-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(securitycenter): Add Resource SCC Management API Org ETD Custom Module code samples (Update, Get Eff, List Eff, List Desc, Validate) #9912
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @lovenishs04 and reviewers,
I'm currently reviewing this pull request and will post my detailed review in a few minutes. In the meantime, here's a quick summary to help everyone get up to speed:
This pull request adds several new code samples for the Security Command Center Management API's Org Event Threat Detection Custom Module. The intent is to provide comprehensive examples for common operations, addressing issues b/347346777, b/347346891, b/347346970, b/347346994, and b/347346149.
Here's a breakdown of the changes:
- New Java files added:
GetEffectiveEventThreatDetectionCustomModule.java
: Retrieves an effective Event Threat Detection Custom Module.ListDescendantEventThreatDetectionCustomModules.java
: Lists descendant Event Threat Detection Custom Modules.ListEffectiveEventThreatDetectionCustomModules.java
: Lists effective Event Threat Detection Custom Modules.UpdateEventThreatDetectionCustomModule.java
: Updates an Event Threat Detection Custom Module.ValidateEventThreatDetectionCustomModule.java
: Validates an Event Threat Detection Custom Module.
EventThreatDetectionCustomModuleTest.java
updated: Added comprehensive test cases for all new functionalities.
All new files include standard copyright headers and follow the sample format guide. The pom.xml
parent is updated to the latest shared-configuration
. The README file has been updated accordingly. Note that the PR mentions the need for new API enables and env vars in testing projects. The author has also stated that tests and lint checks pass.
I'll be checking for completeness, correctness, and adherence to style guidelines in my full review.
And now, a little haiku to brighten your day:
Code flows like a stream,
Tests run green, a joyful sight,
Bugs flee in the night.
Thanks!
Gemini
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This pull request adds several code samples for the Security Command Center Management API's Organization Event Threat Detection Custom Modules. The samples cover Update, Get Effective, List Effective, List Descendant, and Validate functionalities. Overall, the code is well-structured and functional. However, there are a few areas that could be improved:
- Hardcoded Values: The
projectId
andcustomModuleId
are hardcoded. These should be parameterized, either through command-line arguments or environment variables, to make the samples more reusable. - Error Handling: While the code handles
IOException
, it lacks more specific error handling and input validation. This is crucial for robustness. - Documentation: The existing comments are minimal. More detailed explanations of the code's logic, parameters, and potential exceptions would greatly enhance readability and understanding.
- README Updates: The PR description mentions updating the README. Ensure this is done thoroughly to guide users on how to use the new samples.
I've provided more specific feedback in the individual file reviews below. Addressing these points will significantly improve the quality and usability of the code samples.
// TODO: Developer should replace project_id with a real project ID before running this code | ||
String projectId = "project_id"; | ||
|
||
String customModuleId = "custom_module_id"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The projectId
and customModuleId
are hardcoded. It's best practice to pass these as parameters to the main
method. This allows for greater flexibility and reusability. Consider using environment variables as a fallback if the arguments aren't provided.
// TODO: Developer should replace project_id with a real project ID before running this code | |
String projectId = "project_id"; | |
String customModuleId = "custom_module_id"; | |
String projectId = System.getenv("GOOGLE_CLOUD_PROJECT"); | |
String customModuleId = System.getenv("CUSTOM_MODULE_ID"); | |
if (args.length == 2) { | |
projectId = args[0]; | |
customModuleId = args[1]; | |
} else if (args.length != 0) { | |
System.out.println("Usage: java GetEffectiveEventThreatDetectionCustomModule <projectId> <customModuleId> OR set GOOGLE_CLOUD_PROJECT and CUSTOM_MODULE_ID env vars"); | |
return; | |
} | |
if (projectId == null || projectId.isEmpty()) { | |
throw new IllegalArgumentException("Project ID not provided. Please provide it as a command line argument or set the GOOGLE_CLOUD_PROJECT environment variable."); | |
} | |
if (customModuleId == null || customModuleId.isEmpty()) { | |
throw new IllegalArgumentException("Custom Module ID not provided. Please provide it as a command line argument or set the CUSTOM_MODULE_ID environment variable."); | |
} |
|
||
public static void main(String[] args) throws IOException { | ||
// https://cloud.google.com/security-command-center/docs/reference/security-center-management/rest/v1/organizations.locations.eventThreatDetectionCustomModules/listDescendant | ||
// TODO: Developer should replace project_id with a real project ID before running this code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similar to the previous suggestion, parameterize the projectId
. Accept it as a command-line argument or retrieve it from an environment variable.
// TODO: Developer should replace project_id with a real project ID before running this code | |
String projectId = System.getenv("GOOGLE_CLOUD_PROJECT"); | |
if (args.length == 1) { | |
projectId = args[0]; | |
} else if (args.length != 0) { | |
System.out.println("Usage: java ListDescendantEventThreatDetectionCustomModules <projectId> OR set GOOGLE_CLOUD_PROJECT env var"); | |
return; | |
} | |
if (projectId == null || projectId.isEmpty()) { | |
throw new IllegalArgumentException("Project ID not provided. Please provide it as a command line argument or set the GOOGLE_CLOUD_PROJECT environment variable."); | |
} |
|
||
public static void main(String[] args) throws IOException { | ||
// https://cloud.google.com/security-command-center/docs/reference/security-center-management/rest/v1/organizations.locations.effectiveEventThreatDetectionCustomModules/list | ||
// TODO: Developer should replace project_id with a real project ID before running this code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Parameterize the projectId
for consistency and reusability. Accept it as a command-line argument or retrieve it from an environment variable.
// TODO: Developer should replace project_id with a real project ID before running this code | |
String projectId = System.getenv("GOOGLE_CLOUD_PROJECT"); | |
if (args.length == 1) { | |
projectId = args[0]; | |
} else if (args.length != 0) { | |
System.out.println("Usage: java ListEffectiveEventThreatDetectionCustomModules <projectId> OR set GOOGLE_CLOUD_PROJECT env var"); | |
return; | |
} | |
if (projectId == null || projectId.isEmpty()) { | |
throw new IllegalArgumentException("Project ID not provided. Please provide it as a command line argument or set the GOOGLE_CLOUD_PROJECT environment variable."); | |
} |
// TODO: Developer should replace project_id with a real project ID before running this code | ||
String projectId = "project_id"; | ||
|
||
String customModuleId = "custom_module_id"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The projectId
and customModuleId
should be parameterized, similar to the other samples. This improves reusability and allows for easier testing.
// TODO: Developer should replace project_id with a real project ID before running this code | |
String projectId = "project_id"; | |
String customModuleId = "custom_module_id"; | |
String projectId = System.getenv("GOOGLE_CLOUD_PROJECT"); | |
String customModuleId = System.getenv("CUSTOM_MODULE_ID"); | |
if (args.length == 2) { | |
projectId = args[0]; | |
customModuleId = args[1]; | |
} else if (args.length != 0) { | |
System.out.println("Usage: java UpdateEventThreatDetectionCustomModule <projectId> <customModuleId> OR set GOOGLE_CLOUD_PROJECT and CUSTOM_MODULE_ID env vars"); | |
return; | |
} | |
if (projectId == null || projectId.isEmpty()) { | |
throw new IllegalArgumentException("Project ID not provided. Please provide it as a command line argument or set the GOOGLE_CLOUD_PROJECT environment variable."); | |
} | |
if (customModuleId == null || customModuleId.isEmpty()) { | |
throw new IllegalArgumentException("Custom Module ID not provided. Please provide it as a command line argument or set the CUSTOM_MODULE_ID environment variable."); | |
} |
public static void main(String[] args) throws IOException { | ||
|
||
// https://cloud.google.com/security-command-center/docs/reference/security-center-management/rest/v1/organizations.locations.eventThreatDetectionCustomModules/validate | ||
// TODO: Developer should replace project_id with a real project ID before running this code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Parameterize the projectId
to avoid hardcoding. Accept it as a command-line argument or retrieve it from an environment variable.
// TODO: Developer should replace project_id with a real project ID before running this code | |
String projectId = System.getenv("GOOGLE_CLOUD_PROJECT"); | |
if (args.length == 1) { | |
projectId = args[0]; | |
} else if (args.length != 0) { | |
System.out.println("Usage: java ValidateEventThreatDetectionCustomModule <projectId> OR set GOOGLE_CLOUD_PROJECT env var"); | |
return; | |
} | |
if (projectId == null || projectId.isEmpty()) { | |
throw new IllegalArgumentException("Project ID not provided. Please provide it as a command line argument or set the GOOGLE_CLOUD_PROJECT environment variable."); | |
} |
Description
Fixes # b/347346777, b/347346891, b/347346970, b/347346994, b/347346149
This PR adds SCC Managament API Org Event Threat Detection Custom Module Code Samples for Update, Get Effective, List Effective, List Descendant and Validate.
Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.
Checklist
pom.xml
parent set to latestshared-configuration
mvn clean verify
requiredmvn -P lint checkstyle:check
requiredmvn -P lint clean compile pmd:cpd-check spotbugs:check
advisory only