-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(security-command-center): add v2 version of SetMuteUndefinedFinding.java #9589
base: main
Are you sure you want to change the base?
Changes from all commits
2e52501
d7ba71c
9b58abd
5bc470b
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
/* | ||
* Copyright 2024 Google LLC | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package vtwo.muteconfig; | ||
|
||
// [START securitycenter_set_mute_undefined_v2] | ||
|
||
import com.google.cloud.securitycenter.v2.Finding; | ||
import com.google.cloud.securitycenter.v2.Finding.Mute; | ||
import com.google.cloud.securitycenter.v2.SecurityCenterClient; | ||
import com.google.cloud.securitycenter.v2.SetMuteRequest; | ||
import java.io.IOException; | ||
|
||
public class SetMuteUndefinedFinding { | ||
|
||
public static void main(String[] args) throws IOException { | ||
// TODO: Replace the variables within {} | ||
|
||
// findingPath: The relative resource name of the finding. See: | ||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name | ||
// Use any one of the following formats: | ||
// - organizations/{organization_id}/sources/{source_id}/finding/{finding_id} | ||
// - folders/{folder_id}/sources/{source_id}/finding/{finding_id} | ||
// - projects/{project_id}/sources/{source_id}/finding/{finding_id} | ||
String findingPath = "{path-to-the-finding}"; | ||
setMuteUndefined(findingPath); | ||
} | ||
|
||
// Reset mute state of an individual finding. | ||
// If a finding is already reset, resetting it again has no effect. | ||
// Various mute states are: MUTE_UNSPECIFIED/MUTE/UNMUTE/UNDEFINED. | ||
public static Finding setMuteUndefined(String findingPath) throws IOException { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. issue: don't return an object, instead process the result in the sample. See https://googlecloudplatform.github.io/samples-style-guide/#result. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. In this repo's
In #9547, I tried to log information instead of returning a result, as you're suggesting, and I was told to return a result instead. I'd like to keep this code as-is, given that it's consistent with the instructions in this repo. |
||
// Initialize client that will be used to send requests. This client only needs | ||
// to be created once, and can be reused for multiple requests. | ||
try (SecurityCenterClient client = SecurityCenterClient.create()) { | ||
|
||
SetMuteRequest setMuteRequest = | ||
SetMuteRequest.newBuilder() | ||
.setName(findingPath) | ||
.setMute(Mute.UNDEFINED) | ||
.build(); | ||
|
||
Finding finding = client.setMute(setMuteRequest); | ||
System.out.println( | ||
"Mute value for the finding " + finding.getName() + " is: " + finding.getMute()); | ||
return finding; | ||
} | ||
} | ||
} | ||
// [END securitycenter_set_mute_undefined_v2] |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -51,6 +51,7 @@ | |
import vtwo.muteconfig.GetMuteRule; | ||
import vtwo.muteconfig.ListMuteRules; | ||
import vtwo.muteconfig.SetMuteFinding; | ||
import vtwo.muteconfig.SetMuteUndefinedFinding; | ||
import vtwo.muteconfig.SetUnmuteFinding; | ||
import vtwo.muteconfig.UpdateMuteRule; | ||
import vtwo.source.CreateSource; | ||
|
@@ -74,9 +75,8 @@ public class MuteFindingIT { | |
private static ByteArrayOutputStream stdOut; | ||
|
||
@Rule | ||
public final MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule( | ||
MAX_ATTEMPT_COUNT, | ||
INITIAL_BACKOFF_MILLIS); | ||
public final MultipleAttemptsRule multipleAttemptsRule = | ||
new MultipleAttemptsRule(MAX_ATTEMPT_COUNT, INITIAL_BACKOFF_MILLIS); | ||
|
||
// Check if the required environment variables are set. | ||
public static void requireEnvVar(String envVarName) { | ||
|
@@ -104,12 +104,22 @@ public static void setUp() throws IOException, InterruptedException { | |
