cloudmarker / cloudmarker / 845
84%

DEFAULT BRANCH: master
Ran
Jobs 3
Files 39
Run time 18s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
845

push

travis-ci-com

susam 
Check only vm_instance_view data in disk plugins

The current implementations of `AzVMOSDiskEncryptionEvent` and
`AzVMDataDiskEncryptionEvent` plugins generate events for VM records
obtained by `AzCloud` as well. This is a problem when both `AzCloud` and
`AzVM` belong to the same audit definition. Here is an example minimal
config that reproduces this issue:

    plugins:
      myazcloud:
        plugin: cloudmarker.clouds.azcloud.AzCloud
        params:
          tenant:
          client:
          secret:

      myazvm:
        plugin: cloudmarker.clouds.azvm.AzVM
        params:
          tenant:
          client:
          secret:

    audits:
      myazaudit:
        clouds:
          - myazcloud
          - myazvm
        stores:
          - filestore
        events:
          - firewallruleevent
          - azvmosdiskencryptionevent
          - azvmdatadiskencryptionevent
        alerts:
          - filestore
    run:
      - myazaudit

Assuming there is only one VM in the cloud, `AzVMOSDiskEncryptionEvent`
would generate two events, one for the `virtual_machine` record
generated by `AzCloud` and one more for the `vm_instance_view` record
generated by `AzVM`.

Since these two plugins work only on `vm_instance_view` records (i.e.,
extended record type is `vm_instance_view`), it should ignore any other
extended record types. This change implements this.

Further, while implementing this change, I realized that it would be
better to not log warning messages for missing `com` and `ext` buckets.
One of the design goals of this project has been to let users write
their own plugins in which they are free to choose their record format.
If their records do not have `com` and `ext` buckets but these plugins
are configured to receive them, then these plugins should silently
ignore any records that these plugins do not care about instead of
logging a warning message for every record that does not meet these
plugins' expected format.

368 of 419 branches covered (87.83%)

Branch coverage included in aggregate %.

1866 of 2047 relevant lines covered (91.16%)

2.73 hits per line

Jobs
ID Job ID Ran Files Coverage
1 845.1 0
90.82
 Travis Job 845.1
2 845.2 0
90.82
 Travis Job 845.2
3 845.3 0
90.82
 Travis Job 845.3
Source Files on build 845
Detailed source file information is not available for this build.