def jira_integration(args, project):
try:
if args["test"]:
url = f'{args["config"]["jira_url"]}/rest/api/2/project'
res = get(url, auth=(args["config"]["jira_login"], args["config"]["jira_password"]))
if res.status_code == 200:
message = "Successfully connected to Jira"
else:
message = "Connection failed"
if "failed" not in message and args["config"]["jira_project"] not in res.text:
message = "Connection succeed but project not found"
return message
else:
jira_perf_api_config = {
"assignee": args["config"]["jira_login"],
"check_functional_errors": "True",
"check_performance_degradation": "True",
"check_missed_thresholds": "True",
"performance_degradation_rate": 20,
"missed_thresholds_rate": 50,
"jira_labels": "performance, api",
"jira_watchers": "",
"jira_epic_key": ""
}
secrets = get_project_secrets(project.id)
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets["jira"] = dumps(args["config"])
secrets["jira_perf_api"] = dumps(jira_perf_api_config)
set_project_secrets(project.id, secrets)
set_project_hidden_secrets(project.id, hidden_secrets)
return "Jira settings saved"
except Exception as e:
return f"Failed. Jira settings not saved. {str(e)}"
def get(self, project_id):
project = Project.get_or_404(project_id)
args = self.get_parser.parse_args(strict=False)
if args['name'] not in ['post_processor', 'control_tower', 'all']:
return {"message": "go away", "code": 400}, 400
secrets = get_project_hidden_secrets(project.id)
project_secrets = {}
if args['name'] == 'post_processor':
secrets = self._create_pp(project, secrets)
elif args['name'] == 'control_tower':
secrets = self._create_cc(project, secrets)
elif args['name'] == 'all':
secrets = self._create_pp(project, secrets)
secrets = self._create_cc(project, secrets)
project_secrets["galloper_url"] = APP_HOST
project_secrets["project_id"] = project.id
secrets["redis_host"] = APP_IP
secrets["loki_host"] = EXTERNAL_LOKI_HOST.replace(
"https://", "http://")
secrets["influx_ip"] = APP_IP
secrets["influx_port"] = INFLUX_PORT
secrets["loki_port"] = LOKI_PORT
secrets["redis_password"] = REDIS_PASSWORD
set_project_secrets(project.id, project_secrets)
else:
return {"message": "go away", "code": 400}, 400
set_project_hidden_secrets(project.id, secrets)
return {"message": "Done", "code": 200}
def rp_integration(args, project):
if args["test"]:
url = f'{args["config"]["rp_host"]}/api/v1/project/{args["config"]["rp_project"]}'
headers = {
'content-type': 'application/json',
'Authorization': f'bearer {args["config"]["rp_token"]}'
}
res = get(url, headers=headers)
if res.status_code == 200:
message = "Successfully connected to RP"
else:
message = "Connection failed"
return message
else:
rp_perf_api_config = {
"rp_launch_name": "carrier",
"check_functional_errors": "True",
"check_performance_degradation": "True",
"check_missed_thresholds": "True",
"performance_degradation_rate": 20,
"missed_thresholds_rate": 50
}
secrets = get_project_secrets(project.id)
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets["rp"] = dumps(args["config"])
secrets["rp_perf_api"] = dumps(rp_perf_api_config)
set_project_secrets(project.id, secrets)
set_project_hidden_secrets(project.id, hidden_secrets)
return "RP settings saved"
def smtp_integration(args, project):
try:
if args["test"]:
try:
s = smtplib.SMTP_SSL(host=args['config']['smtp_host'], port=int(args['config']['smtp_port']))
s.ehlo()
s.login(args['config']['smtp_user'], args['config']['smtp_password'])
return "SMTP server connected"
except smtplib.SMTPException as e:
return f"SMTP server not connected. {str(e)}"
else:
secrets = get_project_secrets(project.id)
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets["smtp"] = dumps(args["config"])
env_vars = args["config"]
env_vars["error_rate"] = 10
env_vars["performance_degradation_rate"] = 20
env_vars["missed_thresholds"] = 50
if "email_notification_id" in secrets:
update_task(secrets["email_notification_id"], dumps(env_vars))
elif "email_notification_id" in hidden_secrets:
update_task(hidden_secrets["email_notification_id"], dumps(env_vars))
else:
email_notification_args = {
"funcname": "email_notification",