|
||
// Create findings within the source. | ||
String uuid = UUID.randomUUID().toString().split("-")[0]; | ||
FINDING_1 = CreateFindings.createFinding(ORGANIZATION_ID, LOCATION, "testfindingv2" + uuid, | ||
SOURCE.getName().split("/")[3], Optional.of("MEDIUM_RISK_ONE")); | ||
FINDING_1 = | ||
CreateFindings.createFinding( | ||
ORGANIZATION_ID, | ||
LOCATION, | ||
"testfindingv2" + uuid, | ||
SOURCE.getName().split("/")[3], | ||
Optional.of("MEDIUM_RISK_ONE")); | ||
|
||
uuid = UUID.randomUUID().toString().split("-")[0]; | ||
FINDING_2 = CreateFindings.createFinding(ORGANIZATION_ID, LOCATION, "testfindingv2" + uuid, | ||
SOURCE.getName().split("/")[3], Optional.empty()); | ||
FINDING_2 = | ||
CreateFindings.createFinding( | ||
ORGANIZATION_ID, | ||
LOCATION, | ||
"testfindingv2" + uuid, | ||
SOURCE.getName().split("/")[3], | ||
Optional.empty()); | ||
|
||
stdOut = null; | ||
System.setOut(out); | ||
|
@@ -132,9 +142,7 @@ public static void cleanUp() throws IOException { | |
public static ListFindingsPagedResponse getAllFindings(String sourceName) throws IOException { | ||
try (SecurityCenterClient client = SecurityCenterClient.create()) { | ||
|
||
ListFindingsRequest request = ListFindingsRequest.newBuilder() | ||
.setParent(sourceName) | ||
.build(); | ||
ListFindingsRequest request = ListFindingsRequest.newBuilder().setParent(sourceName).build(); | ||
hegemonic marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
return client.listFindings(request); | ||
} | ||
|
@@ -173,18 +181,20 @@ public void testUpdateMuteRules() throws IOException { | |
} | ||
|
||
@Test | ||
public void testMuteUnmuteFinding() throws IOException { | ||
public void testSetMuteFinding() throws IOException { | ||
Finding finding = SetMuteFinding.setMute(FINDING_1.getName()); | ||
assertThat(finding.getMute()).isEqualTo(Mute.MUTED); | ||
finding = SetUnmuteFinding.setUnmute(FINDING_1.getName()); | ||
assertThat(finding.getMute()).isEqualTo(Mute.UNMUTED); | ||
finding = SetMuteUndefinedFinding.setMuteUndefined(FINDING_1.getName()); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. issue: don't check for a result; instead parse stdout to ensure that something was printed. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'd like to keep this code as-is, given that it's consistent with the instructions in this repo. |
||
assertThat(finding.getMute()).isEqualTo(Mute.UNDEFINED); | ||
} | ||
|
||
@Test | ||
public void testBulkMuteFindings() throws IOException, ExecutionException, InterruptedException { | ||
// Mute findings that belong to this project. | ||
BulkMuteFindings.bulkMute(PROJECT_ID, LOCATION, | ||
String.format("resource.project_display_name=\"%s\"", PROJECT_ID)); | ||
BulkMuteFindings.bulkMute( | ||
PROJECT_ID, LOCATION, String.format("resource.project_display_name=\"%s\"", PROJECT_ID)); | ||
|
||
// Get all findings in the source to check if they are muted. | ||
ListFindingsPagedResponse response = | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue: rename to
v2.muteconfig
.question: I see that there is a
muteconfig
package already in the parent java/ folder. How do we plan to disambiguate between the two packages?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Every existing file under
security-command-center/snippets/src/main/java/vtwo
follows the naming convention that I've used here. The existing files all use a package name that starts withvtwo
, notv2
. Also, the existing files often have package names that overlap with the parentjava/
folder.Can I ask that you allow me to add this sample with the package name
vtwo.muteconfig
, and that you work with the sample owners (the Security Command Center product team) to improve the package names as a follow-on task?@owenhuyn FYI.