Skip to content

Commit

Permalink
.
Browse files Browse the repository at this point in the history
  • Loading branch information
CohenIdo committed Jun 13, 2022
1 parent 5317bc6 commit 9c69c5d
Show file tree
Hide file tree
Showing 5 changed files with 20 additions and 169 deletions.
2 changes: 1 addition & 1 deletion x-pack/plugins/cloud_security_posture/common/constants.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
* 2.0.
*/

export const INFO_ROUTE_PATH = '/internal/cloud_security_posture/status';
export const INFO_ROUTE_PATH = '/internal/cloud_security_posture/setup_status';
export const STATS_ROUTE_PATH = '/internal/cloud_security_posture/stats';
export const BENCHMARKS_ROUTE_PATH = '/internal/cloud_security_posture/benchmarks';
export const UPDATE_RULES_CONFIG_ROUTE_PATH =
Expand Down
19 changes: 1 addition & 18 deletions x-pack/plugins/cloud_security_posture/common/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -47,25 +47,8 @@ export interface ComplianceDashboardData {
trend: PostureTrend[];
}

export interface Applicable {
status_1: {
applicable: true;
description: 'Missing running agent';
};
}
export type FindingsIndexState =
| 'indexed'
| 'indexing'
| 'index_timeout'
| 'not deployed'
| 'not installed';

export interface CspSetupStatus {
status: FindingsIndexState;
installed_pkg_ver: string | null;
latest_pkg_ver: string;
installed_integration: number;
healthy_agents: number;
latestFindingsIndexStatus: 'applicable' | 'inapplicable';
}

export interface CspRulesStatus {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ import {
defineGetBenchmarksRoute,
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
getCspPackagePolicies,
getCspAgentPolicies,
getAgentPolicies,
createBenchmarkEntry,
addPackagePolicyCspRules,
} from './benchmarks';
Expand Down Expand Up @@ -308,7 +308,7 @@ describe('benchmarks API', () => {
const agentPolicyService = createMockAgentPolicyService();
const packagePolicies = [createPackagePolicyMock(), createPackagePolicyMock()];

await getCspAgentPolicies(mockSoClient, packagePolicies, agentPolicyService);
await getAgentPolicies(mockSoClient, packagePolicies, agentPolicyService);

expect(agentPolicyService.getByIds.mock.calls[0][1]).toHaveLength(1);
});
Expand All @@ -321,7 +321,7 @@ describe('benchmarks API', () => {
packagePolicy2.policy_id = 'AnotherId';
const packagePolicies = [packagePolicy1, packagePolicy2];

await getCspAgentPolicies(mockSoClient, packagePolicies, agentPolicyService);
await getAgentPolicies(mockSoClient, packagePolicies, agentPolicyService);

expect(agentPolicyService.getByIds.mock.calls[0][1]).toHaveLength(2);
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ export const getCspPackagePolicies = (
});
};

export const getCspAgentPolicies = async (
export const getAgentPolicies = async (
soClient: SavedObjectsClientContract,
packagePolicies: PackagePolicy[],
agentPolicyService: AgentPolicyServiceInterface
Expand All @@ -80,7 +80,7 @@ export const getCspAgentPolicies = async (
return agentPolicies;
};

export const addRunningAgentToAgentPolicy = async (
const addRunningAgentToAgentPolicy = async (
agentService: AgentService,
agentPolicies: AgentPolicy[]
): Promise<GetAgentPoliciesResponseItem[]> => {
Expand Down Expand Up @@ -185,7 +185,6 @@ const createBenchmarks = (
const benchmark = createBenchmarkEntry(agentPolicy, cspPackage, cspRulesStatus);
return benchmark;
});

return benchmarks;
})
);
Expand Down Expand Up @@ -221,7 +220,7 @@ export const defineGetBenchmarksRoute = (router: CspRouter, cspContext: CspAppCo
query
);

const agentPolicies = await getCspAgentPolicies(
const agentPolicies = await getAgentPolicies(
soClient,
cspPackagePolicies.items,
agentPolicyService
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,29 +6,15 @@
*/

import { transformError } from '@kbn/securitysolution-es-utils';
import { ElasticsearchClient, SavedObjectsClientContract } from '@kbn/core/server';
import {
AgentPolicyServiceInterface,
AgentService,
PackagePolicyServiceInterface,
PackageService,
} from '@kbn/fleet-plugin/server';
import { ListResult, PackagePolicy } from '@kbn/fleet-plugin/common';
import {
CLOUD_SECURITY_POSTURE_PACKAGE_NAME,
INFO_ROUTE_PATH,
LATEST_FINDINGS_INDEX_DEFAULT_NS,
} from '../../../common/constants';
import { ElasticsearchClient } from '@kbn/core/server';
import { INFO_ROUTE_PATH, LATEST_FINDINGS_INDEX_DEFAULT_NS } from '../../../common/constants';
import { CspAppContext } from '../../plugin';
import { CspRouter } from '../../types';
import { CspSetupStatus, LatestFindingsIndexState } from '../../../common/types';
import {
addRunningAgentToAgentPolicy,
getCspAgentPolicies,
getCspPackagePolicies,
} from '../benchmarks/benchmarks';
import { CspSetupStatus } from '../../../common/types';

