Remove exporter id from db audit log update and unassign commands (#258)

yugabyte · Oct 25, 2024 · c9cbe3b · c9cbe3b
1 parent 2e83931
commit c9cbe3b
Show file tree

Hide file tree

Showing 3 changed files with 149 additions and 14 deletions.
diff --git a/cmd/db_audit_logs_exporter/db_audit_logs_exporter.go b/cmd/db_audit_logs_exporter/db_audit_logs_exporter.go
@@ -127,7 +127,6 @@ var updateDbAuditLogsExporterCmd = &cobra.Command{
 		authApi.GetInfo("", "")
 
 		clusterName, _ := cmd.Flags().GetString("cluster-name")
-		exportConfigId, _ := cmd.Flags().GetString("export-config-id")
 		integrationName, _ := cmd.Flags().GetString("integration-name")
 		ysqlConfig, _ := cmd.Flags().GetStringToString("ysql-config")
 		statement_classes, _ := cmd.Flags().GetString("statement_classes")
@@ -144,11 +143,12 @@ var updateDbAuditLogsExporterCmd = &cobra.Command{
 		}
 
 		dbAuditLogsExporterSpec, err := setDbAuditLogsExporterSpec(ysqlConfig, statement_classes, integrationId)
-
 		if err != nil {
 			logrus.Fatalf(err.Error())
 		}
 
+		exportConfigId := getDbAuditExportConfigIdForCluster(authApi, clusterId)
+
 		resp, r, err := authApi.UpdateDbAuditExporterConfig(clusterId, exportConfigId).DbAuditExporterConfigSpec(*dbAuditLogsExporterSpec).Execute()
 
 		if err != nil {
@@ -236,8 +236,8 @@ var removeDbAuditLogsExporterCmd = &cobra.Command{
 	Long:  "Unassign DB Audit Logs Export Config",
 	PreRun: func(cmd *cobra.Command, args []string) {
 		viper.BindPFlag("force", cmd.Flags().Lookup("force"))
-		exportConfigId, _ := cmd.Flags().GetString("export-config-id")
-		err := util.ConfirmCommand(fmt.Sprintf("Are you sure you want to unassign DB audit %s: %s", "config", exportConfigId), viper.GetBool("force"))
+		clusterName, _ := cmd.Flags().GetString("cluster-name")
+		err := util.ConfirmCommand(fmt.Sprintf("Are you sure you want to unassign DB audit config from cluster: %s", clusterName), viper.GetBool("force"))
 		if err != nil {
 			logrus.Fatal(err)
 		}
@@ -250,13 +250,14 @@ var removeDbAuditLogsExporterCmd = &cobra.Command{
 		authApi.GetInfo("", "")
 
 		clusterName, _ := cmd.Flags().GetString("cluster-name")
-		exportConfigId, _ := cmd.Flags().GetString("export-config-id")
 
 		clusterId, err := authApi.GetClusterIdByName(clusterName)
 		if err != nil {
 			logrus.Fatal(err)
 		}
 
+		exportConfigId := getDbAuditExportConfigIdForCluster(authApi, clusterId)
+
 		resp, _, err := authApi.UnassignDbAuditLogsExportConfig(clusterId, exportConfigId).Execute()
 
 		if err != nil {
@@ -306,8 +307,6 @@ func init() {
 
 	DbAuditLogsExporterCmd.AddCommand(updateDbAuditLogsExporterCmd)
 	updateDbAuditLogsExporterCmd.Flags().SortFlags = false
-	updateDbAuditLogsExporterCmd.Flags().String("export-config-id", "", "[REQUIRED] The ID of the DB audit export config")
-	updateDbAuditLogsExporterCmd.MarkFlagRequired("export-config-id")
 	updateDbAuditLogsExporterCmd.Flags().String("integration-name", "", "[REQUIRED] Name of the Integration")
 	updateDbAuditLogsExporterCmd.MarkFlagRequired("integration-name")
 	updateDbAuditLogsExporterCmd.Flags().StringToString("ysql-config", nil, `The ysql config to setup DB auditting
@@ -322,8 +321,6 @@ func init() {
 
