From 54d9c3a0d9fcfbaf7fe5251435eb2bf1bc2a495e Mon Sep 17 00:00:00 2001 From: Dan Milne Date: Mon, 1 Dec 2025 15:59:26 +1100 Subject: [PATCH] Move version file, fix oidc, make jobs use envs --- VERSION | 1 - app/controllers/oidc_auth_controller.rb | 8 +- app/services/event_tagger.rb | 116 ++++++++++++++++++++++++ config/initializers/sentry.rb | 2 +- config/queue.yml | 4 +- 5 files changed, 125 insertions(+), 6 deletions(-) delete mode 100644 VERSION create mode 100644 app/services/event_tagger.rb diff --git a/VERSION b/VERSION deleted file mode 100644 index ee1372d..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -0.2.2 diff --git a/app/controllers/oidc_auth_controller.rb b/app/controllers/oidc_auth_controller.rb index 7d38589..3a27ced 100644 --- a/app/controllers/oidc_auth_controller.rb +++ b/app/controllers/oidc_auth_controller.rb @@ -40,9 +40,13 @@ class OidcAuthController < ApplicationController # Add PKCE verifier if available code_verifier = retrieve_pkce_verifier - oidc_client.code_verifier = code_verifier if code_verifier.present? - access_token = oidc_client.access_token! + # Pass code_verifier as parameter to access_token! method (PKCE support) + access_token = if code_verifier.present? + oidc_client.access_token!(:body, code_verifier: code_verifier) + else + oidc_client.access_token! + end # Extract claims from ID token (JWT-only approach) id_token = access_token.id_token diff --git a/app/services/event_tagger.rb b/app/services/event_tagger.rb new file mode 100644 index 0000000..622f371 --- /dev/null +++ b/app/services/event_tagger.rb @@ -0,0 +1,116 @@ +# frozen_string_literal: true + +# EventTagger - Service for applying tags to events +# +# Centralizes tagging logic to keep Event model focused on data management. +# Tags can come from multiple sources: +# 1. Agent-provided tags (from payload) +# 2. Matched rule tags (from rule.metadata['tags']) +# 3. Future: Policy-based tags, network intelligence tags, etc. +# +# Usage: +# EventTagger.tag_event(event) # Tag single event +# EventTagger.tag_batch(Event.where(...)) # Efficiently tag multiple events +# EventTagger.retag_for_rule(rule) # Retag all events for a specific rule +class EventTagger + # Tag a single event with rule tags + # + # @param event [Event] The event to tag + # @return [Array] The final array of tags applied + def self.tag_event(event) + tags = [] + + # 1. Keep agent-provided tags (if any) + tags += event.payload&.dig("tags") || [] + + # 2. Add tags from matched rule (if any) + if event.rule_id.present? + rule = event.rule + tags += rule&.tags || [] + end + + # 3. Future: Add tags from policies, network intelligence, etc. + # tags += apply_policy_tags(event) + # tags += apply_network_tags(event) + + # Deduplicate and update + final_tags = tags.uniq + event.update_column(:tags, final_tags) + final_tags + end + + # Efficiently tag multiple events with preloaded rules + # + # @param events [ActiveRecord::Relation, Array] Events to tag + # @return [Integer] Number of events tagged + def self.tag_batch(events) + events = events.to_a if events.is_a?(ActiveRecord::Relation) + return 0 if events.empty? + + # Preload rules to avoid N+1 queries + rule_ids = events.map(&:rule_id).compact.uniq + rules_by_id = Rule.where(id: rule_ids).index_by(&:id) + + tagged_count = 0 + + events.each do |event| + tags = event.payload&.dig("tags") || [] + + # Add rule tags if rule exists + if event.rule_id && rules_by_id[event.rule_id] + tags += rules_by_id[event.rule_id].tags + end + + # Update tags + event.update_column(:tags, tags.uniq) + tagged_count += 1 + end + + tagged_count + end + + # Retag all events that matched a specific rule + # Useful when a rule's tags are updated + # + # @param rule [Rule] The rule whose events should be retagged + # @param limit [Integer] Maximum number of events to retag (default: no limit) + # @return [Integer] Number of events retagged + def self.retag_for_rule(rule, limit: nil) + events = Event.where(rule_id: rule.id) + events = events.limit(limit) if limit + tag_batch(events) + end + + # Retag all events (useful for bulk migrations or fixes) + # + # @param batch_size [Integer] Number of events to process at once + # @return [Integer] Total number of events retagged + def self.retag_all(batch_size: 1000) + total = 0 + + Event.find_in_batches(batch_size: batch_size) do |batch| + total += tag_batch(batch) + Rails.logger.info "[EventTagger] Retagged #{total} events..." + end + + total + end + + private + + # Future: Apply policy-based tags + # def self.apply_policy_tags(event) + # tags = [] + # # Check if event matches any policy conditions + # # Add tags based on policy matches + # tags + # end + + # Future: Apply network intelligence tags + # def self.apply_network_tags(event) + # tags = [] + # # Add tags based on network_range attributes + # # e.g., ["datacenter", "vpn", "proxy", "country:US"] + # tags + # end +end diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb index d451415..9e7606c 100644 --- a/config/initializers/sentry.rb +++ b/config/initializers/sentry.rb @@ -140,7 +140,7 @@ end # Add application-specific context app_version = begin - File.read(Rails.root.join('VERSION')).strip + BaffleHub::VERSION rescue ENV['APP_VERSION'] || ENV['GIT_COMMIT_SHA']&.[](0..7) || 'unknown' end diff --git a/config/queue.yml b/config/queue.yml index 29f38ee..794ce92 100644 --- a/config/queue.yml +++ b/config/queue.yml @@ -4,8 +4,8 @@ default: &default batch_size: 500 workers: - queues: "*" - threads: 3 - processes: <%= ENV.fetch("JOB_CONCURRENCY", 1) %> + threads: <%= ENV.fetch("JOB_THREADS", 3) %> + processes: <%= ENV.fetch("JOB_PROCESSES", 1) %> polling_interval: 0.1 development: