lacework · gspofford-lw · Jul 9, 2024 · Jun 5, 2024 · Jun 18, 2024 · Jul 2, 2024
@@ -29,9 +29,8 @@ import (
 )
 
 type NewQuery struct {
-	QueryID       string  `json:"queryId" yaml:"queryId"`
-	QueryLanguage *string `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
-	QueryText     string  `json:"queryText" yaml:"queryText"`
+	QueryID   string `json:"queryId" yaml:"queryId"`
+	QueryText string `json:"queryText" yaml:"queryText"`
 }
 
 func ParseNewQuery(s string) (NewQuery, error) {
@@ -50,7 +49,6 @@ func ParseNewQuery(s string) (NewQuery, error) {
 	if err == nil && !reflect.DeepEqual(query, NewQuery{}) { // empty string unmarshals w/o error
 		return query, nil
 	}
-
 	// invalid query
 	return query, errors.New("unable to parse query")
 }
@@ -61,7 +59,6 @@ type UpdateQuery struct {
 
 type Query struct {
 	QueryID        string                   `json:"queryId" yaml:"queryId"`
-	QueryLanguage  *string                  `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
 	QueryText      string                   `json:"queryText" yaml:"queryText"`
 	Owner          string                   `json:"owner"`
 	LastUpdateTime string                   `json:"lastUpdateTime"`
@@ -134,12 +131,3 @@ func (svc *QueryService) Get(id string) (
 	)
 	return
 }
-
-func (svc *QueryService) RegoQueryEnabled() bool {
-	response, err := svc.client.V2.FeatureFlags.GetFeatureFlagsMatchingPrefix("PUBLIC.lpp_rego_enabled")
-	if err != nil {
-		return false
-	}
-
-	return len(response.Data.Flags) >= 1
-}
@@ -22,15 +22,13 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
-	"strings"
 	"testing"
 
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/lacework/go-sdk/api"
 	"github.com/lacework/go-sdk/internal/lacework"
-	"github.com/lacework/go-sdk/internal/pointer"
 )
 
 var (
@@ -48,23 +46,6 @@ var (
 queryId: %s
 queryText: %s`, newQuery.QueryID, newQuery.QueryText)
 	lqlErrorReponse = `{ "message": "This is an error message" }`
-
-	regoQueryID      = "my_rego"
-	newRegoQueryText = "package clitest\n" +
-		"import future.keywords\n" +
-		"import data.lacework\n" +
-		"source := lacework.aws.cfg.list(\"s3\", \"list-buckets\")\n" +
-		"assess := assessment.violation(input, \"just because\")"
-	newRegoQuery = api.NewQuery{
-		QueryID:       regoQueryID,
-		QueryLanguage: pointer.Of("Rego"),
-		QueryText:     newRegoQueryText,
-	}
-	newRegoQueryJSON = fmt.Sprintf(`{
-	"queryId": "%s",
-	"queryLanguage": "Rego",
-	"queryText": %#v
-}`, queryID, newRegoQueryText)
 )
 
 func mockQueryDataResponse(data string) string {
@@ -148,8 +129,8 @@ func TestQueryCreateMethod(t *testing.T) {
 	assert.Nil(t, err)
 }
 
-func createQueryOKTestHelper(t *testing.T, expectedResponseData string, testQuery api.NewQuery) {
-	mockResponse := mockQueryDataResponse(expectedResponseData)
+func TestQueryCreateOK(t *testing.T) {
+	mockResponse := mockQueryDataResponse(newQueryJSON)
 
 	fakeServer := lacework.MockServer()
 	fakeServer.MockAPI(
@@ -170,26 +151,10 @@ func createQueryOKTestHelper(t *testing.T, expectedResponseData string, testQuer
 	_ = json.Unmarshal([]byte(mockResponse), &createExpected)
 
 	var createActual api.QueryResponse
-	createActual, err = c.V2.Query.Create(testQuery)
+	createActual, err = c.V2.Query.Create(newQuery)
 	assert.Nil(t, err)
 
 	assert.Equal(t, createExpected, createActual)
-
-	if strings.Contains(expectedResponseData, "queryLanguage") {
-		assert.Equal(t, "Rego", *createActual.Data.QueryLanguage)
-	} else {
-		assert.Nil(t, createActual.Data.QueryLanguage)
-	}
-}
-
-func TestLQLQueryCreateOK(t *testing.T) {
-	// queryLanguage is not available
-	createQueryOKTestHelper(t, newQueryJSON, newQuery)
-}
-
-func TestRegoQueryCreateOK(t *testing.T) {
-	// queryLanguage is available
-	createQueryOKTestHelper(t, newRegoQueryJSON, newRegoQuery)
 }
 
 func TestQueryCreateError(t *testing.T) {
@@ -233,8 +198,8 @@ func TestQueryListMethod(t *testing.T) {
 	assert.Nil(t, err)
 }
 
-func getQueryByIDTestHelper(t *testing.T, expectedResponseData string, queryId string) {
-	mockResponse := mockQueryDataResponse(expectedResponseData)
+func TestQueryGetQueryByIDOK(t *testing.T) {
+	mockResponse := mockQueryDataResponse(newQueryJSON)
 
 	fakeServer := lacework.MockServer()
 	fakeServer.MockAPI(
@@ -260,22 +225,6 @@ func getQueryByIDTestHelper(t *testing.T, expectedResponseData string, queryId s
 	assert.Nil(t, err)
 
 	assert.Equal(t, getExpected, getActual)
-
-	if strings.Contains(expectedResponseData, "queryLanguage") {
-		assert.Equal(t, "Rego", *getActual.Data.QueryLanguage)
-	} else {
-		assert.Nil(t, getActual.Data.QueryLanguage)
-	}
-}
-
-func TestLQLQueryGetQueryByIDOK(t *testing.T) {
-	// queryLanguage is not available
-	getQueryByIDTestHelper(t, newQueryJSON, queryID)
-}
-
-func TestRegoQueryGetQueryByIDOK(t *testing.T) {
-	// queryLanguage is available
-	getQueryByIDTestHelper(t, newRegoQueryJSON, regoQueryID)
 }
 
 func TestQueryGetNotFound(t *testing.T) {

@@ -19,8 +19,7 @@
 package api
 
 type ValidateQuery struct {
-	QueryText     string  `json:"queryText"`
-	QueryLanguage *string `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
+	QueryText string `json:"queryText"`
 }
 
 func (svc *QueryService) Validate(vq ValidateQuery) (

@@ -28,7 +28,6 @@ import (
 
 	"github.com/lacework/go-sdk/api"
 	"github.com/lacework/go-sdk/internal/lacework"
-	"github.com/lacework/go-sdk/internal/pointer"
 )
 
 var (
@@ -89,14 +88,6 @@ func TestLQLQueryValidateOK(t *testing.T) {
 	testQueryValidateOKHelper(t, newQueryJSON, validateQuery)
 }
 
-func TestRegoQueryValidateOK(t *testing.T) {
-	validateRegoQuery := api.ValidateQuery{
-		QueryText:     newRegoQueryText,
-		QueryLanguage: pointer.Of("Rego"),
-	}
-	testQueryValidateOKHelper(t, newRegoQueryJSON, validateRegoQuery)
-}
-
 func TestQueryValidateError(t *testing.T) {
 	fakeServer := lacework.MockServer()
 	fakeServer.MockAPI(

@@ -25,10 +25,9 @@ import (
 	"reflect"
 	"time"
 
+	"github.com/lacework/go-sdk/internal/array"
 	"github.com/pkg/errors"
 	"gopkg.in/yaml.v3"
-
-	"github.com/lacework/go-sdk/internal/array"
 )
 
