Skip to content

Commit

Permalink
feat: updated configs collect for mysql
Browse files Browse the repository at this point in the history
  • Loading branch information
@1101-1
1101-1 committed Aug 2, 2024
1 parent 3410e81 commit 932a34b
Show file tree
Hide file tree
Showing 2 changed files with 117 additions and 132 deletions.
99 changes: 58 additions & 41 deletions plugins/azure/fix_plugin_azure/resource/mysql.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
GraphBuilder,
MicrosoftResource,
AzureSystemData,
MicrosoftResourceType,
)
from fix_plugin_azure.resource.microsoft_graph import MicrosoftGraphServicePrincipal, MicrosoftGraphUser
from fixlib.baseresources import (
Expand All @@ -21,7 +22,7 @@
ModelReference,
)
from fixlib.graph import BySearchCriteria
from fixlib.json_bender import K, AsBool, Bender, S, ForallBend, Bend, MapEnum, MapValue
from fixlib.json_bender import K, Bender, S, ForallBend, Bend, MapEnum, MapValue
from fixlib.types import Json

service_name = "azure_mysql"
Expand Down Expand Up @@ -314,43 +315,61 @@ def collect(
return result


def from_str_to_typed(config_type: str, value: str) -> Any:
def set_bool(val: str) -> bool:
if val == "ON":
return True
return False

type_mapping = {
"Enumeration": lambda x: set_bool(x) if x in ["ON", "OFF"] else str(x),
"Integer": int,
"Numeric": float,
"Set": lambda x: x.split(","),
"String": str,
}
try:
return type_mapping[config_type](value) # type: ignore
except Exception as e:
log.warning(f"An error occured while defining type of configuration value: {e}")
return None


@define(eq=False, slots=False)
class AzureMysqlServerConfiguration(MicrosoftResource):
kind: ClassVar[str] = "azure_mysql_server_configuration"
# Collect via AzureMysqlServer()
mapping: ClassVar[Dict[str, Bender]] = {
"id": S("id"),
"tags": S("tags", default={}),
"name": S("name"),
"system_data": S("systemData") >> Bend(AzureSystemData.mapping),
"type": S("type"),
"ctime": S("systemData", "createdAt"),
"mtime": S("systemData", "lastModifiedAt"),
"allowed_values": S("properties", "allowedValues"),
"current_value": S("properties", "currentValue"),
"data_type": S("properties", "dataType"),
"default_value": S("properties", "defaultValue"),
"description": S("properties", "description"),
"documentation_link": S("properties", "documentationLink"),
"is_config_pending_restart": S("properties", "isConfigPendingRestart") >> AsBool(),
"is_dynamic_config": S("properties", "isDynamicConfig") >> AsBool(),
"is_read_only": S("properties", "isReadOnly") >> AsBool(),
"source": S("properties", "source"),
"value": S("properties", "value"),
}
allowed_values: Optional[str] = field(default=None, metadata={'description': 'Allowed values of the configuration.'}) # fmt: skip
current_value: Optional[str] = field(default=None, metadata={"description": "Current value of the configuration."})
data_type: Optional[str] = field(default=None, metadata={"description": "Data type of the configuration."})
default_value: Optional[str] = field(default=None, metadata={"description": "Default value of the configuration."})
description: Optional[str] = field(default=None, metadata={"description": "Description of the configuration."})
documentation_link: Optional[str] = field(default=None, metadata={'description': 'The link used to get the document from community or Azure site.'}) # fmt: skip
is_config_pending_restart: Optional[bool] = field(default=None, metadata={'description': 'If is the configuration pending restart or not.'}) # fmt: skip
is_dynamic_config: Optional[bool] = field(default=None, metadata={'description': 'If is the configuration dynamic.'}) # fmt: skip
is_read_only: Optional[bool] = field(default=None, metadata={"description": "If is the configuration read only."})
source: Optional[str] = field(default=None, metadata={"description": "Source of the configuration."})
value: Optional[str] = field(default=None, metadata={"description": "Value of the configuration."})
system_data: Optional[AzureSystemData] = field(default=None, metadata={'description': 'Metadata pertaining to creation and last modification of the resource.'}) # fmt: skip
type: Optional[str] = field(default=None, metadata={'description': 'The type of the resource. E.g. Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts '}) # fmt: skip
config: Json = field(factory=dict)

@classmethod
def collect(
cls: Type[MicrosoftResourceType],
raw: List[Json],
builder: GraphBuilder,
) -> List[MicrosoftResourceType]:
if not raw:
return []
server_id = raw[0].get("serverID")
if not server_id:
return []
configuration_instance = cls(id=server_id)
if isinstance(configuration_instance, AzureMysqlServerConfiguration):
for js in raw:
properties = js.get("properties")
if not properties:
continue
if (
(data_type := properties.get("dataType"))
and (val := properties.get("currentValue"))
and (config_name := js.get("name"))
):
value = from_str_to_typed(data_type, val)
if not value:
continue
configuration_instance.config[config_name] = value
if (added := builder.add_node(configuration_instance, configuration_instance.config)) is not None:
return [added] # type: ignore
return []


@define(eq=False, slots=False)
Expand Down Expand Up @@ -667,14 +686,12 @@ def _collect_items(
items = graph_builder.client.list(api_spec)
if not items:
return
if issubclass(class_instance, AzureMysqlServerConfiguration): # type: ignore
for item in items:
item["serverID"] = self.id
collected = class_instance.collect(items, graph_builder)
for clazz in collected:
graph_builder.add_edge(
self,
edge_type=EdgeType.default,
id=clazz.id,
clazz=class_instance,
)
for resource in collected:
graph_builder.add_edge(self, node=resource)

def post_process(self, graph_builder: GraphBuilder, source: Json) -> None:
if server_id := self.id:
Expand Down
150 changes: 59 additions & 91 deletions plugins/azure/test/files/mysql/configurations.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,131 +2,99 @@
"value": [
{
"properties": {
"value": "OFF",
"description": "Tell the server to enable or disable archive engine.",
"defaultValue": "OFF",
"dataType": "Enumeration",
"allowedValues": "ON,OFF",
"source": "system-default",
"isConfigPendingRestart": "False",
"isDynamicConfig": "False",
"isReadOnly": "True"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/archive",
"name": "archive",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},
{
"properties": {
"value": "OFF",
"description": "Allow to audit the log.",
"defaultValue": "OFF",
"currentValue": "ON",
"dataType": "Enumeration",
"allowedValues": "ON,OFF",
"source": "system-default",
"defaultValue": "ON",
"description": "Whether to enable automatic activation of all granted roles when users log in to the server.",
"documentationLink": "https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_activate_all_roles_on_login",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "False"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/audit_log_enabled",
"name": "audit_log_enabled",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},
{
"properties": {
"value": "CONNECTION",
"description": "Select the events to audit logs.",
"defaultValue": "CONNECTION",
"dataType": "Set",
"allowedValues": "DDL,DML_SELECT,DML_NONSELECT,DCL,ADMIN,DML,GENERAL,CONNECTION,TABLE_ACCESS",
"isReadOnly": "False",
"source": "system-default",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "False"
"value": "ON"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/audit_log_events",
"name": "audit_log_events",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
"type": "Microsoft.DBforMySQL/flexibleServers/configurations",
"resourceGroup": "foo",
"id": "/subscriptions/subid/resourceGroups/foo/providers/Microsoft.DBforMySQL/flexibleServers/test/configurations/activate_all_roles_on_login",
"name": "activate_all_roles_on_login"
},
{
"properties": {
"value": "azure_superuser",
"description": "The comma-separated user list whose commands will not be in the audit logs.",
"defaultValue": "azure_superuser",
"dataType": "String",
"allowedValues": "",
"source": "system-default",
"allowedValues": "0-65535",
"currentValue": "33062",
"dataType": "Integer",
"defaultValue": "33062",
"description": "The TCP/IP port number to use for connections on the administrative network interface.",
"documentationLink": "https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_admin_port",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "False"
"isDynamicConfig": "False",
"isReadOnly": "True",
"source": "system-default",
"value": "33062"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/audit_log_exclude_users",
"name": "audit_log_exclude_users",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
"type": "Microsoft.DBforMySQL/flexibleServers/configurations",
"id": "/subscriptions/subid/resourceGroups/foo/providers/Microsoft.DBforMySQL/flexibleServers/test/configurations/admin_port",
"name": "admin_port",
"resourceGroup": "foo"
},
{
"properties": {
"value": "",
"description": "The comma-separated user list whose commands will be in the audit logs. It takes higher priority if the same user name is found in audit_log_exclude_users.",
"defaultValue": "",
"dataType": "String",
"allowedValues": "",
"source": "system-default",
"currentValue": "log_filter_internal; log_sink_internal",
"dataType": "String",
"defaultValue": "",
"description": "The admin_ssl_ca system variable is like ssl_ca, except that it applies to the administrative connection interface rather than the main connection interface.",
"documentationLink": "https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_admin_ssl_ca",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "False"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/audit_log_include_users",
"name": "audit_log_include_users",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},
{
"properties": {
"value": "ON",
"description": "Allow to audit the slow log.",
"defaultValue": "ON",
"dataType": "Enumeration",
"allowedValues": "ON,OFF",
"isReadOnly": "True",
"source": "system-default",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "True"
"systemData": null,
"value": ""
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/audit_slow_log_enabled",
"name": "audit_slow_log_enabled",
"id": "/subscriptions/subid/resourceGroups/foo/providers/Microsoft.DBforMySQL/flexibleServers/test/configurations/admin_ssl_ca",
"name": "admin_ssl_ca",
"resourceGroup": "foo",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},
{
"properties": {
"value": "OFF",
"description": "Controls whether the server autogenerates SSL key and certificate files in the data directory, if they do not already exist.",
"defaultValue": "OFF",
"dataType": "Enumeration",
"allowedValues": "ON,OFF",
"source": "system-default",
"value": "TLSv1.2",
"allowedValues": "TLSv1.2,TLSv1.3",
"currentValue": "TLSv1.2",
"dataType": "Set",
"defaultValue": "TLSv1.2",
"description": "The admin_tls_version system variable is like tls_version, except that it applies to the administrative connection interface rather than the main connection interface.",
"documentationLink": "https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_admin_tls_version",
"isConfigPendingRestart": "False",
"isDynamicConfig": "False",
"isDynamicConfig": "True",
"isReadOnly": "True"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/auto_generate_certs",
"name": "auto_generate_certs",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
"id": "/subscriptions/subid/resourceGroups/foo/providers/Microsoft.DBforMySQL/flexibleServers/test/configurations/admin_tls_version",
"name": "admin_tls_version",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations",
"resourceGroup": "foo"
},
{
"properties": {
"value": "1",
"description": "The auto_increment_increment is intended for use with source-to-source replication, and can be used to control the operation of AUTO_INCREMENT columns.",
"defaultValue": "1",
"dataType": "Integer",
"allowedValues": "1-65535",
"source": "system-default",
"value": "90",
"isConfigPendingRestart": "False",
"isDynamicConfig": "True",
"isReadOnly": "False"
"isReadOnly": "False",
"allowedValues": "0-99.99",
"currentValue": "90",
"dataType": "Numeric",
"defaultValue": "90",
"description": "InnoDB tries to flush data from the buffer pool so that the percentage of dirty pages does not exceed this value.",
"documentationLink": "https://dev.mysql.com/doc/refman/8.0/en/innodb-parameters.html#sysvar_innodb_max_dirty_pages_pct"
},
"id": "/subscriptions/ffffffff-ffff-ffff-ffff-ffffffffffff/resourceGroups/testrg/providers/Microsoft.DBforMySQL/flexibleServers/mysqltestserver/configurations/auto_increment_increment",
"name": "auto_increment_increment",
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
"type": "Microsoft.DBforMySQL/flexibleServers/configurations",
"resourceGroup": "foo",
"id": "/subscriptions/subid/resourceGroups/foo/providers/Microsoft.DBforMySQL/flexibleServers/test/configurations/innodb_max_dirty_pages_pct",
"name": "innodb_max_dirty_pages_pct"
}
]
}

0 comments on commit 932a34b

Please sign in to comment.