Skip to content

Commit

Permalink
Merge pull request #1171 from jhrozek/rem_params
Browse files Browse the repository at this point in the history
engine: Pass params to the remediate interface, too
  • Loading branch information
jhrozek authored Oct 11, 2023
2 parents 8d08d8b + bf74d84 commit 696eef6
Show file tree
Hide file tree
Showing 5 changed files with 58 additions and 5 deletions.
7 changes: 6 additions & 1 deletion internal/engine/interfaces/interface.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,5 +83,10 @@ func ActionOptFromString(s *string) ActionOpt {

// Remediator is the interface for a rule type remediator
type Remediator interface {
Remediate(ctx context.Context, remAction ActionOpt, ent protoreflect.ProtoMessage, pol map[string]any) error
Remediate(
ctx context.Context,
remAction ActionOpt,
ent protoreflect.ProtoMessage,
pol map[string]any,
params map[string]any) error
}
1 change: 1 addition & 0 deletions internal/engine/remediate/noop/noop.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ func (_ *Remediator) Remediate(
_ interfaces.ActionOpt,
_ protoreflect.ProtoMessage,
_ map[string]any,
_ map[string]any,
) error {
return enginerr.ErrRemediationNotAvailable
}
4 changes: 4 additions & 0 deletions internal/engine/remediate/rest/rest.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,8 @@ type EndpointTemplateParams struct {
Entity any
// Profile are the parameters to be used in the template
Profile map[string]any
// Params are the rule instance parameters
Params map[string]any
}

// Remediate actually performs the remediation
Expand All @@ -108,10 +110,12 @@ func (r *Remediator) Remediate(
remAction interfaces.ActionOpt,
ent protoreflect.ProtoMessage,
pol map[string]any,
params map[string]any,
) error {
retp := &EndpointTemplateParams{
Entity: ent,
Profile: pol,
Params: params,
}

endpoint := new(bytes.Buffer)
Expand Down
45 changes: 44 additions & 1 deletion internal/engine/remediate/rest/rest_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,7 @@ func TestRestRemediate(t *testing.T) {
remAction interfaces.ActionOpt
ent protoreflect.ProtoMessage
pol map[string]any
params map[string]any
}

type newRestRemediateArgs struct {
Expand Down Expand Up @@ -255,6 +256,48 @@ func TestRestRemediate(t *testing.T) {
},
wantErr: false,
},
{
name: "valid remediate expanding a branch from parameters",
newRemArgs: newRestRemediateArgs{
restCfg: &pb.RestType{
Endpoint: `/repos/{{.Entity.Owner}}/{{.Entity.Name}}/branches/{{ index .Params "branch" }}/protection`,
Body: &bodyTemplateWithVars,
Method: http.MethodPut,
},
},
remArgs: remediateArgs{
remAction: interfaces.ActionOptOn,
ent: &pb.Repository{
Owner: "OwnerVar",
Name: "NameVar",
RepoId: 456,
},
pol: map[string]any{
"allowed_actions": "selected",
},
params: map[string]any{
"branch": "main",
},
},
testHandler: func(writer http.ResponseWriter, request *http.Request) {
assert.Equal(t, "/repos/OwnerVar/NameVar/branches/main/protection", request.URL.Path, "unexpected path")
assert.Equal(t, http.MethodPut, request.Method, "unexpected method")

var requestBody struct {
Enabled bool `json:"enabled"`
AllowedActions string `json:"allowed_actions"`
}

err := json.NewDecoder(request.Body).Decode(&requestBody)
assert.NoError(t, err, "unexpected error decoding body")
assert.Equal(t, true, requestBody.Enabled, "unexpected enabled")
assert.Equal(t, "selected", requestBody.AllowedActions, "unexpected allowed actions")

defer request.Body.Close()
writer.WriteHeader(http.StatusOK)
},
wantErr: false,
},
{
name: "valid dry run",
newRemArgs: newRestRemediateArgs{
Expand Down Expand Up @@ -341,7 +384,7 @@ func TestRestRemediate(t *testing.T) {
require.NoError(t, err, "unexpected error creating remediate engine")
require.NotNil(t, engine, "expected non-nil remediate engine")

err = engine.Remediate(context.Background(), tt.remArgs.remAction, tt.remArgs.ent, tt.remArgs.pol)
err = engine.Remediate(context.Background(), tt.remArgs.remAction, tt.remArgs.ent, tt.remArgs.pol, tt.remArgs.params)
if tt.wantErr {
require.Error(t, err, "expected error")
return
Expand Down
6 changes: 3 additions & 3 deletions internal/engine/rule_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -252,15 +252,15 @@ func (r *RuleTypeEngine) Eval(

evalErr = r.reval.Eval(ctx, pol, result)

remediateErr = r.tryRemediate(ctx, ent, pol, remAction, evalErr)
remediateErr = r.tryRemediate(ctx, ent, pol, params, remAction, evalErr)

return evalErr, remediateErr
}

func (r *RuleTypeEngine) tryRemediate(
ctx context.Context,
ent protoreflect.ProtoMessage,
pol map[string]any,
pol, params map[string]any,
remAction engif.ActionOpt,
evalErr error,
) error {
Expand All @@ -271,7 +271,7 @@ func (r *RuleTypeEngine) tryRemediate(
return evalerrors.ErrRemediationSkipped
}

return r.rrem.Remediate(ctx, remAction, ent, pol)
return r.rrem.Remediate(ctx, remAction, ent, pol, params)
}

func (r *RuleTypeEngine) shouldRemediate(remAction engif.ActionOpt, evalErr error) (bool, error) {
Expand Down

0 comments on commit 696eef6

Please sign in to comment.