Merge pull request #60 from cloudandthings/fix-bug-lifecycle

fix: Remove lifecycle rule for ignoring SSM value changes

Author: baolsen

.github/workflows/check-deployments.yml

@@ -62,10 +62,10 @@ jobs:
           cd ..
           #
           # Compare length and names of files in Zip.
+          echo "***Comparing deployment package to source code for $DEPLOYMENT"
           # Building in Docker doesn't work, some files are still different.
           [[ -f $DEPLOYMENT ]] || { echo "Deployment file not found."; exit 1; }
           diff \
             <(unzip -vqq $DEPLOYMENT  | awk '{$2=""; $3=""; $4=""; $5=""; $6=""; print}' | sort -k3 -f) \
             <(unzip -vqq ${DEPLOYMENT}_original  | awk '{$2=""; $3=""; $4=""; $5=""; $6=""; print}' | sort -k3 -f)
-          FILES_CHANGED=$?
-          echo FILES_CHANGED=$FILES_CHANGED
+          echo "***Comparison completed. Deployment package is up to date."

README.md

@@ -62,8 +62,8 @@ Full contributing [guidelines are covered here](.github/contributing.md).
 | <a name="input_standalone"></a> [standalone](#input\_standalone) | Deploy ClickOps in a standalone account instead of into an entire AWS Organization. Ideal for teams who want to monitor ClickOps in only their accounts where it is not instrumented at an Organizational level. | `bool` | `false` | no |
 | <a name="input_subcription_filter_distribution"></a> [subcription\_filter\_distribution](#input\_subcription\_filter\_distribution) | The method used to distribute log data to the destination. By default log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. Valid values are "Random" and "ByLogStream". | `string` | `"Random"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to resources in addition to the default\_tags for the provider | `map(string)` | `{}` | no |
-| <a name="input_webhooks_for_msteams_notifications"></a> [webhooks\_for\_msteams\_notifications](#input\_webhooks\_for\_msteams\_notifications) | List of webhook URLs for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet | `list(string)` | `[]` | no |
-| <a name="input_webhooks_for_slack_notifications"></a> [webhooks\_for\_slack\_notifications](#input\_webhooks\_for\_slack\_notifications) | List of webhook URLs for Slack notifications. https://api.slack.com/messaging/webhooks | `list(string)` | `[]` | no |
+| <a name="input_webhooks_for_msteams_notifications"></a> [webhooks\_for\_msteams\_notifications](#input\_webhooks\_for\_msteams\_notifications) | Map of `custom_name => webhook URL`s for MS Teams notifications. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet | `map(string)` | `{}` | no |
+| <a name="input_webhooks_for_slack_notifications"></a> [webhooks\_for\_slack\_notifications](#input\_webhooks\_for\_slack\_notifications) | Map of `custom_name => webhook URL`s for Slack notifications. https://api.slack.com/messaging/webhooks | `map(string)` | `{}` | no |
 
 ----
 ### Modules
@@ -93,7 +93,7 @@ Full contributing [guidelines are covered here](.github/contributing.md).
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.15.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.9 |
 
 ----

clickopsnotifier/app.py

@@ -35,10 +35,9 @@
 ssm = boto3.client("ssm")
 
 
-def get_webhook(name) -> str:
-    response = ssm.get_parameter(Name=name, WithDecryption=True)
-    value = response["Parameter"]["Value"]
-    return value
+def get_webhook_url(parameter_name) -> str:
+    response = ssm.get_parameter(Name=parameter_name, WithDecryption=True)
+    return response["Parameter"]["Value"]
 
 
 _MESSENGERS = None
@@ -51,15 +50,23 @@ def get_messengers() -> List[Messenger]:
     _MESSENGERS = []
 
     logging.info("Configuring Slack messengers...")
-    for webhook_for_slack in WEBHOOKS_FOR_SLACK:
-        webhook = get_webhook(webhook_for_slack)
-        messenger = Messenger("slack", webhook)
+    for parameter_name in WEBHOOKS_FOR_SLACK:
+        webhook_url = get_webhook_url(parameter_name)
+        messenger = Messenger(
+            webhook_type="slack",
+            webhook_url=webhook_url,
+            parameter_name=parameter_name,
+        )
         _MESSENGERS.append(messenger)
 
     logging.info("Configuring MSTeams messengers...")
-    for webhook_for_msteams in WEBHOOKS_FOR_MSTEAMS:
-        webhook = get_webhook(webhook_for_msteams)
-        messenger = Messenger("msteams", webhook)
+    for parameter_name in WEBHOOKS_FOR_MSTEAMS:
+        webhook_url = get_webhook_url(parameter_name)
+        messenger = Messenger(
+            webhook_type="msteams",
+            webhook_url=webhook_url,
+            parameter_name=parameter_name,
+        )
         _MESSENGERS.append(messenger)
 
     logging.info(f"There are {len(_MESSENGERS)} messengers configured.")
@@ -238,15 +245,15 @@ def __handle_event(
 
     # Attempt to send messages as well
     messengers = get_messengers()
-    for i, messenger in enumerate(messengers):
+    for messenger in messengers:
         result_messenger = messenger.send(
             cloudtrail_event.user_email,
             trail_event,
             trail_event_origin=trail_event_origin,
             standalone=standalone,
         )
         if not result_messenger:
-            logging.error(f"Message NOT sent to webhook {i}.")
+            logging.error(f'Message NOT sent to webhook "{messenger}".')
 
     if not result:
         logging.error(f"trail_event={json.dumps(trail_event)}")

clickopsnotifier/messenger.py

@@ -1,19 +1,32 @@
 import json
 import requests
 import logging
+import re
+
+WEBHOOK_NAME_REGEXP = r".*webhooks-for-.*?\/(.*)"
 
 
 class Messenger:
-    def __init__(self, format: str, webhook: str) -> None:
-        self.webhook = webhook
-        self.format = format
+    def __init__(
+        self, webhook_type: str, webhook_url: str, parameter_name: str
+    ) -> None:
+        self.webhook_url = webhook_url
+        if self.webhook_url is None:
+            raise ValueError("webhook_url cannot be None")
 
-        if format == "slack":
+        self.webhook_type = webhook_type
+        if webhook_type == "slack":
             self.send = self.__send_slack_message
-        elif format == "msteams":
+        elif webhook_type == "msteams":
             self.send = self.__send_msteams_message
         else:
-            raise ValueError("Invalid format, must be ['slack', 'msteams']")
+            raise ValueError("Invalid webhook_type, must be ['slack', 'msteams']")
+
+        m = re.match(WEBHOOK_NAME_REGEXP, parameter_name)
+        self.webhook_name = m.group(1)
+
+    def __str__(self) -> str:
+        return self.webhook_name
 
     def __send_msteams_message(
         self, user, trail_event, trail_event_origin: str, standalone: str
@@ -47,10 +60,12 @@ def __send_msteams_message(
                 }
             ],
         }
-        response = requests.post(self.webhook, json=payload)
+        response = requests.post(self.webhook_url, json=payload)
         if response.status_code != 200:
-            logging.info(f"json payload:\n\n{json.dumps(payload)}")
-            logging.error(f"response.content={response.content}")
+            logging.info(f"{self.webhook_name} json payload:\n\n{json.dumps(payload)}")
+            logging.error(
+                f"{self.webhook_name} response.content:\n\n{response.content}"
+            )
             return False
         return True
 
@@ -122,9 +137,11 @@ def __send_slack_message(
                 },
             ]
         }
-        response = requests.post(self.webhook, json=payload)
+        response = requests.post(self.webhook_url, json=payload)
         if response.status_code != 200:
-            logging.info(f"json payload:\n\n{json.dumps(payload)}")
-            logging.error(f"response.content={response.content}")
+            logging.info(f"{self.webhook_name} json payload:\n\n{json.dumps(payload)}")
+            logging.error(
+                f"{self.webhook_name} response.content:\n\n{response.content}"
+            )
             return False
         return True

deployment-clickopsnotifier-python3.7.zip

@@ -3,7 +3,7 @@
 ## main.tf
 ```hcl
 terraform {
-  required_version = ">= 0.14.0"
+  required_version = ">= 0.15.0"
 
   required_providers {
     aws = {
@@ -44,8 +44,12 @@ module "clickops_notifications" {
   naming_prefix          = local.naming_prefix
   cloudtrail_bucket_name = aws_s3_bucket.test_bucket.id
 
-  webhooks_for_slack_notifications   = ["https://fake.com"]
-  webhooks_for_msteams_notifications = ["https://fake.com"]
+  webhooks_for_slack_notifications = {
+    my-first-notification : "https://fake.com"
+  }
+  webhooks_for_msteams_notifications = {
+    my-second-notification : "https://fake.com"
+  }
 
   tags = local.tags
 
@@ -139,7 +143,7 @@ No outputs.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.15.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.9 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.4 |
 

deployment-clickopsnotifier-python3.8.zip

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 0.14.0"
+  required_version = ">= 0.15.0"
 
   required_providers {
     aws = {
@@ -40,8 +40,12 @@ module "clickops_notifications" {
   naming_prefix          = local.naming_prefix
   cloudtrail_bucket_name = aws_s3_bucket.test_bucket.id
 
-  webhooks_for_slack_notifications   = ["https://fake.com"]
-  webhooks_for_msteams_notifications = ["https://fake.com"]
+  webhooks_for_slack_notifications = {
+    my-first-notification : "https://fake.com"
+  }
+  webhooks_for_msteams_notifications = {
+    my-second-notification : "https://fake.com"
+  }
 
   tags = local.tags
 

deployment-clickopsnotifier-python3.9.zip

@@ -3,7 +3,7 @@
 ## main.tf
 ```hcl
 terraform {
-  required_version = ">= 0.14.0"
+  required_version = ">= 0.15.0"
 
   required_providers {
     aws = {
@@ -81,8 +81,12 @@ module "clickops_notifications" {
 
   naming_prefix = local.naming_prefix
 
-  webhooks_for_slack_notifications   = ["https://fake.com"]
-  webhooks_for_msteams_notifications = ["https://fake.com"]
+  webhooks_for_slack_notifications = {
+    my-first-notification : "https://fake.com"
+  }
+  webhooks_for_msteams_notifications = {
+    my-second-notification : "https://fake.com"
+  }
 
   tags = local.tags
 
@@ -270,7 +274,7 @@ No outputs.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.15.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.9 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.4 |