const isFindingsExists = async (esClient: ElasticsearchClient): Promise<boolean> => {
const getLatestFindingsStatus = async (
esClient: ElasticsearchClient
): Promise<CspSetupStatus['latestFindingsIndexStatus']> => {
try {
const queryResult = await esClient.search({
index: LATEST_FINDINGS_INDEX_DEFAULT_NS,
Expand All @@ -37,113 +23,12 @@ const isFindingsExists = async (esClient: ElasticsearchClient): Promise<boolean>
},
size: 1,
});

const hasLatestFinding = !!queryResult.hits.hits.length;

return hasLatestFinding ? true : false;
return hasLatestFinding ? 'applicable' : 'inapplicable';
} catch (e) {
return false;
}
};

const isCspPackageInstalledOnAgentPolicy = async (
soClient: SavedObjectsClientContract,
packagePolicyService: PackagePolicyServiceInterface
): Promise<ListResult<PackagePolicy>> => {
const cspPackagePolicies = getCspPackagePolicies(
soClient,
packagePolicyService,
CLOUD_SECURITY_POSTURE_PACKAGE_NAME,
{ per_page: 10000 }
);
return cspPackagePolicies;
};

const getHealthyAgents = async (
soClient: SavedObjectsClientContract,
cspPackagePolicies: ListResult<PackagePolicy>,
agentPolicyService: AgentPolicyServiceInterface,
agentService: AgentService
): Promise<number> => {
const agentPolicies = await getCspAgentPolicies(
soClient,
cspPackagePolicies.items,
agentPolicyService
);
const enrichAgentPolicies = await addRunningAgentToAgentPolicy(agentService, agentPolicies);
const initialValue = 0;
const totalAgents = enrichAgentPolicies
.map((agentPolicy) => (agentPolicy.agents ? agentPolicy.agents : 0))
.reduce((previousValue, currentValue) => previousValue + currentValue, initialValue);
return totalAgents;
};

const getInstalledPackageVersion = async (
packageService: PackageService
): Promise<string | null> => {
const packageInfo = await packageService.asInternalUser.getInstallation(
CLOUD_SECURITY_POSTURE_PACKAGE_NAME
);

if (packageInfo) {
return packageInfo.install_version;
return 'inapplicable';
}
return null;
};

const geLatestFindingsIndexStatus = async (
esClient: ElasticsearchClient,
installedPckVer: string | null,
healthyAgents: number
): Promise<LatestFindingsIndexState> => {
if (await isFindingsExists(esClient)) return 'indexed';

if (installedPckVer == null) return 'not installed';

if (healthyAgents > 0) return 'indexing';

return 'not deployed';
};

const getCspSetupStatus = async (
esClient: ElasticsearchClient,
soClient: SavedObjectsClientContract,
packageService: PackageService,
packagePolicyService: PackagePolicyServiceInterface,
agentPolicyService: AgentPolicyServiceInterface,
agentService: AgentService
): Promise<CspSetupStatus> => {
const installedPckVer = await getInstalledPackageVersion(packageService);

const cspPackageInstalled = await isCspPackageInstalledOnAgentPolicy(
soClient,
packagePolicyService
);

const installedIntegrations = cspPackageInstalled.items.length
? cspPackageInstalled.items.length
: 0;

const healthyAgents = await getHealthyAgents(
soClient,
cspPackageInstalled,
agentPolicyService,
agentService
);

const latestPkgVersion = await packageService.asInternalUser.fetchFindLatestPackage(
CLOUD_SECURITY_POSTURE_PACKAGE_NAME
);

const status = await geLatestFindingsIndexStatus(esClient, installedPckVer, healthyAgents);

return {
status,
latest_pkg_ver: latestPkgVersion.version,
installed_integration: installedIntegrations,
healthy_agents: healthyAgents,
installed_pkg_ver: installedPckVer,
};
};

export const defineGetCspSetupStatusRoute = (router: CspRouter, cspContext: CspAppContext): void =>
Expand All @@ -155,27 +40,11 @@ export const defineGetCspSetupStatusRoute = (router: CspRouter, cspContext: CspA
async (context, _, response) => {
try {
const esClient = (await context.core).elasticsearch.client.asCurrentUser;
const soClient = (await context.core).savedObjects.client;

const packageService = cspContext.service.packageService;
const agentService = cspContext.service.agentService;
const agentPolicyService = cspContext.service.agentPolicyService;
const packagePolicyService = cspContext.service.packagePolicyService;

if (!agentPolicyService || !agentService || !packagePolicyService || !packageService) {
throw new Error(`Failed to get Fleet services`);
}

const status = await getCspSetupStatus(
esClient,
soClient,
packageService,
packagePolicyService,
agentPolicyService,
agentService
);
const latestFindingsIndexStatus = await getLatestFindingsStatus(esClient);

const body: CspSetupStatus = status;
const body: CspSetupStatus = {
latestFindingsIndexStatus,
};

return response.ok({
body,
Expand Down

0 comments on commit 9c69c5d

Please sign in to comment.