Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add DRAGONFLY_ prefix to mainframe environment variables #329

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -160,3 +160,6 @@ cython_debug/
.idea/

.pdm-python

.envrc
.direnv/
14 changes: 7 additions & 7 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -134,15 +134,15 @@ Alternatively, you'll want to run PostgreSQL locally or in a container, and run
You'll need to have the following environment variables set.
| Environment Variable | Type | Default | Description |
|---------------------------|------|---------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `AUTH0_DOMAIN` | str | "vipyrsec.us.auth0.com" | Authentication domain for Auth0 |
| `AUTH0_AUDIENCE` | str | "dragonfly.vipyrsec.com" | Audience field for Auth0 |
| `DRAGONFLY_AUTH0_DOMAIN` | str | "vipyrsec.us.auth0.com" | Authentication domain for Auth0 |
| `DRAGONFLY_AUTH0_AUDIENCE` | str | "dragonfly.vipyrsec.com" | Audience field for Auth0 |
| `DRAGONFLY_GITHUB_TOKEN` | str | | Github PAT for accessing YARA rules in the security-intelligence repository |
| `JOB_TIMEOUT` | int | 60 \* 2 | The maximum time to wait for clients to respond with job results. After this time has elapsed, the server will begin distributing this job to other clients |
| `DRAGONFLY_JOB_TIMEOUT` | int | 60 \* 2 | The maximum time to wait for clients to respond with job results. After this time has elapsed, the server will begin distributing this job to other clients |
| | | | |
| `REPORTER_URL` | str | "" | The url of the reporter microservice |
| `DB_URL` | str | "postgresql+psycopg2://postgres:postgres@localhost:5432" | PostgreSQL database connection string |
| `DB_CONNECTION_POOL_MAX_SIZE` | int | 15 | The max number of concurrent database connections |
| `DB_CONNECTION_POOL_PERSISTENT_SIZE` | int | 5 | The number of concurrent database connections to maintain in the connection pool |
| `DRAGONFLY_REPORTER_URL` | str | "" | The url of the reporter microservice |
| `DRAGONFLY_DB_URL` | str | "postgresql+psycopg2://postgres:postgres@localhost:5432" | PostgreSQL database connection string |
| `DRAGONFLY_DB_CONNECTION_POOL_MAX_SIZE` | int | 15 | The max number of concurrent database connections |
| `DRAGONFLY_DB_CONNECTION_POOL_PERSISTENT_SIZE` | int | 5 | The number of concurrent database connections to maintain in the connection pool |
| | | | |
| `SENTRY_DSN` | str | "" | Sentry Data Source Name (DSN) |
| `SENTRY_ENVIRONMENT` | str | "" | Sentry environment |
Expand Down
4 changes: 3 additions & 1 deletion alembic/env.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,9 @@
load_dotenv()

# modify the config here because ConfigParser can't handle default values
config.set_main_option("sqlalchemy.url", os.getenv("DB_URL", "postgresql+psycopg2://postgres:postgres@localhost:5432"))
config.set_main_option(
"sqlalchemy.url", os.getenv("DRAGONFLY_DB_URL", "postgresql+psycopg2://postgres:postgres@localhost:5432")
)

# Interpret the config file for Python logging.
# This line sets up loggers basically.
Expand Down
2 changes: 1 addition & 1 deletion compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ services:
tty: true
restart: always
environment:
DB_URL: "postgresql+psycopg2://postgres:postgres@db:5432/dragonfly"
DRAGONFLY_DB_URL: "postgresql+psycopg2://postgres:postgres@db:5432/dragonfly"
MICROSOFT_TENANT_ID: tenant_id
MICROSOFT_CLIENT_ID: client_id
MICROSOFT_CLIENT_SECRET: client_secret
Expand Down
4 changes: 2 additions & 2 deletions src/mainframe/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ class EnvConfig(BaseSettings):
)


class Mainframe(EnvConfig):
class Mainframe(EnvConfig, env_prefix="dragonfly_"):
client_origin_url: str = ""
auth0_domain: str = ""
auth0_audience: str = ""
Expand All @@ -30,7 +30,7 @@ class Mainframe(EnvConfig):
db_connection_pool_persistent_size: int = 5
"""The number of concurrent connections to maintain in the connection pool"""

dragonfly_github_token: str
github_token: str

job_timeout: int = 60 * 2

Expand Down
2 changes: 1 addition & 1 deletion src/mainframe/rules.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ def fetch_zipfile(http_client: httpx.Client, *, repository: str, access_token: s
def fetch_rules(http_client: httpx.Client) -> Rules:
"""Return the commit hash and all the rules"""

access_token = mainframe_settings.dragonfly_github_token
access_token = mainframe_settings.github_token

commit_hash = fetch_commit_hash(http_client, repository=REPOSITORY, access_token=access_token)

Expand Down
2 changes: 1 addition & 1 deletion tests/test_rules.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ def test_fetch_rules(monkeypatch: MonkeyPatch):
for filename, contents in files.items():
zip.writestr(filename + ".yara", contents)

monkeypatch.setattr("mainframe.constants.mainframe_settings.dragonfly_github_token", "token")
monkeypatch.setattr("mainframe.constants.mainframe_settings.github_token", "token")
monkeypatch.setattr("mainframe.rules.fetch_commit_hash", Mock(return_value="test commit hash"))
monkeypatch.setattr("mainframe.rules.fetch_zipfile", Mock(return_value=zip))

Expand Down
Loading