def hydrate_forseti(event): """Hydrator for forseti events, enriching them with owner, a fingerprint and metadata. Args: event (comet_core.app.EventContainer): the incoming event to hydrate """ msg = event.message event.set_owner(f"{msg.get('project_owner')}@example.com") event.set_fingerprint( comet_event_fingerprint(data_dict=msg, blacklist=['id', 'rule_index'], prefix='forseti_')) # arbitrary metadata event.set_metadata({ 'issue_type': msg.get('resource'), 'source_readable': 'GCP Configuration Scanner', 'resource': msg['project_id'] + '/' + msg['resource_id'], 'resource_readable': f"{msg.get('resource_type')} {msg.get('resource_id')} (in {msg.get('project_id')})", 'issue_type_readable': { 'policy_violations': 'GCP project owner outside org', 'buckets_acl_violations': 'Storage bucket shared too widely', 'cloudsql_acl_violations': 'CloudSQL open to the public internet', 'bigquery_acl_violations': 'BigQuery data shared too widely', }.get(msg.get('resource'), msg.get('resource')) })
def __init__(self, source_type, message): self.source_type = source_type self.message = message self.owner = None self.fingerprint = comet_event_fingerprint(data_dict=message, prefix=source_type + "_") self.event_metadata = dict()
def test_event_fingerprint_blacklist_prefix(): # pylint: disable=invalid-name,missing-docstring fingerprint = comet_event_fingerprint(ORIG_DICT, BLACKLIST, 'test') assert fingerprint != AFTER_BLACKLIST_FP
def test_event_fingerprint_no_blacklist(): # pylint: disable=invalid-name,missing-docstring fingerprint = comet_event_fingerprint(ORIG_DICT) assert fingerprint == ORIG_DICT_FP