feat(api): expose go api for third party apps#282
feat(api): expose go api for third party apps#282AndreyLevchenko wants to merge 14 commits intomainfrom
Conversation
* feat(api): add API draft more cleanup * added output api implementation * misc clean up * added routes and templates * switched API to synchronous mode * fixed typo * added simple integration test * fixed tests * added fix to set dbpath through API * added input callbacks & tests * fixed race condition * added misc fix to clean up input callbacks * fixed pointer reference error in loop * added default db path * fixed TODO in Jira outputs * feat(postgres): added support postgres * feat(postgresDb): add test connect psql, change cfg.yaml * feat(psql) changed configurate psql settings are now taken from env 'POSTGRES_URL' now,tests for configurate psql added * combined Webhooktable and WebhookExpiryDates * Refactor: code review notes are corrected * Refactor: code review notes are corrected * Refactor : added вудуеув temp dir in configureDb test * Docs(psql): added psql env info to readme * refactor: change parametrs for deleteRowsByIdAndTime * Refactor: code review notes are corrected * clean up of db connection config * exposed API to use postgres * added make target for golang-lint * feat:added copy of cfgFile in psql * test: changed tests for insert into psql * Refactor: code review notes are corrected * refactor: changed func load * misc api cleanup * test: added tests for api * test: added tests for configure psql * Refactor: code review notes are corrected * Refactor: code review notes are corrected * test: fixed api tests * test: fixed api tests * feat(logger): added default logger * feat: added custom logger * fix: fixed golangci-lint test errors * fix: fixed golangci-lint test errors * Refactor: code review notes are corrected * Refactor: code review notes are corrected * refactor: removed func debug * refactor: removed func debug * chore(deps): added zap dependency * fix: fixed load psql cfg with empty table * fix: fixed load psql cfg with empty table * test: added test for errors to getCfgCacheSource * test: added test for errors to getCfgCacheSource * fix: fixed lint error * fix: fixed test errors (#228) * reuse postgres db conncetion instance * adjust unit test for Postgres singleton and retrying functionality * reuse bolt open conn and adjust tests * remove postgres API and adjust unit tests * merge upstream main into postee-as-api-2 * revert output email dynamic port Co-authored-by: Andrey Levchenko <levchenko.andrey@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
AndreyLevchenko
changed the title
router/router.go
Outdated
| synchronous bool | ||
| inputCallBacks map[string][]InputCallbackFunc | ||
| databaseCfgCacheSource *data.TenantSettings | ||
| bolt dbservice.DbProvider |
There was a problem hiding this comment.
DbProvider can be boltDb or PostgresDb. I think this field needs to be renamed.
Also we have this field here.
Сan we remove one of them?
There was a problem hiding this comment.
Currently, we are not going to use Postgres integration within the Postee-as-lib, we are thinking of removing it completely from the code, so I named it bolt on purpose
There was a problem hiding this comment.
@elad-da
To be honest I'm going to remove it. As duplicate references (ctx.bolt and dbservice.Db ) to same object may lead to confusion.
There was a problem hiding this comment.
Please don't remove it, otherwise, the unit tests won't work as expected
| c := b.Cursor() | ||
| size := 0 | ||
| for k, v := c.First(); k != nil; k, v = c.Next() { | ||
| size += len(v) |
dbservice/boltdb/checker_test.go
Outdated
| } | ||
| } | ||
|
|
||
| func TestDbSizeLimnit(t *testing.T) { |
dbservice/boltdb/dbparam_test.go
Outdated
| @@ -0,0 +1 @@ | |||
| package boltdb | |||
There was a problem hiding this comment.
I think we don't need this file.
dbservice/dbservice_test.go
Outdated
| func TestStoreMessage(t *testing.T) { | ||
| var tests = []struct { | ||
| input *string | ||
| func TestConfigurateBoltDbPathUsedEnv(t *testing.T) { |
There was a problem hiding this comment.
I think the name TestConfigurateBoltDb would be better
dbservice/dbservice_test.go
Outdated
| func TestInsertError(t *testing.T) { | ||
| var tests = []struct { | ||
| bucket string | ||
| func TestConfiguratePostgresDbUrlAndTenantName(t *testing.T) { |
There was a problem hiding this comment.
I think the name TestConfiguratePostgresDb would be better
msgservice/aggregatebytime_test.go
Outdated
| os.Remove(dbservice.DbPath) | ||
| dbservice.DbPath = dbPathReal | ||
| os.Remove(testDB.DbPath) | ||
| testDB.DbPath = dbPathReal |
There was a problem hiding this comment.
We don't need this. We return oldDb.
Codecov Report
@@ Coverage Diff @@
## main #282 +/- ##
==========================================
- Coverage 87.33% 85.40% -1.93%
==========================================
Files 28 19 -9
Lines 1153 1165 +12
==========================================
- Hits 1007 995 -12
- Misses 88 100 +12
- Partials 58 70 +12
Continue to review full report at Codecov.
|
| return false | ||
| } | ||
|
|
||
| func cpyUnknowns(source map[string]string) map[string]string { |
There was a problem hiding this comment.
