⭐ Framework disabled state (#1365)

* feat: sync mondoo-go

* feat: add cmd alias

* fix: log message

* fix: mutation enable

* feat: add aliases

* feat: disable framework command

* feat: display preview state

* feat: handle disable frameworks

* add disabled handle

apps/cnspec/cmd/framework.go

@@ -37,6 +37,8 @@ func init() {
 	frameworkCmd.AddCommand(frameworkPreviewCmd)
 	// active
 	frameworkCmd.AddCommand(frameworkActiveCmd)
+	// disabled
+	frameworkCmd.AddCommand(frameworkDisabledCmd)
 	// download
 	frameworkDownloadCmd.Flags().StringP("file", "f", "", "output file")
 	frameworkCmd.AddCommand(frameworkDownloadCmd)
@@ -46,8 +48,9 @@ func init() {
 }
 
 var frameworkCmd = &cobra.Command{
-	Use:   "framework",
-	Short: "Manage local and Mondoo Platform hosted compliance frameworks",
+	Use:     "framework",
+	Short:   "Manage local and Mondoo Platform hosted compliance frameworks",
+	Aliases: []string{"frameworks"},
 }
 
 var frameworkListCmd = &cobra.Command{
@@ -104,6 +107,10 @@ var frameworkListCmd = &cobra.Command{
 			extraInfo := []string{}
 			if framework.State == mondoogql.ComplianceFrameworkStateActive {
 				extraInfo = append(extraInfo, theme.DefaultTheme.Success("active"))
+			} else if framework.State == mondoogql.ComplianceFrameworkStatePreview {
+				extraInfo = append(extraInfo, theme.DefaultTheme.PolicyPrinter.Yellow("preview"))
+			} else if framework.State == mondoogql.ComplianceFrameworkStateDisabled {
+				extraInfo = append(extraInfo, theme.DefaultTheme.Disabled("disabled"))
 			} else if framework.State == mondoogql.ComplianceFrameworkState("") {
 				extraInfo = append(extraInfo, theme.DefaultTheme.Disabled("local"))
 			}
@@ -261,9 +268,10 @@ var frameworkPreviewCmd = &cobra.Command{
 }
 
 var frameworkActiveCmd = &cobra.Command{
-	Use:   "active [mrn]",
-	Short: "Change a framework status to active",
-	Args:  cobra.ExactArgs(1),
+	Use:     "active [mrn]",
+	Aliases: []string{"enable", "activate"},
+	Short:   "Change a framework status to active",
+	Args:    cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
 		opts, err := config.Read()
 		if err != nil {
@@ -283,18 +291,58 @@ var frameworkActiveCmd = &cobra.Command{
 
 		ok, err := cnspec_upstream.MutateFrameworkState(
 			context.Background(), mondooClient, frameworkMrn,
-			opts.GetParentMrn(), mondoogql.ComplianceFrameworkMutationActionPreview,
+			opts.GetParentMrn(), mondoogql.ComplianceFrameworkMutationActionEnable,
 		)
 		if err != nil {
 			log.Error().Msgf("failed to set compliance framework to active state in space: %s", err)
 			os.Exit(1)
 		}
 		if !ok {
-			log.Error().Msgf("failed to set compliance framework to preview state in space")
+			log.Error().Msgf("failed to set compliance framework to active state in space")
 			os.Exit(1)
 		}
 		log.Info().Msg(theme.DefaultTheme.Success("successfully set compliance framework to active state in space"))
 
