Change security notification code to use the new stream diff reporters

This ensures that even if security scanner pagination sends Old and New layer IDs on different pages, they will properly be handled across the entire notification. Fixes https://www.pivotaltracker.com/story/show/136133657
2016-12-19 17:15:59 -05:00 · 2016-12-19 17:15:59 -05:00 · 5b3212ea0e
commit 5b3212ea0e
parent ced0149520
5 changed files with 301 additions and 190 deletions
--- a/workers/security_notification_worker.py
+++ b/workers/security_notification_worker.py
@ -6,7 +6,7 @@ import features

 from app import secscan_notification_queue, secscan_api
 from workers.queueworker import QueueWorker, JobException
-from util.secscan.notifier import process_notification_data
+from util.secscan.notifier import SecurityNotificationHandler, ProcessNotificationPageResult


 logger = logging.getLogger(__name__)
@ -28,11 +28,15 @@ class SecurityNotificationWorker(QueueWorker):

    notification_name = data['Name']
    current_page = data.get('page', None)
+    handler = SecurityNotificationHandler(layer_limit)

    while True:
+      # Retrieve the current page of notification data from the security scanner.
      (response_data, should_retry) = secscan_api.get_notification(notification_name,
                                                                   layer_limit=layer_limit,
                                                                   page=current_page)
+
+      # If no response, something went wrong.
      if response_data is None:
        if should_retry:
          raise JobException()
@ -44,25 +48,34 @@ class SecurityNotificationWorker(QueueWorker):
          # Return to mark the job as "complete", as we'll never be able to finish it.
          return False

+      # Extend processing on the queue item so it doesn't expire while we're working.
      self.extend_processing(_PROCESSING_SECONDS, json.dumps(data))
-      notification_data = response_data['Notification']
-      if not process_notification_data(notification_data):
-        raise JobException()

-      # Check for a next page of results. If none, we're done.
-      if 'NextPage' not in notification_data:
-        # Mark the notification as read and processed.
+      # Process the notification data.
+      notification_data = response_data['Notification']
+      result = handler.process_notification_page_data(notification_data)
+
+      # Possible states after processing: failed to process, finished processing entirely
+      # or finished processing the page.
+      if result == ProcessNotificationPageResult.FAILED:
+        # Something went wrong.
+        raise JobException
+
+      if result == ProcessNotificationPageResult.FINISHED_PROCESSING:
+        # Mark the notification as read.
        if not secscan_api.mark_notification_read(notification_name):
          # Return to mark the job as "complete", as we'll never be able to finish it.
          logger.error('Failed to mark notification %s as read', notification_name)
          return False

+        # Send the generated Quay notifications.
+        handler.send_notifications()
        return True

-      # Otherwise, save the next page token into the queue item (so we can pick up from here if
-      # something goes wrong in the next loop iteration), and continue.
-      current_page = notification_data['NextPage']
-      data['page'] = current_page
+      if result == ProcessNotificationPageResult.FINISHED_PAGE:
+        # Continue onto the next page.
+        current_page = notification_data['NextPage']
+        continue


 if __name__ == '__main__':