feat: enhance resolveIncludes function to support keyword replacement and nested includes

Author: dandonovsc

src/context/yaml/index.ts

@@ -31,24 +31,32 @@ const includeType = new yaml.Type('!include', {
 const schema = yaml.DEFAULT_SCHEMA.extend([includeType]);
 
 // Function to resolve includes
-function resolveIncludes(obj, basePath) {
+function resolveIncludes(obj, basePath, mappings?: KeywordMappings, disableKeywordReplacement?: boolean) {
   if (Array.isArray(obj)) {
-    return obj.map(item => resolveIncludes(item, basePath));
+    return obj.map(item => resolveIncludes(item, basePath, mappings, disableKeywordReplacement));
   }
 
   if (obj && typeof obj === 'object') {
     if (obj.__include) {
       const filePath = path.resolve(basePath, obj.__include);
       if (fs.existsSync(filePath)) {
-        const content = fs.readFileSync(filePath, 'utf8');
-        return resolveIncludes(yaml.load(content, { schema }), path.dirname(filePath));
+        let content = fs.readFileSync(filePath, 'utf8');
+        
+        // Apply keyword replacement to included file content if mappings are provided
+        if (mappings && !disableKeywordReplacement) {
+          content = keywordReplace(content, mappings);
+        } else if (mappings && disableKeywordReplacement) {
+          content = wrapArrayReplaceMarkersInQuotes(content, mappings);
+        }
+        
+        return resolveIncludes(yaml.load(content, { schema }), path.dirname(filePath), mappings, disableKeywordReplacement);
       }
       throw new Error(`Include file not found: ${filePath}`);
     }
 
     const result = {};
     for (const [key, value] of Object.entries(obj)) {
-      result[key] = resolveIncludes(value, basePath);
+      result[key] = resolveIncludes(value, basePath, mappings, disableKeywordReplacement);
     }
     return result;
   }
@@ -125,7 +133,7 @@ export default class YAMLContext {
 
         Object.assign(
           this.assets,
-          resolveIncludes(loadedYaml, path.dirname(fPath))
+          resolveIncludes(loadedYaml, path.dirname(fPath), this.mappings, opts.disableKeywordReplacement)
         );
       } catch (err) {
         log.debug(err.stack);

test/context/yaml/actions.test.js

@@ -137,6 +137,77 @@ roles: !include roles.yaml
     ]);
   });
 
+  it('should process logStreams with includes', async () => {
+    const dir = path.join(testDataDir, 'yaml', 'logstreams-includes');
+    cleanThenMkdir(dir);
+
+    const logStreamsYaml = `
+- name: LoggingSAAS
+  isPriority: false
+  filters:
+  - type: category
+    name: auth.login.fail
+  - type: category
+    name: auth.login.notification
+  - type: category
+    name: auth.login.success
+  - type: category
+    name: auth.logout.fail
+  sink:
+    httpContentFormat: JSONLINES
+    httpContentType: application/json
+    httpEndpoint: "##LOGGING_WEBHOOK_URL##"
+  type: http
+- name: SIEM
+  isPriority: false
+  filters:
+  - type: category
+    name: auth.login.fail
+  - type: category
+    name: auth.login.notification
+  - type: category
+    name: auth.login.success
+  sink:
+    httpContentFormat: JSONLINES
+    httpContentType: application/json
+    httpEndpoint: "##SIEM_WEBHOOK_URL##"
+  type: http
+    `;
+    fs.writeFileSync(path.join(dir, 'logStreams.yaml'), logStreamsYaml);
+
+    const mainYaml = `
+tenant:
+  friendly_name: 'Test Tenant'
+
+logStreams: !include logStreams.yaml
+    `;
+    fs.writeFileSync(path.join(dir, 'tenant.yaml'), mainYaml);
+
+    const config = {
+      AUTH0_INPUT_FILE: path.join(dir, 'tenant.yaml'),
+      AUTH0_KEYWORD_REPLACE_MAPPINGS: {
+        LOGGING_WEBHOOK_URL: 'https://logging.com/inputs/test',
+        SIEM_WEBHOOK_URL: 'https://siem.example.com/webhook'
+      }
+    };
+    const context = new Context(config, mockMgmtClient());
+    await context.loadAssetsFromLocal();
+
+    expect(context.assets.logStreams).to.have.length(2);
+    expect(context.assets.logStreams[0]).to.deep.include({
+      name: 'LoggingSAAS',
+      isPriority: false,
+      type: 'http'
+    });
+    expect(context.assets.logStreams[0].sink.httpEndpoint).to.equal('https://logging.com/inputs/test');
+    expect(context.assets.logStreams[1]).to.deep.include({
+      name: 'SIEM',
+      isPriority: false,
+      type: 'http'
+    });
+    expect(context.assets.logStreams[1].sink.httpEndpoint).to.equal('https://siem.example.com/webhook');
+  });
+
   it('should error on missing include file', async () => {
     const dir = path.join(testDataDir, 'yaml', 'missing-include');
     cleanThenMkdir(dir);
@@ -154,7 +225,6 @@ clients: !include missing.yaml
       /Include file not found/
     );
   });
-
   it('should dump actions', async () => {
     const dir = path.join(testDataDir, 'yaml', 'actionsDump');
     cleanThenMkdir(dir);