-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add the report UUID to the ScubaResults.json filename #1426
Conversation
c063b89
to
60d9137
Compare
Should we make the NumberOfUUIDCharactersToTruncate and KeepIndividualJson parameters mutually exclusive? I was thinking if you pass KeepIndividualJson then it doesn't make sense to consider the NumberOfUUIDCharactersToTruncate? Should the tool provide an error alerting the user? If we decide to implement this, we can add this as an enhancement later because I don't feel comfortable making too many changes given the importance of this release. |
We might want to do some data validation on the OutJsonFileName parameter. If you pass "*" as the name, it crashes.
Again this is an enhancement I think we can make in the future but wanted to discuss. |
The probability of New-Guid generating an exception is probably negligibly low, but if it does fail and the 0000 value is created as the GUID, won't this cause filename collisions in the downstream file system where the results will be posted if another user happened to get an exception as well? There would be two files, both with the 0000 GUID in the filename. Again the probability is low. |
We've talked about eventually deprecating the |
Oh we should probably start checking for this for every file name parameter 👀. Will queue up an issue for this for every file name name parameter. For this PR adding the validation to |
I've been thinking about this as well. Should we just throw an full exception in this case and stop ScubaGear execution? |
I see that we are truncating the filename GUID in multiple places, ConvertTo-ResultsCsv and Merge-JsonOutput resulting in duplicate logic that we have to keep in synch over time. What if we truncate the GUID in a helper function? Is it worth it? Also, the Merge-JsonOutput function gets the GUID from the line of code below which gets it from the settings export object, whereas the ConvertTo-ResultsCsv function gets the GUID from a parameter named $Guid. Should they be consistent? Getting the value from the settings export object seems like a roundabout way to get it.
|
Testing long pathsThis section covers testing with some long file names and folder paths. The purpose was so simulate the conditions where the path of the output JSON file exceeds the maximum system limit and triggers our newly added custom error message in the Merge-JsonOutput function. In some cases I am not getting the expected custom defined error message. Case 1: long OutJsonFileName parameter value
Case 2: long OutPath parameter value
Case 3: long OutFolderName parameter value
Case 4: long OutFolderName parameter value that is exactly 256 characters (under the limit)
Case 5: long OutFolderName parameter value that is exactly 256 characters (under the limit) but no truncated characters
|
I agree with adding validation, but I think it's not as trivial to implement as it seems. See https://stackoverflow.com/questions/1976007/what-characters-are-forbidden-in-windows-and-linux-directory-names. For example, TLDR: I think we should save this for a later issue to make sure we think through all the edge cases. |
Good point, this is a Windows specific limitation. Linux, for example, appears to impose a 255 character limit on file name but no limit on path. https://stackoverflow.com/questions/6571435/limit-on-file-name-length-in-bash Perhaps a more simple (and more system agnostic) approach would be to simply remove all this added logic and just wrap the |
I'd be ok with New-Guid failing being a fatal error. |
Capturing the two other locations in InvokeSCuBACached where the same guid logic is performed, fatal error should be thrown for these instances as well. Also, since this try/catch block is repeated 3 times in the orchestrator, does it make sense to break it out as its own utility function? |
@tkol2022 I just made this refactor (addresses both comments here). |
Agree or honestly just let it fail whenever the orchestrator tries to create the file and avoid trying to be too fancy with validation logic, that like you said, might be non trivial. Also keep in mind, we need to think cross-platform. |
Yes, I am not a fan of the 000 GUID. That just seems a little whacky although it will likely work :) |
My preference would be to do this (your try/catch idea). Maybe we can catch a specific exception that occurs when the path is too long and then print the custom error message. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-
PS unit tests pass
-
Ran
Invoke-SCuBA
against GCC tenant successfully -
Ran
Invoke-SCuBA -KeepIndividualJSON
against GCC tenant successfully, ProviderSettingsExport.json is generated -
Ran
Invoke-SCuBACached
against GCC successfully -
Ran
Invoke-SCuBA
against GCC high tenant successfully -
Ran
Invoke-SCuBA -KeepIndividualJSON
against GCC high tenant successfully, ProviderSettingsExport.json is generated
Ran Invoke-SCuBACached
with input that had multiple ScubaResults.json files; pulled from the most recent created
Ran Invoke-SCuBA/
Invoke-SCuBACached` with non-default OutPath/OutJsonFileName parameters
Tested -NumberOfUUIDCharactersToTruncate in config file; works as expected with various cases (valid positive integer, invalid negative integer) although for invalid cases the error is caught in the generic MergeJson block as opposed to the standard message, "Hey, the integer you provided is not included 0, 13, 18, 36 provided in ValidateSet()."
Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com>
87cef86
to
031a26f
Compare
* Initial implementation of adding UUID to the file name * Add back missing ConvertFrom-Json call * Mock Get-ChildItem in unit tests * Document addition of UUID to ScubaResults file name * Add unit tests for when there are multiple ScubaResults*.json files * Correct minor typo in documentation * remove wildcard search in ConvertTo-ResultsCSV code path * add error handling of window path length limit errors * fix some of the tests * fix the all the current broken unit tests * additional unit tests * add back in accidentally removed fields in config * complete lorem ipsum * todo message * remove UUID truncation for now * first draft * add truncation param to documentation * spacing * fix failing test cases; handle full truncation case * make code consistent; add code comments to describe it's purpose * review feedback; point to additional options in the error message * PR Review: Fix absolute path check; fix config file override * review feedback; move new parameter in alphabetical order in docs * keep documentation consistent * remove configuration paramset from scubacached * code comments for the new edge case * Remove OBE unit test * Remove duplicate word * fix typos, wording and formatting in config * Refactor truncation logic into own function * rm duplicate text from PowerShell as well * captialize * remove long path check let the set-content naturally error out * add long path error check within the catch block * remove todo * Add UUID to mock data for cached tests * Fix unit tests * Remove commented out validation code. Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> * add validation set to check invalid config file parameter * Remove stacktrace --------- Co-authored-by: buidav <105074908+buidav@users.noreply.github.com> Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com>
🗣 Description
-NumberOfUUIDCharactersToTruncate
to allow for trunacation or omission of the UUID appneded to the file name.TODOs discovered over the course of this issue.
#1254
#1354
#1437
#1438
💭 Motivation and context
Ensures each results file has a unique file name. Closes #1422.
🧪 Testing
Invoke-Scuba
, works as expectedInvoke-ScubaCached
, works as expectedInvoke-ScubaCached
where the input folder has one file matching "ScubaResults*.json", "ScubaResults.json", works as expectedInvoke-ScubaCached
where the input folder has one file matching "ScubaResults*.json", "ScubaResults_{uuid}.json", works as expectedInvoke-ScubaCached
where the input folder has two file matching "ScubaResults*.json", the most recently created file is used, as expectedInvoke-Scuba
andInvoke-ScubaCached
with a non-defaultOutPath
parameterInvoke-Scuba
andInvoke-ScubaCached
with a non-defaultOutJsonFileName
parameter✅ Pre-approval checklist
✅ Pre-merge checklist
PR passed smoke test check.
Feature branch has been rebased against changes from parent branch, as needed
Use
Rebase branch
button below or use this reference to rebase from the command line.Resolved all merge conflicts on branch
Notified merge coordinator that PR is ready for merge via comment mention
Demonstrate changes to the team for questions and comments.
(Note: Only required for issues of size
Medium
or larger)✅ Post-merge checklist