 	DbAuditLogsExporterCmd.AddCommand(removeDbAuditLogsExporterCmd)
 	removeDbAuditLogsExporterCmd.Flags().SortFlags = false
-	removeDbAuditLogsExporterCmd.Flags().String("export-config-id", "", "[REQUIRED] The ID of the DB audit export config")
-	removeDbAuditLogsExporterCmd.MarkFlagRequired("export-config-id")
 	removeDbAuditLogsExporterCmd.Flags().String("cluster-name", "", "[REQUIRED] The cluster name to assign DB auditting")
 	removeDbAuditLogsExporterCmd.MarkFlagRequired("cluster-name")
 	removeDbAuditLogsExporterCmd.Flags().BoolP("force", "f", false, "Bypass the prompt for non-interactive usage")
@@ -438,3 +435,17 @@ func setDbAuditLogsExporterSpec(ysqlConfigMap map[string]string, statementClasse
 
 	return ybmclient.NewDbAuditExporterConfigSpec(*ysqlConfig, integrationId), nil
 }
+
+func getDbAuditExportConfigIdForCluster(authApi *ybmAuthClient.AuthApiClient, clusterId string) string {
+	listResp, r, err := authApi.ListDbAuditExporterConfig(clusterId).Execute()
+	if err != nil {
+		logrus.Debugf("Full HTTP response: %v", r)
+		logrus.Fatalf(ybmAuthClient.GetApiErrorDetails(err))
+	}
+
+	if len(listResp.GetData()) < 1 {
+		logrus.Fatalf("No DB Audit Log Configuration exists for cluster")
+	}
+
+	return listResp.GetData()[0].Info.Id
+}
diff --git a/cmd/db_audit_logs_exporter_test.go b/cmd/db_audit_logs_exporter_test.go
@@ -185,19 +185,30 @@ ID                                     Date Created               Cluster ID
 	Context("When removing db audit exporter config", func() {
 		It("should delete the config", func() {
 			statusCode = 200
-			err := loadJson("./test/fixtures/db-audit-data.json", &responseDbAudit)
+
+			err := loadJson("./test/fixtures/list-db-audit.json", &responseDbAuditList)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodGet, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/clusters/5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8/db-audit-log-exporter-configs"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseDbAuditList),
+				),
+			)
+
+			err = loadJson("./test/fixtures/db-audit-data.json", &responseDbAudit)
 			Expect(err).ToNot(HaveOccurred())
 			server.AppendHandlers(
 				ghttp.CombineHandlers(
-					ghttp.VerifyRequest(http.MethodDelete, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/clusters/5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8/db-audit-log-exporter-configs/123e4567-e89b-12d3-a456-426614174000"),
+					ghttp.VerifyRequest(http.MethodDelete, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/clusters/5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8/db-audit-log-exporter-configs/9e3fabbc-849c-4a77-bdb2-9422e712e7dc"),
 					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseDbAudit),
 				),
 			)
-			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "unassign", "--cluster-name", "stunning-sole", "--export-config-id", "123e4567-e89b-12d3-a456-426614174000", "--force")
+
+			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "unassign", "--cluster-name", "stunning-sole", "--force")
 			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
 			Expect(err).NotTo(HaveOccurred())
 			session.Wait(2)
-			Expect(session.Out).Should(gbytes.Say(`Request submitted to remove Db Audit Logging 123e4567-e89b-12d3-a456-426614174000`))
+			Expect(session.Out).Should(gbytes.Say(`Request submitted to remove Db Audit Logging 9e3fabbc-849c-4a77-bdb2-9422e712e7dc`))
 			session.Kill()
 		})
 		It("should return required field name and type when not set", func() {
@@ -207,12 +218,95 @@ ID                                     Date Created               Cluster ID
 			exec.Command(compiledCLIPath, "y")
 			Expect(err).NotTo(HaveOccurred())
 			session.Wait(2)
-			Expect(session.Err).Should(gbytes.Say("(?m:Error: required flag\\(s\\) \"export-config-id\", \"cluster-name\" not set$)"))
+			Expect(session.Err).Should(gbytes.Say("(?m:Error: required flag\\(s\\) \"cluster-name\" not set$)"))
 			session.Kill()
 		})
 
 	})
 
