-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Added virus scan with deployment * Fix * Need to add reference to it here too * defenderForStorageSettings resource name must be current * Test code * Remove webhooks path element * Fix * Explicitly define as controller * Add application handler with logic and re-factored controller code some * Re-factored malware scan controller to better reflect the underlying issue (i.e, the endpoint needs to be able to receive both arrays and objects of EventGridEvent). * Set data location url in upload attachment * Fixed tests * Prefix with webhook because we have no other signifier that it is a webhook endpoint on the API spec level * Typos * Scale to zero is annoying when testing. * Revise publish logic * Storage connection string should be a connection string, not a key * Delete test. Duplicate did not occur now when testing. Assume it occurred because more than one subscription was registered when testing last time. * Remove comment * Newlines * Clean-up * Rename azure storage account parameter name as it is no longer used exclusively for migrations. * Delete this for now, better for another PR * Update parameter name too
- Loading branch information
Showing
31 changed files
with
588 additions
and
52 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
param location string | ||
@secure() | ||
param namePrefix string | ||
@secure() | ||
param storageAccountName string | ||
@secure() | ||
param containerAppIngress string | ||
|
||
resource eventgrid_topic 'Microsoft.EventGrid/topics@2022-06-15' = { | ||
name: '${namePrefix}-malware-scan-event-topic' | ||
location: location | ||
} | ||
|
||
resource eventgrid_event_subscription 'Microsoft.EventGrid/topics/eventSubscriptions@2022-06-15' = { | ||
name: '${namePrefix}-malware-scan-event-subscription' | ||
parent: eventgrid_topic | ||
properties: { | ||
destination: { | ||
endpointType: 'WebHook' | ||
properties: { | ||
endpointUrl: 'https://${containerAppIngress}/correspondence/api/v1/webhooks/malwarescanresults' | ||
} | ||
} | ||
} | ||
} | ||
|
||
resource storageAccount 'Microsoft.Storage/storageAccounts@2023-04-01' existing = { | ||
name: storageAccountName | ||
} | ||
|
||
resource malwareScanSettings 'Microsoft.Security/defenderForStorageSettings@2022-12-01-preview' = { | ||
name: 'current' | ||
scope: storageAccount | ||
properties: { | ||
isEnabled: true | ||
malwareScanning: { | ||
onUpload: { | ||
capGBPerMonth: -1 | ||
isEnabled: true | ||
} | ||
scanResultsEventGridTopicResourceId: eventgrid_topic.id | ||
} | ||
overrideSubscriptionLevelSettings: true | ||
sensitiveDataDiscovery: { | ||
isEnabled: false | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 1 addition & 0 deletions
1
Test/Altinn.Correspondence.Tests/CorrespondenceControllerTests.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
Test/Altinn.Correspondence.Tests/Data/MalwareScanResult_Malicious.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
{ | ||
"data": { | ||
"blobUri": "http://127.0.0.1:10000/devstoreaccount1/attachments/--FILEID--", | ||
"correlationId": "2ee9f258-c96a-4982-9e6e-16b8485d71da", | ||
"eTag": "--ETAGID--", | ||
"scanFinishedTimeUtc": "2023-12-08T08:12:31.9933275Z", | ||
"scanResultDetails": { | ||
"malwareNamesFound": [ | ||
"Virus:DOS/EICAR_Test_File" | ||
], | ||
"sha256": "275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F" | ||
}, | ||
"scanResultType": "Malicious" | ||
}, | ||
"dataVersion": "1.0", | ||
"eventTime": "2023-12-08T08:12:31.9939079Z", | ||
"eventType": "Microsoft.Security.MalwareScanningResult", | ||
"id": "2ee9f258-c96a-4982-9e6e-16b8485d71da", | ||
"metadataVersion": "1", | ||
"subject": "storageAccounts/devstoreaccount1/containers/attachments/blobs/--FILEID--", | ||
"topic": "/subscriptions/81cc3a6b-dfdf-49c7-96f0-3efddb159356/resourceGroups/serviceowner-test-0192-991825827-rg/providers/Microsoft.EventGrid/topics/test-broker-defenderresults" | ||
} |
17 changes: 17 additions & 0 deletions
17
Test/Altinn.Correspondence.Tests/Data/MalwareScanResult_NoThreatFound.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
{ | ||
"data": { | ||
"blobUri": "http://127.0.0.1:10000/devstoreaccount1/attachments/--FILEID--", | ||
"correlationId": "21c48159-e5ef-4376-ba96-4f8d6e0f1c7f", | ||
"eTag": "--ETAGID--", | ||
"scanFinishedTimeUtc": "2023-12-08T08:11:44.9457492Z", | ||
"scanResultDetails": null, | ||
"scanResultType": "No threats found" | ||
}, | ||
"dataVersion": "1.0", | ||
"eventTime": "2023-12-08T08:11:44.9464641Z", | ||
"eventType": "Microsoft.Security.MalwareScanningResult", | ||
"id": "21c48159-e5ef-4376-ba96-4f8d6e0f1c7f", | ||
"metadataVersion": "1", | ||
"subject": "storageAccounts/devstoreaccount1/containers/attachments/blobs/--FILEID--", | ||
"topic": "/subscriptions/81cc3a6b-dfdf-49c7-96f0-3efddb159356/resourceGroups/serviceowner-test-0192-991825827-rg/providers/Microsoft.EventGrid/topics/test-broker-defenderresults" | ||
} |
15 changes: 15 additions & 0 deletions
15
Test/Altinn.Correspondence.Tests/Data/WebHookSubscriptionValidationTest.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
[ | ||
{ | ||
"id": "2d1781af-3a4c-4d7c-bd0c-e34b19da4e66", | ||
"topic": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", | ||
"subject": "", | ||
"data": { | ||
"validationCode": "512d38b6-c7b8-40c8-89fe-f46f9e9622b6", | ||
"validationUrl": "https://www.contoso.com/" | ||
}, | ||
"eventType": "Microsoft.EventGrid.SubscriptionValidationEvent", | ||
"eventTime": "2018-01-25T22:12:19.4556811Z", | ||
"metadataVersion": "1", | ||
"dataVersion": "1" | ||
} | ||
] |
Oops, something went wrong.