Source code for google.cloud.forseti.services.scanner.service

# Copyright 2017 The Forseti Security Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

""" Scanner gRPC service. """

from Queue import Queue

from google.cloud.forseti.common.util import logger
from google.cloud.forseti.scanner import scanner
from google.cloud.forseti.services.scanner.dao import initialize as init_storage
from google.cloud.forseti.services.scanner import scanner_pb2 # noqa=E501
from google.cloud.forseti.services.scanner import scanner_pb2_grpc

LOGGER = logger.get_logger(__name__)


[docs]class GrpcScanner(scanner_pb2_grpc.ScannerServicer): """IAM Scanner gRPC implementation.""" HANDLE_KEY = 'handle'
[docs] def _get_handle(self, context): """Return the handle associated with the gRPC call. Args: context (object): Context of the request. Returns: str: The model handle. """ metadata = context.invocation_metadata() metadata_dict = {} for key, value in metadata: metadata_dict[key] = value return metadata_dict[self.HANDLE_KEY]
def __init__(self, scanner_api, service_config): """Init. Args: scanner_api (Scanner): Scanner api implementation. service_config (ServiceConfig): Forseti 2.0 service configs. """ super(GrpcScanner, self).__init__() self.scanner = scanner_api self.service_config = service_config LOGGER.info('initializing scanner DAO tables') init_storage(service_config.get_engine())
[docs] def Ping(self, request, _): """Provides the capability to check for service availability. Args: request (PingRequest): The ping request. _ (object): Context of the request. Returns: PingReply: The response to the ping request. """ return scanner_pb2.PingReply(data=request.data)
[docs] def Run(self, request, context): """Run scanner. Args: request (RunRequest): The run request. context (object): Context of the request. Yields: Progress: The progress of the scanner. """ scanner_name = request.scanner_name progress_queue = Queue() model_name = self._get_handle(context) if not model_name: progress_queue.put( 'You must specify a model before running the Forseti' ' scanner. Run `forseti model -h` for more information.') progress_queue.put(None) else: LOGGER.info('Run scanner service with model: %s', model_name) self.service_config.run_in_background( lambda: self._run_scanner( model_name, progress_queue, scanner_name)) for progress_message in iter(progress_queue.get, None): yield scanner_pb2.Progress(server_message=progress_message)
[docs] def _run_scanner(self, model_name, progress_queue, scanner_name=None): """Run scanner. Args: model_name (str): Model name. progress_queue (Queue): Progress queue. scanner_name (str): name of the specified scanner to run """ try: self.scanner.run(model_name, progress_queue, self.service_config, scanner_name) except Exception as e: # pylint: disable=broad-except LOGGER.exception(e) progress_queue.put('Error occurred during the scanning process.') progress_queue.put(None)
[docs]class GrpcScannerFactory(object): """Factory class for Scanner service gRPC interface""" def __init__(self, config): """Init. Args: config (ServiceConfig): The service config. """ self.config = config
[docs] def create_and_register_service(self, server): """Create and register the IAM Scanner service. Args: server (object): The server object. Returns: object: The service object. """ service = GrpcScanner(scanner_api=scanner, service_config=self.config) scanner_pb2_grpc.add_ScannerServicer_to_server(service, server) LOGGER.info('Service %s created and registered.', service) return service