Skip to content

Commit

Permalink
Merge branch 'main' into nm/access-edges-perforomance-optimization
Browse files Browse the repository at this point in the history
  • Loading branch information
meln1k authored Dec 16, 2024
2 parents 36b945e + eedfaa5 commit 7aa2cd8
Show file tree
Hide file tree
Showing 26 changed files with 744 additions and 649 deletions.
16 changes: 0 additions & 16 deletions .github/workflows/check_pr_plugin_aws.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,19 +73,3 @@ jobs:
user: __token__
password: ${{ secrets.PYPI_FIXINVENTORY_PLUGIN_AWS }}
packages_dir: ./plugins/aws/dist/

- name: Upload AWS policies
if: github.event_name != 'pull_request'
working-directory: ./plugins/aws
run: |
pip install --upgrade --editable .
pip install --upgrade --editable ./tools/awspolicygen
export GITHUB_REF="${{ github.ref }}"
export GITHUB_REF_TYPE="${{ github.ref_type }}"
export GITHUB_EVENT_NAME="${{ github.event_name }}"
export API_TOKEN="${{ secrets.API_TOKEN }}"
export SPACES_KEY="${{ secrets.SPACES_KEY }}"
export SPACES_SECRET="${{ secrets.SPACES_SECRET }}"
export AWS_ACCESS_KEY_ID="${{ secrets.S3_FIXINVENTORYPUBLIC_AWS_ACCESS_KEY_ID }}"
export AWS_SECRET_ACCESS_KEY="${{ secrets.S3_FIXINVENTORYPUBLIC_AWS_SECRET_ACCESS_KEY }}"
awspolicygen --verbose --spaces-name somecdn --spaces-region ams3 --spaces-path fix/aws/ --aws-s3-bucket fixinventorypublic --aws-s3-bucket-path cf/
14 changes: 0 additions & 14 deletions .github/workflows/check_pr_plugin_gcp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,17 +73,3 @@ jobs:
user: __token__
password: ${{ secrets.PYPI_FIXINVENTORY_PLUGIN_GCP }}
packages_dir: ./plugins/gcp/dist/

- name: Upload GCP policies
if: github.event_name != 'pull_request'
working-directory: ./plugins/gcp
run: |
pip install --upgrade --editable .
pip install --upgrade --editable ./tools/gcppolicygen
export GITHUB_REF="${{ github.ref }}"
export GITHUB_REF_TYPE="${{ github.ref_type }}"
export GITHUB_EVENT_NAME="${{ github.event_name }}"
export API_TOKEN="${{ secrets.API_TOKEN }}"
export SPACES_KEY="${{ secrets.SPACES_KEY }}"
export SPACES_SECRET="${{ secrets.SPACES_SECRET }}"
gcppolicygen --verbose --spaces-name somecdn --spaces-region ams3 --spaces-path fix/gcp/
9 changes: 5 additions & 4 deletions .github/workflows/create_plugin_workflows.py
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,8 @@
.replace("@name@", plugin)
.replace("@PKGNAME@", f"fixinventory_plugin_{plugin}".upper())
)
if plugin == "aws":
yml.write(aws_policygen)
elif plugin == "gcp":
yml.write(gcp_policygen)
# PolicyGen Upload disabled for now. Uncomment when required.
# if plugin == "aws":
# yml.write(aws_policygen)
# elif plugin == "gcp":
# yml.write(gcp_policygen)
164 changes: 82 additions & 82 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,34 +34,34 @@ jobs:
run: |
yarn install --frozen-lockfile
- name: Wait for AWS policies to be uploaded
if: github.event_name != 'workflow_dispatch'
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: aws
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Update AWS policy JSON
shell: bash
working-directory: ./docs.fix.security/iam/aws
run: |
wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/edge/FixOrgList.json
wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/edge/FixCollect.json
- name: Wait for GCP policies to be uploaded
if: github.event_name != 'workflow_dispatch'
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: gcp
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Update GCP policy JSON
shell: bash
working-directory: ./docs.fix.security/iam/gcp
run: |
wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/edge/fix_access.json
# - name: Wait for AWS policies to be uploaded
# if: github.event_name != 'workflow_dispatch'
# uses: lewagon/[email protected]
# with:
# ref: ${{ github.ref }}
# check-name: aws
# repo-token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Update AWS policy JSON
# shell: bash
# working-directory: ./docs.fix.security/iam/aws
# run: |
# wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/edge/FixOrgList.json
# wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/edge/FixCollect.json
#
# - name: Wait for GCP policies to be uploaded
# if: github.event_name != 'workflow_dispatch'
# uses: lewagon/[email protected]
# with:
# ref: ${{ github.ref }}
# check-name: gcp
# repo-token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Update GCP policy JSON
# shell: bash
# working-directory: ./docs.fix.security/iam/gcp
# run: |
# wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/edge/fix_access.json

- name: Clean existing Kroki images
shell: bash
Expand Down Expand Up @@ -138,28 +138,28 @@ jobs:
run: |
yarn gen-api-docs
- name: Update AWS policy JSON
shell: bash
working-directory: ./inventory.fix.security/iam/aws/edge
run: |
wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/edge/FixOrgList.json
wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/edge/FixCollect.json
wget -qO FixMutate.json https://cdn.some.engineering/fix/aws/edge/FixMutate.json
- name: Wait for GCP policies to be uploaded
if: github.event_name != 'workflow_dispatch'
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: gcp
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Update GCP policy JSON
shell: bash
working-directory: ./inventory.fix.security/iam/gcp/edge
run: |
wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/edge/fix_access.json
wget -qO fix_mutate.json https://cdn.some.engineering/fix/gcp/edge/fix_mutate.json
# - name: Update AWS policy JSON
# shell: bash
# working-directory: ./inventory.fix.security/iam/aws/edge
# run: |
# wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/edge/FixOrgList.json
# wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/edge/FixCollect.json
# wget -qO FixMutate.json https://cdn.some.engineering/fix/aws/edge/FixMutate.json
#
# - name: Wait for GCP policies to be uploaded
# if: github.event_name != 'workflow_dispatch'
# uses: lewagon/[email protected]
# with:
# ref: ${{ github.ref }}
# check-name: gcp
# repo-token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Update GCP policy JSON
# shell: bash
# working-directory: ./inventory.fix.security/iam/gcp/edge
# run: |
# wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/edge/fix_access.json
# wget -qO fix_mutate.json https://cdn.some.engineering/fix/gcp/edge/fix_mutate.json

- name: Clean existing Kroki images
if: github.event_name == 'workflow_dispatch' # only when triggered manually
Expand Down Expand Up @@ -286,38 +286,38 @@ jobs:
run: |
yarn gen-api-docs
- name: Wait for AWS policies to be uploaded
if: steps.release.outputs.prerelease == 'false' && github.event_name != 'workflow_dispatch'
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: aws
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Update AWS policy JSON
if: steps.release.outputs.prerelease == 'false'
shell: bash
working-directory: ./inventory.fix.security/iam/aws/${{ steps.release.outputs.docsVersion }}
run: |
wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixOrgList.json
wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixCollect.json
wget -qO FixMutate.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixMutate.json
- name: Wait for GCP policies to be uploaded
if: steps.release.outputs.prerelease == 'false' && github.event_name != 'workflow_dispatch'
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: gcp
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Update GCP policy JSON
if: steps.release.outputs.prerelease == 'false'
shell: bash
working-directory: ./inventory.fix.security/iam/gcp/${{ steps.release.outputs.docsVersion }}
run: |
wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/${{ steps.release.outputs.tag }}/fix_access.json
wget -qO fix_mutate.json https://cdn.some.engineering/fix/gcp/${{ steps.release.outputs.tag }}/fix_mutate.json
# - name: Wait for AWS policies to be uploaded
# if: steps.release.outputs.prerelease == 'false' && github.event_name != 'workflow_dispatch'
# uses: lewagon/[email protected]
# with:
# ref: ${{ github.ref }}
# check-name: aws
# repo-token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Update AWS policy JSON
# if: steps.release.outputs.prerelease == 'false'
# shell: bash
# working-directory: ./inventory.fix.security/iam/aws/${{ steps.release.outputs.docsVersion }}
# run: |
# wget -qO FixOrgList.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixOrgList.json
# wget -qO FixCollect.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixCollect.json
# wget -qO FixMutate.json https://cdn.some.engineering/fix/aws/${{ steps.release.outputs.tag }}/FixMutate.json
#
# - name: Wait for GCP policies to be uploaded
# if: steps.release.outputs.prerelease == 'false' && github.event_name != 'workflow_dispatch'
# uses: lewagon/[email protected]
# with:
# ref: ${{ github.ref }}
# check-name: gcp
# repo-token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Update GCP policy JSON
# if: steps.release.outputs.prerelease == 'false'
# shell: bash
# working-directory: ./inventory.fix.security/iam/gcp/${{ steps.release.outputs.docsVersion }}
# run: |
# wget -qO fix_access.json https://cdn.some.engineering/fix/gcp/${{ steps.release.outputs.tag }}/fix_access.json
# wget -qO fix_mutate.json https://cdn.some.engineering/fix/gcp/${{ steps.release.outputs.tag }}/fix_mutate.json

- name: Modify Docker Compose YAML
if: steps.release.outputs.prerelease == 'false'
Expand Down
19 changes: 0 additions & 19 deletions fixcore/fixcore/static/api-doc.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -404,7 +404,6 @@ paths:
post:
summary: "Merge a given graph with the existing graph under marked merge nodes as batch update."
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Merge a given graph with the existing graph under marked merge nodes as batch update.
tags:
- graph_management
Expand Down Expand Up @@ -458,7 +457,6 @@ paths:
get:
summary: "Get a list of all running batch updates"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Get a list of all running batch updates.
tags:
- graph_management
Expand All @@ -475,7 +473,6 @@ paths:
post:
summary: "Commit a batch update"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Commit a batch update.
tags:
- graph_management
Expand All @@ -498,7 +495,6 @@ paths:
delete:
summary: "Abort a batch update"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Abort a batch update.
tags:
- graph_management
Expand Down Expand Up @@ -584,7 +580,6 @@ paths:
post:
summary: "Create a new node under the given parent node"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Create a new node under the given parent node.
tags:
- node_management
Expand Down Expand Up @@ -619,7 +614,6 @@ paths:
get:
summary: "Get a node with the given node id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Get a node with the given node id
tags:
- node_management
Expand All @@ -641,7 +635,6 @@ paths:
patch:
summary: "Update a node with the given node id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Update a node with the given node id
tags:
- node_management
Expand Down Expand Up @@ -670,7 +663,6 @@ paths:
delete:
summary: "Delete a node with the given node id."
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Delete a node with the given node id.
tags:
- node_management
Expand All @@ -689,7 +681,6 @@ paths:
patch:
summary: "Patch a node with the given node id in given section"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Patch a node with the given node id in given section
tags:
- node_management
Expand Down Expand Up @@ -723,7 +714,6 @@ paths:
post:
summary: "Transform the search into the raw database search"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Show the underlying raw search.
tags:
- debug
Expand Down Expand Up @@ -2153,7 +2143,6 @@ paths:
get:
summary: "Get all configuration keys"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Get all configuration keys in the system.
tags:
- config
Expand Down Expand Up @@ -2213,7 +2202,6 @@ paths:
get:
summary: "Get all configuration keys that have a model defined."
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Get all configuration keys that have a model defined.
tags:
- config_validation
Expand All @@ -2231,7 +2219,6 @@ paths:
get:
summary: "Get a configuration by its id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Fetch a configuration by id.
tags:
- config
Expand Down Expand Up @@ -2261,7 +2248,6 @@ paths:
put:
summary: "Replace a configuration with given id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Replace a configuration identified by id with provided value.
tags:
- config
Expand Down Expand Up @@ -2310,7 +2296,6 @@ paths:
patch:
summary: "Patch a configuration by its id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Patch a configuration identified by id with provided value.
tags:
- config
Expand Down Expand Up @@ -2359,7 +2344,6 @@ paths:
delete:
summary: "Delete a configuration by its id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Delete a configuration identified by id with provided value.
tags:
- config
Expand All @@ -2378,7 +2362,6 @@ paths:
get:
summary: "Get a configuration validation by its id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Fetch the validation of a configuration by id.
tags:
- config_validation
Expand All @@ -2405,7 +2388,6 @@ paths:
put:
summary: "Replace a configuration validation with given id"
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Replace a configuration validation identified by id with provided value.
tags:
- config_validation
Expand Down Expand Up @@ -2519,7 +2501,6 @@ paths:
get:
summary: Get information about CLI
description: |
**Experimental**: This API is not stable and might be subject of change.<br/>
Get information about CLI
tags:
- cli
Expand Down
Loading

0 comments on commit 7aa2cd8

Please sign in to comment.