✨ Collect snap packages by czunker · Pull Request #5519 · mondoohq/mql

czunker · 2025-05-08T05:58:29Z

This collects data about the present snap packages. It currently appllies to:

Ubuntu
Debian
Fedora

czunker · 2025-05-08T06:00:28Z

This is slow over ssh connections:

time cnspec run vagrant default -c "packages.where(format == 'snap'){ name version purl }" 
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
packages.where.list: [
  0: {
    version: "1.0"
    purl: "pkg:snap/ubuntu/bare@1.0?distro=ubuntu-22.04"
    name: "bare"
  }
...
  11: {
    version: "1.18.5"
    purl: "pkg:snap/ubuntu/vault@1.18.5?arch=amd64&distro=ubuntu-22.04"
    name: "vault"
  }
]
cnspec run vagrant default -c   16,69s user 20,81s system 36% cpu 1:41,40 total

Alternatives described in #4879 would require running as root or executing a command.

github-actions · 2025-05-08T06:03:07Z

Test Results

4 238 tests +1 4 234 ✅ +1 2m 49s ⏱️ +46s
402 suites ±0 4 💤 ±0
30 files ±0 0 ❌ ±0

Results for commit 70b0bb2. ± Comparison against base commit 4bd8b22.

♻️ This comment has been updated with latest results.

This collects data about the present snap packages. It currently appllies to: - Ubuntu - Debian - Fedora Fixes: #4879 Signed-off-by: Christian Zunker <christian@mondoo.com>

glower · 2025-05-08T14:31:45Z

+	for _, file := range files {
+		manifest, err := afs.Open(file)
+		if err != nil {
+			log.Error().Err(err).Str("file", file).Msg("could not open manifest file")


should we not add continue here? otherwise manifest would be nil

Good catch. Thank you.

I opted not to defer but to explicitly close because of the loop.

glower · 2025-05-08T14:31:59Z

+		}
+		pkg, err := spm.parseSnapManifest(manifest)
+		if err != nil {
+			log.Error().Err(err).Str("file", file).Msg("could not parse manifest file")


same here but with pkg

Good catch. Thank you.

glower · 2025-05-08T14:42:26Z

+		}
+		log.Debug().Int("updates", len(available)).Msg("mql[packages]> available updates")
+		for k, v := range available {
+			availableList[k] = v


could it be that if two different package managers (e.g., apt and snap) both provide an update for the same package name (e.g., "firefox"), the entry would be overwritten?
Don't know if this could be a problem or not

Currently not, because snap does not provide available at the moment.

glower · 2025-05-08T14:43:55Z

fun fact, I was working in the team responsible for snaps at Canonical :)

Signed-off-by: Christian Zunker <christian@mondoo.com>

czunker · 2025-05-09T04:39:43Z

fun fact, I was working in the team responsible for snaps at Canonical :)

We need to talk 😄

czunker force-pushed the czunker/snap branch from d675e5e to 7f4ff56 Compare May 8, 2025 05:58

✨ Collect snap packages

514bd0c

This collects data about the present snap packages. It currently appllies to: - Ubuntu - Debian - Fedora Fixes: #4879 Signed-off-by: Christian Zunker <christian@mondoo.com>

czunker force-pushed the czunker/snap branch from 7f4ff56 to 514bd0c Compare May 8, 2025 06:16

glower reviewed May 8, 2025

View reviewed changes

Fix manifest loop and rename ResolveSystemPkgManager

70b0bb2

Signed-off-by: Christian Zunker <christian@mondoo.com>

glower approved these changes May 9, 2025

View reviewed changes

czunker merged commit 3753edc into main May 9, 2025
13 checks passed

czunker deleted the czunker/snap branch May 9, 2025 09:21

github-actions Bot locked and limited conversation to collaborators May 9, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

✨ Collect snap packages#5519

✨ Collect snap packages#5519
czunker merged 2 commits intomainfrom
czunker/snap

czunker commented May 8, 2025

Uh oh!

czunker commented May 8, 2025

Uh oh!

github-actions Bot commented May 8, 2025 •

edited

Loading

Uh oh!

glower May 8, 2025 •

edited

Loading

Uh oh!

czunker May 9, 2025

Uh oh!

czunker May 9, 2025

Uh oh!

glower May 8, 2025

Uh oh!

czunker May 9, 2025

Uh oh!

glower May 8, 2025

Uh oh!

czunker May 9, 2025

Uh oh!

glower commented May 8, 2025

Uh oh!

czunker commented May 9, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

czunker commented May 8, 2025

Uh oh!

czunker commented May 8, 2025

Uh oh!

github-actions Bot commented May 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Test Results

Uh oh!

glower May 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

czunker May 9, 2025

Choose a reason for hiding this comment

Uh oh!

czunker May 9, 2025

Choose a reason for hiding this comment

Uh oh!

glower May 8, 2025

Choose a reason for hiding this comment

Uh oh!

czunker May 9, 2025

Choose a reason for hiding this comment

Uh oh!

glower May 8, 2025

Choose a reason for hiding this comment

Uh oh!

czunker May 9, 2025

Choose a reason for hiding this comment

Uh oh!

glower commented May 8, 2025

Uh oh!

czunker commented May 9, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

github-actions Bot commented May 8, 2025 •

edited

Loading

glower May 8, 2025 •

edited

Loading