Skip to content

feat(policy): DSPX-901 NDR database crud #2071

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 26 commits into from
Apr 22, 2025
Merged

feat(policy): DSPX-901 NDR database crud #2071

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
9592e69
add protos and generate
ryanulit Apr 15, 2025
d47cdc4
fix missed rename
ryanulit Apr 15, 2025
4c57dfa
add reg res db client methods except list and initial test setup
ryanulit Apr 15, 2025
62ddb7a
add list sql queries and client methods
ryanulit Apr 16, 2025
ba348b5
add integration tests for create db client methods
ryanulit Apr 16, 2025
ff8596e
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 16, 2025
093c19d
add delete integration tests
ryanulit Apr 16, 2025
5dd05d2
add update integration tests
ryanulit Apr 16, 2025
e13fc7d
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 16, 2025
569d0fb
fix proto lint errors
ryanulit Apr 16, 2025
1f8bd21
more lint fixes
ryanulit Apr 16, 2025
dd571fb
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 17, 2025
f1101fc
add get integration tests
ryanulit Apr 17, 2025
c73118a
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 17, 2025
56d6e5a
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 17, 2025
9647b24
lint fix
ryanulit Apr 17, 2025
dd17373
add list sql filter and fix bugs
ryanulit Apr 17, 2025
e05a007
refactor integration tests to not modify fixture data
ryanulit Apr 17, 2025
6acd110
add list integration tests
ryanulit Apr 18, 2025
5fff148
fix lint issues
ryanulit Apr 18, 2025
25e55a1
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 18, 2025
6e818b7
PR change requests
ryanulit Apr 21, 2025
40e0bb3
Merge branch 'main' into DSPX-901-ndr-database-crud
ryanulit Apr 21, 2025
876559f
fix flaky tests
ryanulit Apr 21, 2025
8373be9
refactor get methods to use request instead of any
ryanulit Apr 22, 2025
364fa07
remove stale comment
ryanulit Apr 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
917 changes: 917 additions & 0 deletions service/integration/registered_resources_test.go
View file
Open in desktop

Large diffs are not rendered by default.

66 changes: 66 additions & 0 deletions service/internal/fixtures/fixtures.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,17 @@ type FixtureDataNamespaceKeyMap struct {
KeyID string `yaml:"key_id"`
}

type FixtureDataRegisteredResource struct {
ID string `yaml:"id"`
Name string `yaml:"name"`
}

type FixtureDataRegisteredResourceValue struct {
ID string `yaml:"id"`
RegisteredResourceID string `yaml:"registered_resource_id"`
Value string `yaml:"value"`
}

type FixtureData struct {
Namespaces struct {
Metadata FixtureMetadata `yaml:"metadata"`
Expand Down Expand Up @@ -177,6 +188,14 @@ type FixtureData struct {
Metadata FixtureMetadata `yaml:"metadata"`
Data []FixtureDataNamespaceKeyMap `yaml:"data"`
} `yaml:"namespace_key_map"`
RegisteredResources struct {
Metadata FixtureMetadata `yaml:"metadata"`
Data map[string]FixtureDataRegisteredResource `yaml:"data"`
} `yaml:"registered_resources"`
RegisteredResourceValues struct {
Metadata FixtureMetadata `yaml:"metadata"`
Data map[string]FixtureDataRegisteredResourceValue `yaml:"data"`
} `yaml:"registered_resource_values"`
}

func LoadFixtureData(file string) {
Expand Down Expand Up @@ -314,6 +333,24 @@ func (f *Fixtures) GetNamespaceKeyMap(key string) []FixtureDataNamespaceKeyMap {
return nkms
}

func (f *Fixtures) GetRegisteredResourceKey(key string) FixtureDataRegisteredResource {
rr, ok := fixtureData.RegisteredResources.Data[key]
if !ok || rr.ID == "" {
slog.Error("could not find registered resource", slog.String("id", key))
panic("could not find registered resource fixture: " + key)
}
return rr
}

func (f *Fixtures) GetRegisteredResourceValueKey(key string) FixtureDataRegisteredResourceValue {
rv, ok := fixtureData.RegisteredResourceValues.Data[key]
if !ok || rv.ID == "" {
slog.Error("could not find registered resource value", slog.String("id", key))
panic("could not find registered resource value fixture: " + key)
}
return rv
}

