanning logic. |
| pkg/mcpserver/mcp.go | Adjusts server startup to verify Aqua credentials on initialization. |
| pkg/flag/options.go | Updates options structure with Aqua flags and login options. |
| pkg/flag/flag.go | Refactors flag definitions to include new Aqua flags. |
| pkg/commands/run.go | Removed obsolete command handler. |
| pkg/commands/auth.go | Adds "login" command for Aqua Platform authentication. |
| pkg/commands/app.go | Integrates the new auth command and updates flag initialization. |
| internal/creds/verify.go | Adds logic to verify Aqua credentials. |
| internal/creds/aqua.go | Implements Aqua credentials storage and retrieval using the OS keyring. |
Files not reviewed (2)
- Makefile: Language not supported
- go.mod: Language not supported
Comments suppressed due to low confidence (1)
pkg/tools/scan.go:90
- The variable 'target' is used without being defined. Consider retrieving the target value from the request parameters or passing a defined variable to the Aqua platform scanning function.
args = append(args, target)
- add sub command to login to aqua platform - support using aqua platform in the command Signed-off-by: Owen Rumney <owen.rumney@aquasec.com>
929fce3 to
0122704
Compare
disable the aqua related stuff so this can be merged Signed-off-by: Owen Rumney <owen.rumney@aquasec.com>
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for Aqua platform login, enabling the MCP server to authenticate and scan using Aqua credentials. Key changes include:
- Introducing the "useAquaPlatform" flag and associated options.
- Modifying the scanning flow to branch into Aqua-specific logic when enabled.
- Adding new commands and modules for handling Aqua credentials and token verification.
Reviewed Changes
Copilot reviewed 21 out of 23 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/tools/tool_options.go | Added comment clarification for reusable tool options. |
| pkg/tools/tool.go | Introduced useAquaPlatform flag in the tool struct and constructor. |
| pkg/tools/scan.go | Added Aqua-specific scanning branch and integrated credentials loading. |
| pkg/tools/aqua.go | Implemented Aqua platform scanning logic with environment handling. |
| pkg/mcpserver/mcp.go | Updated server initialization to support Aqua credentials. |
| pkg/flag/options.go | Revised flag options structure and added Aqua login flags. |
| pkg/flag/flag.go | Changed flag handling for both MCP and Aqua login scenarios. |
| pkg/flag/aqua_enabled.go / aqua_disabled.go | Added build tags to differentiate Aqua-enabled and disabled builds. |
| pkg/commands/auth.go | Added Aqua login command for handling credential input and verification. |
| internal/creds/* | Added credential verification, saving, loading, and JWT token retrieval. |
Files not reviewed (2)
- Makefile: Language not supported
- go.mod: Language not supported
Comments suppressed due to low confidence (1)
pkg/tools/scan.go:86
- The variable 'target' is used without being defined. Consider defining or replacing it with the correct variable holding the scanning target.
args = append(args, target)
Not ready to release the aqua login code so putting behind a build tag Signed-off-by: Owen Rumney <owen.rumney@aquasec.com>
4b755bf to
1c29024
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Owen Rumney owen.rumney@aquasec.com