Merge pull request #3 from kandji-inc/KAPPA-1.0.3

1.0.3 - Bug fixes
kandji-inc · Jul 24, 2024 · c496e65 · c496e65
2 parents 8add7d9 + f2ba143
commit c496e65
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 8 deletions.
diff --git a/helpers/configs.py b/helpers/configs.py
@@ -219,7 +219,9 @@ def name_to_id(ss_name, ss_type):
                     category.get("id") for category in self.self_service if category.get("name") == ss_name
                 )
             except StopIteration:
-                self.output(f"WARNING: Provided category '{ss_name}' not found in Self Service!") if ss_name is not None else None
+                self.output(
+                    f"WARNING: Provided category '{ss_name}' not found in Self Service!"
+                ) if ss_name is not None else None
                 try:
                     # Set category id to default (None check performed later)
                     ss_assignment = (
@@ -291,6 +293,13 @@ def _set_kandji_config(self):
 
         # Grab auth token for Kandji API interactions
         self.kandji_token = self._retrieve_token(self.kandji_token_name)
+        if self.kandji_token is None:
+            self.output(
+                f"ERROR: Could not retrieve token value from key {self.kandji_token_name}! Run 'setup.command' and try again"
+            )
+            raise ProcessorError(
+                f"ERROR: Could not retrieve token value from key {self.kandji_token_name}! Run 'setup.command' and try again"
+            )
 
     ####################################
     ######### PUBLIC FUNCTIONS #########

diff --git a/helpers/utils.py b/helpers/utils.py
@@ -166,7 +166,7 @@ def _validate_curl_response(self, http_code, response, action):
                     self.output(
                         f"Assignment for 'action' must be one of [get|get_selfservice|presign|upload|create|update]; got '{action}'"
                     )
-                    return False
+                    raise ProcessorError(f"Assignment for 'action' must be one of [get|get_selfservice|presign|upload|create|update]; got '{action}'")
             return True
         elif http_code == 503 and (action.lower() == "update" or "create"):
             self.output(f"WARNING: (HTTP {http_code}): {response.get('detail')}\nRetrying in five seconds...")
@@ -181,14 +181,16 @@ def _validate_curl_response(self, http_code, response, action):
         else:
             error_body = f"`{self.custom_app_name}`/`{self.pkg_name}` failed to {action}: `{response}`"
             if http_code == 401:
-                error_body += "\nValidate token is set/permissions and try again"
+                error_body += "\nValidate token is set and try again"
+            elif http_code == 403:
+                error_body += "\nValidate token permissions and try again"
             self.output(f"ERROR: Failed to {action.capitalize()} Custom App (HTTP {http_code})\n{error_body}")
             self.slack_notify(
                 "ERROR",
                 f"Failed to {action.capitalize()} Custom App (HTTP {http_code})",
                 f"{error_body}",
             )
-            return False
+            raise ProcessorError(f"ERROR: Failed to {action.capitalize()} Custom App (HTTP {http_code})\n{error_body}")
 
     ######################
     # Audit Script Funcs
@@ -200,7 +202,7 @@ def _customize_audit_for_upload(self):
         Searches for our keys and updates them with assigned vals
         Creates a backup file before modification"""
         epoch_now = datetime.now().strftime("%s")
-        with FileInput(files=self.audit_script_path, inplace=True, backup=".bak") as f:
+        with FileInput(files=self.audit_script_path, inplace=True, backup=".bak", encoding="utf-8") as f:
             for line in f:
                 line = line.rstrip()  # noqa: PLW2901
                 if "APP_NAME=" in line and hasattr(self, "app_name") and self.app_name is not None:

diff --git a/setup.command b/setup.command
@@ -67,7 +67,7 @@ config_file="${abs_dir}/${config_name}"
 kandji_api_re='^[A-Za-z0-9]+\.api(\.eu)?\.kandji\.io$'
 # xdigit is an RE pattern match for valid hex chars
 kandji_token_re='[[:xdigit:]]{8}(-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}'
-slack_webhook_re='https://hooks.slack.com/services/[[:alnum:]]{9}/[[:alnum:]]{11}/[[:alnum:]]{24}'
+slack_webhook_re='https://hooks.slack.com/services/[[:alnum:]]{9,11}/[[:alnum:]]{11}/[[:alnum:]]{24}'
 
 # Get login keychain for user
 user_keychain_path=$(security login-keychain | xargs)
@@ -467,8 +467,16 @@ function check_store_env() {
                 else
                     dotfile_name=".profile"
                 fi
+                dotfile_path="/Users/${user}/${dotfile_name}"
+                # Export token, write to dotfile
+                if grep -q "export ${token_name}=" "${dotfile_path}"; then
+                    # Update existing token value if present
+                    sed -i '' "s|export ${token_name}=.*|export ${token_name}=${BEARER_TOKEN}|g" "${dotfile_path}"
+                else
+                    echo "export ${token_name}=${BEARER_TOKEN}" >> "${dotfile_path}"
+                fi
                 # shellcheck disable=SC1090
-                echo "export ${token_name}=${BEARER_TOKEN}" >> "/Users/${user}/${dotfile_name}" && source "/Users/${user}/${dotfile_name}"
+                source "${dotfile_path}"
                 check_store_env
             fi
         else
@@ -521,7 +529,7 @@ function check_store_keychain() {
                 prompt_for_secret "${token_type}"
                 echo "\n$(date +'%r') : Adding token to login keychain"
                 echo "$(date +'%r') : Enter your password if prompted to unlock keychain"
-                if ! security unlock-keychain -u; then
+                if ! security unlock-keychain -u ${user_keychain_path}; then
                     echo "$(date +'%r') : ERROR: Unable to unlock keychain; exiting"
                     exit 1
                 fi