diff --git a/.travis.yml b/.travis.yml index eff05558..f44b4936 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,62 +7,8 @@ install: - sudo apt-get install linux-headers-$(uname -r) dkms gcc-multilib g++-multilib - pip install pyyaml requests script: -- echo "Testing source version" -- examples/create_alert.py $DEMO_KUBE_API_TOKEN -- examples/update_alert.py $DEMO_KUBE_API_TOKEN -- examples/delete_alert.py $DEMO_KUBE_API_TOKEN -- examples/dashboard.py $DEMO_KUBE_API_TOKEN -- examples/create_dashboard.py $DEMO_KUBE_API_TOKEN -- examples/delete_dashboard.py $DEMO_KUBE_API_TOKEN -- examples/get_data_advanced.py $DEMO_KUBE_API_TOKEN ip-10-0-1-140.ec2.internal -- examples/get_data_datasource.py $DEMO_KUBE_API_TOKEN -- examples/get_data_simple.py $DEMO_KUBE_API_TOKEN -- examples/list_alerts.py $DEMO_KUBE_API_TOKEN -- examples/list_alert_notifications.py $DEMO_KUBE_API_TOKEN -- examples/resolve_alert_notifications.py $DEMO_KUBE_API_TOKEN 1 -- examples/list_dashboards.py $DEMO_KUBE_API_TOKEN -- examples/list_hosts.py $DEMO_KUBE_API_TOKEN -- examples/list_metrics.py $DEMO_KUBE_API_TOKEN -- examples/post_event.py $DEMO_KUBE_API_TOKEN "test_event_name" -d "test event description" -- examples/post_event_simple.py $DEMO_KUBE_API_TOKEN "test_event_name" "test event description" -- examples/list_events.py $DEMO_KUBE_API_TOKEN -- examples/delete_event.py $DEMO_KUBE_API_TOKEN -- examples/print_data_retention_info.py $DEMO_KUBE_API_TOKEN -- examples/print_explore_grouping.py $DEMO_KUBE_API_TOKEN -- examples/print_user_info.py $DEMO_KUBE_API_TOKEN -- examples/list_users.py $DEMO_KUBE_API_TOKEN -- examples/list_sysdig_captures.py $DEMO_KUBE_API_TOKEN -- examples/create_sysdig_capture.py $DEMO_KUBE_API_TOKEN ip-10-0-1-115.ec2.internal apicapture 10 -- examples/notification_channels.py $DEMO_KUBE_API_TOKEN -- examples/user_team_mgmt.py $DEMO_KUBE_API_TOKEN example-team example-user@example-domain.com -- unset SDC_TOKEN +- bash test/test_monitor_apis.sh - bash test/test_secure_apis.sh -- echo "Testing pip version" -- rm -rf sdcclient -- pip install sdcclient -# - examples/create_alert.py $DEMO_KUBE_API_TOKEN -# - examples/delete_alert.py $DEMO_KUBE_API_TOKEN -# - examples/dashboard.py $DEMO_KUBE_API_TOKEN -# - examples/create_dashboard.py $DEMO_KUBE_API_TOKEN -# - examples/delete_dashboard.py $DEMO_KUBE_API_TOKEN -# - examples/get_data_advanced.py $DEMO_KUBE_API_TOKEN ip-10-0-2-180.ec2.internal -# - examples/get_data_datasource.py $DEMO_KUBE_API_TOKEN -# - examples/get_data_simple.py $DEMO_KUBE_API_TOKEN -# - examples/list_alerts.py $DEMO_KUBE_API_TOKEN -# - examples/list_alert_notifications.py $DEMO_KUBE_API_TOKEN -# - examples/resolve_alert_notifications.py $DEMO_KUBE_API_TOKEN 1 -# - examples/list_dashboards.py $DEMO_KUBE_API_TOKEN -# - examples/list_hosts.py $DEMO_KUBE_API_TOKEN -# - examples/list_metrics.py $DEMO_KUBE_API_TOKEN -# - examples/post_event.py $DEMO_KUBE_API_TOKEN "test event name" -d "test event description" -# - examples/post_event_simple.py $DEMO_KUBE_API_TOKEN "test event name" "test event description" -# - examples/list_events.py $DEMO_KUBE_API_TOKEN -# - examples/delete_event.py $DEMO_KUBE_API_TOKEN -# - examples/print_data_retention_info.py $DEMO_KUBE_API_TOKEN -# - examples/print_explore_grouping.py $DEMO_KUBE_API_TOKEN -# - examples/print_user_info.py $DEMO_KUBE_API_TOKEN -# - examples/list_sysdig_captures.py $DEMO_KUBE_API_TOKEN -# - examples/create_sysdig_capture.py $DEMO_KUBE_API_TOKEN ip-10-0-2-202.ec2.internal apicapture 10 notifications: slack: secure: GJ0H2wAaW67t3+x+cCjOVLw/b+YAZjH9rebAfluCFJklJS9u+V6/qqIyiNDAkMPIcgilFyhiyOQCZYXapgthQ1ieFbZZo//mrRtuGo2wuxCAwcOx2mXAZpZ4I5b3+Q/znVqSuqkwFRid1d138z4TW7sYSIburouDX3QUNoUOy+g7VJxCFQCcqlN8LYxGJHQYdOZa9zIGCtKrOtZ/B8C1TLgXmDMwAAVNO2WzL4GiBTLCGuMsQWMTLw2Qmv1ayZPztmeDWo1C9oa7HIH8Bg2YVjssR87el28X+EqEO533mgYjPmW2/hii30WVFOUE5hMdvKeQLBvy5N3/OCch1np0RQBd8eYEtaPv38rc5L2wAnUq9G5Zzr252z7vnwSLi6lap9jWU8tOerSTEPU+jG05PnuCnufVDXVNPyiPsH6BDP4qxHmLjooNpxfe63Df7NNyUi2I3QoroLj/UzI7zZVQjJEqsTrr5BbsH4z6NTGY91+ZqobBn62+hV3ESAam0ivQgC7s2AKko0qkKyIUGjj7ozU8ebo1UpagNvKC/J9szMqtdXJgKtG8BeonyLMeN6MEEyEvcMJbB4dCcfet+1Sb9AZWnGvYVdajhVLb1HE6OrbzZyhC3KqCe06J9O5BCY9ncy+l16i7MyIfcKTibHQlxPU+Id/VijD97JSRXxnd2i4= diff --git a/examples/create_alert.py b/examples/create_alert.py index 5d13b4f7..d344c83a 100755 --- a/examples/create_alert.py +++ b/examples/create_alert.py @@ -6,6 +6,7 @@ # # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -14,12 +15,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-a|--alert ] ' % sys.argv[0] + print '-a|--alert: Set name of alert to create' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"a:",["alert="]) +except getopt.GetoptError: + usage() + +alert_name = "tomcat cpu > 80% on any host" +for opt, arg in opts: + if opt in ("-a", "--alert"): + alert_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -29,8 +44,8 @@ # # Find notification channels (you need IDs to create an alert). # -notify_channels = [ {'type': 'SLACK', 'channel': 'sysdig-demo2-alerts'}, - {'type': 'EMAIL', 'emailRecipients': ['demo-kube@draios.com', 'test@sysdig.com']}, +notify_channels = [ {'type': 'SLACK', 'channel': '#python-sdc-test-alert'}, + {'type': 'EMAIL', 'emailRecipients': ['python-sdc-testing@draios.com', 'test@sysdig.com']}, {'type': 'SNS', 'snsTopicARNs': ['arn:aws:sns:us-east-1:273107874544:alarms-stg']} ] @@ -44,7 +59,7 @@ # # Create the alert. # -res = sdclient.create_alert('tomcat cpu > 80% on any host', # Alert name. +res = sdclient.create_alert(alert_name, # Alert name. 'this alert was automatically created using the python Sysdig Cloud library', # Alert description. 6, # Syslog-encoded severity. 6 means 'info'. 60, # The alert will fire if the condition is met for at least 60 seconds. diff --git a/examples/create_dashboard.py b/examples/create_dashboard.py index cc300653..0308118c 100755 --- a/examples/create_dashboard.py +++ b/examples/create_dashboard.py @@ -6,6 +6,7 @@ # will monitor. # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -14,12 +15,27 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-d|--dashboard ] ' % sys.argv[0] + print '-d|--dashboard: Set name of dashboard to create' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"d:",["dashboard="]) +except getopt.GetoptError: + usage() + +# Name for the dashboard to create +dashboardName = "API test - cassandra in prod" +for opt, arg in opts: + if opt in ("-d", "--dashboard"): + dashboardName = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -30,8 +46,6 @@ # Create the new dashboard, applying to cassandra in production # -# Name for the dashboard to create -dashboardName = "API test - cassandra in prod" # Name of the view to copy viewName = "Overview by Process" # Filter to apply to the new dashboard. @@ -56,14 +70,12 @@ # the dev namespace # -# Name for the dashboard to create -dashboardName = "API test - cassandra in dev" # Name of the dashboard to copy -dashboardToCopy = "API test - cassandra in prod" +dashboardCopy = "Copy Of {}".format(dashboardName) # Filter to apply to the new dashboard. Same as above. dashboardFilter = "kubernetes.namespace.name = dev and proc.name = cassandra" -res = sdclient.create_dashboard_from_dashboard(dashboardName, dashboardToCopy, dashboardFilter) +res = sdclient.create_dashboard_from_dashboard(dashboardCopy, dashboardName, dashboardFilter) # # Check the result diff --git a/examples/dashboard.py b/examples/dashboard.py index 19014216..aacddc62 100755 --- a/examples/dashboard.py +++ b/examples/dashboard.py @@ -4,6 +4,7 @@ # edit the content, and then delete it. # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -12,12 +13,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-d|--dashboard ] ' % sys.argv[0] + print '-d|--dashboard: Set name of dashboard to create' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"d:",["dashboard="]) +except getopt.GetoptError: + usage() + +dashboard_name = "My Dashboard" +for opt, arg in opts: + if opt in ("-d", "--dashboard"): + dashboard_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -28,7 +43,6 @@ # # Create an empty dashboard # -dashboard_name = 'My Dashboard' dashboard_configuration = None res = sdclient.create_dashboard(dashboard_name) @@ -142,4 +156,4 @@ print 'Dashboard deleted successfully' else: print res[1] - sys.exit(1) \ No newline at end of file + sys.exit(1) diff --git a/examples/delete_alert.py b/examples/delete_alert.py index b729bc3c..cf1de7c5 100755 --- a/examples/delete_alert.py +++ b/examples/delete_alert.py @@ -3,6 +3,7 @@ # This example shows how to delete an alert # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -11,12 +12,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-a|--alert ] ' % sys.argv[0] + print '-a|--alert: Set name of alert to delete' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"a:",["alert="]) +except getopt.GetoptError: + usage() + +alert_name = "tomcat cpu > 80% on any host" +for opt, arg in opts: + if opt in ("-a", "--alert"): + alert_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -29,7 +44,7 @@ sys.exit(1) for alert in res[1]['alerts']: - if alert['name'] == "tomcat cpu > 80% on any host": + if alert['name'] == alert_name: print "Deleting alert" res = sdclient.delete_alert(alert) if not res[0]: diff --git a/examples/delete_dashboard.py b/examples/delete_dashboard.py index b0e8d434..05417eef 100755 --- a/examples/delete_dashboard.py +++ b/examples/delete_dashboard.py @@ -3,6 +3,7 @@ # This example shows how to delete a dashboard # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -11,12 +12,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-p|--pattern ] ' % sys.argv[0] + print '-p|--pattern: Delete all dashboards containing the provided pattern' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"p:",["pattern="]) +except getopt.GetoptError: + usage() + +pattern = "API Test" +for opt, arg in opts: + if opt in ("-p", "--pattern"): + pattern = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -32,10 +47,10 @@ sys.exit(1) # -# Delete all the dashboards containing "API test" +# Delete all the dashboards containing pattern # for dashboard in res[1]['dashboards']: - if 'API test' in dashboard['name']: + if pattern in dashboard['name']: print "Deleting " + dashboard['name'] res = sdclient.delete_dashboard(dashboard) if not res[0]: diff --git a/examples/delete_event.py b/examples/delete_event.py index e78a3fa3..d889e212 100755 --- a/examples/delete_event.py +++ b/examples/delete_event.py @@ -3,6 +3,7 @@ # Delete user events from Sysdig Cloud # +import getopt import json import os import sys @@ -12,12 +13,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-e|--event ] ' % sys.argv[0] + print '-e|--event: Name of event to delete' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"e:",["event="]) +except getopt.GetoptError: + usage() + +event_name = "test_event_name" +for opt, arg in opts: + if opt in ("-e", "--event"): + event_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -27,7 +42,7 @@ # # Get the events that match a name # -res = sdclient.get_events(name='test_event_name') +res = sdclient.get_events(name=event_name) if not res[0]: print res[1] diff --git a/examples/list_hosts.py b/examples/list_hosts.py index 9934ea26..9e4cf605 100755 --- a/examples/list_hosts.py +++ b/examples/list_hosts.py @@ -4,6 +4,8 @@ # of the instrumented hosts that have been seen in the last 5 minutes. # +import getopt +import json import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -12,12 +14,30 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-j|--json] [-d|--duration ] ' % sys.argv[0] + print '-d|--duration: List hosts seen in the last seconds' + print '-j|--json: Print output as json' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"jd:",["json", "duration="]) +except getopt.GetoptError: + usage() + +duration = 600 +print_json = False +for opt, arg in opts: + if opt in ("-d", "--duration"): + duration = int(arg) + elif opt in ("-j", "--json"): + print_json = True + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -37,9 +57,9 @@ # come as a single sample. # res = sdclient.get_data(metrics, # metrics list - -600, # cover the last 600 seconds... + -duration, # cover the last duration seconds... 0, # ... ending now... - 600) # ... with just one 600s sample + duration) # ... with just one durations sample # # Show the results! @@ -50,4 +70,7 @@ print res[1] sys.exit(1) -print data +if print_json: + print json.dumps(data) +else: + print data diff --git a/examples/list_policies.py b/examples/list_policies.py index 464a931a..bed6874f 100755 --- a/examples/list_policies.py +++ b/examples/list_policies.py @@ -6,28 +6,53 @@ import os import sys import json +import getopt sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) from sdcclient import SdSecureClient def usage(): - print 'usage: %s ' % sys.argv[0] + print 'usage: %s [-o|--order-only] ' % sys.argv[0] + print '-o|--order-only: Only display the list of policy ids in evaluation order. Suitable for use by set_policy_order.py' print 'You can find your token at https://secure.sysdig.com/#/settings/user' sys.exit(1) +try: + opts, args = getopt.getopt(sys.argv[1:],"o",["order-only"]) +except getopt.GetoptError: + usage() + +order_only = False +for opt, arg in opts: + if opt in ("-o", "--order-only"): + order_only = True + # # Parse arguments # -if len(sys.argv) != 2: +if len(args) < 1: usage() -sdc_token = sys.argv[1] +sdc_token = args[0] # # Instantiate the SDC client # sdclient = SdSecureClient(sdc_token, 'https://secure.sysdig.com') -res = sdclient.list_policies() +res = sdclient.get_policy_priorities() + +if not res[0]: + print res[1] + sys.exit(1) + +# Strip the surrounding json to only keep the list of policy ids +res[1] = res[1]['priorities']['policyIds'] + +if not order_only: + priorities = res[1] + res = sdclient.list_policies() + if res[0]: + res[1]['policies'].sort(key=lambda p: priorities.index(p['id'])) # # Return the result diff --git a/examples/notification_channels.py b/examples/notification_channels.py index 08e5dcbf..10d0b76e 100755 --- a/examples/notification_channels.py +++ b/examples/notification_channels.py @@ -3,6 +3,7 @@ # This script shows how to manipulate the notification channel list for alerts # +import getopt import os import sys sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) @@ -11,12 +12,27 