⭐️ new OPC UA resource pack

[chris-rock]

The new OPC UA resource pack allows you to connect to OPC UA server and to query the tree easily via MQL:

# gather all available namespaces 
opcua.namespaces { * }
opcua.namespaces: [
  0: {
    id: 0
    name: "http://opcfoundation.org/UA/"
  }
  1: {
    id: 1
    name: "urn:open62541.server.application"
  }
]

# gather root node
cnquery> opcua.root
opcua.root: opcua.node id="i=84" name="Root"


# gather all nodes
cnquery> opcua.nodes { name namespace.name }

# gather node with a specific id
cnquery> opcua.nodes.where (id == "i=2253")
opcua.nodes.where: [
  0: opcua.node id="i=2253" name="Server"
]

# gather details about the server
cnquery> opcua.server { * }
opcua.server: {
  buildInfo: {
    BuildDate: "2023-05-21T21:03:43.817369Z"
    BuildNumber: "May 20 2023 15:51:32"
    ManufacturerName: "open62541"
    ProductName: "open62541 OPC UA Server"
    ProductURI: "http://open62541.org"
    SoftwareVersion: "1.3.5-994-g5d73f0cc5"
  }
  node: opcua.node id="i=2253" name="Server"
  currentTime: 2023-05-22 08:28:30.625932 +0000 UTC
  state: "ServerStateRunning"
  startTime: 2023-05-21 21:03:43.834304 +0000 UTC
}

Follow ups that need to be implemented on top of this PR:

• add support for authentication modes
• certificate authentication
• more testing with different server implementations
• support querying multiple services with inventories

[czunker]

Nice! Thanks @chris-rock

Only some minor comments.

[czunker]

I tried to test this locally, with the Azure container image, but got an error:

cnquery shell opcua --endpoint opc.tcp://192.168.1.87:50000 --verbose                                                                                                     
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
DBG parsing asset asset-type=1 provider=OPCUA
→ discover related assets for 1 asset(s)
DBG run resolver resolver="OPC-UA Resolver" resolver-id=opc-ua
DBG establish motor connection
→ resolved assets resolved-assets=0
x could not connect to asset error="opcua: could not resolve address f31e50127436:50000" asset=
FTL could not resolve assets

The address is the one used inside the container:

opc.tcp://f31e50127436:50000/

To run the container, I used the command from the README in this PR. Any ideas?

[chris-rock]

@czunker Yes, the problem is that the azure opc service returns a resolved url. This essentially highlights that the OPC UA endpoint discovery cannot be trusted for the initial connection. I adjust the code.

[czunker]

@czunker Yes, the problem is that the azure opc service returns a resolved url. This essentially highlights that the OPC UA endpoint discovery cannot be trusted for the initial connection. I adjust the code.

Works now:

cnquery> opcua.server { * }
opcua.server: {
  buildInfo: {
    BuildDate: "2023-04-21T11:03:38Z"
    BuildNumber: "1.4.371.86"
    ManufacturerName: "Microsoft"
    ProductName: "IoTEdge OPC UA PLC"
    ProductURI: "https://github.com/Azure/iot-edge-opc-plc.git"
    SoftwareVersion: "1.4.371.86+36dd5653af33ed6af874ef1334d1a98ac28295f3"
  }
  node: opcua.node id="i=2253" name="Server"
  currentTime: 2023-05-30 04:20:25.4249191 +0000 UTC
  state: "ServerStateRunning"
  startTime: 2023-05-30 04:17:20.8710742 +0000 UTC
}

Thanks @chris-rock