SALTO-6721: [Intune] Create a static file from the Device Configuration template payload #6625
Conversation
packages/microsoft-security-adapter/src/definitions/fetch/intune/utils/device_configuration.ts
Outdated
Show resolved
Hide resolved
packages/microsoft-security-adapter/src/definitions/fetch/shared/utils/static_file.ts
Show resolved
Hide resolved
| ...value, | ||
| payload: createStaticFileFromBase64Blob({ | ||
| typeName: DEVICE_CONFIGURATION_TYPE_NAME, | ||
| fullName: value[NAME_ID_FIELD.fieldName], |
There was a problem hiding this comment.
(I think I missed it in the previous reviews, sorry about this)
you're making an assumption here that elemID fields are always NAME_ID_FIELD, while it can be configured by the user and then the instance and the static file will be misaligned / we'll get few static files in the same file
I think the alternatives are
- calling the function to calculate the elemID here (see similar example here)
- use
customto create the instance (I don't really like it 😅
Any other suggestions ? WDYT?
There was a problem hiding this comment.
Ohh, that's a good point, thanks!
Can the elemID still be configured by the user with the new infra? I don't think we’re accounting for the user config when creating the fetch definitions (at least not explicitly in the Microsoft Security adapter)
There was a problem hiding this comment.
Yap :) via elemID config (under fetch), see this part
There was a problem hiding this comment.
Cool, thanks @shir-reifenberg! The issue with the first method is that AFAIU it can only be used after the definitions are resolved, whereas we need it when setting the fetch definitions, since this is called inside an adjust function in the fetch definitions.
WDYS? Perhaps we should consider allowing the user config to be propagated to the custom adjust functions?
There was a problem hiding this comment.
You're right @shoshana-houri 😄 , even if we pass the userConfig, it won't take into account SALTO_DEFINITIONS_OVERRIDES as well... and it's actually quite strange to calculate elem ID related things in the adjust function of the request
I guess that's the issue with creating static files while we don't have the parent instance yet in hand..
I think you can merge this for now, but we should address it differently as it wouldn't work with elemIDs customizations on the device configuration.
Can you please open a ticket for this ? (and also tag @netama, as she might have a suggestion / thought about it before)
packages/microsoft-security-adapter/src/definitions/fetch/shared/utils/static_file.ts
Outdated
Show resolved
Hide resolved
| const value = { | ||
| displayName: 'name', | ||
| payload: | ||
| 'PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxub3RlPg0KICA8dG8+VGVzdDwvdG8+DQogIDxmcm9tPlRlc3RlcjwvZnJvbT4NCiAgPGhlYWRpbmc+UGxlYXNlIHdvcmsgbmljZWx5PC9oZWFkaW5nPg0KICA8Ym9keT5UaGFuayB5b3U8L2JvZHk+DQo8L25vdGU+', |
There was a problem hiding this comment.
This is an arbitrary base64-encoded string, why not make it shorter? 😅
There was a problem hiding this comment.
My kind of easter egg 🥚 😅
You're right though, I'll use the shorter one
shoshana-houri
force-pushed
the
salto-6721
branch
from
cbbaea1
to
5319fa2
Compare
shoshana-houri
force-pushed
the
salto-6721
branch
from
5319fa2
to
eead1bf
Compare
Some device configuration policies may contain configuration profile files returned as base64 blobs. This PR extracts them to static files.
See example .nacl structure here.
And the matching static file.
Release Notes:
User Notifications: