self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 17:53:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/integrations/access/opsgenie/client_test.go
Edward Dowling f07b291d44
Add opsgenie plugin (#25995) 
* Move opsgenie client code to integrations/access

* Add initial opsgenie bot skeleton and stubs

* Add opsgenie check and set default to pluginv1

* Fix check and set defaults for opsgenie plugin config

* Fill out bot stubs for opsgenie bot

* Add loadOpsgenieConfig to integrations

* Swap to using bearer token for opsgenie plugin

* Fix formating in opsgenie bot

* Reorder imports to fix lint errors

* Add config field to plugins to allow for different recipient logic

Allows bots that use schedules as recipients to determine their own
logic for defaulting etc

* Add notimplemented err for check health for opsgenie bots

* Add check health to opsgenie client and bot

* Rename recipientsAreSchedules to usersAsRecipients

* Add pluginBearertokencredentials checkAndSetdefaults

* Add resolveAnnotations to reqdata and use schedules from that

* Update integrations/access/opsgenie/bot.go

Co-authored-by: Roman Tkachenko <roman@goteleport.com>

* Prevent default schedules being processed if annotations are set

* Remove loadOpsgenieConfig

* Rename opsgneie addr field

* Add more verbose error messages to opsgenie client

* Update api/proto/teleport/legacy/types/types.proto

Co-authored-by: Roman Tkachenko <roman@goteleport.com>

* Update integrations/access/opsgenie/bot.go

Co-authored-by: Roman Tkachenko <roman@goteleport.com>

* Fix error message for recipients field in opsgenie bot

* Change apiEndpoint field name

* Remove check for unused field from opsgenie config

* Remove usersAsRecipients flag

* Reserve addr and change change field number of api_endpoint

* Update integrations/access/opsgenie/client.go

Co-authored-by: Roman Tkachenko <roman@goteleport.com>

* Rename reqAnnotationresponderskey to reqannotationscheduleskey

* Remove unused check and set defaults

* Rename REqAnnotationScheduleskey

* Use types.Labels alias where possible

* Simplify loop in opsgenie bot to satisfy linter

---------

Co-authored-by: Roman Tkachenko <roman@goteleport.com>
2023-05-31 12:40:55 +00:00

160 lines
4.3 KiB
Go
Raw Blame History

/*
Copyright 2015-2023 Gravitational, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package opsgenie
import (
"context"
"encoding/json"
"io"
"log"
"net/http"
"net/http/httptest"
"testing"
"github.com/gravitational/trace"
"github.com/stretchr/testify/assert"
"github.com/gravitational/teleport/api/types"
)
func TestCreateAlert(t *testing.T) {
recievedReq := ""
testServer := httptest.NewServer(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
bodyBytes, err := io.ReadAll(req.Body)
if err != nil {
log.Fatal(err)
}
recievedReq = string(bodyBytes)
}))
defer func() { testServer.Close() }()
c, err := NewClient(ClientConfig{
APIEndpoint: testServer.URL,
Priority: "somePriority",
ClusterName: "someClusterName",
})
assert.NoError(t, err)
_, err = c.CreateAlert(context.Background(), "someRequestID", RequestData{
User: "someUser",
Roles: []string{"role1", "role2"},
RequestReason: "someReason",
ResolveAnnotations: types.Labels{
types.TeleportNamespace + types.ReqAnnotationSchedulesLabel: {"responder@teleport.com"},
},
})
assert.NoError(t, err)
expected := AlertBody{
Message: "Access request from someUser",
Alias: "teleport-access-request/someRequestID",
Description: "someUser requested permissions for roles role1, role2 on Teleport at 01 Jan 01 00:00 UTC.\nReason: someReason\n\n",
Responders: []Responder{{Type: "schedule", ID: "responder@teleport.com"}},
Priority: "somePriority",
}
var got AlertBody
err = json.Unmarshal([]byte(recievedReq), &got)
assert.NoError(t, err)
assert.Equal(t, expected, got)
}
func TestPostReviewNote(t *testing.T) {
recievedReq := ""
testServer := httptest.NewServer(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
bodyBytes, err := io.ReadAll(req.Body)
if err != nil {
log.Fatal(err)
}
recievedReq = string(bodyBytes)
}))
defer func() { testServer.Close() }()
c, err := NewClient(ClientConfig{
APIEndpoint: testServer.URL,
Priority: "somePriority",
ClusterName: "someClusterName",
})
assert.NoError(t, err)
err = c.PostReviewNote(context.Background(), "someAlertID", types.AccessReview{
ProposedState: types.RequestState_APPROVED,
Author: "someUser",
Reason: "someReason",
})
assert.NoError(t, err)
expected := AlertNote{
Note: "someUser reviewed the request at 01 Jan 01 00:00 UTC.\nResolution: APPROVED.\nReason: someReason.",
}
var got AlertNote
err = json.Unmarshal([]byte(recievedReq), &got)
assert.NoError(t, err)
assert.Equal(t, expected, got)
}
func TestResolveAlert(t *testing.T) {
recievedReq := ""
testServer := httptest.NewServer(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
bodyBytes, err := io.ReadAll(req.Body)
if err != nil {
log.Fatal(err)
}
recievedReq = string(bodyBytes)
}))
defer func() { testServer.Close() }()
c, err := NewClient(ClientConfig{
APIEndpoint: testServer.URL,
Priority: "somePriority",
ClusterName: "someClusterName",
})
assert.NoError(t, err)
err = c.ResolveAlert(context.Background(), "someAlertID", Resolution{
Tag: ResolvedApproved,
Reason: "someReason",
})
assert.NoError(t, err)
expected := AlertNote{
Note: "Access request has been approved\nReason: someReason",
}
var got AlertNote
err = json.Unmarshal([]byte(recievedReq), &got)
assert.NoError(t, err)
assert.Equal(t, expected, got)
}
func TestCreateAlertError(t *testing.T) {
testServer := httptest.NewServer(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
res.WriteHeader(http.StatusForbidden)
}))
defer func() { testServer.Close() }()
c, err := NewClient(ClientConfig{
APIEndpoint: testServer.URL,
})
assert.NoError(t, err)
_, err = c.CreateAlert(context.Background(), "someRequestID", RequestData{})
assert.True(t, trace.IsAccessDenied(err))
}
Reference in a new issue View git blame Copy permalink