+	Context("When updating DB Audit config for a cluster", func() {
+		It("should update cluster DB Audit config", func() {
+			statusCode = 200
+
+			err := loadJson("./test/fixtures/list-telemetry-provider.json", &responseIntegrationList)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodGet, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/telemetry-providers"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseIntegrationList),
+				),
+			)
+
+			err = loadJson("./test/fixtures/list-db-audit.json", &responseDbAuditList)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodGet, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/clusters/5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8/db-audit-log-exporter-configs"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseDbAuditList),
+				),
+			)
+
+			err = loadJson("./test/fixtures/db-audit-data2.json", &responseDbAudit)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodPut, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/clusters/5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8/db-audit-log-exporter-configs/9e3fabbc-849c-4a77-bdb2-9422e712e7dc"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseDbAudit),
+				),
+			)
+			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "update", "--cluster-name", "stunning-sole", "--integration-name", "datadog-tp", "--ysql-config", "log_catalog=false,log_client=true,log_level=NOTICE,log_parameter=false,log_statement_once=false,log_relation=true", "--statement_classes", "READ,WRITE")
+			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
+			Expect(err).NotTo(HaveOccurred())
+			session.Wait(2)
+			Expect(session.Out).Should(gbytes.Say(`The db audit exporter config 9e3fabbc-849c-4a77-bdb2-9422e712e7dc is being updated
+ID                                     Date Created               Cluster ID                             Integration ID                         State     Ysql Config
+9e3fabbc-849c-4a77-bdb2-9422e712e7dc   2024-02-27T06:30:51.304Z   5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8   7c07c103-e3b2-48b6-ac30-764e9b5275e1   ACTIVE    {\"log_settings\":{\"log_catalog\":false,\"log_client\":true,\"log_level\":\"NOTICE\",\"log_parameter\":false,\"log_relation\":true,\"log_statement_once\":false},\"statement_classes\":\[\"READ\",\"WRITE\"]}`))
+			session.Kill()
+		})
+		It("should return required field name and type when not set", func() {
+			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "update")
+			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
+			Expect(err).NotTo(HaveOccurred())
+			session.Wait(2)
+			Expect(session.Err).Should(gbytes.Say(`\bError: required flag\(s\) "integration-name", "cluster-name" not set\b`))
+			session.Kill()
+		})
+		It("should return required log setting when not set", func() {
+			statusCode = 200
+			err := loadJson("./test/fixtures/list-telemetry-provider.json", &responseIntegrationList)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodGet, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/telemetry-providers"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseIntegrationList),
+				),
+			)
+			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "update", "--cluster-name", "stunning-sole", "--integration-name", "datadog-tp", "--ysql-config", "log_catalog=true,log_client=true,log_level=NOTICE,log_parameter=false,log_relation=false", "--statement_classes", "READ,WRITE")
+			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
+			Expect(err).NotTo(HaveOccurred())
+			session.Wait(2)
+			Expect(session.Err).Should(gbytes.Say("(?m:log_statement_once required for log settings$)"))
+			session.Kill()
+		})
+		It("should return required statement class when not set", func() {
+			statusCode = 200
+			err := loadJson("./test/fixtures/list-telemetry-provider.json", &responseIntegrationList)
+			Expect(err).ToNot(HaveOccurred())
+			server.AppendHandlers(
+				ghttp.CombineHandlers(
+					ghttp.VerifyRequest(http.MethodGet, "/api/public/v1/accounts/340af43a-8a7c-4659-9258-4876fd6a207b/projects/78d4459c-0f45-47a5-899a-45ddf43eba6e/telemetry-providers"),
+					ghttp.RespondWithJSONEncodedPtr(&statusCode, responseIntegrationList),
+				),
+			)
+			cmd := exec.Command(compiledCLIPath, "db-audit-logs-exporter", "update", "--cluster-name", "stunning-sole", "--integration-name", "datadog-tp", "--ysql-config", "log_catalog=true,log_client=true,log_level=NOTICE,log_parameter=false,log_relation=false")
+			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
+			Expect(err).NotTo(HaveOccurred())
+			session.Wait(2)
+			Expect(session.Err).Should(gbytes.Say("(?m:statement_classes must have one or more of READ, WRITE, ROLE, FUNCTION, DDL, MISC$)"))
+			session.Kill()
+		})
+	})
+
 	AfterEach(func() {
 		os.Args = args
 		server.Close()

diff --git a/cmd/test/fixtures/db-audit-data2.json b/cmd/test/fixtures/db-audit-data2.json
@@ -0,0 +1,30 @@
+{
+    "data": {
+        "spec": {
+            "ysql_config": {
+                "statement_classes": [
+                    "READ",
+                    "WRITE"
+                ],
+                "log_settings": {
+                    "log_catalog": false,
+                    "log_client": true,
+                    "log_level": "NOTICE",
+                    "log_parameter": false,
+                    "log_relation": true,
+                    "log_statement_once": false
+                }
+            },
+            "exporter_id": "7c07c103-e3b2-48b6-ac30-764e9b5275e1"
+        },
+        "info": {
+            "id": "9e3fabbc-849c-4a77-bdb2-9422e712e7dc",
+            "cluster_id": "5f80730f-ba3f-4f7e-8c01-f8fa4c90dad8",
+            "state": "ACTIVE",
+            "metadata": {
+                "created_on": "2024-02-27T06:30:51.304Z",
+                "updated_on": "2024-02-27T07:21:08.896Z"
+            }
+        }
+    }
+}