 		return nil
 	},
 }
+
+var frameworkDisabledCmd = &cobra.Command{
+	Use:     "disabled [mrn]",
+	Aliases: []string{"disable"},
+	Short:   "Change a framework status to disabled",
+	Args:    cobra.ExactArgs(1),
+	RunE: func(cmd *cobra.Command, args []string) error {
+		opts, err := config.Read()
+		if err != nil {
+			return err
+		}
+		config.DisplayUsedConfig()
+
+		mondooClient, err := getGqlClient(opts)
+		if err != nil {
+			return err
+		}
+
+		frameworkMrn := args[0]
+		if !strings.HasPrefix(frameworkMrn, PolicyMrnPrefix) {
+			frameworkMrn = FrameworkMrnPrefix + "/" + frameworkMrn
+		}
+
+		ok, err := cnspec_upstream.MutateFrameworkState(
+			context.Background(), mondooClient, frameworkMrn,
+			opts.GetParentMrn(), mondoogql.ComplianceFrameworkMutationActionDisable,
+		)
+		if err != nil {
+			log.Error().Msgf("failed to set compliance framework to disabled state in space: %s", err)
+			os.Exit(1)
+		}
+		if !ok {
+			log.Error().Msgf("failed to set compliance framework to disabled state in space")
+			os.Exit(1)
+		}
+		log.Info().Msg(theme.DefaultTheme.Success("successfully set compliance framework to disabled state in space"))
+
+		return nil
+	},
+}

go.mod

@@ -34,7 +34,7 @@ require (
 	github.com/spf13/viper v1.19.0
 	github.com/stretchr/testify v1.9.0
 	go.mondoo.com/cnquery/v11 v11.12.2
-	go.mondoo.com/mondoo-go v0.0.0-20240704105318-097765f8523d
+	go.mondoo.com/mondoo-go v0.0.0-20240709212130-c2418a0535d4
 	go.mondoo.com/ranger-rpc v0.6.1
 	go.opentelemetry.io/otel v1.28.0
 	gocloud.dev v0.37.0

go.sum

@@ -1235,6 +1235,8 @@ go.mondoo.com/cnquery/v11 v11.12.2 h1:qkhPHt75rWSXCIAQHr6yRm3fsper3RJWVSWEQFg13X
 go.mondoo.com/cnquery/v11 v11.12.2/go.mod h1:fwsl8ivZwHW/GDEevxir1cQF864/gJ0rmjVtAigQuS4=
 go.mondoo.com/mondoo-go v0.0.0-20240704105318-097765f8523d h1:Jr55zA89Yf70egaA1wZXUUJGnUc+O5HkTGBBKjU9poI=
 go.mondoo.com/mondoo-go v0.0.0-20240704105318-097765f8523d/go.mod h1:4032UBD0ph9LyhXq5OQmmxkJv37HdAGi34YLWbhnMDA=
+go.mondoo.com/mondoo-go v0.0.0-20240709212130-c2418a0535d4 h1:kynKlEkGktvbS9sp679biYRbliKBAdAYpYRDWp+ktY0=
+go.mondoo.com/mondoo-go v0.0.0-20240709212130-c2418a0535d4/go.mod h1:4032UBD0ph9LyhXq5OQmmxkJv37HdAGi34YLWbhnMDA=
 go.mondoo.com/ranger-rpc v0.6.1 h1:aOMsKD7zwQBGmt998fdAkk/G+XWk5+sjsi/XPVUSCJw=
 go.mondoo.com/ranger-rpc v0.6.1/go.mod h1:sbv789sxgfu1vpJzmD7j4/FgjFB41GDWsM0d6fNsu68=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=

policy/resolver.go

@@ -84,8 +84,8 @@ func (s *LocalServices) Assign(ctx context.Context, assignment *PolicyAssignment
 
 // Unassign a policy to an asset
 func (s *LocalServices) Unassign(ctx context.Context, assignment *PolicyAssignment) (*Empty, error) {
-	if len(assignment.PolicyMrns) == 0 {
-		return nil, status.Error(codes.InvalidArgument, "a policy mrn is required")
+	if len(assignment.PolicyMrns)+len(assignment.FrameworkMrns) == 0 {
+		return nil, status.Error(codes.InvalidArgument, "a policy or framework mrn is required")
 	}
 
 	// all remote, call upstream