def createRulesForEnv(master_config, url_path_prefix="", content_path_prefix="", crc_env = "stage"):
# First, add the rules for the landing page.
if crc_env == "stage":
rules = util.getJSONFromFileWithReplacements("./data/landing_page_rules.json", [("\"cloud.redhat.com\"", "\"cloud.stage.redhat.com\"")])
rules.extend(util.getJSONFromFileWithReplacements("./data/storybook_rules.json", [("\"cloud.redhat.com\"", "\"cloud.stage.redhat.com\"")]))
else:
rules = util.getJSONFromFile("./data/landing_page_rules.json")
rules.extend(util.getJSONFromFile("./data/storybook_rules.json"))
# If either url path prefix or content path prefix exists, modify paths on landing page & storybook rules.
for rule in rules:
if rule["behaviors"][0]["name"] == "rewriteUrl" and rule["behaviors"][0]["options"]["behavior"] == "PREPEND" and "pentest" not in content_path_prefix:
rules.remove(rule)
if content_path_prefix != "":
if rule["behaviors"][0]["name"] == "failAction":
rule["behaviors"][0]["options"]["contentPath"] = content_path_prefix + rule["behaviors"][0]["options"]["contentPath"]
if url_path_prefix != "":
for x in range(len(rule["criteria"])):
if rule["criteria"][x]["name"] == "path":
for y in range(len(rule["criteria"][x]["options"]["values"])):
if rule["criteria"][x]["options"]["values"][y] == "/":
rule["criteria"][x]["options"]["values"].append(url_path_prefix)
rule["criteria"][x]["options"]["values"][y] = url_path_prefix + rule["criteria"][x]["options"]["values"][y]
# Create a template object to copy from (reduces number of read/write ops)
if crc_env == "stage":
rule_template = util.getJSONFromFileWithReplacements("./data/single_rule_template.json", [("\"cloud.redhat.com\"", "\"cloud.stage.redhat.com\"")])
else:
rule_template = util.getJSONFromFile("./data/single_rule_template.json")
nomatch_template = util.getJSONFromFile("./data/no_match_criteria.json")
# Creates rules for all the apps that follow a pattern.
for key, app in master_config.items():
if "frontend" in app and "paths" in app["frontend"] and not ("disabled_on_prod" in app and app["disabled_on_prod"]):
app_rule = copy.deepcopy(rule_template)
app_rule["name"] = "/" + key
app_path = app["frontend"]["app_base"] if "app_base" in app["frontend"] else key
app_rule["behaviors"][0]["options"]["contentPath"] = "{}/apps/{}/index.html".format(content_path_prefix, app_path)
for frontend_path in app["frontend"]["paths"]:
values = [url_path_prefix + frontend_path]
values += [url_path_prefix + frontend_path + "/*"]
app_rule["criteria"][0]["options"]["values"].extend(values)
if "frontend_exclude" in app and len(app["frontend_exclude"]) > 0:
app_criteria = copy.deepcopy(nomatch_template)
for nomatch in app["frontend_exclude"]:
app_criteria["options"]["values"].append(url_path_prefix + nomatch)
app_criteria["options"]["values"].append(url_path_prefix + nomatch + "/*")
app_rule["criteria"].append(app_criteria)
rules.append(app_rule)
return rules
def updatePropertyRulesUsingConfig(version_number,
master_config_list,
crc_env="stage"):
print("Creating new ruleset based on list of master configs...")
frontend_rule_index = 3 if ("stage" == crc_env) else 2
replacements = [
("<<prod-gateway-secret>>", util.getEnvVar("GATEWAYSECRET")),
("<<pentest-gateway-secret>>", util.getEnvVar("PENTESTGATEWAYSECRET")),
("<<certauth-gateway-secret>>", util.getEnvVar("CERTAUTHSECRET")),
("<<gateway-origin-json>>",
util.readFileAsString(util.getEnvVar("GATEWAYORIGINJSON")))
]
rules_tree = util.getJSONFromFileWithReplacements(
"./data/{}/base_rules.json".format(crc_env), replacements)
parent_rule_template = util.getJSONFromFile("./data/base_env_rule.json")
# Iterate through the configurations for each release
for env in master_config_list:
parent_rule = copy.deepcopy(parent_rule_template)
parent_rule["name"] = "{} (AUTO-GENERATED)".format(env["name"])
if ("url_prefix" not in env or env["url_prefix"] == ""):
parent_rule["criteria"][0]["options"][
"matchOperator"] = "DOES_NOT_MATCH_ONE_OF"
parent_rule["criteria"][0]["options"]["values"].extend(
["/api", "/api/*", "/mirror/openshift*", "/wss/*"])
# Each env should exclude matches for other envs.
for nomatch in (x for x in master_config_list
if (x != env["name"] and "url_prefix" in x
and x["url_prefix"] != "")):
parent_rule["criteria"][0]["options"]["values"].extend(
[nomatch["url_prefix"], nomatch["url_prefix"] + "/*"])
else:
parent_rule["criteria"][0]["options"][
"matchOperator"] = "MATCHES_ONE_OF"
parent_rule["criteria"][0]["options"]["values"].extend(
[env["url_prefix"], env["url_prefix"] + "/*"])
# Update pen-test cookie check, if necessary
if ("cookie_required" in env and env["cookie_required"]):
parent_rule["criteria"][1]["options"]["matchOperator"] = "EXISTS"
parent_rule["children"] = createRulesForEnv(env["config"],
env["url_prefix"],
env["content_path_prefix"],
crc_env)
rules_tree["rules"]["children"][frontend_rule_index][
"children"].append(parent_rule)
# Update property with this new ruleset
print("API - Updating rule tree...")
response = json.loads(
util.akamaiPut(
"/papi/v1/properties/{}/versions/{}/rules?contractId=ctr_3-1MMN3Z&groupId=grp_134508&validateRules=true&validateMode=full"
.format(util.getPropertyIDForEnv(crc_env),
version_number), rules_tree))
print("Response:")
print(json.dumps(response))