PagerDuty notifier is configurable by check within an accreditation (#59)

xinivanchen · web-flow · commit 77453a0b6b20 · 2020-09-03T15:54:50.000-05:00
Signed-off-by: xinivanchen &lt;xin.ivan.chen@ibm.com&gt;
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,5 +1,6 @@
-# UNRELEASED
-
+# 1.4.0
+ 
+- [IMPROVED] PagerDuty notifier can send alerts for a subset of the accreditation checks based on the config.
 - [NEW] Added warning for possible sensitive information contained within notifications.
 
 # 1.3.0
diff --git a/compliance/__init__.py b/compliance/__init__.py
@@ -14,4 +14,4 @@
 # limitations under the License.
 """Compliance automation package."""
 
-__version__ = '1.3.0'
+__version__ = '1.4.0'
diff --git a/compliance/notify.py b/compliance/notify.py
@@ -892,6 +892,16 @@ def notify(self):
         for accreditation, desc in messages:
             if accreditation not in self._config or not desc:
                 continue
+            # determine if we should page for all failing checks in this
+            # accreditation, or only a subset defined in the config.
+            # The config can either be a string of the PD service ID,
+            # or a dictionary containing additional config details, including
+            # the optional list of checks.
+            all_checks, pd_checks = True, []
+            if (isinstance(self._config[accreditation], dict)
+                    and 'checks' in self._config[accreditation]):
+                all_checks = False
+                pd_checks = self._config[accreditation]['checks'] or []
 
             # get all current PD alerts
             alerts = self._get_alerts(accreditation)
@@ -900,6 +910,10 @@ def notify(self):
             passed, failed, warned, errored = self._split_by_status(desc)
 
             for test_id, test_desc, msg in (failed + errored):
+                # is the check in scope?
+                if not all_checks and test_id not in pd_checks:
+                    continue
+
                 summary, body = self._get_summary_and_body(
                     test_desc,
                     msg,
@@ -935,7 +949,8 @@ def notify(self):
                 self._resolve_alert(test_id, test_desc, msg, accreditation)
 
     def _get_alerts(self, accreditation):
-        pd_service = self._config[accreditation]
+        conf = self._config[accreditation]
+        pd_service = conf['service_id'] if isinstance(conf, dict) else conf
 
         # Get all triggered alerts
         # NOTE: statuses[]=triggered is supposed to work, but doesn't
diff --git a/compliance/utils/services/pagerduty.py b/compliance/utils/services/pagerduty.py
@@ -15,7 +15,7 @@
 """Compliance Pagerduty service helper."""
 
 import json
-from urllib.parse import urlparse
+from urllib.parse import urljoin
 
 from compliance.utils.credentials import Config
 
@@ -36,7 +36,7 @@ def _init_request(path, params, headers, creds):
     if headers:
         hdrs.update(headers)
     params = params or {}
-    url = urlparse.urljoin(PAGERDUTY_API_URL, path)
+    url = urljoin(PAGERDUTY_API_URL, path)
     return url, params, hdrs
 
 
diff --git a/doc-source/credentials-example.cfg b/doc-source/credentials-example.cfg
@@ -8,3 +8,8 @@ token=XXX
 [slack]
 webhook=XXX
 # token=XXX  # can be used instead of webhook
+
+# Token for PagerDuty notifications
+[pagerduty]
+api_key=XXX
+events_integration_key=XXX
diff --git a/doc-source/notifiers.rst b/doc-source/notifiers.rst
@@ -151,6 +151,44 @@ Channel ID ``11223344`` can be obtained quickly from the URL to a
 message of the target private channel. Of course, the Slack App needs
 to be part of the private channel.
 
+PagerDuty
+---------
+
+This configurable notifier will send alerts to PagerDuty.
+The following is an example configuration for this notifier
+to be added to a configuration file and used with the ``pagerduty``
+option when executing your compliance checks.
+
+Note that you have two options to configure the PagerDuty notifier:
+
+* Provide a list of checks by class path within an accreditation. This allows you 
+to define which checks within the accreditation will trigger PageDuty notifications::
+
+  {
+    "pagerduty": {
+      "my.accred1": {
+        "service_id": "SERVICE_ID",
+        "checks": [
+          "package.category.checks.test_module_one.CheckClassOne",
+          "package.category.checks.test_module_two.CheckClassTwo"
+        ]
+      }
+    }
+  }
+
+* Provide accreditations only and the notifier will send alerts for all checks with those
+accreditations::
+
+  {
+    "pagerduty": {
+      "my.accred1": "SERVICE_ID" 
+    }
+  }
+
+Note that the ``service_id`` field is the service id from PagerDuty, e.g. ``PABC123``.
+The PagerDuty notifier loads the active incidents to determine if
+it needs to create a new incident or update an existing one by using the ``service_id``.
+
 GitHub Issue
 ------------
 
