Change variable to map

Author: baolsen

.github/workflows/check-deployments.yml

@@ -62,10 +62,10 @@ jobs:
           cd ..
           #
           # Compare length and names of files in Zip.
+          echo "***Comparing deployment package to source code for $DEPLOYMENT"
           # Building in Docker doesn't work, some files are still different.
           [[ -f $DEPLOYMENT ]] || { echo "Deployment file not found."; exit 1; }
           diff \
             <(unzip -vqq $DEPLOYMENT  | awk '{$2=""; $3=""; $4=""; $5=""; $6=""; print}' | sort -k3 -f) \
             <(unzip -vqq ${DEPLOYMENT}_original  | awk '{$2=""; $3=""; $4=""; $5=""; $6=""; print}' | sort -k3 -f)
-          FILES_CHANGED=$?
-          echo FILES_CHANGED=$FILES_CHANGED
+          echo "***Comparison completed. Deployment package is up to date."

README.md

@@ -62,8 +62,8 @@ Full contributing [guidelines are covered here](.github/contributing.md).
 | <a name="input_standalone"></a> [standalone](#input\_standalone) | Deploy ClickOps in a standalone account instead of into an entire AWS Organization. Ideal for teams who want to monitor ClickOps in only their accounts where it is not instrumented at an Organizational level. | `bool` | `false` | no |
 | <a name="input_subcription_filter_distribution"></a> [subcription\_filter\_distribution](#input\_subcription\_filter\_distribution) | The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are "Random" and "ByLogStream". | `string` | `"Random"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to resources in addition to the default\_tags for the provider | `map(string)` | `{}` | no |
-| <a name="input_webhooks_for_msteams_notifications"></a> [webhooks\_for\_msteams\_notifications](#input\_webhooks\_for\_msteams\_notifications) | List of webhook URLs for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet | `list(string)` | `[]` | no |
-| <a name="input_webhooks_for_slack_notifications"></a> [webhooks\_for\_slack\_notifications](#input\_webhooks\_for\_slack\_notifications) | List of webhook URLs for Slack notifications. https://api.slack.com/messaging/webhooks | `list(string)` | `[]` | no |
+| <a name="input_webhooks_for_msteams_notifications"></a> [webhooks\_for\_msteams\_notifications](#input\_webhooks\_for\_msteams\_notifications) | Map of `custom_name => webhook URL`s for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet | `map(string)` | `{}` | no |
+| <a name="input_webhooks_for_slack_notifications"></a> [webhooks\_for\_slack\_notifications](#input\_webhooks\_for\_slack\_notifications) | Map of `custom_name => webhook URL`s for Slack notifications. https://api.slack.com/messaging/webhooks | `map(string)` | `{}` | no |
 
 ----
 ### Modules

clickopsnotifier/app.py

@@ -35,10 +35,9 @@
 ssm = boto3.client("ssm")
 
 
-def get_webhook(name) -> str:
-    response = ssm.get_parameter(Name=name, WithDecryption=True)
-    value = response["Parameter"]["Value"]
-    return value
+def get_webhook_url(parameter_name) -> str:
+    response = ssm.get_parameter(Name=parameter_name, WithDecryption=True)
+    return response["Parameter"]["Value"]
 
 
 _MESSENGERS = None
@@ -51,15 +50,23 @@ def get_messengers() -> List[Messenger]:
     _MESSENGERS = []
 
     logging.info("Configuring Slack messengers...")
-    for webhook_for_slack in WEBHOOKS_FOR_SLACK:
-        webhook = get_webhook(webhook_for_slack)
-        messenger = Messenger("slack", webhook)
+    for parameter_name in WEBHOOKS_FOR_SLACK:
+        webhook_url = get_webhook_url(parameter_name)
+        messenger = Messenger(
+            webhook_type="slack",
+            webhook_url=webhook_url,
+            parameter_name=parameter_name,
+        )
         _MESSENGERS.append(messenger)
 
     logging.info("Configuring MSTeams messengers...")
-    for webhook_for_msteams in WEBHOOKS_FOR_MSTEAMS:
-        webhook = get_webhook(webhook_for_msteams)
-        messenger = Messenger("msteams", webhook)
+    for parameter_name in WEBHOOKS_FOR_MSTEAMS:
+        webhook_url = get_webhook_url(parameter_name)
+        messenger = Messenger(
+            webhook_type="msteams",
+            webhook_url=webhook_url,
+            parameter_name=parameter_name,
+        )
         _MESSENGERS.append(messenger)
 
     logging.info(f"There are {len(_MESSENGERS)} messengers configured.")
@@ -238,15 +245,15 @@ def __handle_event(
 
     # Attempt to send messages as well
     messengers = get_messengers()
-    for i, messenger in enumerate(messengers):
+    for messenger in messengers:
         result_messenger = messenger.send(
             cloudtrail_event.user_email,
             trail_event,
             trail_event_origin=trail_event_origin,
             standalone=standalone,
         )
         if not result_messenger:
-            logging.error(f"Message NOT sent to webhook {i}.")
+            logging.error(f'Message NOT sent to webhook "{messenger}".')
 
