def _output_results_to_db(self, violations):
        """Output scanner results to DB.

        Args:
            violations (list): A list of violations.
        """
        model_description = (
            self.service_config.model_manager.get_description(self.model_name))
        inventory_index_id = (
            model_description.get('source_info').get('inventory_index_id'))

        violation_access = self.service_config.violation_access
        scanner_index_id = scanner_dao.get_latest_scanner_index_id(
            violation_access.session, inventory_index_id,
            index_state=IndexState.RUNNING)
        violation_access.create(violations, scanner_index_id)
Example #2
0
    def test_get_latest_scanner_index_id(self, mock_date_time):
        """The method under test returns the newest `ScannerIndex` row."""
        time1 = datetime.utcnow()
        time2 = time1 + timedelta(minutes=5)
        time3 = time1 + timedelta(minutes=7)
        mock_date_time.side_effect = [time1, time2, time3]

        expected_id = date_time.get_utc_now_microtimestamp(time2)

        self.session.add(scanner_dao.ScannerIndex.create(expected_id))
        index2 = scanner_dao.ScannerIndex.create(expected_id)
        index2.scanner_status = IndexState.SUCCESS
        self.session.add(index2)
        self.session.add(scanner_dao.ScannerIndex.create(expected_id))
        self.session.flush()
        self.assertEquals(
            expected_id,
            scanner_dao.get_latest_scanner_index_id(self.session, expected_id))
Example #3
0
 def test_get_latest_scanner_index_id_with_empty_table(self):
     """The method under test returns `None` if the table is empty."""
     self.assertIsNone(
         scanner_dao.get_latest_scanner_index_id(self.session, 123))
Example #4
0
def run(inventory_index_id,
        scanner_index_id,
        progress_queue,
        service_config=None):
    """Run the notifier.

    Entry point when the notifier is run as a library.

    Args:
        inventory_index_id (int64): Inventory index id.
        scanner_index_id (int64): Scanner index id.
        progress_queue (Queue): The progress queue.
        service_config (ServiceConfig): Forseti 2.0 service configs.
    Returns:
        int: Status code.
    """
    # pylint: disable=too-many-locals
    global_configs = service_config.get_global_config()
    notifier_configs = service_config.get_notifier_config()

    with service_config.scoped_session() as session:
        if scanner_index_id:
            inventory_index_id = (
                DataAccess.get_inventory_index_id_by_scanner_index_id(
                    session,
                    scanner_index_id))
        else:
            if not inventory_index_id:
                inventory_index_id = (
                    DataAccess.get_latest_inventory_index_id(session))
            scanner_index_id = scanner_dao.get_latest_scanner_index_id(
                session, inventory_index_id)

        if not scanner_index_id:
            LOGGER.error(
                'No success or partial success scanner index found for '
                'inventory index: "%s".', str(inventory_index_id))
        else:
            # get violations
            violation_access = scanner_dao.ViolationAccess(session)
            violations = violation_access.list(
                scanner_index_id=scanner_index_id)
            violations_as_dict = []
            for violation in violations:
                violations_as_dict.append(
                    scanner_dao.convert_sqlalchemy_object_to_dict(violation))
            violations_as_dict = convert_to_timestamp(violations_as_dict)
            violation_map = scanner_dao.map_by_resource(violations_as_dict)

            for retrieved_v in violation_map:
                log_message = (
                    'Retrieved {} violations for resource \'{}\''.format(
                        len(violation_map[retrieved_v]), retrieved_v))
                LOGGER.info(log_message)
                progress_queue.put(log_message)

            # build notification notifiers
            notifiers = []
            for resource in notifier_configs['resources']:
                if violation_map.get(resource['resource']) is None:
                    log_message = 'Resource \'{}\' has no violations'.format(
                        resource['resource'])
                    progress_queue.put(log_message)
                    LOGGER.info(log_message)
                    continue
                if not resource['should_notify']:
                    LOGGER.debug('Not notifying for: %s', resource['resource'])
                    continue
                for notifier in resource['notifiers']:
                    log_message = (
                        'Running \'{}\' notifier for resource \'{}\''.format(
                            notifier['name'], resource['resource']))
                    progress_queue.put(log_message)
                    LOGGER.info(log_message)
                    chosen_pipeline = find_notifiers(notifier['name'])
                    notifiers.append(chosen_pipeline(
                        resource['resource'], inventory_index_id,
                        violation_map[resource['resource']], global_configs,
                        notifier_configs, notifier.get('configuration')))

            # Run the notifiers.
            for notifier in notifiers:
                notifier.run()

            # Run the CSCC notifier.
            violation_configs = notifier_configs.get('violation')
            if violation_configs:
                if violation_configs.get('cscc').get('enabled'):
                    source_id = violation_configs.get('cscc').get('source_id')
                    if source_id:
                        # beta mode
                        LOGGER.debug(
                            'Running CSCC notifier with beta API. source_id: '
                            '%s', source_id)
                        (cscc_notifier.CsccNotifier(inventory_index_id)
                         .run(violations_as_dict, source_id=source_id))
                    else:
                        # alpha mode
                        LOGGER.debug('Running CSCC notifier with alpha API.')
                        gcs_path = (
                            violation_configs.get('cscc').get('gcs_path'))
                        mode = violation_configs.get('cscc').get('mode')
                        organization_id = (
                            violation_configs.get('cscc').get(
                                'organization_id'))
                        (cscc_notifier.CsccNotifier(inventory_index_id)
                         .run(violations_as_dict, gcs_path, mode,
                              organization_id))

        InventorySummary(service_config, inventory_index_id).run()

        log_message = 'Notification completed!'
        progress_queue.put(log_message)
        progress_queue.put(None)
        LOGGER.info(log_message)
        return 0