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-c|--channel ] ' % sys.argv[0] + print '-c|--channel: Set name of channel to create' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"c:",["channel="]) +except getopt.GetoptError: + usage() + +# Name for the dashboard to create +channel_name = "Api Channel" +for opt, arg in opts: + if opt in ("-c", "--channel"): + channel_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -26,7 +42,7 @@ # # Create an email notification channel # -res = sdclient.create_email_notification_channel('Api Channel', ['gianluca.borello@sysdig.com', 'foo@sysdig.com', 'bar@sysdig.com']) +res = sdclient.create_email_notification_channel(channel_name, ['gianluca.borello@sysdig.com', 'foo@sysdig.com', 'bar@sysdig.com']) if not res[0]: print res[1] sys.exit(1) diff --git a/examples/set_policy_order.py b/examples/set_policy_order.py new file mode 100755 index 00000000..cfb01649 --- /dev/null +++ b/examples/set_policy_order.py @@ -0,0 +1,64 @@ +#!/usr/bin/env python +# +# Change the evaluation order of policies to match the provided json. +# + +import os +import sys +import json +sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..')) +from sdcclient import SdSecureClient + +def usage(): + print 'usage: %s ' % sys.argv[0] + print 'Reads json representing new policy evaluation order from standard input' + print 'You can find your token at https://secure.sysdig.com/#/settings/user' + sys.exit(1) + +# +# Parse arguments +# +if len(sys.argv) != 2: + usage() + +sdc_token = sys.argv[1] +priorities_json = sys.stdin.read() + +try: + priorities_obj = json.loads(priorities_json) +except Exception as e: + print "priorities json is not valid json: {}".format(str(e)) + sys.exit(1) + +# +# Instantiate the SDC client +# +sdclient = SdSecureClient(sdc_token, 'https://secure.sysdig.com') + +# +# The argument to /api/policies/priorities is the list of ids wrapped +# in an object containing a version and dates. So fetch the list of +# priorities, update the list in-place and set it. +# + +res = sdclient.get_policy_priorities() + +if not res[0]: + print res[1] + sys.exit(1) + +obj = res[1] +obj['priorities']['policyIds'] = priorities_obj + +res = sdclient.set_policy_priorities(json.dumps(obj)) + +# +# Return the result +# +if res[0]: + print json.dumps(res[1], indent=2) +else: + print res[1] + sys.exit(1) + + diff --git a/examples/update_alert.py b/examples/update_alert.py index 6a6c0305..d179b53b 100755 --- a/examples/update_alert.py +++ b/examples/update_alert.py @@ -5,6 +5,7 @@ # # +import getopt import os import sys import json @@ -14,12 +15,26 @@ # # Parse arguments # -if len(sys.argv) != 2: - print 'usage: %s ' % sys.argv[0] +def usage(): + print 'usage: %s [-a|--alert ] ' % sys.argv[0] + print '-a|--alert: Set name of alert to update' print 'You can find your token at https://app.sysdigcloud.com/#/settings/user' sys.exit(1) -sdc_token = sys.argv[1] +try: + opts, args = getopt.getopt(sys.argv[1:],"a:",["alert="]) +except getopt.GetoptError: + usage() + +alert_name = "tomcat cpu > 80% on any host" +for opt, arg in opts: + if opt in ("-a", "--alert"): + alert_name = arg + +if len(args) != 1: + usage() + +sdc_token = args[0] # # Instantiate the SDC client @@ -33,7 +48,7 @@ alert_found = False for alert in res[1]['alerts']: - if alert['name'] == "tomcat cpu > 80% on any host": + if alert['name'] == alert_name: alert_found = True print 'Updating alert. Configuration before changing timespan, description, and notification channels:' print json.dumps(alert, sort_keys=True, indent=4) diff --git a/examples/update_policy.py b/examples/update_policy.py