-
Notifications
You must be signed in to change notification settings - Fork 592
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
(feat.) add notification apis phase I
- Loading branch information
Harshvardhan Karn
committed
Jun 5, 2024
1 parent
3ae3504
commit c221b01
Showing
12 changed files
with
497 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
package handler | ||
|
||
import ( | ||
"net/http" | ||
|
||
"github.com/deepfence/ThreatMapper/deepfence_server/model" | ||
"github.com/deepfence/ThreatMapper/deepfence_server/reporters/notification" | ||
"github.com/deepfence/ThreatMapper/deepfence_utils/log" | ||
httpext "github.com/go-playground/pkg/v5/net/http" | ||
) | ||
|
||
func (h *Handler) GetScansHandler(w http.ResponseWriter, r *http.Request) { | ||
ctx := r.Context() | ||
var req model.NotificationGetScanRequest | ||
|
||
// parse request body | ||
err := httpext.DecodeJSON(r, httpext.NoQueryParams, MaxPostRequestSize, &req) | ||
if err != nil { | ||
log.Error().Msgf("Error decoding request: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// TODO: check if status provided are valid | ||
|
||
// get scans from db | ||
scans, err := notification.GetScans(ctx, req.ScanTypes, req.Statuses) | ||
if err != nil { | ||
log.Error().Msgf("Error getting scans: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// respond with scans | ||
err = httpext.JSON(w, http.StatusOK, scans) | ||
return | ||
} | ||
|
||
func (h *Handler) MarkScansReadHandler(w http.ResponseWriter, r *http.Request) { | ||
ctx := r.Context() | ||
var req model.NotificationMarkScanReadRequest | ||
|
||
// parse request body | ||
err := httpext.DecodeJSON(r, httpext.NoQueryParams, MaxPostRequestSize, &req) | ||
if err != nil { | ||
log.Error().Msgf("Error decoding request: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// mark scans as read | ||
err = notification.MarkScansRead(ctx, req.ScanType, req.NodeIDs) | ||
if err != nil { | ||
log.Error().Msgf("Error marking scans as read: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// respond with success | ||
err = httpext.JSON(w, http.StatusOK, nil) | ||
return | ||
} | ||
|
||
/* Registry Sync Handlers */ | ||
|
||
// GetRegistrySyncHandler returns the registries that are syncing | ||
func (h *Handler) GetRegistrySyncHandler(w http.ResponseWriter, r *http.Request) { | ||
ctx := r.Context() | ||
|
||
// get registries that are syncing | ||
registries, err := notification.GetRegistrySync(ctx) | ||
if err != nil { | ||
log.Error().Msgf("Error getting registries that are syncing: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// respond with registries | ||
err = httpext.JSON(w, http.StatusOK, registries) | ||
return | ||
} | ||
|
||
/* Integration Handlers */ | ||
|
||
// GetIntegrationFailuresHandler returns the integrations that have failed | ||
func (h *Handler) GetIntegrationFailuresHandler(w http.ResponseWriter, r *http.Request) { | ||
ctx := r.Context() | ||
|
||
// get integrations that have failed | ||
integrations, err := notification.GetIntegrationFailures(ctx) | ||
if err != nil { | ||
log.Error().Msgf("Error getting integrations that have failed: %v", err) | ||
h.respondError(err, w) | ||
return | ||
} | ||
|
||
// respond with integrations | ||
err = httpext.JSON(w, http.StatusOK, integrations) | ||
return | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
package model | ||
|
||
type NotificationGetScanResponse struct { | ||
VulnerabilityScan []Scan `json:"vulnerability_scan"` | ||
SecretScan []Scan `json:"secret_scan"` | ||
MalwareScan []Scan `json:"malware_scan"` | ||
PostureScan []Scan `json:"posture_scan"` | ||
} | ||
|
||
type Scan struct { | ||
CreatedAt int64 `json:"created_at"` | ||
UpdatedAt int64 `json:"updated_at"` | ||
NodeID string `json:"node_id"` | ||
IsPriority bool `json:"is_priority"` | ||
Status string `json:"status"` | ||
StatusMessage string `json:"status_message"` | ||
TriggerAction string `json:"trigger_action"` | ||
Retries int64 `json:"retries"` | ||
} | ||
|
||
// TODO: later | ||
type TriggerAction struct { | ||
ID int `json:"id"` | ||
RequestPayload string `json:"request_payload"` | ||
} | ||
type RequestPayload struct { | ||
NodeID string `json:"node_id"` | ||
NodeType int `json:"node_type"` | ||
BinArgs struct { | ||
NodeID string `json:"node_id"` | ||
NodeType string `json:"node_type"` | ||
RegistryID string `json:"registry_id"` | ||
ScanID string `json:"scan_id"` | ||
ScanType string `json:"scan_type"` | ||
} `json:"bin_args"` | ||
} | ||
|
||
type NotificationGetScanRequest struct { | ||
ScanTypes []string `json:"scan_types"` | ||
Statuses []string `json:"status"` | ||
Page int `json:"page"` | ||
Limit int `json:"limit"` | ||
} | ||
|
||
type NotificationMarkScanReadRequest struct { | ||
ScanType string `json:"scan_type"` | ||
NodeIDs []string `json:"node_ids"` | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package notification | ||
|
||
import ( | ||
"context" | ||
"encoding/json" | ||
|
||
"github.com/deepfence/ThreatMapper/deepfence_server/model" | ||
"github.com/deepfence/ThreatMapper/deepfence_utils/directory" | ||
"github.com/deepfence/ThreatMapper/deepfence_utils/log" | ||
) | ||
|
||
// GetIntegrationFailures returns the integrations that have failed | ||
func GetIntegrationFailures(ctx context.Context) ([]model.IntegrationListResp, error) { | ||
var failedIntegrations []model.IntegrationListResp | ||
pgClient, err := directory.PostgresClient(ctx) | ||
if err != nil { | ||
return failedIntegrations, nil | ||
} | ||
|
||
integrations, err := pgClient.GetIntegrations(ctx) | ||
if err != nil { | ||
log.Error().Msgf("Error getting postgresCtx: %v", err) | ||
return failedIntegrations, err | ||
} | ||
|
||
// filter out integrations that have errorMsg | ||
for _, integration := range integrations { | ||
if integration.ErrorMsg.Valid { | ||
var config map[string]interface{} | ||
var filters model.IntegrationFilters | ||
|
||
err = json.Unmarshal(integration.Config, &config) | ||
if err != nil { | ||
log.Error().Msgf(err.Error()) | ||
continue | ||
} | ||
err = json.Unmarshal(integration.Filters, &filters) | ||
if err != nil { | ||
log.Error().Msgf(err.Error()) | ||
continue | ||
} | ||
|
||
var integrationStatus string | ||
if integration.ErrorMsg.Valid { | ||
integrationStatus = integration.ErrorMsg.String | ||
} | ||
|
||
var lastSentTime string | ||
if integration.LastSentTime.Valid { | ||
lastSentTime = integration.LastSentTime.Time.String() | ||
} | ||
|
||
newIntegration := model.IntegrationListResp{ | ||
ID: integration.ID, | ||
IntegrationType: integration.IntegrationType, | ||
NotificationType: integration.Resource, | ||
Config: config, | ||
Filters: filters, | ||
LastErrorMsg: integrationStatus, | ||
LastSentTime: lastSentTime, | ||
} | ||
|
||
newIntegration.RedactSensitiveFieldsInConfig() | ||
failedIntegrations = append(failedIntegrations, newIntegration) | ||
} | ||
} | ||
|
||
return failedIntegrations, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
package notification | ||
|
||
import ( | ||
"context" | ||
"time" | ||
|
||
"github.com/deepfence/ThreatMapper/deepfence_server/model" | ||
"github.com/deepfence/ThreatMapper/deepfence_utils/directory" | ||
"github.com/deepfence/ThreatMapper/deepfence_utils/log" | ||
"github.com/neo4j/neo4j-go-driver/v5/neo4j" | ||
) | ||
|
||
// GetRegistrySync returns the registries that are syncing | ||
func GetRegistrySync(ctx context.Context) ([]model.RegistryAccount, error) { | ||
registries := []model.RegistryAccount{} | ||
|
||
driver, err := directory.Neo4jClient(ctx) | ||
if err != nil { | ||
return registries, err | ||
} | ||
|
||
log.Info().Msgf("Getting registries that are syncing") | ||
|
||
session := driver.NewSession(ctx, neo4j.SessionConfig{AccessMode: neo4j.AccessModeRead}) | ||
defer session.Close(ctx) | ||
|
||
tx, err := session.BeginTransaction(ctx, neo4j.WithTxTimeout(30*time.Second)) | ||
if err != nil { | ||
return registries, err | ||
} | ||
defer tx.Close(ctx) | ||
query := ` | ||
MATCH (r:RegistryAccount) | ||
WHERE r.syncing = true | ||
RETURN r.name, r.node_id, r.registry_type, r.syncing | ||
` | ||
log.Debug().Msgf("Query: %s", query) | ||
result, err := tx.Run(ctx, query, map[string]interface{}{}) | ||
if err != nil { | ||
return registries, err | ||
} | ||
|
||
rec, err := result.Collect(ctx) | ||
if err != nil { | ||
return registries, err | ||
} | ||
|
||
if len(rec) == 0 { | ||
return registries, nil | ||
} | ||
|
||
for _, record := range rec { | ||
reg := model.RegistryAccount{} | ||
reg.Name = record.Values[0].(string) | ||
reg.ID = record.Values[1].(string) | ||
reg.RegistryType = record.Values[2].(string) | ||
reg.Syncing = record.Values[3].(bool) | ||
registries = append(registries, reg) | ||
} | ||
|
||
return registries, nil | ||
} |
Oops, something went wrong.