✨ Add os.date resource with time and timezone fields#6972
Merged
Conversation
![mondoo-code-review[bot]](https://avatars.githubusercontent.com/in/2834902?s=60&v=4){kind=small}
tas50
force-pushed
the
add-os-date-resource
branch
from
10ec633 to
2848267
Compare
Contributor
Member
Author
|
/review |
|
Unable to complete the code review. Reason: The AI service is temporarily overloaded. Please retry in a few minutes. You can try |
Adds a new os.date resource to the OS provider that queries the remote system's current time and timezone. Unlike the core time.now() which returns the local workstation's time, os.date fetches from the connected asset via SSH/WinRM. Cross-platform support: - Unix (Linux, macOS, FreeBSD, AIX, Solaris): uses date -u for UTC time and /etc/localtime, /etc/timezone, /etc/TIMEZONE for timezone detection - Windows: uses PowerShell Get-Date and Get-TimeZone Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
Add fast paths to avoid walking the entire zoneinfo tree when resolving /etc/localtime, which is extremely slow on tar-backed filesystems (Docker images, EBS snapshots). Three strategies are tried in order: parsing the TZif v2/v3 footer for a POSIX TZ string, direct reads of common timezone paths, and finally a capped directory walk. Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
- Rename errMatchFound → errWalkDone (clearer when hit by file count limit) - Use bytes.Equal instead of string conversion for byte slice comparison - Add comment documenting ambiguous POSIX→IANA mappings in fast path Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
…ard for Windows Strip posix/ and right/ prefixes from zoneinfo symlink targets so /etc/localtime → .../zoneinfo/posix/Asia/Tokyo correctly returns "Asia/Tokyo" instead of the invalid "posix/Asia/Tokyo". Add Capability_RunCommand check to Windows date provider, matching the Unix implementation, so static targets don't error. Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
tas50
force-pushed
the
add-os-date-resource
branch
from
35a12c3 to
5704c51
Compare
Handle nil res.Time by setting StateIsNull|StateIsSet before returning, preventing runtime panics on static targets (EBS snapshots, Docker images). Update os.date version entries from 13.2.4 to 13.2.6 (next after provider 13.2.5). Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
tas50
added
the
manually-tested
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
os.dateresource to the OS provider withtime()andtimezone()computed fieldstime.now()which returns the local workstation's time)readlink /etc/localtime→ extract IANA name from symlink target/etc/timezone(Debian/Ubuntu)TZ=from/etc/TIMEZONE(Solaris/AIX)/etc/localtimeagainst zoneinfo database (handles Docker images that copy the TZif file)date +%Zcommand only for the abbreviated timezone name (the one thing that can't be read from files)timereturnsnilon static targets (no fake local time for EBS snapshots/Docker images)Get-Date+Get-TimeZoneTimezone Resolution Logic (TZif matching)
When
/etc/localtimeis a regular file (not a symlink) and/etc/timezonedoesn't exist — common in Docker images — the resolver uses a three-tier strategy to identify the timezone:TZif footer parsing (fastest): TZif v2/v3/v4 files contain a POSIX TZ string in their footer (e.g.,
EST5EDT,M3.2.0,M11.1.0). This is parsed and mapped to an IANA name via a lookup table covering the most common timezones. No filesystem reads beyond/etc/localtimeitself.Common timezone path matching (fast): Reads a curated list of ~50 common timezone files (e.g.,
/usr/share/zoneinfo/America/New_York) and does a byte comparison against/etc/localtime. This avoids walking the entire zoneinfo tree while covering the vast majority of real-world deployments.Capped zoneinfo tree walk (fallback): Walks
/usr/share/zoneinfocomparing file contents, but caps the number of files read at 600 (well above the ~350 real IANA zones). This prevents pathological performance on tar-backed filesystems where eachReadFileextracts from a tar archive.This tiered approach is critical for performance on tar-backed filesystems (Docker image scans, EBS snapshots) where a full directory walk would extract every file from the archive.
Usage
Test plan
/etc/timezone,/etc/TIMEZONE, TZif binary matching)mql shell local→os.date { time timezone }🤖 Generated with Claude Code