"invoke_func": "lambda_function.lambda_handler",
"runtime": "Python 3.7",
"env_vars": dumps(env_vars)
}
email_notification = create_task(project, File(EMAIL_NOTIFICATION_PATH), email_notification_args)
hidden_secrets["email_notification_id"] = email_notification.task_id
set_project_hidden_secrets(project.id, hidden_secrets)
return "SMTP setting saved"
except Exception as e:
return f"Failed. SMTP server not connected. {str(e)}"
def put(self, project_id: int, secret: str) -> Tuple[dict, int]: # pylint: disable=C0111
# Check project_id for validity
project = Project.get_or_404(project_id)
# Set secret
secrets = get_project_secrets(project.id)
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets[secret] = secrets[secret]
secrets.pop(secret, None)
set_project_secrets(project.id, secrets)
set_project_hidden_secrets(project.id, hidden_secrets)
return {"message": f"Project secret was moved to hidden secrets"}, 200
def ado_integration(args, project):
if args["test"]:
url = f'https://dev.azure.com/{args["config"]["org"]}/_apis/teams?api-version=6.1-preview.3'
res = get(url, auth=("", (args["config"]["pat"])), headers={'content-type': 'application/json'})
if res.status_code == 200:
message = "Successfully connected to ADO"
else:
message = "Connection failed"
return message
else:
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets["ado"] = dumps(args["config"])
set_project_hidden_secrets(project.id, hidden_secrets)
return "ADO settings saved"
def get(self, project_id):
project = Project.get_or_404(project_id)
args = self.get_parser.parse_args(strict=False)
if args['name'] not in ['post_processor', 'control_tower', 'all']:
return {"message": "go away", "code": 400}, 400
secrets = get_project_hidden_secrets(project.id)
project_secrets = get_project_secrets(project.id)
if args['name'] == 'post_processor':
self.create_pp_task(project)
elif args['name'] == 'control_tower':
self.create_cc_task(project)
elif args['name'] == 'all':
self.create_pp_task(project)
self.create_cc_task(project)
project_secrets["galloper_url"] = APP_HOST
project_secrets["project_id"] = project.id
secrets[
"post_processor"] = f"{APP_HOST}/task/{secrets['post_processor_id']}"
secrets["redis_host"] = APP_IP
secrets["loki_host"] = EXTERNAL_LOKI_HOST.replace(
"https://", "http://")
secrets["influx_ip"] = APP_IP
secrets["influx_port"] = INFLUX_PORT
secrets["influx_user"] = INFLUX_USER
secrets["influx_password"] = INFLUX_PASSWORD
secrets["loki_port"] = LOKI_PORT
secrets["redis_password"] = REDIS_PASSWORD
secrets["rabbit_host"] = APP_IP
secrets["rabbit_user"] = RABBIT_USER
secrets["rabbit_password"] = RABBIT_PASSWORD
set_project_secrets(project.id, project_secrets)
else:
return {"message": "go away", "code": 400}, 400
set_project_hidden_secrets(project.id, secrets)
if "rabbit_project_user" not in project_secrets and "rabbit_project_user" not in secrets:
create_project_user_and_vhost(project_id)
return {"message": "Done", "code": 200}
def aws_integration(args, project):
if args["test"]:
ec2 = boto3.client('ec2', aws_access_key_id=args["config"]["aws_access_key"],
aws_secret_access_key=args["config"]["aws_secret_access_key"],
region_name=args["config"]["region_name"])
config = {
"Type": "request",
'AllocationStrategy': "lowestPrice",
"IamFleetRole": args["config"]["iam_fleet_role"],
"TargetCapacity": 1,
"SpotPrice": "0.1",
"TerminateInstancesWithExpiration": True,
'ValidFrom': datetime(2021, 1, 1),
'ValidUntil': datetime(2022, 1, 1),
'LaunchSpecifications': [
{
"ImageId": args["config"]["image_id"],
"InstanceType": "t3.medium",
"KeyName": "carrier-test",
"BlockDeviceMappings": [],
"SpotPrice": "0.1",
"NetworkInterfaces": []
}
]
}
try:
ec2.request_spot_fleet(DryRun=True, SpotFleetRequestConfig=config)
except Exception as e:
if 'DryRunOperation' not in str(e):
return f"Failed: {e}"
return "Connected"
else:
hidden_secrets = get_project_hidden_secrets(project.id)
hidden_secrets["aws"] = dumps(args["config"])
set_project_hidden_secrets(project.id, hidden_secrets)
return "AWS settings saved"
def post(self, project_id: Optional[int] = None) -> Tuple[dict, int]:
