def upload_json(data, gcs_upload_path): """Upload data in json format. Args: data (dict): the data to upload gcs_upload_path (string): the GCS upload path. """ try: with tempfile.NamedTemporaryFile() as tmp_data: tmp_data.write(parser.json_stringify(data).encode()) tmp_data.flush() storage_client = StorageClient({}) storage_client.put_text_file(tmp_data.name, gcs_upload_path) except Exception: # pylint: disable=broad-except LOGGER.exception('Unable to upload json document to bucket %s:\n%s', gcs_upload_path, data)
def _make_attachment_json(self): """Create the attachment object json format. Returns: attachment: SendGrid attachment object. """ output_filename = self._get_output_filename( string_formats.VIOLATION_JSON_FMT) with tempfile.NamedTemporaryFile() as tmp_violations: tmp_violations.write(parser.json_stringify(self.violations)) tmp_violations.flush() LOGGER.info('JSON filename: %s', tmp_violations.name) attachment = self.connector.create_attachment( file_location=tmp_violations.name, content_type='application/json', filename=output_filename, content_id='Violations') return attachment
def _send_findings_to_gcs(self, violations, gcs_path): """Send violations to CSCC via upload to GCS (legacy mode). Args: violations (dict): Violations to be uploaded as findings. gcs_path (str): The GCS bucket to upload the findings. """ LOGGER.info('Legacy mode detected - writing findings to GCS.') gcs_upload_path = '{}/{}'.format(gcs_path, self._get_output_filename()) findings = self._transform_for_gcs(violations, gcs_upload_path) with tempfile.NamedTemporaryFile() as tmp_violations: tmp_violations.write(parser.json_stringify(findings)) tmp_violations.flush() if gcs_upload_path.startswith('gs://'): storage_client = storage.StorageClient() storage_client.put_text_file(tmp_violations.name, gcs_upload_path) return
def _transform(firewall_dict, project_id=None, validate=None): """Transforms firewall dictionary into FirewallRule. Args: firewall_dict (dict): A dictionary with firewall field names matching the API field names. project_id (str): A project id string. validate (bool): Whether to validate this FirewallRule or not. Returns: FirewallRule: A FirewallRule created from the input dictionary. """ if firewall_dict.get('creationTimestamp'): # When we are creating firewall rule gcp objects from the firewall # rules we defined in the firewall_rules.yaml file, the creation # timestamp is not part of the rule in the yaml file and if the # creation timestamp does not exist, we shouldn't call the parse # function with the empty field. creation_time = parser.format_timestamp( parser.json_stringify(firewall_dict.get('creationTimestamp')), string_formats.TIMESTAMP_MYSQL_DATETIME_FORMAT) else: creation_time = None in_dict = { 'firewall_rule_id': firewall_dict.get('id'), 'firewall_rule_name': firewall_dict.get('name'), 'firewall_rule_full_name': firewall_dict.get('full_name'), 'firewall_rule_description': firewall_dict.get('description'), 'firewall_rule_kind': firewall_dict.get('kind'), 'firewall_rule_network': firewall_dict.get('network'), 'firewall_rule_priority': firewall_dict.get('priority'), 'firewall_rule_direction': firewall_dict.get('direction'), 'firewall_rule_source_ranges': parser.json_stringify( firewall_dict.get('sourceRanges') or firewall_dict.get('sourceRange')), 'firewall_rule_destination_ranges': parser.json_stringify( firewall_dict.get('destinationRanges') or firewall_dict.get('destinationRange')), 'firewall_rule_source_tags': parser.json_stringify( firewall_dict.get('sourceTags') or firewall_dict.get('sourceTag')), 'firewall_rule_target_tags': parser.json_stringify( firewall_dict.get('targetTags') or firewall_dict.get('targetTag')), 'firewall_rule_source_service_accounts': parser.json_stringify( firewall_dict.get('sourceServiceAccounts') or firewall_dict.get('sourceServiceAccount')), 'firewall_rule_target_service_accounts': parser.json_stringify( firewall_dict.get('targetServiceAccounts') or firewall_dict.get('targetServiceAccount')), 'firewall_rule_allowed': parser.json_stringify(firewall_dict.get('allowed')), 'firewall_rule_denied': parser.json_stringify(firewall_dict.get('denied')), 'firewall_rule_self_link': parser.json_stringify(firewall_dict.get('selfLink')), 'firewall_rule_create_time': creation_time, } if project_id: in_dict['project_id'] = project_id return FirewallRule(validate=validate, **in_dict)