-
Notifications
You must be signed in to change notification settings - Fork 42
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Implement Azure benchmark * Fixing CR * fixes * [CloudFormation] Verify installation of cfn-signal (#1328) * Bump magefile/mage-action from 2 to 3 in /.github/workflows (#1333) Bumps [magefile/mage-action](https://github.com/magefile/mage-action) from 2 to 3. - [Release notes](https://github.com/magefile/mage-action/releases) - [Commits](magefile/mage-action@v2...v3) --- updated-dependencies: - dependency-name: magefile/mage-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * go.mod: Organize require blocks and update SDKs (#1330) * Organize go.mod require blocks * Update SDKs * Remove go-errors/errors usage * [CIS GCP] Add log bucket type to asset fetcher (#1327) * add log bucket type * bump cis policies version * Rename factory package to preset (#1334) * pre-commit: golangci-lint: Auto fix supported failures (#1336) * Create a dedicated AWS organization preset (#1335) * factory.NewCisAzureFactory * Remove extra build step (#1337) * AWS CSPM Resources add ECS data (#1312) * Populate vulnerability.reference with a link to NVD (#1303) * opulate vulnerability.reference with a link to NVD * revert the if statemenet * [Cloud Security] [Telemetry] fix package policy vars to use posture field (#1325) fix package policy vars to use posture field * Use branches to get bundles (#1332) * Refactor to be compatible with main and fix compilation * Fixing linter * Adding unit tests --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Orestis Floros <[email protected]> Co-authored-by: Amir Ben Nun <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Uri Weisman <[email protected]> Co-authored-by: Or Ouziel <[email protected]> Co-authored-by: Maxim Kholod <[email protected]> Co-authored-by: Lola <[email protected]>
- Loading branch information
1 parent
8b5a8b8
commit 92f8978
Showing
3 changed files
with
226 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
// Licensed to Elasticsearch B.V. under one or more contributor | ||
// license agreements. See the NOTICE file distributed with | ||
// this work for additional information regarding copyright | ||
// ownership. Elasticsearch B.V. licenses this file to you under | ||
// the Apache License, Version 2.0 (the "License"); you may | ||
// not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, | ||
// software distributed under the License is distributed on an | ||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
// KIND, either express or implied. See the License for the | ||
// specific language governing permissions and limitations | ||
// under the License. | ||
|
||
package benchmark | ||
|
||
import ( | ||
"context" | ||
"errors" | ||
"fmt" | ||
|
||
"github.com/elastic/elastic-agent-libs/logp" | ||
|
||
"github.com/elastic/cloudbeat/config" | ||
"github.com/elastic/cloudbeat/dataprovider" | ||
"github.com/elastic/cloudbeat/dataprovider/providers/cloud" | ||
"github.com/elastic/cloudbeat/flavors/benchmark/builder" | ||
"github.com/elastic/cloudbeat/resources/fetching" | ||
"github.com/elastic/cloudbeat/resources/fetching/preset" | ||
"github.com/elastic/cloudbeat/resources/fetching/registry" | ||
"github.com/elastic/cloudbeat/resources/providers/azurelib/auth" | ||
"github.com/elastic/cloudbeat/resources/providers/azurelib/inventory" | ||
) | ||
|
||
type Azure struct { | ||
CfgProvider auth.ConfigProviderAPI | ||
inventoryInitializer inventory.ProviderInitializerAPI | ||
} | ||
|
||
func (a *Azure) Run(context.Context) error { return nil } | ||
|
||
func (a *Azure) NewBenchmark(ctx context.Context, log *logp.Logger, cfg *config.Config) (builder.Benchmark, error) { | ||
resourceCh := make(chan fetching.ResourceInfo, resourceChBufferSize) | ||
reg, bdp, _, err := a.initialize(ctx, log, cfg, resourceCh) | ||
if err != nil { | ||
return nil, err | ||
} | ||
|
||
return builder.New( | ||
builder.WithBenchmarkDataProvider(bdp), | ||
).Build(ctx, log, cfg, resourceCh, reg) | ||
} | ||
|
||
func (a *Azure) initialize(ctx context.Context, log *logp.Logger, _ *config.Config, ch chan fetching.ResourceInfo) (registry.Registry, dataprovider.CommonDataProvider, dataprovider.IdProvider, error) { | ||
if err := a.checkDependencies(); err != nil { | ||
return nil, nil, nil, err | ||
} | ||
|
||
azureConfig, err := a.CfgProvider.GetAzureClientConfig() | ||
if err != nil { | ||
return nil, nil, nil, fmt.Errorf("failed to initialize azure config: %w", err) | ||
} | ||
|
||
assetProvider, err := a.inventoryInitializer.Init(ctx, log, *azureConfig) | ||