func (f *Fixtures) Provision() {
slog.Info("📦 running migrations in schema", slog.String("schema", f.db.Schema))
_, err := f.db.Client.RunMigrations(context.Background(), policy.Migrations)
Expand Down Expand Up @@ -349,6 +386,10 @@ func (f *Fixtures) Provision() {
dkm := f.provisionDefinitionKeyMap()
slog.Info("📦 provisioning namespace key map")
nkm := f.provisionNamespaceKeyMap()
slog.Info("📦 provisioning registered resources")
rr := f.provisionRegisteredResources()
slog.Info("📦 provisioning registered resource values")
rrv := f.provisionRegisteredResourceValues()

slog.Info("📦 provisioned fixtures data",
slog.Int64("namespaces", n),
Expand All @@ -365,6 +406,8 @@ func (f *Fixtures) Provision() {
slog.Int64("value_key_map", vkm),
slog.Int64("definition_key_map", dkm),
slog.Int64("namespace_key_map", nkm),
slog.Int64("registered_resources", rr),
slog.Int64("registered_resource_values", rrv),
)
slog.Info("📚 indexing FQNs for fixtures")
f.db.PolicyClient.AttrFqnReindex(context.Background())
Expand Down Expand Up @@ -573,6 +616,29 @@ func (f *Fixtures) provisionNamespaceKeyMap() int64 {
return f.provision(fixtureData.NamespaceKeyMap.Metadata.TableName, fixtureData.NamespaceKeyMap.Metadata.Columns, values)
}

func (f *Fixtures) provisionRegisteredResources() int64 {
values := make([][]string, 0, len(fixtureData.RegisteredResources.Data))
for _, d := range fixtureData.RegisteredResources.Data {
values = append(values, []string{
f.db.StringWrap(d.ID),
f.db.StringWrap(d.Name),
})
}
return f.provision(fixtureData.RegisteredResources.Metadata.TableName, fixtureData.RegisteredResources.Metadata.Columns, values)
}

func (f *Fixtures) provisionRegisteredResourceValues() int64 {
values := make([][]string, 0, len(fixtureData.RegisteredResourceValues.Data))
for _, d := range fixtureData.RegisteredResourceValues.Data {
values = append(values, []string{
f.db.StringWrap(d.ID),
f.db.StringWrap(d.RegisteredResourceID),
f.db.StringWrap(d.Value),
})
}
return f.provision(fixtureData.RegisteredResourceValues.Metadata.TableName, fixtureData.RegisteredResourceValues.Metadata.Columns, values)
}

func (f *Fixtures) provision(t string, c []string, v [][]string) int64 {
rows, err := f.db.ExecInsert(t, c, v...)
if err != nil {
Expand Down
46 changes: 46 additions & 0 deletions service/internal/fixtures/policy_fixtures.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -615,3 +615,49 @@ namespace_key_map:
key_id: 68fb7e3e-6c7b-434d-bf38-07701ad8655a
- namespace_id: 87ba60e1-da12-4889-95fd-267968bf0896 # deactivated
key_id: d433e903-e3d1-4823-9b3e-7b188e7c6060

##
# Registered Resources
#
##
registered_resources:
metadata:
table_name: registered_resources
columns:
- id
- name
data:
res_with_values:
id: f3a1b2c4-5d6e-7f89-0a1b-2c3d4e5f6789
name: res_with_values
res_with_values2:
id: 39cd944b-d703-4330-936a-83b3d497c8d4
name: res_with_values2
res_only:
id: a9b8c7d6-e5f4-3a2b-1c0d-9e8f7a6b5c4d
name: res_only

##
# Registered Resource Values
#
##
registered_resource_values:
metadata:
table_name: registered_resource_values
columns:
- id
- registered_resource_id
- value
data:
res_with_values__value1:
id: 1d2c3b4a-5e6f-7a89-0b1c-2d3e4f5a6789
registered_resource_id: f3a1b2c4-5d6e-7f89-0a1b-2c3d4e5f6789
value: res_with_values__value1
res_with_values__value2:
id: 9e8f7a6b-5c4d-3b2a-1d0c-8f7e6a5b4c3d
registered_resource_id: f3a1b2c4-5d6e-7f89-0a1b-2c3d4e5f6789
value: res_with_values__value2
res_with_values2__value1:
id: a932ff01-cca6-41f6-a147-7eba7560611b
registered_resource_id: 39cd944b-d703-4330-936a-83b3d497c8d4
value: res_with_values2__value1
2 changes: 1 addition & 1 deletion service/policy/db/db.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 31 additions & 1 deletion service/policy/db/models.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

107 changes: 107 additions & 0 deletions service/policy/db/query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1139,4 +1139,111 @@ INSERT INTO attribute_value_public_key_map (value_id, key_id) VALUES ($1, $2);
-- name: removePublicKeyFromAttributeValue :execrows
DELETE FROM attribute_value_public_key_map WHERE value_id = $1 AND key_id = $2;


----------------------------------------------------------------
-- REGISTERED RESOURCES
----------------------------------------------------------------

-- name: createRegisteredResource :one
INSERT INTO registered_resources (name, metadata)
VALUES ($1, $2)
RETURNING id;

-- name: getRegisteredResource :one
-- TODO add FQN support
SELECT
r.id,
r.name,
JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', r.metadata -> 'labels', 'created_at', r.created_at, 'updated_at', r.updated_at)) as metadata,
JSON_AGG(
JSON_BUILD_OBJECT(
'id', v.id,
'value', v.value
)
) FILTER (WHERE v.id IS NOT NULL) as values
FROM registered_resources r
LEFT JOIN registered_resource_values v ON v.registered_resource_id = r.id
WHERE r.id = $1
GROUP BY r.id;

-- name: listRegisteredResources :many
WITH counted AS (
SELECT COUNT(id) AS total
FROM registered_resources
)
SELECT
r.id,
r.name,
JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', r.metadata -> 'labels', 'created_at', r.created_at, 'updated_at', r.updated_at)) as metadata,
JSON_AGG(
JSON_BUILD_OBJECT(
'id', v.id,
'value', v.value
)
) FILTER (WHERE v.id IS NOT NULL) as values,
counted.total
FROM registered_resources r
CROSS JOIN counted
LEFT JOIN registered_resource_values v ON v.registered_resource_id = r.id
GROUP BY r.id, counted.total
LIMIT @limit_
OFFSET @offset_;

-- name: updateRegisteredResource :execrows
UPDATE registered_resources
SET
name = COALESCE(sqlc.narg('name'), name),
metadata = COALESCE(sqlc.narg('metadata'), metadata)
WHERE id = $1;

-- name: deleteRegisteredResource :execrows
DELETE FROM registered_resources WHERE id = $1;


----------------------------------------------------------------
-- REGISTERED RESOURCE VALUES
----------------------------------------------------------------

-- name: createRegisteredResourceValue :one
INSERT INTO registered_resource_values (registered_resource_id, value, metadata)
VALUES ($1, $2, $3)
RETURNING id;

-- name: getRegisteredResourceValue :one
SELECT
id,
registered_resource_id,
value,
JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', metadata -> 'labels', 'created_at', created_at, 'updated_at', updated_at)) as metadata
FROM registered_resource_values
WHERE id = $1;

-- name: listRegisteredResourceValues :many
WITH counted AS (
SELECT COUNT(id) AS total
FROM registered_resource_values
WHERE
NULLIF(@registered_resource_id, '') IS NULL OR registered_resource_id = @registered_resource_id::UUID
)
SELECT
id,
registered_resource_id,
value,
JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', metadata -> 'labels', 'created_at', created_at, 'updated_at', updated_at)) as metadata,
counted.total
FROM registered_resource_values
CROSS JOIN counted
WHERE
NULLIF(@registered_resource_id, '') IS NULL OR registered_resource_id = @registered_resource_id::UUID
LIMIT @limit_
OFFSET @offset_;

-- name: updateRegisteredResourceValue :execrows
UPDATE registered_resource_values
SET
value = COALESCE(sqlc.narg('value'), value),
metadata = COALESCE(sqlc.narg('metadata'), metadata)
WHERE id = $1;

-- name: deleteRegisteredResourceValue :execrows
DELETE FROM registered_resource_values WHERE id = $1;
Loading
Loading