Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only display domains that are directly attributable to a cidr #647

Merged
merged 7 commits into from
Oct 1, 2024
Merged

Only display domains that are directly attributable to a cidr #647

merged 7 commits into from
Oct 1, 2024

Conversation

DJensen94
Copy link
Contributor

🗣 Description

We only want to display data for domains whose IP is directly attributable to a user provided CIDR. We only want this functionality for non-FCEB organizations.

  1. Add new column to Domains table called "fromCyhyCidr", which will be a boolean for if the domains ip links to a cidr provided to VS
  2. Create a helper function that accepts an organization_id and an ip and returns true if the ip is found inside a cidr block owned by the given org, it will check this against the cidr table in the mini datalake that is updated daily from the VS data in the AE
  3. We will make a crossfeed scan that loops through all domains and runs the ips through the newly created helper function and correctly checks the "fromCyhyCidr" column
  4. Update the api calls that pull domains to filter out domains where "fromCyhyCidr" is false

💭 Motivation and context

This is to avoid reporting issues with IPs that belong to cloud providers and incorrectly attributed domains

🧪 Testing

I have tested locally with both in-cidr and out-cidr ips as well as on fceb and non fceb organizations

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All future TODOs are captured in issues, which are referenced
    in code comments.
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.

✅ Pre-merge checklist

  • Revert dependencies to default branches.
  • Finalize version.

✅ Post-merge checklist

  • Create a release.

@DJensen94
update model, add helper and create scan
e597b3e 
update model to have new boolean columns, add helper function to identify if cidr holds the ip and create scan to update domain table
@DJensen94
add filter to relevant APIs
ce06011 
add filter to relevant APIs
@DJensen94
Made fixes to filters and logic to mark fceb children as fceb
adf58d9 
Made fixes to filters and logic to mark fceb children as fceb
@DJensen94
run precommits
6bcbeef 
run precommits and linter fixes
@DJensen94
remove console logs
17cc3d6 
remove console logs
@schmelz21 schmelz21 marked this pull request as ready for review October 1, 2024 15:38
@DJensen94
delete flagFloatingIps in order to rename it
5761a2a 
delete flagFloatingIps in order to rename it
@DJensen94
Re-add flagFloating Ips
6398d32 
Re-add flagFloating Ips with new capitalization
@ameliav ameliav self-requested a review October 1, 2024 17:07
ameliav
ameliav approved these changes Oct 1, 2024
View reviewed changes
Copy link
Contributor

@ameliav ameliav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worked for me after the following:

  • Having the mini datalake already
  • Doing a complete docker rebuild including syncdb
  • Making changes to the crossfeed database to match some of the mini datalake's org acronyms (Dane walked me through the different test cases and what fields to change)
  • Running the flagFloatingIps scan and then checking the frontend for verification after each test case

@schmelz21 schmelz21 merged commit 99efc2d into develop Oct 1, 2024
11 of 18 checks passed
@schmelz21 schmelz21 deleted the dj-cidr_hot_fix-WIP branch October 1, 2024 17:34
@schmelz21 schmelz21 restored the dj-cidr_hot_fix-WIP branch October 1, 2024 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@schmelz21 schmelz21 schmelz21 approved these changes

@ameliav ameliav ameliav approved these changes

@aloftus23 aloftus23 Awaiting requested review from aloftus23 aloftus23 is a code owner

@cduhn17 cduhn17 Awaiting requested review from cduhn17 cduhn17 is a code owner

@Matthew-Grayson Matthew-Grayson Awaiting requested review from Matthew-Grayson Matthew-Grayson is a code owner

@nickviola nickviola Awaiting requested review from nickviola nickviola is a code owner

@rapidray12 rapidray12 Awaiting requested review from rapidray12 rapidray12 is a code owner

Assignees

@DJensen94 DJensen94

Labels
backend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DJensen94 @ameliav @schmelz21