def updatePropertyRulesUsingConfig(version_number, master_config_list):
print("Creating new ruleset based on list of master configs...")
rules_tree = util.getJSONFromFile("./data/base_rules.json")
parent_rule_template = util.getJSONFromFile("./data/base_env_rule.json")
# Iterate through the configurations for each environment
for env in master_config_list:
parent_rule = copy.deepcopy(parent_rule_template)
parent_rule["name"] = "{} (AUTO-GENERATED)".format(env["name"])
parent_rule["criteria"][0]["options"]["matchOperator"] = "DOES_NOT_MATCH_ONE_OF" if ("prefix" not in env or env["prefix"] == "") else "MATCHES_ONE_OF"
if ("prefix" not in env or env["prefix"] == ""):
parent_rule["criteria"][0]["options"]["values"].append("/api")
parent_rule["criteria"][0]["options"]["values"].append("/api/*")
# Each env should exclude matches for other envs.
for nomatch in (x for x in master_config_list if (x != env["name"] and "prefix" in x and x["prefix"] != "")):
parent_rule["criteria"][0]["options"]["values"].append(nomatch["prefix"])
parent_rule["criteria"][0]["options"]["values"].append(nomatch["prefix"] + "/*")
else:
parent_rule["criteria"][0]["options"]["values"].append(env["prefix"])
parent_rule["criteria"][0]["options"]["values"].append(env["prefix"] + "/*")
parent_rule["children"] = createRulesForEnv(env["config"], env["prefix"])
rules_tree["rules"]["children"][2]["children"].append(parent_rule)
# Update property with this new ruleset
print("API - Updating rule tree...")
response = json.loads(util.akamaiPut("/papi/v1/properties/prp_516561/versions/{}/rules?contractId=ctr_3-1MMN3Z&groupId=grp_134508&validateRules=true&validateMode=full".format(version_number),rules_tree))
def updatePropertyRulesUsingConfig(version_number,
master_config_list,
crc_env="stage"):
print("Creating new ruleset based on list of master configs...")
frontend_rule_index = 3 if ("stage" == crc_env) else 2
replacements = [
("<<prod-gateway-secret>>", util.getEnvVar("GATEWAYSECRET")),
("<<pentest-gateway-secret>>", util.getEnvVar("PENTESTGATEWAYSECRET")),
("<<certauth-gateway-secret>>", util.getEnvVar("CERTAUTHSECRET")),
("<<gateway-origin-json>>",
util.readFileAsString(util.getEnvVar("GATEWAYORIGINJSON")))
]
rules_tree = util.getJSONFromFileWithReplacements(
"./data/{}/base_rules.json".format(crc_env), replacements)
parent_rule_template = util.getJSONFromFile("./data/base_env_rule.json")
# Iterate through the configurations for each release
for env in master_config_list:
parent_rule = copy.deepcopy(parent_rule_template)
parent_rule["name"] = "{} (AUTO-GENERATED)".format(env["name"])
if ("url_prefix" not in env or env["url_prefix"] == ""):
parent_rule["criteria"][0]["options"][
"matchOperator"] = "DOES_NOT_MATCH_ONE_OF"
parent_rule["criteria"][0]["options"]["values"].extend(
["/api", "/api/*", "/mirror/openshift*", "/wss/*"])
# Each env should exclude matches for other envs.
for nomatch in (x for x in master_config_list
if (x != env["name"] and "url_prefix" in x
and x["url_prefix"] != "")):
parent_rule["criteria"][0]["options"]["values"].extend(
[nomatch["url_prefix"], nomatch["url_prefix"] + "/*"])
else:
parent_rule["criteria"][0]["options"][
"matchOperator"] = "MATCHES_ONE_OF"
parent_rule["criteria"][0]["options"]["values"].extend(
[env["url_prefix"], env["url_prefix"] + "/*"])
# Update pen-test cookie check, if necessary
if ("cookie_required" in env and env["cookie_required"]):
parent_rule["criteria"][1]["options"]["matchOperator"] = "EXISTS"
parent_rule["children"] = createRulesForEnv(env["config"],
env["url_prefix"],
env["content_path_prefix"],
crc_env)
rules_tree["rules"]["children"][frontend_rule_index][
"children"].append(parent_rule)
# Update property with this new ruleset
print("API - Updating rule tree...")
response = json.loads(
util.akamaiPut(
"/papi/v1/properties/{}/versions/{}/rules?contractId=ctr_3-1MMN3Z&groupId=grp_134508&validateRules=true&validateMode=full"
.format(util.getPropertyIDForEnv(crc_env),
version_number), rules_tree))
print("Response:")
print(json.dumps(response))