 // PolicyService is a service that interacts with the Custom Policies
@@ -177,7 +176,6 @@ type Policy struct {
 	PolicyID               string             `json:"policyId" yaml:"policyId"`
 	PolicyType             string             `json:"policyType" yaml:"-"`
 	QueryID                string             `json:"queryId" yaml:"queryId"`
-	QueryLanguage          *string            `json:"queryLanguage,omitempty" yaml:"queryLanguage,omitempty"`
 	Title                  string             `json:"title" yaml:"title"`
 	Enabled                bool               `json:"enabled" yaml:"enabled"`
 	Description            string             `json:"description" yaml:"description"`

@@ -25,9 +25,8 @@ import (
 	"testing"
 
 	"github.com/aws/smithy-go/ptr"
-	"github.com/stretchr/testify/assert"
-
 	"github.com/lacework/go-sdk/lwseverity"
+	"github.com/stretchr/testify/assert"
 
 	"github.com/lacework/go-sdk/api"
 	"github.com/lacework/go-sdk/internal/lacework"
@@ -122,38 +121,6 @@ var (
 ]
 }
 `
-
-	regoPolicyId = "rego-policy-1"
-	regoPolicy   = api.NewPolicy{
-		PolicyID:      regoPolicyId,
-		PolicyType:    "Violation",
-		QueryID:       "MyRegoQuery",
-		Title:         "My Rego Policy Title",
-		Enabled:       false,
-		Description:   "My Policy Description",
-		Remediation:   "Check yourself...",
-		Severity:      "high",
-		EvalFrequency: "Hourly",
-		Limit:         1000,
-		AlertEnabled:  false,
-		AlertProfile:  "LW_CloudTrail_Alerts",
-	}
-	regoPolicyCreateData = fmt.Sprintf(`{
-	"policyId": "%s",
-	"policyType": "%s",
-	"queryId": "%s",
-	"title": "%s",
-	"enabled": %v,
-	"description": "%s",
-	"remediation": "%s",
-	"severity": "%s",
-	"evalFrequency": "%s",
-	"limit": %d,
-	"alertEnabled": %v,
-	"alertProfile": "%s"
-}`, regoPolicy.PolicyID, regoPolicy.PolicyType, regoPolicy.QueryID, regoPolicy.Title,
-		regoPolicy.Enabled, regoPolicy.Description, regoPolicy.Remediation, regoPolicy.Severity,
-		regoPolicy.EvalFrequency, regoPolicy.Limit, regoPolicy.AlertEnabled, regoPolicy.AlertProfile)
 )
 
 func mockPolicyDataResponse(data string) string {
@@ -189,7 +156,7 @@ func TestPolicyCreateMethod(t *testing.T) {
 	assert.Nil(t, err)
 }
 
-func TestLqlPolicyCreateOK(t *testing.T) {
+func TestPolicyCreateOK(t *testing.T) {
 	mockResponse := mockPolicyDataResponse(policyCreateData)
 
 	fakeServer := lacework.MockServer()
@@ -256,12 +223,12 @@ func TestPolicyGetMethod(t *testing.T) {
 	assert.Nil(t, err)
 }
 
-func testPolicyGetOKHelper(t *testing.T, expectedPolicyData string, testPolicyId string) {
-	mockResponse := mockPolicyDataResponse(expectedPolicyData)
+func TestPolicyGetOK(t *testing.T) {
+	mockResponse := mockPolicyDataResponse(policyCreateData)
 
 	fakeServer := lacework.MockServer()
 	fakeServer.MockAPI(
-		fmt.Sprintf("%s/%s", policyURI, testPolicyId),
+		fmt.Sprintf("%s/%s", policyURI, policyID),
 		func(w http.ResponseWriter, r *http.Request) {
 			fmt.Fprint(w, mockResponse)
 		},
@@ -278,20 +245,12 @@ func testPolicyGetOKHelper(t *testing.T, expectedPolicyData string, testPolicyId
 	_ = json.Unmarshal([]byte(mockResponse), &getExpected)
 
