Merge branch 'main' into navarone/use-api-keys-native-connectors

Author: navarone-feekery

config.yml

@@ -110,6 +110,17 @@
 #elasticsearch.bulk.queue_max_mem_size: 25
 #
 #
+##  Minimal interval of time between MemQueue checks for being full
+#elasticsearch.bulk.queue_refresh_interval: 1
+#
+#
+##  Maximal interval of time during which MemQueue does not dequeue a single document
+##  For example, if no documents were sent to Elasticsearch within 60 seconds because of
+##  Elasticsearch being overloaded, then an error will be raised.
+##  This mechanism exists to be a circuit-breaker for stuck jobs and stuck Elasticsearch.
+#elasticsearch.bulk.queue_refresh_timeout: 60
+#
+#
 ##  The max size in MB of a bulk request.
 ##    When the next request being prepared reaches that size, the query is
 ##    emitted even if `chunk_size` is not yet reached.
@@ -134,6 +145,8 @@
 #
 ##  Retry interval between failed bulk attempts
 #elasticsearch.bulk.retry_interval: 10
+#
+#
 ## ------------------------------- Service ----------------------------------
 #
 ##  Connector service/framework related configurations

connectors/access_control.py

@@ -5,6 +5,26 @@
 #
 
 ACCESS_CONTROL = "_allow_access_control"
+DLS_QUERY = """{
+                    "bool": {
+                        "should": [
+                            {
+                                "bool": {
+                                    "must_not": {
+                                        "exists": {
+                                            "field": "_allow_access_control"
+                                        }
+                                    }
+                                }
+                            },
+                            {
+                                "terms": {
+                                    "_allow_access_control.enum": {{#toJson}}access_control{{/toJson}}
+                                }
+                            }
+                        ]
+                    }
+                }"""
 
 
 def prefix_identity(prefix, identity):
@@ -25,21 +45,9 @@ def es_access_control_query(access_control):
 
     return {
         "query": {
-            "template": {"params": {"access_control": filtered_access_control}},
-            "source": {
-                "bool": {
-                    "filter": {
-                        "bool": {
-                            "should": [
-                                {
-                                    "terms": {
-                                        f"{ACCESS_CONTROL}.enum": filtered_access_control
-                                    }
-                                },
-                            ]
-                        }
-                    }
-                }
-            },
+            "template": {
+                "params": {"access_control": filtered_access_control},
+                "source": DLS_QUERY,
+            }
         }
     }

connectors/config.py

@@ -1,4 +1,3 @@
-#
 # Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
 # or more contributor license agreements. Licensed under the Elastic License 2.0;
 # you may not use this file except in compliance with the Elastic License 2.0.
@@ -60,6 +59,8 @@ def _default_config():
             "bulk": {
                 "queue_max_size": 1024,
                 "queue_max_mem_size": 25,
+                "queue_refresh_interval": 1,
+                "queue_refresh_timeout": 600,
                 "display_every": 100,
                 "chunk_size": 1000,
                 "max_concurrency": 5,

connectors/es/sink.py

@@ -809,8 +809,15 @@ async def async_bulk(
         retry_interval = options.get(
             "retry_interval", DEFAULT_ELASTICSEARCH_RETRY_INTERVAL
         )
-
-        stream = MemQueue(maxsize=queue_size, maxmemsize=queue_mem_size * 1024 * 1024)
+        mem_queue_refresh_timeout = options.get("queue_refresh_timeout", 60)
+        mem_queue_refresh_interval = options.get("queue_refresh_interval", 1)
+
+        stream = MemQueue(
+            maxsize=queue_size,
+            maxmemsize=queue_mem_size * 1024 * 1024,
+            refresh_timeout=mem_queue_refresh_timeout,
+            refresh_interval=mem_queue_refresh_interval,
+        )
 
         # start the fetcher
         self._extractor = Extractor(

connectors/services/job_scheduling.py

@@ -210,7 +210,7 @@ async def _should_schedule(job_type):
 
             try:
                 next_sync = connector.next_sync(job_type, last_wake_up_time)
-                connector.log_debug(f"Next sync is at {next_sync}")
+                connector.log_debug(f"Next '{job_type_value}' sync is at {next_sync}")
             except Exception as e:
                 connector.log_critical(e, exc_info=True)
                 await connector.error(str(e))

connectors/sources/network_drive.py

@@ -343,9 +343,7 @@ def create_connection(self):
 
     @cached_property
     def get_directory_details(self):
-        return list(
-            smbclient.walk(top=rf"\\{self.server_ip}/{self.drive_path}", port=self.port)
-        )
+        return list(smbclient.walk(top=rf"\\{self.server_ip}/{self.drive_path}"))
 
     def find_matching_paths(self, advanced_rules):
         """
@@ -409,9 +407,7 @@ async def get_files(self, path):
         files = []
         loop = asyncio.get_running_loop()
         try:
-            files = await loop.run_in_executor(
-                executor=None, func=partial(smbclient.scandir, path, port=self.port)
-            )
+            files = await loop.run_in_executor(None, smbclient.scandir, path)
         except SMBConnectionClosed as exception:
             self._logger.exception(
                 f"Connection got closed. Error {exception}. Registering new session"
@@ -443,7 +439,7 @@ def fetch_file_content(self, path):
         """
         try:
             with smbclient.open_file(
-                path=path, encoding="utf-8", errors="ignore", mode="rb", port=self.port
+                path=path, encoding="utf-8", errors="ignore", mode="rb"
             ) as file:
                 file_content, chunk = BytesIO(), True
                 while chunk:
@@ -504,7 +500,6 @@ def list_file_permission(self, file_path, file_type, mode, access):
                 buffering=0,
                 file_type=file_type,
                 desired_access=access,
-                port=self.port,
             ) as file:
                 descriptor = self.security_info.get_descriptor(
                     file_descriptor=file.fd, info=SECURITY_INFO_DACL

