Skip to content

Commit

Permalink
feat: delete deprecated rules
Browse files Browse the repository at this point in the history
  • Loading branch information
xopham committed Apr 10, 2024
1 parent 88fc5b2 commit acb0826
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 6 deletions.
2 changes: 1 addition & 1 deletion semgr8s/k8s_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ def request_kube_api(path: str):
try:
response = requests.get(url, verify=ca_path, headers=headers, timeout=30)
except JSONDecodeError as err:
APP.logger.error("ERROR: Malformed k8s API response or resource yaml: %s", err)
APP.logger.error("Malformed k8s API response or resource yaml: %s", err)
return {}

response.raise_for_status()
Expand Down
25 changes: 20 additions & 5 deletions semgr8s/updater.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,21 +2,28 @@
Update cached rules from configmaps.
"""

import logging
import os

from urllib.parse import urlencode

from semgr8s.k8s_api import request_kube_api
from semgr8s.app import APP

RULESPATH = "/app/rules"


def update_rules():
"""
Request all rule configmaps from kubernetes api and store locally in semgrep format.
"""
logging.info("INFO: updateing rule set")
APP.logger.debug("Updating rule set")

try:
old_rule_files = [
file
for file in os.listdir(RULESPATH)
if os.path.isfile(os.path.join(RULESPATH, file))
]
namespace = os.getenv("NAMESPACE", "default")
query = {"labelSelector": "semgr8s/rule"}

Expand All @@ -28,8 +35,16 @@ def update_rules():
data = list(item.get("data", {}).items())
for datum in data:
file, content = datum
with open(f"/app/rules/{file}", "w", encoding="utf-8") as rule_file:
path = os.path.join(RULESPATH, file)
with open(path, "w", encoding="utf-8") as rule_file:
rule_file.write(content)
logging.info("INFO: updated %s rule", file)
APP.logger.debug("Updated %s rule", file)
try:
old_rule_files.remove(file)
except ValueError:
pass
for deprecated_rule in old_rule_files:
os.remove(os.path.join(RULESPATH, deprecated_rule))
APP.logger.info("Deleted %s rule", deprecated_rule)
except Exception as err: # pylint: disable=W0718
logging.error("Error updating rules: %s", err)
APP.logger.error("Updating rules failed unexpectedly: %s", err)

0 comments on commit acb0826

Please sign in to comment.