fix in access_key_expiration_detection.py for expiration time

4dn-dcic · Jul 2, 2024 · 79ebcc4 · 79ebcc4
1 parent 034df13
commit 79ebcc4
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 8 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -10,6 +10,7 @@ Change Log
 =====
 * Support for Python 3.12.
 * Added ('[email protected] ', 'access_key_admin') to checks/access_key_expiration_detection.py.
+* Fixed access_key_expiration_detection.py to get expiration time from data; not 90 days plus create date.
 
 
 5.5.0

diff --git a/foursight_core/checks/access_key_expiration_detection.py b/foursight_core/checks/access_key_expiration_detection.py
@@ -26,20 +26,25 @@ def access_key_status(connection, **kwargs):
     most_recent_key = access_keys[0]  # should always be present if deploy has run
     # date format: 2022-07-05T01:01:43.498347+00:00 (isoformat)
     most_recent_key_creation_date = datetime.fromisoformat(most_recent_key['date_created'])
-    expiration_date = most_recent_key_creation_date + timedelta(days=90)
+    # Get the expiration_date from the data.
+    expiration_date = datetime.fromisoformat(most_recent_key['expiration_date'])
     one_week_to_expiration = expiration_date - timedelta(days=7)
     three_weeks_to_expiration = expiration_date - timedelta(days=21)
-    now = datetime.now(most_recent_key_creation_date.tzinfo)
+    now = datetime.now().replace(tzinfo=None)
     if now > one_week_to_expiration:
         check.status = 'FAIL'
-        check.summary = (f'Application access keys will expire in less than 7 days! Please run'
-                         f' the deployment action ASAP')
+        check.summary = (f'Application access keys will expire in less than 7 days!'
+                         f' Allowing refresh action.'
+                         f' Expiration date: {expiration_date}')
         check.brief_output = check.full_output = check.summary
+        # Returning with prevent_action set to False;
+        # allows the check to run automatically.
         return check
     elif now > three_weeks_to_expiration:
         check.status = 'WARN'
-        check.summary = (f'Application access keys will expire in less than 21 days! Please run'
-                         f' the deployment action soon')
+        check.summary = (f'Application access keys will expire in less than 21 days!'
+                         f' Please run the deployment action soon.'
+                         f' Expiration date: {expiration_date}')
         check.brief_output = check.full_output = check.summary
         # This prevents the from running automatically after the check;
         # though the user is still allowed to run it manually in any case.
@@ -61,7 +66,6 @@ def refresh_access_keys(connection, **kwargs):
     action = ActionResult(connection, 'refresh_access_keys')
     admin_keys = [('[email protected]', 'access_key_admin'),  # fourfront admin
                   ('[email protected]', 'access_key_admin'),  # cgap admin
-                  ('[email protected] ', 'access_key_admin'),
                   ('[email protected]', 'access_key_tibanna'),
                   ('[email protected]', 'access_key_foursight')]
     s3 = s3_utils.s3Utils(env=connection.ff_env)

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "foursight-core"
-version = "5.5.0.1b3"  # TODO: To become 5.6.0
+version = "5.5.0.1b4"  # TODO: To become 5.6.0
 description = "Serverless Chalice Application for Monitoring"
 authors = ["4DN-DCIC Team <[email protected]>"]
 license = "MIT"
-Original file line number
+Diff line change
@@ Expand Up / @@ -10,6 +10,7 @@ Change Log @@
     =====
     * Support for Python 3.12.
     * Added ('[email protected] ', 'access_key_admin') to checks/access_key_expiration_detection.py.
+    * Fixed access_key_expiration_detection.py to get expiration time from data; not 90 days plus create date.
 .5.0
@@ Expand Down @@