Skip to content

Commit fd1b026

Browse files
author
AoZhang
authored
feat(PSP-1220): misc fixes in Azure Agentless cloud provider (#1447)
* fix: adding integration constants and replace ID with Id * feat: add new fields ScanningResourceGroupId and StorageAccountUrl for Azure agentless cloud account * fix: s/resourceGroupId/resourceGroupName/g * fix(PSP-1220): rename subscriptionList, remove is_org
1 parent 29935df commit fd1b026

File tree

2 files changed

+66
-44
lines changed

2 files changed

+66
-44
lines changed

api/cloud_accounts_azure_sidekick.go

Lines changed: 20 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,11 @@
1818

1919
package api
2020

21+
const (
22+
AzureSubscriptionIntegration string = "SUBSCRIPTION"
23+
AzureTenantIntegration string = "TENANT"
24+
)
25+
2126
// GetAzureSidekick gets a single AzureSidekick integration matching the provided integration guid
2227
func (svc *CloudAccountsService) GetAzureSidekick(guid string) (
2328
response AzureSidekickIntegrationResponse,
@@ -61,21 +66,23 @@ type V2AzureSidekickIntegration struct {
6166
}
6267

6368
type AzureSidekickData struct {
64-
Credentials AzureSidekickCredentials `json:"credentials"`
65-
IntegrationLevel string `json:"integrationLevel"` // SUBSCRIPTION or TENANT
66-
ScanningSubscriptionId string `json:"scanningSubscriptionId"`
67-
TenantId string `json:"tenantId"`
68-
BlobContainerName string `json:"blobContainerName"`
69-
SubscriptionList string `json:"subscriptionList,omitempty"`
70-
QueryText string `json:"queryText,omitempty"`
71-
ScanFrequency int `json:"scanFrequency"` // in hours
72-
ScanContainers bool `json:"scanContainers"`
73-
ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
74-
ScanMultiVolume bool `json:"scanMultiVolume"`
75-
ScanStoppedInstances bool `json:"scanStoppedInstances"`
69+
Credentials AzureSidekickCredentials `json:"credentials"`
70+
IntegrationLevel string `json:"integrationLevel"` // SUBSCRIPTION or TENANT
71+
ScanningSubscriptionId string `json:"scanningSubscriptionId"`
72+
TenantId string `json:"tenantId"`
73+
BlobContainerName string `json:"blobContainerName"`
74+
ScanningResourceGroupName string `json:"scanningResourceGroupName"`
75+
StorageAccountUrl string `json:"storageAccountUrl"`
76+
SubscriptionsList string `json:"subscriptionsList,omitempty"`
77+
QueryText string `json:"queryText,omitempty"`
78+
ScanFrequency int `json:"scanFrequency"` // in hours
79+
ScanContainers bool `json:"scanContainers"`
80+
ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`
81+
ScanMultiVolume bool `json:"scanMultiVolume"`
82+
ScanStoppedInstances bool `json:"scanStoppedInstances"`
7683
}
7784

7885
type AzureSidekickCredentials struct {
79-
ClientID string `json:"clientId"`
86+
ClientId string `json:"clientId"`
8087
ClientSecret string `json:"clientSecret,omitempty"`
8188
}

api/cloud_accounts_azure_sidekick_test.go

Lines changed: 46 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -32,35 +32,39 @@ import (
3232
// These two objects are used to test Create, Get and Update operations.
3333
var (
3434
azureSidekickData = api.AzureSidekickData{
35-
IntegrationLevel: "SUBSCRIPTION",
36-
ScanningSubscriptionId: "54321",
37-
TenantId: "98765",
38-
BlobContainerName: "blobContainer",
39-
ScanFrequency: 24,
40-
ScanContainers: true,
41-
ScanHostVulnerabilities: true,
35+
IntegrationLevel: "SUBSCRIPTION",
36+
ScanningSubscriptionId: "54321",
37+
TenantId: "98765",
38+
BlobContainerName: "blobContainer",
39+
ScanningResourceGroupName: "xxxx-xxxx",
40+
StorageAccountUrl: "https://abc.blob.core.windows.net",
41+
ScanFrequency: 24,
42+
ScanContainers: true,
43+
ScanHostVulnerabilities: true,
4244
Credentials: api.AzureSidekickCredentials{
43-
ClientID: "Client123",
45+
ClientId: "Client123",
4446
ClientSecret: "Secret",
4547
},
46-
SubscriptionList: "sub1,sub2",
47-
QueryText: "queryText",
48+
SubscriptionsList: "sub1,sub2",
49+
QueryText: "queryText",
4850
}
4951

