From 82e350dd2a9d2da0c4cacefc435d734150692d98 Mon Sep 17 00:00:00 2001 From: pyth0n1c Date: Mon, 30 Sep 2024 12:46:54 -0700 Subject: [PATCH] add new option to contentctl inspect that makes missing detections NOT an error - instead just print a warning message. --- contentctl/actions/inspect.py | 8 +++++--- contentctl/objects/config.py | 14 ++++++++------ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/contentctl/actions/inspect.py b/contentctl/actions/inspect.py index 38bc2b23..1fe2e4c0 100644 --- a/contentctl/actions/inspect.py +++ b/contentctl/actions/inspect.py @@ -297,9 +297,11 @@ def check_detection_metadata(self, config: inspect) -> None: validation_errors[rule_name] = [] # No detections should be removed from build to build if rule_name not in current_build_conf.detection_stanzas: - validation_errors[rule_name].append(DetectionMissingError(rule_name=rule_name)) + if config.exception_on_removed_detections: + validation_errors[rule_name].append(DetectionMissingError(rule_name=rule_name)) + else: + print(f"[SUPPRESSED] {DetectionMissingError(rule_name=rule_name).long_message}") continue - # Pull out the individual stanza for readability previous_stanza = previous_build_conf.detection_stanzas[rule_name] current_stanza = current_build_conf.detection_stanzas[rule_name] @@ -335,7 +337,7 @@ def check_detection_metadata(self, config: inspect) -> None: ) # Convert our dict mapping to a flat list of errors for use in reporting - validation_error_list = [x for inner_list in validation_errors.values() for x in inner_list] + validation_error_list = [x for inner_list in validation_errors.values() for x in inner_list] # Report failure/success print("\nDetection Metadata Validation:") diff --git a/contentctl/objects/config.py b/contentctl/objects/config.py index 0b262c55..04082e1c 100644 --- a/contentctl/objects/config.py +++ b/contentctl/objects/config.py @@ -159,8 +159,6 @@ def getApp(self, config:test, stage_file=True)->str: verbose_print=True) return str(destination) - - # TODO (#266): disable the use_enum_values configuration class Config_Base(BaseModel): model_config = ConfigDict(use_enum_values=True,validate_default=True, arbitrary_types_allowed=True) @@ -288,7 +286,6 @@ def getAPIPath(self)->pathlib.Path: def getAppTemplatePath(self)->pathlib.Path: return self.path/"app_template" - class StackType(StrEnum): @@ -311,6 +308,14 @@ class inspect(build): "should be enabled." ) ) + exception_on_removed_detections: bool = Field( + default=True, + description=( + "Throw an exception during metadata validation if a detection that existed in " + "the previous build does not exist in this build. This is to ensure that content " + "is not accidentally removed." + ) + ) enrichments: bool = Field( default=True, description=( @@ -952,7 +957,6 @@ def check_environment_variable_for_config(cls, v:List[Infrastructure]): index+=1 - class release_notes(Config_Base): old_tag:Optional[str] = Field(None, description="Name of the tag to diff against to find new content. " "If it is not supplied, then it will be inferred as the " @@ -1035,5 +1039,3 @@ def ensureNewTagOrLatestBranch(self): # return self - -