fix(azure): Migrate Grafana dashboards (#2628)

disq · web-flow · commit d2436b97ac14 · 2022-10-11T15:41:16.000Z
plus a policy fix, apparently updating some tables policies wasn't updated.
diff --git a/plugins/source/azure/dashboards/grafana/asset_inventory.json b/plugins/source/azure/dashboards/grafana/asset_inventory.json
@@ -123,7 +123,7 @@
           "group": [],
           "metricColumn": "none",
           "rawQuery": true,
-          "rawSql": "select count(*) from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) and cq_table in (${cq_tables}) ;",
+          "rawSql": "select count(*) from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) and _cq_table in (${cq_tables}) ;",
           "refId": "A"
         }
       ],
@@ -183,7 +183,7 @@
           "group": [],
           "metricColumn": "none",
           "rawQuery": true,
-          "rawSql": "select subscription_id, count(*) from azure_resources where location in (${locations}) and cq_table in (${cq_tables}) group by subscription_id order by count desc;",
+          "rawSql": "select subscription_id, count(*) from azure_resources where location in (${locations}) and _cq_table in (${cq_tables}) group by subscription_id order by count desc;",
           "refId": "A"
         }
       ],
@@ -295,19 +295,7 @@
           {
             "matcher": {
               "id": "byName",
-              "options": "cq_meta"
-            },
-            "properties": [
-              {
-                "id": "custom.width",
-                "value": 392
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byName",
-              "options": "cq_table"
+              "options": "_cq_table"
             },
             "properties": [
               {
@@ -343,7 +331,7 @@
           {
             "matcher": {
               "id": "byName",
-              "options": "fetch_date"
+              "options": "_cq_sync_time"
             },
             "properties": [
               {
@@ -355,7 +343,7 @@
           {
             "matcher": {
               "id": "byName",
-              "options": "cq_id"
+              "options": "_cq_id"
             },
             "properties": [
               {
@@ -395,7 +383,7 @@
           "group": [],
           "metricColumn": "none",
           "rawQuery": true,
-          "rawSql": "select cq_id, cq_table, subscription_id, location, id, fetch_date from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) and cq_table in (${cq_tables}) ;",
+          "rawSql": "select _cq_id, _cq_table, subscription_id, location, id, _cq_sync_time from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) and _cq_table in (${cq_tables}) ;",
           "refId": "A",
           "select": [
             [
@@ -468,7 +456,7 @@
           "group": [],
           "metricColumn": "none",
           "rawQuery": true,
-          "rawSql": "select cq_table, count(*) from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) group by cq_table order by count desc;",
+          "rawSql": "select _cq_table, count(*) from azure_resources where subscription_id in (${subscription_ids}) and location in (${locations}) group by _cq_table order by count desc;",
           "refId": "A"
         }
       ],
@@ -605,13 +593,13 @@
       },
       {
         "current": {},
-        "definition": "select distinct(cq_table) from azure_resources;",
+        "definition": "select distinct(_cq_table) from azure_resources;",
         "hide": 0,
         "includeAll": true,
         "multi": true,
         "name": "cq_tables",
         "options": [],
-        "query": "select distinct(cq_table) from azure_resources;",
+        "query": "select distinct(_cq_table) from azure_resources;",
         "refresh": 1,
         "regex": "",
         "skipUrlSync": false,
diff --git a/plugins/source/azure/dashboards/grafana/compliance.json b/plugins/source/azure/dashboards/grafana/compliance.json
@@ -200,7 +200,7 @@
         "type": "postgres",
         "uid": "${DS_POSTGRESQL}"
       },
-      "description": "Time since the most recent CloudQuery fetch happened.",
+      "description": "Time since the most recent CloudQuery sync happened.",
       "fieldConfig": {
         "defaults": {
           "color": {
@@ -254,11 +254,11 @@
           "group": [],
           "metricColumn": "none",
           "rawQuery": true,
-          "rawSql": "select (cq_meta::JSONB->>'last_updated')::timestamp with time zone as time, 1  from azure_compute_virtual_machines  order by time desc limit 1;",
+          "rawSql": "select _cq_sync_time as time, 1 from azure_compute_virtual_machines  order by time desc limit 1;",
           "refId": "A"
         }
       ],
-      "title": "Last Fetch",
+      "title": "Last Sync",
       "type": "stat"
     },
     {
diff --git a/plugins/source/azure/policies_v1/queries/authorization/custom_roles.sql b/plugins/source/azure/policies_v1/queries/authorization/custom_roles.sql
@@ -3,12 +3,12 @@ SELECT :'execution_time'
        :'framework'                                                                        AS framework,
        :'check_id'                                                                         AS check_id,
        'External accounts with owner permissions should be removed from your subscription' AS title,
-       sub.subscription_id                                                                 AS subscription_id,
+       mc.subscription_id                                                                  AS subscription_id,
        mc.id                                                                               AS resource_id,
        CASE
            WHEN enable_rbac IS NOT TRUE
                THEN 'fail'
            ELSE 'pass'
            END                                                                             AS status
 FROM azure_container_managed_clusters AS mc
-         INNER JOIN azure_subscriptions AS sub ON sub.subscription_id = mc.subscription_id
+         INNER JOIN azure_subscriptions AS sub ON sub.id = mc.subscription_id
diff --git a/plugins/source/azure/policies_v1/queries/monitor/activitylog_administrativeoperations_audit.sql b/plugins/source/azure/policies_v1/queries/monitor/activitylog_administrativeoperations_audit.sql
@@ -29,13 +29,13 @@ SELECT
   :'framework',
   :'check_id',
   'An activity log alert should exist for specific Administrative operations',
-	azure_subscriptions.subscription_id,
-	azure_subscriptions.subscription_id
+	azure_subscriptions.id,
+	azure_subscriptions.id
 FROM
 	azure_subscriptions
-	LEFT JOIN alert_condition A ON azure_subscriptions.subscription_id = A.subscription_id
+	LEFT JOIN alert_condition A ON azure_subscriptions.id = A.subscription_id
 WHERE
 	A.subscription_id IS NULL
 GROUP BY
-	azure_subscriptions.subscription_id,
+	azure_subscriptions.id,
 	display_name;
diff --git a/plugins/source/azure/policies_v1/queries/sql/sqlserverauditing_audit.sql b/plugins/source/azure/policies_v1/queries/sql/sqlserverauditing_audit.sql
@@ -8,7 +8,7 @@ SELECT
 	azure_subscriptions.display_name AS subscription_name,
 	case
     when azure_sql_server_blob_auditing_policies.sql_server_id = azure_sql_servers.id
-	    AND azure_subscriptions.subscription_id = azure_sql_servers.subscription_id
+	    AND azure_subscriptions.id = azure_sql_servers.subscription_id
 	    AND azure_sql_server_blob_auditing_policies.state = 'Disabled'
     then 'fail' else 'pass'
   end
diff --git a/plugins/source/azure/views/README.md b/plugins/source/azure/views/README.md
@@ -4,4 +4,4 @@ This directory contains useful aggregated views that you can create against the
 
 Those views are also tests in CI to make sure it works with the latest schema.
 
-For dashboard examples that reuse those views take a look at [https://github.com/cloudquery/dashboards](https://github.com/cloudquery/dashboards).
+For dashboard examples that reuse those views take a look at [dashboards](../dashboards).
diff --git a/plugins/source/azure/views/resource.sql b/plugins/source/azure/views/resource.sql
@@ -22,21 +22,19 @@ LOOP
     -- create an SQL query to select from table and transform it into our resources view schema
     -- we use the double reverse here because split_part with negative indexes is not available in PostgreSQL < 14; https://pgpedia.info/postgresql-versions/postgresql-14.html#system_function_changes
     strSQL = strSQL || format('
-        SELECT cq_id, cq_meta, %L as cq_table, subscription_id, reverse(split_part(reverse(id), ''/''::TEXT, 1)) as id,
-        %s as name, %s as kind, %s as location,
-        COALESCE(%s, (cq_meta->>''last_updated'')::timestamp) as fetch_date
+        SELECT _cq_id, _cq_source_name, _cq_sync_time, %L as _cq_table, subscription_id, reverse(split_part(reverse(id), ''/''::TEXT, 1)) as id,
+        %s as name, %s as kind, %s as location
         FROM %s',
         tbl,
         CASE WHEN EXISTS (SELECT 1 FROM information_schema.columns WHERE column_name='name' AND table_name=tbl) THEN 'name' ELSE 'NULL' END,
         CASE WHEN EXISTS (SELECT 1 FROM information_schema.columns WHERE column_name='kind' AND table_name=tbl) THEN 'kind' ELSE 'NULL' END,
         CASE WHEN EXISTS (SELECT 1 FROM information_schema.columns WHERE column_name='location' AND table_name=tbl) THEN 'location' ELSE E'\'unavailable\'' END,
-        CASE WHEN EXISTS (SELECT 1 FROM information_schema.columns WHERE column_name='fetch_date' AND table_name=tbl) THEN 'fetch_date' ELSE 'NULL::timestamp' END,
         tbl);
 
 END LOOP;
 
 IF strSQL = ''::TEXT THEN
-    RAISE EXCEPTION 'No tables found with ID and SUBSCRIPTION_ID columns. Run a fetch first and try again.';
+    RAISE EXCEPTION 'No tables found with ID and SUBSCRIPTION_ID columns. Run a sync first and try again.';
 ELSE
     EXECUTE FORMAT('CREATE VIEW azure_resources AS (%s)', strSQL);
 END IF;

Original file line number	Diff line number	Diff line change
`@@ -4,4 +4,4 @@ This directory contains useful aggregated views that you can create against the`
`4`	`4`
`5`	`5`	`Those views are also tests in CI to make sure it works with the latest schema.`
`6`	`6`
`7`		`-For dashboard examples that reuse those views take a look at [https://github.com/cloudquery/dashboards](https://github.com/cloudquery/dashboards).`
	`7`	`+For dashboard examples that reuse those views take a look at [dashboards](../dashboards).`