copy entity to user & hosts structs

internal/inventory/asset.go

@@ -223,13 +223,15 @@ type Host struct {
 	Type         string   `json:"type,omitempty"`
 	IP           string   `json:"ip,omitempty"`
 	MacAddress   []string `json:"mac,omitempty"`
+	Entity       *Entity  `json:"entity,omitempty"`
 }
 
 type User struct {
-	ID    string   `json:"id,omitempty"`
-	Name  string   `json:"name,omitempty"`
-	Email string   `json:"email,omitempty"`
-	Roles []string `json:"roles,omitempty"`
+	ID     string   `json:"id,omitempty"`
+	Name   string   `json:"name,omitempty"`
+	Email  string   `json:"email,omitempty"`
+	Roles  []string `json:"roles,omitempty"`
+	Entity *Entity  `json:"entity,omitempty"`
 }
 
 type Orchestrator struct {
@@ -332,6 +334,7 @@ func WithGroup(group Group) AssetEnricher {
 func WithHost(host Host) AssetEnricher {
 	return func(a *AssetEvent) {
 		a.Host = &host
+		a.Host.Entity = &a.Entity
 	}
 }
 
@@ -347,6 +350,7 @@ func WithTags(tags []string) AssetEnricher {
 func WithUser(user User) AssetEnricher {
 	return func(a *AssetEvent) {
 		a.User = &user
+		a.User.Entity = &a.Entity
 	}
 }
 

internal/inventory/azurefetcher/fetcher_resource_graph.go

@@ -107,6 +107,7 @@ func (f *resourceGraphFetcher) fetch(ctx context.Context, resourceName, serviceN
 					Name: vmProperties.Extended.InstanceView.ComputerName,
 					Type: vmProperties.HardwareProfile.VmSize,
 				}
+				asset.Host.Entity = &asset.Entity
 				asset.Cloud.MachineType = vmProperties.HardwareProfile.VmSize
 			}
 			asset.Cloud.InstanceID = item.Id

internal/inventory/gcpfetcher/fetcher_assets_test.go

@@ -265,6 +265,14 @@ func TestAccountFetcher_EnrichAsset(t *testing.T) {
 		expected.Event = actual.Event
 		expected.Entity = actual.Entity
 
+		// Set Entity field on Host and User if they exist (WithHost and WithUser set this)
+		if expected.Host != nil {
+			expected.Host.Entity = &expected.Entity
+		}
+		if expected.User != nil {
+			expected.User.Entity = &expected.Entity
+		}
+
 		// Cloud is the only field where we have both common and enriched fields
 		if expected.Cloud == nil {
 			// Use the actual cloud fields when there are no cloud enrichments

internal/inventory/inventory_test.go

@@ -37,21 +37,22 @@ import (
 func TestAssetInventory_Run(t *testing.T) {
 	var emptyRef *any
 	now := func() time.Time { return time.Date(2024, 1, 1, 1, 1, 1, 0, time.Local) }
+	entity := Entity{
+		Id:     "arn:aws:ec2:us-east::ec2/234567890",
+		Name:   "test-server",
+		Source: pointers.Ref(AwsCloudProvider),
+		AssetClassification: AssetClassification{
+			Category: CategoryInfrastructure,
+			Type:     "Virtual Machine",
+		},
+		Raw: emptyRef,
+	}
 	expected := []beat.Event{
 		{
 			Meta:      mapstr.M{libevents.FieldMetaIndex: "logs-cloud_asset_inventory.asset_inventory-infrastructure_virtual_machine-default"},
 			Timestamp: now(),
 			Fields: mapstr.M{
-				"entity": Entity{
-					Id:     "arn:aws:ec2:us-east::ec2/234567890",
-					Name:   "test-server",
-					Source: pointers.Ref(AwsCloudProvider),
-					AssetClassification: AssetClassification{
-						Category: CategoryInfrastructure,
-						Type:     "Virtual Machine",
-					},
-					Raw: emptyRef,
-				},
+				"entity": entity,
 				"event": Event{
 					Kind: "asset",
 				},
@@ -64,13 +65,15 @@ func TestAssetInventory_Run(t *testing.T) {
 					Architecture: string(types.ArchitectureValuesX8664),
 					Type:         "instance-type",
 					ID:           "i-a2",
+					Entity:       &entity,
 				},
 				"network": &Network{
 					Name: "vpc-id",
 				},
 				"user": &User{
-					ID:   "a123123",
-					Name: "name",
+					ID:     "a123123",
+					Name:   "name",
+					Entity: &entity,
 				},
 				"related.entity": []string{"arn:aws:ec2:us-east::ec2/234567890"},
 				"tags":           []string{"foo", "bar"},