5052
azureUpdatedSidekickData = api.AzureSidekickData{
51-
IntegrationLevel: "SUBSCRIPTION",
52-
ScanningSubscriptionId: "updated-54321",
53-
TenantId: "updated-98765",
54-
BlobContainerName: "updated-blobContainer",
55-
ScanFrequency: 12,
56-
ScanContainers: false,
57-
ScanHostVulnerabilities: true,
53+
IntegrationLevel: "SUBSCRIPTION",
54+
ScanningSubscriptionId: "updated-54321",
55+
TenantId: "updated-98765",
56+
BlobContainerName: "updated-blobContainer",
57+
ScanningResourceGroupName: "updated-xxxx-xxxx",
58+
StorageAccountUrl: "https://updated-abc.blob.core.windows.net",
59+
ScanFrequency: 12,
60+
ScanContainers: false,
61+
ScanHostVulnerabilities: true,
5862
Credentials: api.AzureSidekickCredentials{
59-
ClientID: "updated-Client123",
63+
ClientId: "updated-Client123",
6064
ClientSecret: "updated-Secret",
6165
},
62-
SubscriptionList: "updated-sub1,sub2",
63-
QueryText: "updated-queryText",
66+
SubscriptionsList: "updated-sub1,sub2",
67+
QueryText: "updated-queryText",
6468
}
6569
)
6670

@@ -75,11 +79,13 @@ func TestCloudAccountsAzureSidekickCreate(t *testing.T) {
7579
assert.Equal(t, integrationData.ScanningSubscriptionId, "54321")
7680
assert.Equal(t, integrationData.TenantId, "98765")
7781
assert.Equal(t, integrationData.BlobContainerName, "blobContainer")
82+
assert.Equal(t, integrationData.ScanningResourceGroupName, "xxxx-xxxx")
83+
assert.Equal(t, integrationData.StorageAccountUrl, "https://abc.blob.core.windows.net")
7884
assert.Equal(t, integrationData.ScanFrequency, 24)
7985
assert.Equal(t, integrationData.ScanContainers, true)
8086
assert.Equal(t, integrationData.ScanHostVulnerabilities, true)
8187

82-
assert.Equal(t, integrationData.Credentials.ClientID, "Client123")
88+
assert.Equal(t, integrationData.Credentials.ClientId, "Client123")
8389
assert.Equal(t, integrationData.Credentials.ClientSecret, "Secret")
8490
}
8591

@@ -117,12 +123,14 @@ func TestCloudAccountsAzureSidekickGet(t *testing.T) {
117123
assert.Equal(t, "54321", integrationData.ScanningSubscriptionId)
118124
assert.Equal(t, "98765", integrationData.TenantId)
119125
assert.Equal(t, "blobContainer", integrationData.BlobContainerName)
126+
assert.Equal(t, integrationData.ScanningResourceGroupName, "xxxx-xxxx")
127+
assert.Equal(t, integrationData.StorageAccountUrl, "https://abc.blob.core.windows.net")
120128
assert.Equal(t, 24, integrationData.ScanFrequency)
121129
assert.Equal(t, true, integrationData.ScanContainers)
122130
assert.Equal(t, true, integrationData.ScanHostVulnerabilities)
123-
assert.Equal(t, "Client123", integrationData.Credentials.ClientID)
131+
assert.Equal(t, "Client123", integrationData.Credentials.ClientId)
124132
assert.Equal(t, "Secret", integrationData.Credentials.ClientSecret)
125-
assert.Equal(t, "sub1,sub2", integrationData.SubscriptionList)
133+
assert.Equal(t, "sub1,sub2", integrationData.SubscriptionsList)
126134
assert.Equal(t, "queryText", integrationData.QueryText)
127135
assert.Equal(t, "token_"+integration.IntgGuid, integration.ServerToken)
128136
}
@@ -145,8 +153,10 @@ func TestCloudAccountsAzureSidekickUpdate(t *testing.T) {
145153
assert.Contains(t, body, intgGUID, "INTG_GUID missing")
146154
assert.Contains(t, body, "integration_test", "cloud account name is missing")
147155
assert.Contains(t, body, "AzureSidekick", "wrong cloud account type")
148-
assert.Contains(t, body, azureSidekickData.Credentials.ClientID, "wrong client ID")
156+
assert.Contains(t, body, azureSidekickData.Credentials.ClientId, "wrong client ID")
149157
assert.Contains(t, body, azureSidekickData.BlobContainerName, "wrong blob container name")
158+
assert.Contains(t, body, azureSidekickData.ScanningResourceGroupName, "wrong scanning resource group name")
159+
assert.Contains(t, body, azureSidekickData.StorageAccountUrl, "wrong storage account url")
150160
assert.Contains(t, body, "enabled\":1", "cloud account is not enabled")
151161
}
152162

@@ -173,12 +183,14 @@ func TestCloudAccountsAzureSidekickUpdate(t *testing.T) {
173183
assert.Equal(t, "54321", integrationData.ScanningSubscriptionId)
174184
assert.Equal(t, "98765", integrationData.TenantId)
175185
assert.Equal(t, "blobContainer", integrationData.BlobContainerName)
186+
assert.Equal(t, integrationData.ScanningResourceGroupName, "xxxx-xxxx")
187+
assert.Equal(t, integrationData.StorageAccountUrl, "https://abc.blob.core.windows.net")
176188
assert.Equal(t, 24, integrationData.ScanFrequency)
177189
assert.Equal(t, true, integrationData.ScanContainers)
178190
assert.Equal(t, true, integrationData.ScanHostVulnerabilities)
179-
assert.Equal(t, "Client123", integrationData.Credentials.ClientID)
191+
assert.Equal(t, "Client123", integrationData.Credentials.ClientId)
180192
assert.Equal(t, "Secret", integrationData.Credentials.ClientSecret)
181-
assert.Equal(t, "sub1,sub2", integrationData.SubscriptionList)
193+
assert.Equal(t, "sub1,sub2", integrationData.SubscriptionsList)
182194
assert.Equal(t, "queryText", integrationData.QueryText)
183195

184196
// Step 3 - Get Updated data from Fake server
@@ -197,12 +209,14 @@ func TestCloudAccountsAzureSidekickUpdate(t *testing.T) {
197209
assert.Equal(t, "updated-54321", integrationData.ScanningSubscriptionId)
198210
assert.Equal(t, "updated-98765", integrationData.TenantId)
199211
assert.Equal(t, "updated-blobContainer", integrationData.BlobContainerName)
212+
assert.Equal(t, integrationData.ScanningResourceGroupName, "updated-xxxx-xxxx")
213+
assert.Equal(t, integrationData.StorageAccountUrl, "https://updated-abc.blob.core.windows.net")
200214
assert.Equal(t, 12, integrationData.ScanFrequency)
201215
assert.Equal(t, false, integrationData.ScanContainers)
202216
assert.Equal(t, true, integrationData.ScanHostVulnerabilities)
203-
assert.Equal(t, "updated-Client123", integrationData.Credentials.ClientID)
217+
assert.Equal(t, "updated-Client123", integrationData.Credentials.ClientId)
204218
assert.Equal(t, "updated-Secret", integrationData.Credentials.ClientSecret)
205-
assert.Equal(t, "updated-sub1,sub2", integrationData.SubscriptionList)
219+
assert.Equal(t, "updated-sub1,sub2", integrationData.SubscriptionsList)
206220
assert.Equal(t, "updated-queryText", integrationData.QueryText)
207221
}
208222

@@ -219,7 +233,6 @@ func getAzureData(id string, data api.AzureSidekickData) string {
219233
"createdOrUpdatedTime": "2021-06-01T19:28:00.092Z",
220234
"enabled": 1,
221235
"intgGuid": "` + id + `",
222-
"isOrg": 0,
223236
"name": "integration_test",
224237
"state": {
225238
"details": {},
@@ -230,14 +243,16 @@ func getAzureData(id string, data api.AzureSidekickData) string {
230243
"type": "AzureSidekick",
231244
"data": {
232245
"credentials": {
233-
"clientId": "` + data.Credentials.ClientID + `",
246+
"clientId": "` + data.Credentials.ClientId + `",
234247
"clientSecret": "` + data.Credentials.ClientSecret + `"
235248
},
236249
"integrationLevel": "` + data.IntegrationLevel + `",
237250
"scanningSubscriptionId": "` + data.ScanningSubscriptionId + `",
238251
"tenantId": "` + data.TenantId + `",
239252
"blobContainerName": "` + data.BlobContainerName + `",
240-
"subscriptionList": "` + data.SubscriptionList + `",
253+
"scanningResourceGroupName": "` + data.ScanningResourceGroupName + `",
254+
"storageAccountUrl": "` + data.StorageAccountUrl + `",
255+
"SubscriptionsList": "` + data.SubscriptionsList + `",
241256
"queryText": "` + data.QueryText + `",
242257
"scanFrequency": ` + scanFrequency + `,
243258
"scanContainers": ` + scanContainers + `,

0 commit comments

Comments
 (0)