index d4f8a7b3..67904af3 100755 --- a/examples/update_policy.py +++ b/examples/update_policy.py @@ -10,7 +10,8 @@ from sdcclient import SdSecureClient def usage(): - print 'usage: %s ' % sys.argv[0] + print 'usage: %s ' % sys.argv[0] + print 'Reads json representing updated policy from standard input' print 'You can find your token at https://secure.sysdig.com/#/settings/user' sys.exit(1) diff --git a/sdcclient/_client.py b/sdcclient/_client.py index d2283228..4d62d0b5 100644 --- a/sdcclient/_client.py +++ b/sdcclient/_client.py @@ -1971,6 +1971,54 @@ def list_policies(self): return [True, res.json()] + def get_policy_priorities(self): + '''**Description** + Get a list of policy ids in the order they will be evaluated. + + **Arguments** + - None + + **Success Return Value** + A JSON object representing the list of policy ids. + + **Example** + `examples/list_policies.py `_ + + ''' + + res = requests.get(self.url + '/api/policies/priorities', headers=self.hdrs, verify=self.ssl_verify) + if not self._checkResponse(res): + return [False, self.lasterr] + + return [True, res.json()] + + def set_policy_priorities(self, priorities_json): + '''**Description** + Change the policy evaluation order + + **Arguments** + - priorities_json: a description of the new policy order. + + **Success Return Value** + A JSON object representing the updated list of policy ids. + + **Example** + `examples/set_policy_order.py `_ + + ''' + + try: + priorities_obj = json.loads(priorities_json) + except Exception as e: + return [False, "priorities json is not valid json: {}".format(str(e))] + + res = requests.put(self.url + '/api/policies/priorities', headers=self.hdrs, data=priorities_json, verify=self.ssl_verify) + if not self._checkResponse(res): + return [False, self.lasterr] + + return [True, res.json()] + + def get_policy(self, name): '''**Description** Find the policy with name and return its json description. diff --git a/test/test_monitor_apis.sh b/test/test_monitor_apis.sh new file mode 100644 index 00000000..d8385330 --- /dev/null +++ b/test/test_monitor_apis.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -euxo pipefail + +SCRIPT=$(readlink -f $0) +SCRIPTDIR=$(dirname $SCRIPT) + +export SDC_URL=https://app-staging.sysdigcloud.com + +docker run -d -it --rm --name sysdig-agent --privileged --net host --pid host -e COLLECTOR=collector-staging.sysdigcloud.com -e ACCESS_KEY=$PYTHON_SDC_TEST_ACCESS_KEY -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro sysdig/agent + +sleep 20 + +AGENT_HOSTNAME=$(hostname -s) +SESSION_UUID=$(head -c 32 /dev/urandom | tr -dc 'a-zA-Z0-9') +ALERT_NAME=python-test-alert-$SESSION_UUID +DASHBOARD_1_NAME=prod-dashboard-$SESSION_UUID +DASHBOARD_2_NAME=dev-dashboard-$SESSION_UUID +EVENT_NAME=event-$SESSION_UUID +CAPTURE_NAME=apicapture-$SESSION_UUID +CHANNEL_NAME=channel-$SESSION_UUID +TEAM_NAME=team-$SESSION_UUID + +$SCRIPTDIR/../examples/create_alert.py -a $ALERT_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/update_alert.py -a $ALERT_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/delete_alert.py -a $ALERT_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/dashboard.py -d $DASHBOARD_1_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/create_dashboard.py -d $DASHBOARD_2_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/delete_dashboard.py -p $SESSION_UUID $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/get_data_advanced.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN $AGENT_HOSTNAME +$SCRIPTDIR/../examples/get_data_datasource.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/get_data_simple.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_alerts.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_alert_notifications.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/resolve_alert_notifications.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN 1 +$SCRIPTDIR/../examples/list_dashboards.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_hosts.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_metrics.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/post_event.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN $EVENT_NAME -d "test event description" +$SCRIPTDIR/../examples/post_event_simple.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN $EVENT_NAME "test event description" +$SCRIPTDIR/../examples/list_events.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/delete_event.py -e $EVENT_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/print_data_retention_info.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/print_explore_grouping.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/print_user_info.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_users.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/list_sysdig_captures.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/create_sysdig_capture.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN $AGENT_HOSTNAME $CAPTURE_NAME 10 +$SCRIPTDIR/../examples/notification_channels.py -c $CHANNEL_NAME $PYTHON_SDC_TEST_MONITOR_API_TOKEN +$SCRIPTDIR/../examples/user_team_mgmt.py $PYTHON_SDC_TEST_MONITOR_API_TOKEN $TEAM_NAME example-user@example-domain.com + +docker stop sysdig-agent + diff --git a/test/test_secure_apis.sh b/test/test_secure_apis.sh index 3c03d1c7..203852b7 100644 --- a/test/test_secure_apis.sh +++ b/test/test_secure_apis.sh @@ -22,7 +22,7 @@ fi set -e # Get the system falco rules file. Don't validate it, just verify that it can be fetched. -$SCRIPTDIR/../examples/get_secure_system_falco_rules.py $PYTHON_SDC_TEST_API_TOKEN > /tmp/falco_rules.yaml +$SCRIPTDIR/../examples/get_secure_system_falco_rules.py $PYTHON_SDC_TEST_API_TOKEN | tee /tmp/falco_rules.yaml NOW=$(date) cat < /tmp/test_apis_user_rules.yaml @@ -112,6 +112,25 @@ if [[ $OUT = *"\"name\": \"Another Copy Of Write below binary dir\""* ]]; then exit 1 fi +WRITE_BELOW_BINARY_POS=`$SCRIPTDIR/../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN | grep -b "\"name\": \"Write below binary dir" | awk -F: '{print $1}'` + +# Get the list of policy ids only, reverse the list, and set the order +OUT=`$SCRIPTDIR/../examples/list_policies.py -o $PYTHON_SDC_TEST_API_TOKEN | jq reverse | $SCRIPTDIR/../examples/set_policy_order.py $PYTHON_SDC_TEST_API_TOKEN` + +if [ $? != 0 ]; then + echo "Could not set policy order?" + exit 1 +fi + +NEW_WRITE_BELOW_BINARY_POS=`$SCRIPTDIR/../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN | grep -b "\"name\": \"Write below binary dir" | awk -F: '{print $1}'` + +if [[ $NEW_WRITE_BELOW_BINARY_POS -lt $WRITE_BELOW_BINARY_POS ]]; then + echo "After reordering policies, Write Below Binary Dir policy did not move to the end?" + exit 1 +fi + +echo $OUT + # Start an agent using this account's api key and trigger some events docker run -d -it --rm --name sysdig-agent --privileged --net host --pid host -e COLLECTOR=collector-staging.sysdigcloud.com -e ACCESS_KEY=$PYTHON_SDC_TEST_ACCESS_KEY -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro -e ADDITIONAL_CONF="security: {enabled: true}\ncommandlines_capture: {enabled: true}\nmemdump: {enabled: true}" --shm-size=350m sysdig/agent