connectors/sources/sharepoint_online.py

@@ -1021,7 +1021,7 @@ def _validate_sharepoint_rest_url(self, url):
         actual_tenant_name = self._tenant_name_pattern.findall(url)[0]
 
         if self._tenant_name != actual_tenant_name:
-            msg = f"Unable to call Sharepoint REST API - tenant name is invalid. Authenticated for tenant name: {self._tenant_name}, actual tenant name for the service: {actual_tenant_name}."
+            msg = f"Unable to call Sharepoint REST API - tenant name is invalid. Authenticated for tenant name: {self._tenant_name}, actual tenant name for the service: {actual_tenant_name}. For url: {url}"
             raise InvalidSharepointTenant(msg)
 
     async def close(self):

tests/sources/fixtures/oracle/connector.json

@@ -27,13 +27,13 @@
                         "label": "Port",
                         "order": 2,
                         "type": "int",
-                        "value": 9090
+                        "value": 1521
                 },
                 "username": {
                         "label": "Username",
                         "order": 3,
                         "type": "str",
-                        "value": "admin"
+                        "value": "c##admin"
                 },
                 "password": {
                         "label": "Password",
@@ -46,7 +46,7 @@
                         "label": "Database",
                         "order": 5,
                         "type": "str",
-                        "value": "xe"
+                        "value": "FREE"
                 },
                 "tables": {
                         "display": "textarea",

tests/sources/fixtures/oracle/docker-compose.yml

@@ -74,11 +74,11 @@ services:
       - esnet
 
   oracle:
-    image: gvenzl/oracle-xe:latest
+    image: container-registry.oracle.com/database/free:latest
     ports:
-      - 9090:1521
-    environment: 
-      - ORACLE_PASSWORD=Password_123
+      - 1521:1521
+    environment:
+      - ORACLE_PWD=Password_123
     restart: always
 
 networks:
@@ -87,4 +87,4 @@ networks:
 
 volumes:
   esdata:
-    driver: local
+    driver: local

tests/sources/fixtures/oracle/fixture.py

@@ -21,10 +21,10 @@
 RETRIES = 1
 BATCH_SIZE = 100
 
-USER = "admin"
+USER = "c##admin"
 PASSWORD = "Password_123"
 ENCODING = "UTF-8"
-DSN = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=9090))(CONNECT_DATA=(SID=xe)))"
+DSN = "localhost:1521/FREE"
 
 DATA_SIZE = os.environ.get("DATA_SIZE", "medium").lower()
 
@@ -70,8 +70,8 @@ async def load():
         user="system", password=PASSWORD, dsn=DSN, encoding=ENCODING
     )
     cursor = connection.cursor()
-    cursor.execute("CREATE USER admin IDENTIFIED by Password_123")
-    cursor.execute("GRANT CONNECT, RESOURCE, DBA TO admin")
+    cursor.execute(f"CREATE USER {USER} IDENTIFIED by {PASSWORD} CONTAINER=ALL")
+    cursor.execute(f"GRANT CONNECT, RESOURCE, DBA TO {USER}")
     connection.commit()
 
     connection = oracledb.connect(

tests/sources/test_confluence.py

@@ -14,6 +14,7 @@
 from aiohttp import StreamReader
 from freezegun import freeze_time
 
+from connectors.access_control import DLS_QUERY
 from connectors.protocol import Filter
 from connectors.source import ConfigurableFieldValueError
 from connectors.sources.confluence import (
@@ -982,26 +983,8 @@ async def test_get_access_control_dls_enabled():
                         "group_id:607194d6bc3c3f006f4c35d8",
                         "role_key:607194d6bc3c3f006f4c35d9",
                     ]
-                }
-            },
-            "source": {
-                "bool": {
-                    "filter": {
-                        "bool": {
-                            "should": [
-                                {
-                                    "terms": {
-                                        "_allow_access_control.enum": [
-                                            "account_id:607194d6bc3c3f006f4c35d6",
-                                            "group_id:607194d6bc3c3f006f4c35d8",
-                                            "role_key:607194d6bc3c3f006f4c35d9",
-                                        ]
-                                    }
-                                },
-                            ]
-                        }
-                    }
-                }
+                },
+                "source": DLS_QUERY,
             },
         },
     }

tests/sources/test_github.py

@@ -11,6 +11,7 @@
 import pytest
 from aiohttp.client_exceptions import ClientResponseError
 
+from connectors.access_control import DLS_QUERY
 from connectors.filtering.validation import SyncRuleValidationResult
 from connectors.protocol import Filter
 from connectors.source import ConfigurableFieldValueError
@@ -446,27 +447,9 @@
                         "username:demo-user",
                         "email:demo@example.com",
                     ]
-                }
-            },
-            "source": {
-                "bool": {
-                    "filter": {
-                        "bool": {
-                            "should": [
-                                {
-                                    "terms": {
-                                        "_allow_access_control.enum": [
-                                            "user_id:#123",
-                                            "username:demo-user",
-                                            "email:demo@example.com",
-                                        ]
-                                    }
-                                }
-                            ]
-                        }
-                    }
-                }
-            },
+                },
+                "source": DLS_QUERY,
+            }
         },
     }
 ]