search

PaloAltoNetworks / pcs-sizing-scripts

Prisma Cloud sizing scripts
ISC License
46 stars 49 forks source link

update resource-count-oci.sh - get_compartments #38

Closed ari-neto closed 2 years ago

ari-neto commented 2 years ago

Description

This issue was found using the script in a customer environment. And I was able to replicate it on a trial OCI account.

In the 78 line the script will parse the compartment-id, and it appears that it creates and issue listing just the root compartment, considering each child compartment shares the same parent "compartment-id", we could see the script generating a list of "0 resources".

The proposed change is to parse the child compartment id ("id" instead "compartment-id"), avoinding a loop just to the root compartment, because the script is looping against the root compartment ("compartment-id" of a child compartment) instead the child compartments ("id" key).

Motivation and Context

This change intent to solve cases which the oci script would return 0 resources, because it is not looping against the child "id" compartment:

{
  "data": [
    {
      "compartment-id": "ocid1.tenancy.oc1..<root_id>",
      "defined-tags": {},
      "description": "<description",
      "freeform-tags": {},
      "id": "ocid1.compartment.oc1..<id>",
      "inactive-status": null,
      "is-accessible": null,
      "lifecycle-state": "ACTIVE",
      "name": "ManagedCompartmentForPaaS",
      "time-created": "2022-08-03T01:56:35.073000+00:00"
    },
    {
      "compartment-id": "ocid1.tenancy.oc1..<id>",
      "defined-tags": {
        "Oracle-Tags": {
          "CreatedBy": "default/ari.oliveira@gmail.com",
          "CreatedOn": "2022-08-05T12:17:01.686Z"
        }
      },
      "description": "Non-Production Compartment",
      "freeform-tags": {},
      "id": "ocid1.compartment.oc1..<id>",
      "inactive-status": null,
      "is-accessible": null,
      "lifecycle-state": "ACTIVE",
      "name": "NonProduction",
      "time-created": "2022-08-05T12:17:02.079000+00:00"
    },
    {
      "compartment-id": "ocid1.tenancy.oc1..<root_id>",
      "defined-tags": {
        "Oracle-Tags": {
          "CreatedBy": "default/ari.oliveira@gmail.com",
          "CreatedOn": "2022-08-05T13:03:43.637Z"
        }
     }
  }
  ]
}

When we have nested compartments, the script is listing just the root compartment, we need to list the child compartments, because the root compartment does not contain any resources usually.

How Has This Been Tested?

I've tested on a trial OCI account. I suggest that the change could be tested in a larger and more complex environment to double check.

Screenshots (if appropriate)

Before the change (looping against the same compartment):

###################################################################################
Totals
  Count of Compute Instances: 0
  Count of Bare Metal VM DB Systems: 0
  Count of Load Balancers: 0
Total billable resources: 0
###################################################################################

After the change (looping against the first level child compartments):

###################################################################################
Processing Compartment: ocid1.compartment.oc1..<id>
  Count of Compute Instances: 1
 Count of Bare Metal VM Database Systems : 0
 Count of Load Balancers : 0
Total billable resources for Compartment: 1
###################################################################################

###################################################################################
Totals
  Count of Compute Instances: 1
  Count of Bare Metal VM DB Systems: 0
  Count of Load Balancers: 0
Total billable resources: 1
###################################################################################

Types of changes

Checklist

welcome-to-palo-alto-networks[bot] commented 2 years ago

:tada: Thanks for opening this pull request! We really appreciate contributors like you! :raised_hands:

tkishel commented 2 years ago

Thank you for this! I will push a commit to the spec test after I merge this, to catch this type of issue:

tkishel$ shellspec spec/resource-count-oci.spec
Running: /bin/sh [bash 3.2.57(1)-release]
..

Finished in 0.54 seconds (user 0.53 seconds, sys 0.10 seconds)
2 examples, 0 failures
welcome-to-palo-alto-networks[bot] commented 2 years ago

:tada: Congrats on getting your first pull request merged! We here at Palo Alto Networks are so grateful! :heart: