✨ IBM cloud detect (#5589)

Enhance our cloud detect package to detect IBM instances. This change follows
the patterns already implemented for AWS, GCP, Azure, and VMware.

Note that IBM Cloud doesn't have the Metadata service turned on by
default, users must opt-in to have it available. Only those instances
are the ones we will detect.

Signed-off-by: Salim Afiune Maya <afiune@mondoo.com>

Author: afiune

providers/os/id/azure/azure.go

@@ -20,7 +20,7 @@ const (
 
 func Detect(conn shared.Connection, pf *inventory.Platform) (string, string, []string) {
 	sysVendor := ""
-	if pf.IsFamily("linux") {
+	if pf.IsFamily(inventory.FAMILY_LINUX) {
 		// Fetching the product version from the smbios manager is slow
 		// because it iterates through files we don't need to check. This
 		// is an optimization for our sshfs. Also, be aware that on linux,

providers/os/id/clouddetect/clouddetect.go

@@ -12,6 +12,7 @@ import (
 	"go.mondoo.com/cnquery/v11/providers/os/id/aws"
 	"go.mondoo.com/cnquery/v11/providers/os/id/azure"
 	"go.mondoo.com/cnquery/v11/providers/os/id/gcp"
+	"go.mondoo.com/cnquery/v11/providers/os/id/ibm"
 	"go.mondoo.com/cnquery/v11/providers/os/id/vmware"
 )
 
@@ -32,13 +33,15 @@ var (
 	GCP     CloudProviderType = "GCP"
 	AZURE   CloudProviderType = "AZURE"
 	VMWARE  CloudProviderType = "VMWARE"
+	IBM     CloudProviderType = "IBM"
 )
 
 var detectors = map[CloudProviderType]detectorFunc{
 	AWS:    aws.Detect,
 	GCP:    gcp.Detect,
 	AZURE:  azure.Detect,
 	VMWARE: vmware.Detect,
+	IBM:    ibm.Detect,
 }
 
 // PlatformInfo contains platform information gathered from one of our cloud detectors.

providers/os/id/gcp/gcp.go

@@ -20,7 +20,7 @@ const (
 
 func Detect(conn shared.Connection, p *inventory.Platform) (string, string, []string) {
 	productName := ""
-	if p.IsFamily("linux") {
+	if p.IsFamily(inventory.FAMILY_LINUX) {
 		// Fetching the product version from the smbios manager is slow
 		// because it iterates through files we don't need to check. This
 		// is an optimization for our sshfs. Also, be aware that on linux,

providers/os/id/ibm/ibm.go

@@ -0,0 +1,74 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package ibm
+
+import (
+	"strings"
+
+	"github.com/rs/zerolog/log"
+	"github.com/spf13/afero"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers/os/connection/shared"
+	"go.mondoo.com/cnquery/v11/providers/os/id/ibmcompute"
+	"go.mondoo.com/cnquery/v11/providers/os/resources/smbios"
+)
+
+var identifierFilesLinux = []string{
+	"/sys/class/dmi/id/chassis_vendor",
+	"/sys/class/dmi/id/uevent",
+	"/sys/class/dmi/id/modalias",
+}
+
+func Detect(conn shared.Connection, pf *inventory.Platform) (string, string, []string) {
+	sysVendor := ""
+	if pf.IsFamily(inventory.FAMILY_LINUX) && pf.Name != "aix" {
+		// Fetching the product version from the smbios manager is slow
+		// because it iterates through files we don't need to check. This
+		// is an optimization for our sshfs. Also, be aware that on linux,
+		// you may not have access to all the smbios things under /sys, so
+		// you want to make sure to only check some files for detection
+		//
+		// NOTE: The smbios implementation for AIX systems use the command
+		// `prtconf` which is exactly what we need and performant.
+		for _, identityFile := range identifierFilesLinux {
+			content, err := afero.ReadFile(conn.FileSystem(), identityFile)
+			if err == nil {
+				sysVendor = string(content)
+				break
+			}
+			log.Debug().Err(err).Msgf("unable to read %s", identityFile)
+		}
+	} else {
+		smbiosMgr, err := smbios.ResolveManager(conn, pf)
+		if err != nil {
+			log.Debug().Err(err).Msg("failed to resolve smbios manager")
+			return "", "", nil
+		}
+
+		info, err := smbiosMgr.Info()
+		if err != nil {
+			log.Debug().Err(err).Msg("failed to query smbios")
+			return "", "", nil
+		}
+
+		sysVendor = info.SysInfo.Vendor
+	}
+
+	if strings.Contains(sysVendor, "IBM") {
+		mdsvc, err := ibmcompute.Resolve(conn, pf)
+		if err != nil {
+			log.Debug().Err(err).Msg("failed to get metadata resolver")
+			return "", "", nil
+		}
+		id, err := mdsvc.Identify()
+		if err == nil {
+			return id.InstanceID, id.InstanceName, id.PlatformMrns
+		}
+		log.Debug().Err(err).
+			Strs("platform", pf.GetFamily()).
+			Msg("failed to get IBM platform id")
+	}
+
+	return "", "", nil
+}

providers/os/id/ibm/ibm_test.go

@@ -0,0 +1,70 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package ibm_test
+
+import (
+	"testing"
+
+	subject "go.mondoo.com/cnquery/v11/providers/os/id/ibm"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers/os/connection/mock"
+	"go.mondoo.com/cnquery/v11/providers/os/detector"
+)
+
+func TestDetectLinuxInstance(t *testing.T) {
+	conn, err := mock.New(0, "./testdata/instance_linux.toml", &inventory.Asset{})
+	require.NoError(t, err)
+	platform, ok := detector.DetectOS(conn)
+	require.True(t, ok)
+
+	identifier, name, relatedIdentifiers := subject.Detect(conn, platform)
+
+	assert.Equal(t,
+		"//platformid.api.mondoo.app/runtime/ibm/compute/v1/accounts/bbb1e1386b1c419f929ecf7499b20ab6/location/us-east-2/instances/0767_596409db-cb61-4d33-9550-6b86b503ed12",
+		identifier,
+	)
+	assert.Equal(t, "salim-test", name)
+	require.Len(t, relatedIdentifiers, 1)
+	assert.Equal(t,
+		"//platformid.api.mondoo.app/runtime/ibm/compute/v1/accounts/bbb1e1386b1c419f929ecf7499b20ab6",
+		relatedIdentifiers[0],
+	)
+}
+
+func TestDetectAIXInstance(t *testing.T) {
+	conn, err := mock.New(0, "./testdata/instance_unix_aix.toml", &inventory.Asset{})
+	require.NoError(t, err)
+	platform, ok := detector.DetectOS(conn)
+	require.True(t, ok)
+
+	identifier, name, relatedIdentifiers := subject.Detect(conn, platform)
+
+	assert.Equal(t,
+		"//platformid.api.mondoo.app/runtime/ibm/compute/v1/accounts/bbb1e1386b1c419f929ecf7499b20ab6/location/us-east-2/instances/0767_596409db-cb61-4d33-9550-6b86b503ed12",
+		identifier,
+	)
+	assert.Equal(t, "salim-test", name)
+	require.Len(t, relatedIdentifiers, 1)
+	assert.Equal(t,
+		"//platformid.api.mondoo.app/runtime/ibm/compute/v1/accounts/bbb1e1386b1c419f929ecf7499b20ab6",
+		relatedIdentifiers[0],
+	)
+}
+
+func TestDetectInstanceWithoutMetadataService(t *testing.T) {
+	conn, err := mock.New(0, "./testdata/instance_no_metadata.toml", &inventory.Asset{})
+	require.NoError(t, err)
+	platform, ok := detector.DetectOS(conn)
+	require.True(t, ok)
+
+	// If the metadata service in the IBM cloud instance is not turned on, we can't detect much
+
+	identifier, name, relatedIdentifiers := subject.Detect(conn, platform)
+	assert.Empty(t, identifier)
+	assert.Empty(t, name)
+	require.Empty(t, relatedIdentifiers)
+}