async function main()

in solution/solution-compliance-audit-for-data-plane/source/function/ecs-patch-baseline/index.js [39:119]


async function main(eventParams, context) {
  
  const { logger } = context;
  const {
    invokingEvent: {
      configurationItem
    },
    ruleParameters: {
      tagScopes
    }
  } = eventParams;

  if (!configurationItem) {
    logger.error(`There is no configurationItem in invokingEvent. Params is ${JSON.stringify(eventParams)}`);
    return;
  }

  const { tags, resourceId, accountId, regionId } = configurationItem;
  logger.info(`Start evaluating for resource ${resourceId} of account ${accountId} in region ${regionId}`);

  //校验资源标签是否在要检测的范围内
  if (tagScopes) {
    const allowedTags = JSON.parse(tagScopes);
    if (!tags) {
      logger.info(`Resource ${resourceId} don't need to evaluate`);
      return;
    }
    const resourceTags = JSON.parse(tags);

    var needEvaluate = false;

    for (let i = 0; i < allowedTags.length; i++) {
      if (resourceTags[allowedTags[i].TagKey] != null && resourceTags[allowedTags[i].TagKey].indexOf(allowedTags[i].TagValue) > -1) {
        needEvaluate = true;
        break;
      }
    }

    //忽略资源不在需要巡检的范围内的资源
    if (needEvaluate === false) {
      logger.info(`Resource ${resourceId} don't need to evaluate`);
      return;
    }
  }

  // 构造 oos 服务的 client
  const client = await getOosClient(eventParams, context);

  // 根据 oos 补丁基线进行扫描
  const {
    Execution: {
      ExecutionId: executionId,
    } 
  } = await startExecution(configurationItem, client);

  let execution;
  while (true) {
    execution = await getExecution(executionId, client);

    if (execution == null) {
      throw new Error(`The specified oos execution ${executionId} does not exist.`);
    }

    const { Status, StatusReason } = execution;
    switch (Status) {
      case 'Failed':
        logger.error(`The specified oos execution ${executionId} failed. Reason is ${StatusReason}.`);
        throw new Error(`The specified oos execution ${executionId} failed.`);
      case 'Cancelled':
        logger.error(`The specified oos execution ${executionId} has been cancelled.`);
        return;
      case 'Success':
        // 提交自定义函数规则的评估结果
        const {complianceType, annotation} = await getEvaluationResult(configurationItem, client, context);
        await putEvaluationResult(complianceType, annotation, eventParams, context);
        return;
    }

    await sleep(15000);
  }
}