def check_args(args):
"""Make sure the required args are present and valid.
The exit codes are arbitrary and just serve the purpose of facilitating
distinction betweeen the various error cases.
Args:
args (dict): the command line args
Returns:
tuple: 2-tuple with an exit code and error message.
"""
if not args['services']:
return (1, 'ERROR: please specify at least one service.')
if not args['config_file_path']:
return (2, 'ERROR: please specify the Forseti config file.')
if not file_loader.isfile(args['config_file_path']):
return (3, 'ERROR: "%s" is not a file.' % args['config_file_path'])
if not file_loader.access(args['config_file_path']):
return (4, 'ERROR: "%s" is not readable.' % args['config_file_path'])
if not args['forseti_db']:
return (5, 'ERROR: please specify the Forseti database string.')
return (0, 'All good!')
def test_file_not_accessible_in_gcs(self, mock_default_credentials):
"""Test HTTP not 200 results in False."""
mock_responses = [({
'status': '403',
'content-range': '0-10/11'
}, b'{"test": 1}')]
http_mocks.mock_http_response_sequence(mock_responses)
self.assertFalse(file_loader.access('gs://fake/file.json'))
def _instantiate_scanner(self, scanner_name):
"""Make individual scanners based on the scanner name.
Args:
scanner_name (str): the name of the scanner as
in the requirements_map
Returns:
scanner: the individual scanner instance
"""
module_path = 'google.cloud.forseti.scanner.scanners.{}'
requirements_map = scanner_requirements_map.REQUIREMENTS_MAP
if scanner_name not in requirements_map:
log_message = ('Configured scanner is undefined '
'in scanner requirements map : %s')
LOGGER.error(log_message, scanner_name)
return None
LOGGER.info(
scanner_requirements_map.REQUIREMENTS_MAP.get(scanner_name))
module_name = module_path.format(
scanner_requirements_map.REQUIREMENTS_MAP.get(scanner_name).get(
'module_name'))
try:
module = importlib.import_module(module_name)
except (ImportError, TypeError, ValueError):
LOGGER.exception('Unable to import %s\n', module_name)
return None
class_name = (scanner_requirements_map.REQUIREMENTS_MAP.get(
scanner_name).get('class_name'))
try:
scanner_class = getattr(module, class_name)
except AttributeError:
LOGGER.exception('Unable to instantiate %s', class_name)
return None
rules_path = ''
rules_filename = (scanner_requirements_map.REQUIREMENTS_MAP.get(
scanner_name).get('rules_filename'))
if rules_filename:
rules_directory = self.scanner_configs.get('rules_path')
if rules_directory is None:
scanner_path = inspect.getfile(scanner_class)
rules_directory = scanner_path.split(
'/google/cloud/forseti')[0]
rules_directory += '/rules'
rules_path = os.path.join(rules_directory, rules_filename)
if not file_loader.isfile(rules_path):
LOGGER.error(f'Rules file for Scanner {scanner_name} does not '
f'exist. Rules path: {rules_path}')
return None
if not file_loader.access(rules_path):
LOGGER.error(f'Rules file for Scanner {scanner_name} cannot '
f'be accessed. Rules path: {rules_path}')
return None
LOGGER.info('Initializing the rules engine:\nUsing rules: %s',
rules_path)
scanner = scanner_class(self.global_configs, self.scanner_configs,
self.service_config, self.model_name,
self.snapshot_timestamp, rules_path)
return scanner
def test_local_file_is_not_accessilble(self, mock_isfile):
"""Test logic for testing local access"""
mock_isfile.return_value = False
self.assertFalse(file_loader.access('test_file.yaml'))