It is copy, if I understood correctly
There was a problem hiding this comment.
it was attempt to make method name more short
regoservice/eval.go
Outdated
| foundPaths := make([]string, 0) | ||
|
|
||
| for _, path := range commonRegoTemplates { | ||
| if _, err := os.Stat(commonRegoTemplates[0]); !os.IsNotExist(err) { |
There was a problem hiding this comment.
Why do we use [0]?
If i understood correctly, we need to check each path.
There was a problem hiding this comment.
it can be one element or zero
| func Send(b []byte) { | ||
| //Instance().Send(b) | ||
| Instance().handle(bytes.ReplaceAll(b, []byte{'`'}, []byte{'\''})) | ||
| } |
There was a problem hiding this comment.
What does this function do?
There was a problem hiding this comment.
it calls handler directly. no queue is involved
simar7
left a comment
simar7
left a comment
There was a problem hiding this comment.
Description of changes:
Exposed methods
implementation: api.go Technically more methods can be accessed but these ones are going to be documented integration test: api_integration_test.go
More structures were moved to
datapackageTo keep model classes in single package. It's easy to find and helps to avoid cyclic dependencies. Examples:
integrations.gotemplate.gotenants.godbservice interface
It's required to support both bolt and postgres. Defined in dbservice.go Existing bolt implementation is just moved to new package with minimal changes. Postgres implementation was created from scratch
Feature to store Postee yaml config in Postgres
implementation is here cfgcachesource.go Config is fetched using
postgresDb.TenantNameas a key so single Postgres database can be used to store configs of unlimited amount of apps. (as long as they are using unique tenant names)
CloneSettings()method is added to output implementations.Motivation is to provide clones instead of real objects for get/list API methods. This is to ensure that reference to Postee config object can not be used to modify app configuration directly (as it may lead to unpredictable results). Recommended way to update Postee config is using exposed API.
Logger package
All writes to log file are going through
logpackage. Interface is defined here: logger.go Also there is implementation based on zap logger: zaplogger.goMisc msghandling change
format of webhook payload is changed from
[]bytetomap[string]interface{}. This also requires change test data across many test classesQuestions:
- Should Postgres implementatio be removed?
- There is also a feature to store config yaml within Postgres db. It was specifically requested some time ago. Is it still required?
Co-authored-by: Andrey Levchenko levchenko.andrey@gmail.com Co-authored-by: DmitriyLewen dmitriy.lewen@smartforce.io Co-authored-by: DmitriyLewen 91113035+DmitriyLewen@users.noreply.github.com
TBH - I think this PR is too big to be reviewed properly as it touches many different components. Can we break down into several manageable PRs as defined in the description above?
|
Hi
But I think it may take about a week as it means re-implementation of the features (almost from scratch). Also some new PRs could still be big enough to review. Let me know if it works for you. |
I'll touch base with @tomyweiss and @elad-da offline to get their thoughts and get back to you. |
Update: We'll discuss it in a meeting next week - so please hold off until then. |
# Conflicts: # go.mod # go.sum # router/initoutputs_test.go
* Embed rego-templates instead of reading directly from the file system (postee as lib usage) * Embedding the rego templates and load it to the rego eval in case the files not found on the filesystem * expose API - get embedded templates files * revert rego templates folder name * fix rego-templates import path * Fix typos and generalize functions * embedded template unit tests
aquasecurity#282) Bumps [github.com/aquasecurity/defsec](https://github.com/aquasecurity/defsec) from 0.68.6 to 0.68.9. - [Release notes](https://github.com/aquasecurity/defsec/releases) - [Commits](aquasecurity/defsec@v0.68.6...v0.68.9) --- updated-dependencies: - dependency-name: github.com/aquasecurity/defsec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 participants
Description of changes:
Exposed methods
implementation:
api.go
Technically more methods can be accessed but these ones are going to be documented
integration test:
api_integration_test.go
More structures were moved to
datapackageTo keep model classes in single package. It's easy to find and helps to avoid cyclic dependencies.
Examples:
integrations.gotemplate.gotenants.godbservice interface
It's required to support both bolt and postgres. Defined in dbservice.go
Existing bolt implementation is just moved to new package with minimal changes. Postgres implementation was created from scratch
Feature to store Postee yaml config in Postgres
implementation is here
cfgcachesource.go Config is fetched using
postgresDb.TenantNameas a key so single Postgres database can be used to store configs of unlimited amount of apps. (as long as they are using unique tenant names)CloneSettings()method is added to output implementations.Motivation is to provide clones instead of real objects for get/list API methods. This is to ensure that reference to Postee config object can not be used to modify app configuration directly (as it may lead to unpredictable results). Recommended way to update Postee config is using exposed API.
Logger package
All writes to log file are going through
logpackage. Interface is defined here: logger.goAlso there is implementation based on zap logger: zaplogger.go
Misc msghandling change
format of webhook payload is changed from
[]bytetomap[string]interface{}. This also requires change test data across many test classesQuestions:
Should Postgres implementatio be removed?
There is also a feature to store config yaml within Postgres db. It was specifically requested some time ago. Is it still required?
Co-authored-by: Andrey Levchenko levchenko.andrey@gmail.com
Co-authored-by: DmitriyLewen dmitriy.lewen@smartforce.io
Co-authored-by: DmitriyLewen 91113035+DmitriyLewen@users.noreply.github.com