Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat/standardize entity provisioning logs #526

Merged
merged 5 commits into from
Jun 5, 2024
Merged

Feat/standardize entity provisioning logs #526

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e7fdc2f
feat: modify log to provide more details on event
gcharest Jun 5, 2024
dab7606
feat: pass standardized keys for sentinel logging
gcharest Jun 5, 2024
b09a854
fix: update tests to match number of preformat items called
gcharest Jun 5, 2024
d7f2c74
fix: make aws dev command execute sync in dry_run
gcharest Jun 5, 2024
5fe8d75
chore: run fmt
gcharest Jun 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 15 additions & 2 deletions app/modules/aws/identity_center.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ def sync_users(
)
preformatting_keys = [
("primaryEmail", "email"),
("primaryEmail", "log_user_name"),
("name.givenName", "first_name"),
("name.familyName", "family_name"),
]
Expand All @@ -120,8 +121,13 @@ def sync_users(
entity_name="User",
display_key="primaryEmail",
)
preformatting_keys = [
("UserId", "user_id"),
("UserName", "log_user_name"),
]
for old_key, new_key in preformatting_keys:
users_to_delete = filters.preformat_items(users_to_delete, old_key, new_key)

users_to_delete = filters.preformat_items(users_to_delete, "UserId", "user_id")
deleted_users = entities.provision_entities(
identity_store.delete_user,
users_to_delete,
Expand Down Expand Up @@ -191,6 +197,8 @@ def sync_groups(
**user,
"user_id": target_user["UserId"],
"group_id": target_groups_to_sync[i]["GroupId"],
"log_user_name": user["primaryEmail"],
"log_group_name": target_groups_to_sync[i]["DisplayName"],
}
for user in users_to_add
for target_user in target_users
Expand All @@ -209,7 +217,12 @@ def sync_groups(
groups_memberships_created.extend(memberships_created)

users_to_remove = [
{**user, "membership_id": user["MembershipId"]}
{
**user,
"membership_id": user["MembershipId"],
"log_user_name": user["MemberId"]["UserName"],
"log_group_name": target_groups_to_sync[i]["DisplayName"],
}
for user in users_to_remove
if user.get("MembershipId")
]
Expand Down
27 changes: 5 additions & 22 deletions app/modules/dev/aws_dev.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,27 +11,10 @@

def aws_dev_command(ack, client, body, respond):
ack()
response = identity_center.synchronize(enable_groups_sync=False)
response = identity_center.synchronize(
enable_user_create=False, enable_membership_create=False
)
if not response:
respond("No groups found.")
respond("Sync failed.")
else:
message = ""
if identity_center.DRY_RUN:
message += "Dry run mode enabled.\n"
if response["users"]:
users_created, users_deleted = response["users"]
message += "Users created:\n- " + "\n- ".join(users_created) + "\n"
message += "Users deleted:\n- " + "\n- ".join(users_deleted) + "\n"
else:
message += "Users Sync Disabled.\n"
if response["groups"]:
groups_created, groups_deleted = response["groups"]
message += (
"Groups memberships created:\n- " + "\n- ".join(groups_created) + "\n"
)
message += (
"Groups memberships deleted:\n- " + "\n- ".join(groups_deleted) + "\n"
)
else:
message += "Groups Sync Disabled.\n"
respond(message)
respond("Sync successful.")
15 changes: 12 additions & 3 deletions app/modules/provisioning/entities.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,13 @@ def provision_entities(
f"{integration_name}:{entity_name}:{operation_name}: Started processing {len(entities)} entities"
)
for entity in entities:
event = {
"name": "provision_entities",
"integration": integration_name,
"entity": entity_name,
"operation": operation_name,
"status": "dry_run",
}
entity_string = (
filters.get_nested_value(entity, display_key) if display_key else entity
)
Expand All @@ -50,25 +57,27 @@ def provision_entities(
logger.info(
f"{integration_name}:{entity_name}:{operation_name}:Successful: {entity_string}"
)
event["status"] = "successful"
log_to_sentinel(
f"{integration_name}_{entity_name}_{operation_name}_successful",
event,
{"entity": entity},
)
provisioned_entities.append({"entity": entity, "response": response})
else:
event["status"] = "failed"
logger.error(
f"{integration_name}:{entity_name}:{operation_name}:Failed: {entity_string}"
)
log_to_sentinel(
f"{integration_name}_{entity_name}_{operation_name}_failed",
event,
{"entity": entity},
)
else:
logger.info(
f"{integration_name}:{entity_name}:{operation_name}:Successful:DRY_RUN: {entity_string}"
)
log_to_sentinel(
f"{integration_name}_{entity_name}_{operation_name}_dry_run",
event,
{"entity": entity},
)
provisioned_entities.append({"entity": entity, "response": None})
Expand Down
17 changes: 16 additions & 1 deletion app/tests/modules/aws/test_sync_identity_center.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ def _provision_entities_calls(
**user,
"user_id": user["id"],
"group_id": target_groups[i]["GroupId"],
"log_user_name": user["primaryEmail"],
"log_group_name": target_groups[i]["DisplayName"],
}
for user in group_users[i][0]
],
Expand All @@ -74,7 +76,12 @@ def _provision_entities_calls(
call(
mock_identity_store.delete_group_membership,
[
{**user, "membership_id": user["MembershipId"]}
{
**user,
"membership_id": user["MembershipId"],
"log_user_name": user["MemberId"]["UserName"],
"log_group_name": target_groups[i]["DisplayName"],
}
for user in group_users[i][1]
],
execute=execute_delete,
Expand Down Expand Up @@ -449,6 +456,8 @@ def test_sync_users_default(
source_users,
source_users,
source_users,
source_users,
target_users,
target_users,
]
mock_filters.preformat_items.side_effect = preformat_side_effects
Expand Down Expand Up @@ -514,6 +523,8 @@ def test_sync_users_enable_delete_true(
source_users,
source_users,
source_users,
source_users,
target_users,
target_users,
]
mock_filters.compare_lists.return_value = source_users, target_users
Expand Down Expand Up @@ -578,6 +589,8 @@ def test_sync_users_delete_target_all_disable_delete(
source_users = google_users(3)
target_users = aws_users(6)
mock_filters.preformat_items.side_effect = [
[],
[],
[],
[],
[],
Expand Down Expand Up @@ -639,6 +652,8 @@ def test_sync_users_delete_target_all_enable_delete(
source_users = google_users(3)
target_users = aws_users(6)
mock_filters.preformat_items.side_effect = [
[],
[],
[],
[],
[],
Expand Down
Loading