From 8dd5e99a2d2b63153da36d4b00a9fade83bb3ce2 Mon Sep 17 00:00:00 2001 From: fatima99s Date: Fri, 14 Jun 2024 22:13:58 +0500 Subject: [PATCH 1/4] F/Azure-mysqlFlexibleServerHasTags --- exports.js | 1 + .../mysqlserver/mysqlFlexibleServerHasTags.js | 55 ++++++++++++ .../mysqlFlexibleServerHasTags.spec.js | 87 +++++++++++++++++++ 3 files changed, 143 insertions(+) create mode 100644 plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js create mode 100644 plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js diff --git a/exports.js b/exports.js index 9ca097916d..5019264d54 100644 --- a/exports.js +++ b/exports.js @@ -852,6 +852,7 @@ module.exports = { 'resourceAllowedLocations' : require(__dirname + '/plugins/azure/policyservice/resourceAllowedLocations.js'), 'resourceLocationMatch' : require(__dirname + '/plugins/azure/policyservice/resourceLocationMatch.js'), + 'mysqlFlexibleServerHasTags' : require(__dirname + '/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js'), 'enforceMySQLSSLConnection' : require(__dirname + '/plugins/azure/mysqlserver/enforceMySQLSSLConnection.js'), 'mysqlFlexibleServersMinTls' : require(__dirname + '/plugins/azure/mysqlserver/mysqlFlexibleServersMinTls.js'), 'mysqlServerHasTags' : require(__dirname + '/plugins/azure/mysqlserver/mysqlServerHasTags.js'), diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js new file mode 100644 index 0000000000..bb27e2d02c --- /dev/null +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js @@ -0,0 +1,55 @@ +const async = require('async'); +const helpers = require('../../../helpers/azure'); + +module.exports = { + title: 'MySQL Flexible Server Has Tags', + category: 'MySQL Server', + domain: 'Databases', + severity: 'Low', + description: 'Ensure that Azure MySQL Flexible servers have tags associated.', + more_info: 'Tags help you to group resources together that are related to or associated with each other. It is a best practice to tag cloud resources to better organize and gain visibility into their usage.', + recommended_action: 'Modify MySQL Flexible server and add tags.', + link: 'https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources', + apis: ['servers:listMysql', 'servers:listMysqlFlexibleServer'], + realtime_triggers: ['microsoftdbformysql:flexibleservers:write','microsoftdbformysql:flexibleservers:delete'], + + + run: function(cache, settings, callback) { + const results = []; + const source = {}; + const locations = helpers.locations(settings.govcloud); + + async.each(locations.servers, (location, rcb) => { + + const servers = helpers.addSource(cache, source, + ['servers', 'listMysqlFlexibleServer', location]); + + if (!servers) return rcb(); + + if (servers.err || !servers.data) { + helpers.addResult(results, 3, + 'Unable to query for MySQL flexible servers: ' + helpers.addError(servers), location); + return rcb(); + } + + if (!servers.data.length) { + helpers.addResult(results, 0, 'No existing MySQL flexible servers found', location); + return rcb(); + } + + for (var flexibleServer of servers.data) { + if (!flexibleServer.id) continue; + + if (flexibleServer.tags && Object.entries(flexibleServer.tags).length > 0){ + helpers.addResult(results, 0, 'MySQL Flexible server has tags associated', location, flexibleServer.id); + } else { + helpers.addResult(results, 2, 'MySQL Flexible server does not have tags associated', location, flexibleServer.id); + } + } + + rcb(); + }, function() { + callback(null, results, source); + }); + }, +}; \ No newline at end of file diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js new file mode 100644 index 0000000000..de222d778a --- /dev/null +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js @@ -0,0 +1,87 @@ +var expect = require('chai').expect; +var server = require('./mysqlFlexibleServerHasTags'); + +const servers = [ + { + "id": "/subscriptions/12345/resourceGroups/Default/providers/Microsoft.DBforMySQL/flexibleServers/test-server", + "type": "Microsoft.DBforMySQL/flexibleServers", + "name": 'test-server', + "tags": {"key": "value"}, + }, + { + "id": "/subscriptions/12345/resourceGroups/Default/providers/Microsoft.DBforMySQL/flexibleServers/test-server", + "type": "Microsoft.DBforMySQL/flexibleServers", + "name": 'test-server', + "tags": {}, + } +]; + +const createCache = (server) => { + return { + servers: { + listMysqlFlexibleServer: { + 'eastus': { + data: server + } + } + } + }; +}; + +const createErrorCache = () => { + return { + servers: { + listMysqlFlexibleServer: { + 'eastus': {} + } + } + }; +}; + +describe('mysqlServerHasTags', function() { + describe('run', function() { + it('should give passing result if no servers found', function(done) { + const cache = createCache([]); + server.run(cache, {}, (err, results) => { + expect(results.length).to.equal(1); + expect(results[0].status).to.equal(0); + expect(results[0].message).to.include('No existing MySQL flexible servers found'); + expect(results[0].region).to.equal('eastus'); + done(); + }); + }); + + it('should give failing result if MySQL Server does not have tags', function(done) { + const cache = createCache([servers[1]]); + server.run(cache, {}, (err, results) => { + expect(results.length).to.equal(1); + expect(results[0].status).to.equal(2); + expect(results[0].message).to.include('MySQL Flexible server does not have tags