data = self._parser_post.parse_args()
name_ = data["name"]
owner_ = data["owner"]
package = data["package"].lower()
dast_enabled_ = False if data["dast_enabled"] == "disabled" else True
sast_enabled_ = False if data["sast_enabled"] == "disabled" else True
performance_enabled_ = False if data[
"performance_enabled"] == "disabled" else True
perf_tests_limit = data["perf_tests_limit"]
ui_perf_tests_limit = data["ui_perf_tests_limit"]
sast_scans_limit = data["sast_scans_limit"]
dast_scans_limit = data["dast_scans_limit"]
tasks_count_limit = data["tasks_count_limit"]
task_executions_limit = data["task_executions_limit"]
storage_space_limit = data["storage_space_limit"]
data_retention_limit = data["data_retention_limit"]
project = Project(name=name_,
dast_enabled=dast_enabled_,
project_owner=owner_,
sast_enabled=sast_enabled_,
performance_enabled=performance_enabled_,
package=package)
project_secrets = {}
project_hidden_secrets = {}
project.insert()
SessionProject.set(project.id) # Looks weird, sorry :D
if package == "custom":
getattr(project_quota,
"custom")(project.id, perf_tests_limit,
ui_perf_tests_limit, sast_scans_limit,
dast_scans_limit, -1, storage_space_limit,
data_retention_limit, tasks_count_limit,
task_executions_limit)
else:
getattr(project_quota, package)(project.id)
statistic = Statistic(project_id=project.id,
start_time=str(datetime.utcnow()),
performance_test_runs=0,
sast_scans=0,
dast_scans=0,
ui_performance_test_runs=0,
public_pool_workers=0,
tasks_executions=0)
statistic.insert()
pp_args = {
"funcname":
"post_processor",
"invoke_func":
"lambda_function.lambda_handler",
"runtime":
"Python 3.7",
"env_vars":
dumps({
"jmeter_db": "{{secret.jmeter_db}}",
"gatling_db": "{{secret.gatling_db}}",
"comparison_db": "{{secret.comparison_db}}",
"AWS_LAMBDA_FUNCTION_TIMEOUT": 900
})
}
pp = create_task(project, File(POST_PROCESSOR_PATH), pp_args)
cc_args = {
"funcname":
"control_tower",
"invoke_func":
"lambda.handler",
"runtime":
"Python 3.7",
"env_vars":
dumps({
"token": "{{secret.auth_token}}",
"galloper_url": "{{secret.galloper_url}}",
"GALLOPER_WEB_HOOK": '{{secret.post_processor}}',
"project_id": '{{secret.project_id}}',
"loki_host": '{{secret.loki_host}}',
"AWS_LAMBDA_FUNCTION_TIMEOUT": 900
})
}
cc = create_task(project, File(CONTROL_TOWER_PATH), cc_args)
project_secrets["galloper_url"] = APP_HOST
project_secrets["project_id"] = project.id
project_hidden_secrets["post_processor"] = f'{APP_HOST}{pp.webhook}'
project_hidden_secrets["post_processor_id"] = pp.task_id
project_hidden_secrets["redis_host"] = APP_IP
project_hidden_secrets["loki_host"] = EXTERNAL_LOKI_HOST.replace(
"https://", "http://")
project_hidden_secrets["influx_ip"] = APP_IP
project_hidden_secrets["influx_port"] = INFLUX_PORT
project_hidden_secrets["loki_port"] = LOKI_PORT
project_hidden_secrets["redis_password"] = REDIS_PASSWORD
project_hidden_secrets["rabbit_host"] = APP_IP
project_hidden_secrets["rabbit_user"] = RABBIT_USER
project_hidden_secrets["rabbit_password"] = RABBIT_PASSWORD
project_hidden_secrets["control_tower_id"] = cc.task_id
project_hidden_secrets["influx_user"] = INFLUX_USER
project_hidden_secrets["influx_password"] = INFLUX_PASSWORD
project_hidden_secrets["jmeter_db"] = f'jmeter_{project.id}'
project_hidden_secrets["gatling_db"] = f'gatling_{project.id}'
project_hidden_secrets["comparison_db"] = f'comparison_{project.id}'
project_hidden_secrets["telegraf_db"] = f'telegraf_{project.id}'
project_hidden_secrets["gf_api_key"] = GF_API_KEY
project_vault_data = {"auth_role_id": "", "auth_secret_id": ""}
try:
project_vault_data = initialize_project_space(project.id)
except:
current_app.logger.warning("Vault is not configured")
project.secrets_json = {
"vault_auth_role_id": project_vault_data["auth_role_id"],
"vault_auth_secret_id": project_vault_data["auth_secret_id"],
}
project.commit()
set_project_secrets(project.id, project_secrets)
set_project_hidden_secrets(project.id, project_hidden_secrets)
create_project_user_and_vhost(project.id)
create_project_databases(project.id)
set_grafana_datasources(project.id)
return {"message": f"Project was successfully created"}, 200