 	var getActual api.PolicyResponse
-	getActual, err = c.V2.Policy.Get(testPolicyId)
+	getActual, err = c.V2.Policy.Get(policyID)
 	assert.Nil(t, err)
 
 	assert.Equal(t, getExpected, getActual)
 }
 
-func TestLQLPolicyGetOK(t *testing.T) {
-	testPolicyGetOKHelper(t, policyCreateData, policyID)
-}
-
-func TestRegoPolicyGetOK(t *testing.T) {
-	testPolicyGetOKHelper(t, regoPolicyCreateData, regoPolicyId)
-}
-
 func TestPolicyGetNotFound(t *testing.T) {
 	fakeServer := lacework.MockServer()
 	fakeServer.MockAPI(

@@ -297,26 +297,13 @@ func inputQueryFromURL(url string) (query string, err error) {
 }
 
 func inputQueryFromEditor(action string) (query string, err error) {
-	language := "LQL"
-	regoQueryEnabled := os.Getenv("LW_CLI_INTEGRATION_MODE") != "" || cli.LwApi.V2.Query.RegoQueryEnabled()
-	if action == "create" && !queryCmdState.EmptyTemplate && regoQueryEnabled {
-		languageSelect := &survey.Select{
-			Message: "Choose query language: ",
-			Options: []string{
-				"LQL",
-				"Rego",
-			},
-		}
-		err = survey.AskOne(languageSelect, &language)
-		if err != nil {
-			return
-		}
+	prompt := &survey.Editor{
+		Message:  fmt.Sprintf("Type a query to %s", action),
+		FileName: "query*.yaml",
 	}
 
-	var queryTextTemplate string
-	switch language {
-	case "LQL":
-		queryTextTemplate = `queryId: YourQueryID
+	if (action == "create" || action == "run") && !queryCmdState.EmptyTemplate {
+		prompt.Default = `queryId: YourQueryID
 queryText: |-
     {
         source {
@@ -329,27 +316,6 @@ queryText: |-
             --- List fields to return from the selected source. Use 'lacework query describe <datasource>'.
         }
     }`
-	case "Rego":
-		queryTextTemplate = `queryId: YourQueryID
-queryLanguage: Rego
-queryText: |-
-  package your.package
-  import your.dependency
-  import data.lacework
-  source := lacework.your.data.source.provider.function("servce", "apiKey")
-  assess := your.assess.rule`
-	default:
-		err = errors.New("Invalid query language: " + language)
-		return
-	}
-
-	prompt := &survey.Editor{
-		Message:  fmt.Sprintf("Type a query to %s", action),
-		FileName: "query*.yaml",
-	}
-
-	if (action == "create" || action == "run") && !queryCmdState.EmptyTemplate {
-		prompt.Default = queryTextTemplate
 		prompt.HideDefault = true
 		prompt.AppendDefault = true
 	} else if (action == "create" || action == "run") && queryCmdState.EmptyTemplate {

@@ -71,9 +71,8 @@ func showQuery(_ *cobra.Command, args []string) error {
 
 	if cli.YAMLOutput() {
 		return cli.OutputYAML(&api.NewQuery{
-			QueryID:       queryResponse.Data.QueryID,
-			QueryLanguage: queryResponse.Data.QueryLanguage,
-			QueryText:     queryResponse.Data.QueryText,
+			QueryID:   queryResponse.Data.QueryID,
+			QueryText: queryResponse.Data.QueryText,
 		})
 	}
 

@@ -89,8 +89,7 @@ func validateQuery(cmd *cobra.Command, args []string) error {
 
 func validateQueryAndOutput(nq api.NewQuery) error {
 	vq := api.ValidateQuery{
-		QueryText:     nq.QueryText,
-		QueryLanguage: nq.QueryLanguage,
+		QueryText: nq.QueryText,
 	}
 
 	cli.StartProgress(" Validating query...")