associated'); + expect(results[0].region).to.equal('eastus'); + done(); + }); + }); + + it('should give unknown result if unable to query for MySQL servers', function(done) { + const cache = createErrorCache(); + server.run(cache, {}, (err, results) => { + expect(results.length).to.equal(1); + expect(results[0].status).to.equal(3); + expect(results[0].message).to.include('Unable to query for MySQL flexible servers:'); + expect(results[0].region).to.equal('eastus'); + done(); + }); + }); + + it('should give passing result if MySQL Server has tags', function(done) { + const cache = createCache([servers[0]]); + server.run(cache, {}, (err, results) => { + expect(results.length).to.equal(1); + expect(results[0].status).to.equal(0); + expect(results[0].message).to.include('MySQL Flexible server has tags associated'); + expect(results[0].region).to.equal('eastus'); + done(); + }); + }); + }); +}); \ No newline at end of file From 68210c03c3ed64254c33f7feb1f7597584bbaee5 Mon Sep 17 00:00:00 2001 From: fatima99s Date: Fri, 14 Jun 2024 22:56:46 +0500 Subject: [PATCH 2/4] F/Azure-mysqlFlexibleServerHasTags --- plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js | 4 ++-- plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js index bb27e2d02c..4dbf165f37 100644 --- a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js @@ -41,9 +41,9 @@ module.exports = { if (!flexibleServer.id) continue; if (flexibleServer.tags && Object.entries(flexibleServer.tags).length > 0){ - helpers.addResult(results, 0, 'MySQL Flexible server has tags associated', location, flexibleServer.id); + helpers.addResult(results, 0, 'MySQL flexible server has tags associated', location, flexibleServer.id); } else { - helpers.addResult(results, 2, 'MySQL Flexible server does not have tags associated', location, flexibleServer.id); + helpers.addResult(results, 2, 'MySQL flexible server does not have tags associated', location, flexibleServer.id); } } diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js index de222d778a..63fe4a997e 100644 --- a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.spec.js @@ -56,7 +56,7 @@ describe('mysqlServerHasTags', function() { server.run(cache, {}, (err, results) => { expect(results.length).to.equal(1); expect(results[0].status).to.equal(2); - expect(results[0].message).to.include('MySQL Flexible server does not have tags associated'); + expect(results[0].message).to.include('MySQL flexible server does not have tags associated'); expect(results[0].region).to.equal('eastus'); done(); }); @@ -78,7 +78,7 @@ describe('mysqlServerHasTags', function() { server.run(cache, {}, (err, results) => { expect(results.length).to.equal(1); expect(results[0].status).to.equal(0); - expect(results[0].message).to.include('MySQL Flexible server has tags associated'); + expect(results[0].message).to.include('MySQL flexible server has tags associated'); expect(results[0].region).to.equal('eastus'); done(); }); From ac372a7a2cf64add925d568c03455fd7f53523ed Mon Sep 17 00:00:00 2001 From: alphadev4 <113519745+alphadev4@users.noreply.github.com> Date: Sun, 16 Jun 2024 18:04:15 +0500 Subject: [PATCH 3/4] Apply suggestions from code review --- plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js index 4dbf165f37..39e5d44b31 100644 --- a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js @@ -6,9 +6,9 @@ module.exports = { category: 'MySQL Server', domain: 'Databases', severity: 'Low', - description: 'Ensure that Azure MySQL Flexible servers have tags associated.', + description: 'Ensure that Azure MySQL flexible servers have tags associated.', more_info: 'Tags help you to group resources together that are related to or associated with each other. It is a best practice to tag cloud resources to better organize and gain visibility into their usage.', - recommended_action: 'Modify MySQL Flexible server and add tags.', + recommended_action: 'Modify MySQL flexible server and add tags.', link: 'https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources', apis: ['servers:listMysql', 'servers:listMysqlFlexibleServer'], realtime_triggers: ['microsoftdbformysql:flexibleservers:write','microsoftdbformysql:flexibleservers:delete'], From 6e4195b91b9bbd88d1dcbfae2859183143ef9dbc Mon Sep 17 00:00:00 2001 From: alphadev4 <113519745+alphadev4@users.noreply.github.com> Date: Wed, 19 Jun 2024 23:51:50 +0500 Subject: [PATCH 4/4] Apply suggestions from code review --- plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js index 39e5d44b31..efe9ac4425 100644 --- a/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js +++ b/plugins/azure/mysqlserver/mysqlFlexibleServerHasTags.js @@ -11,7 +11,7 @@ module.exports = { recommended_action: 'Modify MySQL flexible server and add tags.', link: 'https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources', apis: ['servers:listMysql', 'servers:listMysqlFlexibleServer'], - realtime_triggers: ['microsoftdbformysql:flexibleservers:write','microsoftdbformysql:flexibleservers:delete'], + realtime_triggers: ['microsoftdbformysql:flexibleservers:write','microsoftdbformysql:flexibleservers:delete', 'microsoftresources:tags:write'], run: function(cache, settings, callback) { @@ -20,7 +20,6 @@ module.exports = { const locations = helpers.locations(settings.govcloud); async.each(locations.servers, (location, rcb) => { - const servers = helpers.addSource(cache, source, ['servers', 'listMysqlFlexibleServer', location]);