     if not result:
         logging.error(f"trail_event={json.dumps(trail_event)}")

clickopsnotifier/messenger.py

@@ -1,19 +1,32 @@
 import json
 import requests
 import logging
+import re
+
+WEBHOOK_NAME_REGEXP = r".*webhooks-for-.*?\/(.*)"
 
 
 class Messenger:
-    def __init__(self, format: str, webhook: str) -> None:
-        self.webhook = webhook
-        self.format = format
+    def __init__(
+        self, webhook_type: str, webhook_url: str, parameter_name: str
+    ) -> None:
+        self.webhook_url = webhook_url
+        if self.webhook_url is None:
+            raise ValueError("webhook_url cannot be None")
 
-        if format == "slack":
+        self.webhook_type = webhook_type
+        if webhook_type == "slack":
             self.send = self.__send_slack_message
-        elif format == "msteams":
+        elif webhook_type == "msteams":
             self.send = self.__send_msteams_message
         else:
-            raise ValueError("Invalid format, must be ['slack', 'msteams']")
+            raise ValueError("Invalid webhook_type, must be ['slack', 'msteams']")
+
+        m = re.match(WEBHOOK_NAME_REGEXP, parameter_name)
+        self.webhook_name = m.group(1)
+
+    def __str__(self) -> str:
+        return self.webhook_name
 
     def __send_msteams_message(
         self, user, trail_event, trail_event_origin: str, standalone: str
@@ -47,10 +60,12 @@ def __send_msteams_message(
                 }
             ],
         }
-        response = requests.post(self.webhook, json=payload)
+        response = requests.post(self.webhook_url, json=payload)
         if response.status_code != 200:
-            logging.info(f"json payload:\n\n{json.dumps(payload)}")
-            logging.error(f"response.content={response.content}")
+            logging.info(f"{self.webhook_name} json payload:\n\n{json.dumps(payload)}")
+            logging.error(
+                f"{self.webhook_name} response.content:\n\n{response.content}"
+            )
             return False
         return True
 
@@ -122,9 +137,11 @@ def __send_slack_message(
                 },
             ]
         }
-        response = requests.post(self.webhook, json=payload)
+        response = requests.post(self.webhook_url, json=payload)
         if response.status_code != 200:
-            logging.info(f"json payload:\n\n{json.dumps(payload)}")
-            logging.error(f"response.content={response.content}")
+            logging.info(f"{self.webhook_name} json payload:\n\n{json.dumps(payload)}")
+            logging.error(
+                f"{self.webhook_name} response.content:\n\n{response.content}"
+            )
             return False
         return True

deployment-clickopsnotifier-python3.7.zip

@@ -140,23 +140,23 @@ module "clickops_notifier_lambda" {
 }
 
 resource "aws_ssm_parameter" "webhooks_for_slack" {
-  count       = length(var.webhooks_for_slack_notifications)
-  name        = "/${var.naming_prefix}/webhooks-for-slack/${count.index}"
-  description = "Webhook #${count.index} for clickops notifications via Slack."
+  for_each = var.webhooks_for_slack_notifications
 
-  type  = "SecureString"
-  value = var.webhooks_for_slack_notifications[count.index]
+  name        = "/${var.naming_prefix}/webhooks-for-slack/${each.key}"
+  description = "Webhook \"${each.key}\" for clickops notifications via Slack."
+  type        = "SecureString"
+  value       = each.value
 
   tags = var.tags
 }
 
 resource "aws_ssm_parameter" "webhooks_for_msteams" {
-  count       = length(var.webhooks_for_msteams_notifications)
-  name        = "/${var.naming_prefix}/webhooks-for-msteams/${count.index}"
-  description = "Webhook #${count.index} for clickops notifications via MS Teams."
+  for_each = var.webhooks_for_msteams_notifications
 
-  type  = "SecureString"
-  value = var.webhooks_for_msteams_notifications[count.index]
+  name        = "/${var.naming_prefix}/webhooks-for-msteams/${each.key}"
+  description = "Webhook \"${each.key}\" for clickops notifications via MS Teams."
+  type        = "SecureString"
+  value       = each.value
 
   tags = var.tags
 }

deployment-clickopsnotifier-python3.8.zip

@@ -20,27 +20,17 @@ variable "cloudtrail_bucket_name" {
 }
 
 variable "webhooks_for_slack_notifications" {
-  type        = list(string)
-  description = "List of webhook URLs for Slack notifications. https://api.slack.com/messaging/webhooks"
+  type        = map(string)
+  description = "Map of `custom_name => webhook URL`s for Slack notifications. https://api.slack.com/messaging/webhooks"
   sensitive   = true
-  default     = []
-
-  validation {
-    condition     = length(compact(var.webhooks_for_slack_notifications)) == length(var.webhooks_for_slack_notifications)
-    error_message = "May not contain empty strings."
-  }
+  default     = {}
 }
 
 variable "webhooks_for_msteams_notifications" {
-  type        = list(string)
-  description = "List of webhook URLs for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet"
+  type        = map(string)
+  description = "Map of `custom_name => webhook URL`s for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet"
   sensitive   = true
-  default     = []
-
-  validation {
-    condition     = length(compact(var.webhooks_for_msteams_notifications)) == length(var.webhooks_for_msteams_notifications)
-    error_message = "May not contain empty strings."
-  }
+  default     = {}
 }