From e03ced3df5b13013925177976f389df3c1360285 Mon Sep 17 00:00:00 2001
From: Christoph Hartmann <chris@lollyrock.com>
Date: Fri, 19 Jul 2024 09:36:38 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20update=20mql=20syntax=20(#1376)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/cnspec/cmd/policy-example.mql.yaml        | 2 +-
 examples/complex.mql.yaml                      | 6 +++---
 examples/directory/queries/sshd-01.mql.yaml    | 2 +-
 examples/directory/queries/sshd-02.mql.yaml    | 2 +-
 examples/directory/queries/sshd-03.mql.yaml    | 2 +-
 examples/example.mql.yaml                      | 4 ++--
 internal/bundle/testdata/failing_lint.mql.yaml | 6 +++---
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/apps/cnspec/cmd/policy-example.mql.yaml b/apps/cnspec/cmd/policy-example.mql.yaml
index e8a9a213..25f26be9 100644
--- a/apps/cnspec/cmd/policy-example.mql.yaml
+++ b/apps/cnspec/cmd/policy-example.mql.yaml
@@ -32,7 +32,7 @@ policies:
 queries:
   - uid: sshd-score-01
     title: Ensure SSH MaxAuthTries is set to 4 or less
-    mql: sshd.config.params["MaxAuthTries"] <= 4
+    mql: sshd.config.params.MaxAuthTries <= 4
     docs:
       desc: |
         The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection.
diff --git a/examples/complex.mql.yaml b/examples/complex.mql.yaml
index d24c76c3..a8a5d61c 100644
--- a/examples/complex.mql.yaml
+++ b/examples/complex.mql.yaml
@@ -16,17 +16,17 @@ policies:
         checks:
           - uid: sshd-01
             title: Set the port to 22
-            query: sshd.config.params["Port"] == 22
+            query: sshd.config.params.Port == 22
             severity: 30
 
           - uid: sshd-02
             title: Configure the address family
-            query: sshd.config.params["AddressFamily"] == /inet|inet6|any/
+            query: sshd.config.params.AddressFamily == /inet|inet6|any/
             severity: 40
 
           - uid: sshd-03
             title: Enable strict mode
-            query: sshd.config.params["StrictModes"] == "yes"
+            query: sshd.config.params.StrictModes == "yes"
             severity: 70
 
   # This is a second policy in the same bundle
diff --git a/examples/directory/queries/sshd-01.mql.yaml b/examples/directory/queries/sshd-01.mql.yaml
index c7d04b77..54ecff3c 100644
--- a/examples/directory/queries/sshd-01.mql.yaml
+++ b/examples/directory/queries/sshd-01.mql.yaml
@@ -5,4 +5,4 @@ queries:
   - uid: sshd-01
     title: Set the port to 22
     severity: 30
-    query: sshd.config.params["Port"] == 22
+    query: sshd.config.params.Port == 22
diff --git a/examples/directory/queries/sshd-02.mql.yaml b/examples/directory/queries/sshd-02.mql.yaml
index eb572789..195878a7 100644
--- a/examples/directory/queries/sshd-02.mql.yaml
+++ b/examples/directory/queries/sshd-02.mql.yaml
@@ -5,4 +5,4 @@ queries:
   - uid: sshd-02
     title: Configure the address family
     severity: 40
-    query: sshd.config.params["AddressFamily"] == /inet|inet6|any/
+    query: sshd.config.params.AddressFamily == /inet|inet6|any/
diff --git a/examples/directory/queries/sshd-03.mql.yaml b/examples/directory/queries/sshd-03.mql.yaml
index f6040ddc..86071a2b 100644
--- a/examples/directory/queries/sshd-03.mql.yaml
+++ b/examples/directory/queries/sshd-03.mql.yaml
@@ -5,4 +5,4 @@ queries:
   - uid: sshd-03
     title: Enable strict mode
     severity: 70
-    query: sshd.config.params["StrictModes"] == "yes"
+    query: sshd.config.params.StrictModes == "yes"
diff --git a/examples/example.mql.yaml b/examples/example.mql.yaml
index 974af462..e677579c 100644
--- a/examples/example.mql.yaml
+++ b/examples/example.mql.yaml
@@ -26,7 +26,7 @@ policies:
           # final score of this policy.
           - uid: sshd-01
             title: Ensure the port is set to 22
-            mql: sshd.config.params["Port"] == 22
+            mql: sshd.config.params.Port == 22
             # Impact is used for scoring. 100 = critical. 0 = informational.
             impact: 30
 
@@ -69,5 +69,5 @@ queries:
   # The title helps in printing.
   - uid: shared-query
     title: Enable strict mode
-    mql: sshd.config.params["StrictModes"] == "yes"
+    mql: sshd.config.params.StrictModes == "yes"
     impact: 70
diff --git a/internal/bundle/testdata/failing_lint.mql.yaml b/internal/bundle/testdata/failing_lint.mql.yaml
index 047997c1..4775b9c6 100644
--- a/internal/bundle/testdata/failing_lint.mql.yaml
+++ b/internal/bundle/testdata/failing_lint.mql.yaml
@@ -10,7 +10,7 @@ policies:
       - checks:
           - uid: sshd-01
             title: Ensure the port is set to 22
-            mql: sshd.config.params["Port"] == 22
+            mql: sshd.config.paramsPort == 22
             impact: 30
 
           - uid: sshd-02
@@ -40,8 +40,8 @@ policies:
 queries:
   - uid: shared-query
     title: Enable strict mode
-    mql: sshd.config.params["StrictModes"] == "yes"
+    mql: sshd.config.params.StrictModes == "yes"
     impact: 70
   - uid: unreferenced-query
     title: Query not assigned to Policy
-    mql: sshd.config.params["UsePAM"] == "yes"
+    mql: sshd.config.params.UsePAM == "yes"