contentctl/contentctl/objects/errors.py at 4d9f5e03cda9026bb8fc98fb548029e8e721e8f7 · splunk/contentctl · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
from abc import ABC, abstractmethod
from uuid import UUID


class ValidationFailed(Exception):
    """Indicates not an error in execution, but a validation failure"""

    pass


class IntegrationTestingError(Exception):
    """Base exception class for integration testing"""

    pass


class ServerError(IntegrationTestingError):
    """An error encounterd during integration testing, as provided by the server (Splunk instance)"""

    pass


class ClientError(IntegrationTestingError):
    """An error encounterd during integration testing, on the client's side (locally)"""

    pass


class MetadataValidationError(Exception, ABC):
    """
    Base class for any errors arising from savedsearches.conf detection metadata validation
    """

    # The name of the rule the error relates to
    rule_name: str

    @property
    @abstractmethod
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        raise NotImplementedError()

    @property
    @abstractmethod
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        raise NotImplementedError()


class DetectionMissingError(MetadataValidationError):
    """
    An error indicating a detection in the prior build could not be found in the current build
    """

    def __init__(self, rule_name: str, *args: object) -> None:
        self.rule_name = rule_name
        super().__init__(self.long_message, *args)

    @property
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        return (
            f"Rule '{self.rule_name}' in previous build not found in current build; "
            "detection may have been removed or renamed."
        )

    @property
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        return "Detection from previous build not found in current build."


class DetectionIDError(MetadataValidationError):
    """
    An error indicating the detection ID may have changed between builds
    """

    # The ID from the current build
    current_id: UUID

    # The ID from the previous build
    previous_id: UUID

    def __init__(
        self, rule_name: str, current_id: UUID, previous_id: UUID, *args: object
    ) -> None:
        self.rule_name = rule_name
        self.current_id = current_id
        self.previous_id = previous_id
        super().__init__(self.long_message, *args)

    @property
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        return (
            f"Rule '{self.rule_name}' has ID {self.current_id} in current build "
            f"and {self.previous_id} in previous build; detection IDs and "
            "names should not change for the same detection between releases."
        )

    @property
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        return f"Detection ID {self.current_id} in current build does not match ID {self.previous_id} in previous build."


class VersioningError(MetadataValidationError, ABC):
    """
    A base class for any metadata validation errors relating to detection versioning
    """

    # The version in the current build
    current_version: int

    # The version in the previous build
    previous_version: int

    def __init__(
        self, rule_name: str, current_version: int, previous_version: int, *args: object
    ) -> None:
        self.rule_name = rule_name
        self.current_version = current_version
        self.previous_version = previous_version
        super().__init__(self.long_message, *args)


class VersionDecrementedError(VersioningError):
    """
    An error indicating the version number went down between builds
    """

    @property
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        return (
            f"Rule '{self.rule_name}' has version {self.current_version} in "
            f"current build and {self.previous_version} in previous build; "
            "detection versions cannot decrease in successive builds."
        )

    @property
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        return (
            f"Detection version ({self.current_version}) in current build is less than version "
            f"({self.previous_version}) in previous build."
        )


class VersionBumpingError(VersioningError):
    """
    An error indicating the detection changed but its version wasn't bumped appropriately
    """

    @property
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        return (
            f"Rule '{self.rule_name}' has changed in current build compared to previous "
            "build (stanza hashes differ); the detection version should be bumped "
            f"to {self.previous_version + 1}."
        )

    @property
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        return f"Detection version in current build should be bumped to {self.previous_version + 1}."


class VersionBumpingTooFarError(VersioningError):
    """
    An error indicating the detection changed but its version was bumped too far
    """

    @property
    def long_message(self) -> str:
        """
        A long-form error message
        :returns: a str, the message
        """
        return (
            f"Rule '{self.rule_name}' has changed in current build compared to previous "
            "build (stanza hashes differ); however the detection version increased too much"
            f"The version should be reduced to {self.previous_version + 1}."
        )

    @property
    def short_message(self) -> str:
        """
        A short-form error message
        :returns: a str, the message
        """
        return f"Detection version in current build should be reduced to {self.previous_version + 1}."