Merge pull request #43 from JupiterOne/KNO-575

Kno 575 - add support for alert rule k:v labels and resource groups

Author: SeaBlooms

examples/examples.py

@@ -2,6 +2,7 @@
 import random
 import time
 import os
+import json
 
 account = os.environ.get("JUPITERONE_ACCOUNT")
 token = os.environ.get("JUPITERONE_TOKEN")
@@ -332,12 +333,61 @@
             ]
 }
 
+create_jira_ticket_action_config = {
+          "integrationInstanceId" : "<GUID>",
+          "type" : "CREATE_JIRA_TICKET",
+          "entityClass" : "Record",
+          "summary" : "Jira Task created via JupiterOne Alert Rule",
+          "issueType" : "Task",
+          "project" : "KEY",
+          "additionalFields" : {
+            "description" : {
+              "type" : "doc",
+              "version" : 1,
+              "content" : [
+                {
+                  "type" : "paragraph",
+                  "content" : [
+                    {
+                      "type" : "text",
+                      "text" : "{{alertWebLink}}\n\n**Affected Items:**\n\n* {{queries.query0.data|mapProperty('displayName')|join('\n* ')}}"
+                    }
+                  ]
+                }
+              ]
+            },
+            "customfield_1234": "text-value",
+            "customfield_5678": {
+                "value": "select-value"
+            },
+            "labels" : [
+              "label1","label2"
+            ],
+          }
+}
+
+alert_rule_labels = [
+    {
+        "labelName": "tagkey1",
+        "labelValue": "tagval"
+    },
+    {
+        "labelName": "tagkey2",
+        "labelValue": "tagval"
+    }
+]
+
+resource_group_id = "<GUID>"
+
 create_alert_rule_r = j1.create_alert_rule(name="create_alert_rule-name",
                                            description="create_alert_rule-description",
                                            tags=['tag1', 'tag2'],
+                                           labels=alert_rule_labels,
                                            polling_interval="DISABLED",
                                            severity="INFO",
-                                           j1ql="find jupiterone_user")
+                                           j1ql="find jupiterone_user",
+                                           action_configs=create_jira_ticket_action_config,
+                                           resource_group_id=resource_group_id)
 print("create_alert_rule()")
 print(create_alert_rule_r)
 
@@ -380,6 +430,41 @@
     }
 ]
 
+alert_rule_config_jira = [
+    {
+          "integrationInstanceId" : "<GUID>",
+          "type" : "CREATE_JIRA_TICKET",
+          "entityClass" : "Record",
+          "summary" : "Jira Task created via JupiterOne Alert Rule",
+          "issueType" : "Task",
+          "project" : "KEY",
+          "additionalFields" : {
+            "description" : {
+              "type" : "doc",
+              "version" : 1,
+              "content" : [
+                {
+                  "type" : "paragraph",
+                  "content" : [
+                    {
+                      "type" : "text",
+                      "text" : "{{alertWebLink}}\n\n**Affected Items:**\n\n* {{queries.query0.data|mapProperty('displayName')|join('\n* ')}}"
+                    }
+                  ]
+                }
+              ]
+            },
+            "customfield_1234": "text-value",
+            "customfield_5678": {
+                "value": "select-value"
+            },
+            "labels" : [
+              "label1","label2"
+            ],
+          }
+    }
+]
+
 alert_rule_config_multiple = [
     {
         "type": "WEBHOOK",
@@ -404,6 +489,19 @@
     }
 ]
 
+alert_rule_labels = [
+    {
+        "labelName": "tagkey1",
+        "labelValue": "tagval"
+    },
+    {
+        "labelName": "tagkey2",
+        "labelValue": "tagval"
+    }
+]
+
+resource_group_id = "<GUID>"
+
 # polling_interval can be DISABLED, THIRTY_MINUTES, ONE_HOUR, FOUR_HOURS, EIGHT_HOURS, TWELVE_HOURS, ONE_DAY, or ONE_WEEK
 # tag_op can be OVERWRITE or APPEND
 # severity can be INFO, LOW, MEDIUM, HIGH, or CRITICAL

jupiterone/client.py

@@ -897,10 +897,12 @@ def create_alert_rule(
         name: str = None,
         description: str = None,
         tags: List[str] = None,
+        labels: List[dict] = None,
         polling_interval: str = None,
         severity: str = None,
         j1ql: str = None,
         action_configs: Dict = None,
+        resource_group_id: str = None,
     ):
         """Create Alert Rule Configuration in J1 account"""
 
@@ -941,15 +943,15 @@ def create_alert_rule(
                 },
                 "specVersion": 1,
                 "tags": tags,
+                "labels": labels,
                 "templates": {},
+                "resourceGroupId": resource_group_id,
             }
         }
 
         if action_configs:
             variables["instance"]["operations"][0]["actions"].append(action_configs)
 
-        print(variables)
-
         response = self._execute_query(CREATE_RULE_INSTANCE, variables=variables)
 
         return response["data"]["createInlineQuestionRuleInstance"]
@@ -972,8 +974,10 @@ def update_alert_rule(
         severity: str = None,
         tags: List[str] = None,
         tag_op: str = None,
+        labels: List[dict] = None,
         action_configs: List[dict] = None,
         action_configs_op: str = None,
+        resource_group_id: str = None,
     ):
         """Update Alert Rule Configuration in J1 account"""
         # fetch existing alert rule
@@ -1030,6 +1034,10 @@ def update_alert_rule(
         else:
             tags_config = alert_rule_config["tags"]
 
+        # update labels list if provided
+        if labels is not None:
+            label_config = labels
+
         # update action_configs list if provided
         if action_configs is not None:
 
@@ -1064,6 +1072,8 @@ def update_alert_rule(
                 "operations": operations,
                 "pollingInterval": interval_config,
                 "tags": tags_config,
+                "labels": label_config,
+                "resourceGroupId": resource_group_id,
             }
         }