if err != nil { | ||
return nil, nil, nil, fmt.Errorf("failed to initialize azure asset inventory: %v", err) | ||
} | ||
|
||
fetchers, err := preset.NewCisAzureFactory(log, ch, assetProvider) | ||
if err != nil { | ||
return nil, nil, nil, fmt.Errorf("failed to initialize azure fetchers: %v", err) | ||
} | ||
|
||
return registry.NewRegistry(log, registry.WithFetchersMap(fetchers)), | ||
cloud.NewDataProvider(cloud.WithLogger(log)), | ||
nil, | ||
nil | ||
} | ||
|
||
func (a *Azure) checkDependencies() error { | ||
if a.CfgProvider == nil { | ||
return errors.New("azure config provider is uninitialized") | ||
} | ||
|
||
if a.inventoryInitializer == nil { | ||
return errors.New("azure asset inventory is uninitialized") | ||
} | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,123 @@ | ||
// Licensed to Elasticsearch B.V. under one or more contributor | ||
// license agreements. See the NOTICE file distributed with | ||
// this work for additional information regarding copyright | ||
// ownership. Elasticsearch B.V. licenses this file to you under | ||
// the Apache License, Version 2.0 (the "License"); you may | ||
// not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, | ||
// software distributed under the License is distributed on an | ||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
// KIND, either express or implied. See the License for the | ||
// specific language governing permissions and limitations | ||
// under the License. | ||
|
||
package benchmark | ||
|
||
import ( | ||
"errors" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/mock" | ||
|
||
"github.com/elastic/cloudbeat/config" | ||
"github.com/elastic/cloudbeat/resources/providers/azurelib/auth" | ||
"github.com/elastic/cloudbeat/resources/providers/azurelib/inventory" | ||
) | ||
|
||
func TestAzure_Initialize(t *testing.T) { | ||
baseAzureConfig := config.Config{ | ||
CloudConfig: config.CloudConfig{}, | ||
} | ||
validAzureConfig := baseAzureConfig | ||
|
||
tests := []struct { | ||
name string | ||
configProvider auth.ConfigProviderAPI | ||
inventoryInitializer inventory.ProviderInitializerAPI | ||
cfg config.Config | ||
want []string | ||
wantErr string | ||
}{ | ||
{ | ||
name: "config provider error", | ||
cfg: baseAzureConfig, | ||
configProvider: mockAzureCfgProvider(errors.New("some error")), | ||
inventoryInitializer: mockAzureInventoryInitializerService(nil), | ||
wantErr: "some error", | ||
}, | ||
{ | ||
name: "inventory init error", | ||
cfg: validAzureConfig, | ||
configProvider: mockAzureCfgProvider(nil), | ||
inventoryInitializer: mockAzureInventoryInitializerService(errors.New("some error")), | ||
wantErr: "some error", | ||
}, | ||
{ | ||
name: "no error", | ||
cfg: validAzureConfig, | ||
configProvider: mockAzureCfgProvider(nil), | ||
inventoryInitializer: mockAzureInventoryInitializerService(nil), | ||
want: []string{ | ||
"azure_cloud_assets_fetcher", | ||
}, | ||
}, | ||
{ | ||
name: "no inventory initializer", | ||
cfg: validAzureConfig, | ||
configProvider: mockAzureCfgProvider(nil), | ||
inventoryInitializer: nil, | ||
wantErr: "azure asset inventory is uninitialized", | ||
}, | ||
{ | ||
name: "no config provider", | ||
cfg: validAzureConfig, | ||
configProvider: nil, | ||
inventoryInitializer: mockAzureInventoryInitializerService(nil), | ||
wantErr: "azure config provider is uninitialized", | ||
}, | ||
} | ||
for _, tt := range tests { | ||
t.Run(tt.name, func(t *testing.T) { | ||
tt := tt | ||
t.Parallel() | ||
|
||
testInitialize(t, &Azure{ | ||
CfgProvider: tt.configProvider, | ||
inventoryInitializer: tt.inventoryInitializer, | ||
}, &tt.cfg, tt.wantErr, tt.want) | ||
}) | ||
} | ||
} | ||
|
||
func mockAzureCfgProvider(err error) auth.ConfigProviderAPI { | ||
cfgProvider := &auth.MockConfigProviderAPI{} | ||
on := cfgProvider.EXPECT().GetAzureClientConfig() | ||
if err == nil { | ||
on.Return( | ||
&auth.AzureFactoryConfig{}, | ||
nil, | ||
) | ||
} else { | ||
on.Return(nil, err) | ||
} | ||
return cfgProvider | ||
} | ||
|
||
func mockAzureInventoryInitializerService(err error) inventory.ProviderInitializerAPI { | ||
initializer := &inventory.MockProviderInitializerAPI{} | ||
inventoryService := &inventory.MockServiceAPI{} | ||
initializerMock := initializer.EXPECT().Init(mock.Anything, mock.Anything, mock.Anything) | ||
if err == nil { | ||
initializerMock.Return( | ||
inventoryService, | ||
nil, | ||
) | ||
} else { | ||
initializerMock.Return(nil, err) | ||
} | ||
return initializer | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters