From 8f84ca3317df75b335d32a1e3c9f62f10e3041c6 Mon Sep 17 00:00:00 2001 From: penenadpi <penenadpi@gmail.com> Date: Tue, 20 Sep 2022 14:55:09 +0200 Subject: [PATCH] Improved connection error handling for MongoDB interface Added API call to enable/disable persistence Dumping order fix Typos fixed --- install-checks.sh | 7 ------- src/iac_scan_runner/api.py | 20 +++++++++++++++++++- src/iac_scan_runner/results_persistence.py | 18 ++++++++++++++---- src/iac_scan_runner/scan_runner.py | 21 +++++++++++++-------- 4 files changed, 46 insertions(+), 20 deletions(-) diff --git a/install-checks.sh b/install-checks.sh index d459ae5..9806812 100755 --- a/install-checks.sh +++ b/install-checks.sh @@ -151,12 +151,6 @@ installSonarScannerIfNot() { fi } -# TODO: Add docker-compose.yml configuration -runMongoDocker(){ - docker rm --force scannerdb - docker run --name scannerdb -d -p 27017:27017 mongo -} - # call the functions above to install all the necessary tools createAndActivateVenvDirIfNot createDirIfNot "${TOOLS_DIR}" @@ -180,4 +174,3 @@ installTfsecIfNot installTerrascanIfNot installSonarScannerIfNot removeDir "${TMP_DIR}" -runMongoDocker diff --git a/src/iac_scan_runner/api.py b/src/iac_scan_runner/api.py index 9d0e5a5..352ec07 100644 --- a/src/iac_scan_runner/api.py +++ b/src/iac_scan_runner/api.py @@ -202,4 +202,22 @@ async def delete_scan_result(uuid: str) -> JSONResponse: return JSONResponse(status_code=status.HTTP_200_OK, content=f"No such scan result {uuid}") except Exception as e: return JSONResponse(status_code=status.HTTP_400_BAD_REQUEST, content=str(e)) - + + +@app.put("/persistence_enabler/{enable}", summary="Delete particular scan result by given uuid", responses={200: {}, 400: {"model": str}}) +async def persistence_enable(enable: str) -> JSONResponse: + """ + Delete a particular scan result (GET method) + :param uuid: Identifier of a scan record in database + :return: JSONResponse object (with status code 200 or 400) + """ + try: + if(enable == "disable"): + scan_runner.persistence_enabled = False + else: + scan_runner.persistence_enabled = True + + return JSONResponse(status_code=status.HTTP_200_OK, content=f"Persistence enable: {enable}") + + except Exception as e: + return JSONResponse(status_code=status.HTTP_400_BAD_REQUEST, content=str(e)) diff --git a/src/iac_scan_runner/results_persistence.py b/src/iac_scan_runner/results_persistence.py index 0c3f5d2..d70c22e 100644 --- a/src/iac_scan_runner/results_persistence.py +++ b/src/iac_scan_runner/results_persistence.py @@ -3,16 +3,26 @@ import bson.json_util as json_util from bson.json_util import dumps import json from datetime import datetime - +import os class ResultsPersistence: def __init__(self): """ Initialize new scan result database, collection and client """ - self.myclient = pymongo.MongoClient("mongodb://localhost:27017/") - self.mydb = self.myclient["scandb"] - self.mycol = self.mydb["results"] + + try: + connection_string = os.environ['MONGO_STRING'] + print(connection_string) + self.myclient = pymongo.MongoClient(connection_string) + self.mydb = self.myclient["scandb"] + self.mycol = self.mydb["results"] + self.connection_problem = False + + except Exception as e: + print("Scan result persistence not available") + self.connection_problem = True + def parse_json(self, data): return json.loads(json_util.dumps(data)) diff --git a/src/iac_scan_runner/scan_runner.py b/src/iac_scan_runner/scan_runner.py index 65e34c5..3f61f65 100644 --- a/src/iac_scan_runner/scan_runner.py +++ b/src/iac_scan_runner/scan_runner.py @@ -52,9 +52,10 @@ class ScanRunner: self.iac_checks = {} self.iac_dir = None self.compatibility_matrix = Compatibility() - self.results_summary = ResultsSummary() + self.results_summary = ResultsSummary() + self.archive_name = "" + self.persistence_enabled = True self.results_persistence = ResultsPersistence() - self.archive_name = "" def init_checks(self): """Initiate predefined check objects""" @@ -166,14 +167,16 @@ class ScanRunner: non_compatible_checks.append(check.name) write_string_to_file(check.name, dir_name, "No files to scan") self.results_summary.summarize_no_files(check.name) - self.results_summary.dump_outcomes(random_uuid) + self.results_summary.generate_html_prioritized(random_uuid) self.results_summary.outcomes["uuid"] = random_uuid self.results_summary.outcomes["archive"] = self.archive_name self.results_summary.outcomes["time"] = datetime.now().strftime("%m/%d/%Y, %H:%M:%S") - - self.results_persistence.insert_result(self.results_summary.outcomes) + self.results_summary.dump_outcomes(random_uuid) + + if(self.results_persistence.connection_problem == False and self.persistence_enabled == True): + self.results_persistence.insert_result(self.results_summary.outcomes) else: for iac_check in self.iac_checks.values(): @@ -187,14 +190,16 @@ class ScanRunner: non_compatible_checks.append(iac_check.name) write_string_to_file(iac_check.name, dir_name, "No files to scan") self.results_summary.summarize_no_files(iac_check.name) - self.results_summary.dump_outcomes(random_uuid) + self.results_summary.generate_html_prioritized(random_uuid) self.results_summary.outcomes["uuid"] = random_uuid self.results_summary.outcomes["archive"] = self.archive_name self.results_summary.outcomes["time"] = datetime.now().strftime("%m/%d/%Y, %H:%M:%S") - - self.results_persistence.insert_result(self.results_summary.outcomes) + self.results_summary.dump_outcomes(random_uuid) + + if(self.results_persistence.connection_problem == False and self.persistence_enabled == True): + self.results_persistence.insert_result(self.results_summary.outcomes) # TODO: Discuss the format of this output if scan_response_type == ScanResponseType.json: -- GitLab