sapcc · notque · Jul 9, 2024 · Jul 9, 2024 · Aug 27, 2024 · Aug 27, 2024
diff --git a/etc/export-events.tpl b/etc/export-events.tpl
@@ -0,0 +1,42 @@
+{
+  "index_patterns": ["export_events*"],  // Pattern to match the names of indices that should use this template
+  "settings": {
+    "number_of_shards": 1,  // Adjust based on expected load and data volume
+    "number_of_replicas": 1,  // Can be adjusted for high availability
+    "refresh_interval": "5s"  // Adjust based on write and query performance needs
+  },
+  "mappings": {
+    "properties": {
+      "project_id": {
+        "type": "keyword"  // Using keyword type for exact value matching and aggregations
+      },
+      "enabled": {
+        "type": "boolean"  // Boolean type for enabled/disabled status
+      },
+      "bucket_name": {
+        "type": "keyword"  // Using keyword to facilitate exact matches
+      },
+      "last_run_time": {
+        "type": "date",  // Date type for timestamping the last run
+        "format": "epoch_millisecond"  // Storing timestamp in milliseconds since the epoch
+      },
+      "filters": {
+        "type": "object",  // Object type to nest filter configurations
+        "properties": {
+          "event_types": {
+            "type": "keyword"  // Array of keywords for event types
+          },
+          "resource_types": {
+            "type": "keyword"  // Array of keywords for resource types
+          },
+          "exclude_event_types": {
+            "type": "keyword"  // Array of keywords for excluded event types
+          },
+          "exclude_resource_types": {
+            "type": "keyword"  // Array of keywords for excluded resource types
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/etc/hermes.conf b/etc/hermes.conf
@@ -5,6 +5,7 @@ PolicyFilePath = "etc/policy.json"
 
 [elasticsearch]
 url = "http://localhost:9200"
+ElasticTemplatePath = "etc/export_events.tpl"
 
 [keystone]
 auth_url = "https://identity-3.staging.cloud.sap/v3/"

diff --git a/pkg/api/api_test.go b/pkg/api/api_test.go
@@ -22,6 +22,7 @@ package api
 import (
 	"encoding/json"
 	"net/http"
+	"net/http/httptest"
 	"os"
 	"testing"
 
@@ -88,3 +89,36 @@ func Test_API(t *testing.T) {
 		})
 	}
 }
+
+func TestExportEvents(t *testing.T) {
+	router := setupTest(t)
+
+	req := httptest.NewRequest(http.MethodGet, "/v1/export-events?project_id=test-project", http.NoBody)
+	req.Header.Set("X-Auth-Token", "test-token")
+
+	recorder := httptest.NewRecorder()
+	router.ServeHTTP(recorder, req)
+
+	if recorder.Code != http.StatusOK {
+		t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code)
+	}
+
+	var response struct {
+		Message   string `json:"message"`
+		ProjectID string `json:"project_id"`
+	}
+	err := json.Unmarshal(recorder.Body.Bytes(), &response)
+	if err != nil {
+		t.Fatalf("Failed to parse JSON response: %v", err)
+	}
+
+	expectedMessage := "Export Events feature is being implemented"
+	if response.Message != expectedMessage {
+		t.Errorf("Expected message '%s', got '%s'", expectedMessage, response.Message)
+	}
+
+	expectedProjectID := "test-project"
+	if response.ProjectID != expectedProjectID {
+		t.Errorf("Expected project_id '%s', got '%s'", expectedProjectID, response.ProjectID)
+	}
+}
diff --git a/pkg/api/core.go b/pkg/api/core.go
@@ -73,6 +73,8 @@ func NewV1Handler(validator gopherpolicy.Validator, storageInterface storage.Sto
 		observeDuration(observeResponseSize(p.GetEventDetails, "GetEventDetails"), "GetEventDetails"))
 	r.Methods("GET").Path("/v1/attributes/{attribute_name}").HandlerFunc(
 		observeDuration(observeResponseSize(p.GetAttributes, "GetAttributes"), "GetAttributes"))
+	r.Methods("GET").Path("/v1/export-events").HandlerFunc(
+		observeDuration(observeResponseSize(p.ExportEvents, "ExportEvents"), "ExportEvents"))
 
 	return r, p.versionData
 }

diff --git a/pkg/api/events.go b/pkg/api/events.go
@@ -32,7 +32,7 @@
 	"github.com/google/uuid"
 	"github.com/gorilla/mux"
 	"github.com/pkg/errors"
 	"github.com/sapcc/go-bits/gopherpolicy"
 	"github.com/sapcc/go-bits/logg"

 	"github.com/sapcc/hermes/pkg/hermes"
@@ -336,7 +336,33 @@
 	ReturnJSON(res, http.StatusOK, attribute)
 }
 
-func getIndexID(token *gopherpolicy.Token, r *http.Request, w http.ResponseWriter) (string, error) {
+func (p *v1Provider) ExportEvents(w http.ResponseWriter, r *http.Request) {
+	// Check if the user has permission to export events
+	token := p.CheckToken(r)
+	if !token.Require(w, "event:export") {
+		logg.Error("Permission denied for event:export")
+		return
+	}
+
+	// Parse query parameters
+	projectID := r.URL.Query().Get("project_id")
+	if projectID == "" {
+		http.Error(w, "project_id is required", http.StatusBadRequest)
+		return
+	}
+
+	// For now, just return a JSON response indicating the feature is in progress
+	response := struct {
+		Message   string `json:"message"`
+		ProjectID string `json:"project_id"`
+	}{
+		Message:   "Export Events feature is being implemented",
+		ProjectID: projectID,
+	}
+	ReturnJSON(w, http.StatusOK, response)
+}
+
+func getIndexID(token *Token, r *http.Request, w http.ResponseWriter) (string, error) {
 	// Get index ID from a token
 	// Defaults to a token project scope
 	indexID := token.Context.Auth["project_id"]

diff --git a/pkg/api/fixtures/export-events.json b/pkg/api/fixtures/export-events.json
@@ -0,0 +1,4 @@
+{
+    "message": "Export Events feature is being implemented",
+    "project_id": "test-project"
+}
diff --git a/pkg/storage/elasticsearch.go b/pkg/storage/elasticsearch.go
@@ -25,6 +25,7 @@ import (
 	"fmt"
 	"log"
 	"math"
+	"os"
 	"strings"
 
 	elastic "github.com/olivere/elastic/v7"
@@ -87,6 +88,11 @@ func (es *ElasticSearch) init() {
 		// If issues - https://github.com/olivere/elastic/wiki/Connection-Problems#how-to-figure-out-connection-problems
 		panic(err)
 	}
+
+	err = es.EnsureIndexTemplate()
+	if err != nil {
+		logg.Error("Failed to ensure index template: %v", err)
+	}
 }
 
 // Mapping for attributes based on return values to API
@@ -361,3 +367,32 @@ func indexName(tenantID string) string {
 	}
 	return index
 }
+
+// EnsureIndexTemplate checks if the index template exists, and if not, creates it.
+func (es *ElasticSearch) EnsureIndexTemplate() error {
+	templateName := "export_events"
+	templatePath := viper.GetString("ElasticTemplatePath")
+
+	templateContent, err := os.ReadFile(templatePath)
+	if err != nil {
+		return fmt.Errorf("failed to read index template file: %w", err)
+	}
+
+	// Initialize the index template service
+	service := elastic.NewIndicesPutIndexTemplateService(es.client())
+	service.Name(templateName).BodyString(string(templateContent))
+
+	// Execute the request to create or update the index template
+	response, err := service.Do(context.Background())
+	if err != nil {
+		return fmt.Errorf("failed to create or update the index template: %w", err)
+	}
+
+	if response.Acknowledged {
+		logg.Info("Index template created or updated successfully")
+	} else {
+		logg.Info("Index template creation or update not acknowledged")
+	}
+
+	return nil
+}
diff --git a/pkg/test/policy.json b/pkg/test/policy.json
@@ -1,4 +1,5 @@
 {
   "event:list":     "@",
-  "event:show":     "@"
+  "event:show":     "@",
+  "event:export":   "@"
 }