Skip to content

Commit

Permalink
Merge branch 'contrib/SEKOIA-IO_Add/SekoiaXDR' into Add/SekoiaXDR
Browse files Browse the repository at this point in the history
  • Loading branch information
TOUFIKIzakarya authored Jul 30, 2024
2 parents 2257df0 + 62c94e6 commit f15f14b
Show file tree
Hide file tree
Showing 109 changed files with 1,657 additions and 748 deletions.
40 changes: 1 addition & 39 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -5,33 +5,12 @@
/Config/approved_categories.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
/Config/core_packs_list.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
/Config/core_packs_mpv2_list.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
/Tests/Marketplace/versions-metadata.json @yaakovpraisler
/Config/corepacks_override.json @yaakovpraisler

# Docker native image
/Tests/docker_native_image_config.json @JudahSchwartz @shmuel44

# Marketplace & Upload-Flow
/Tests/scripts/create_artifacts_graph/create_artifacts.py @RosenbergYehuda
/Tests/Marketplace/upload_git_snapshot.py @yaakovpraisler
/Tests/Marketplace/install_packs.sh @yaakovpraisler
/Tests/Marketplace/configure_and_install_packs.py @yaakovpraisler
/Tests/Marketplace/copy_and_upload_packs.py @yaakovpraisler
/Tests/Marketplace/marketplace_services.py @yaakovpraisler @RosenbergYehuda
/Tests/Marketplace/marketplace_statistics.py @yaakovpraisler
/Tests/Marketplace/marketplace_constants.py @yaakovpraisler
/Tests/Marketplace/zip_packs.py @yaakovpraisler
/Tests/Marketplace/upload_packs.py @yaakovpraisler @RosenbergYehuda
/Tests/Marketplace/packs_dependencies.py @yaakovpraisler
/Tests/Marketplace/search_and_install_packs.py @yaakovpraisler
/Tests/scripts/prepare_content_packs_for_testing.sh @yaakovpraisler
/Utils/trigger_test_upload_flow.sh @yaakovpraisler
/Utils/trigger_upload_packs_to_production.sh @yaakovpraisler
/Utils/should_trigger_test_upload.sh @yaakovpraisler
/Utils/test_upload_flow/* @yaakovpraisler

# Test Collection
/Tests/scripts/collect_tests @dorschw @michal-dagan
/Tests/conf.json @sapirshuker

# PANW Products
Expand Down Expand Up @@ -73,28 +52,11 @@
/Packs/CommonScripts/Scripts/ExtractEmailV2/* @Ni-Knight
/Packs/CommonScripts/Scripts/UnEscapeIPs/* @Ni-Knight


# Build related
.circleci/config.yml @yucohen
.gitlab/ci/* @yucohen
.gitlab/* @yucohen
.gitlab-ci.yml @yucohen
/Tests/scripts/wait_in_line_for_cloud_env.sh @yucohen
/Tests/scripts/uninstall_packs_and_reset_bucket_cloud.sh @yucohen
/Tests/Marketplace/search_and_uninstall_pack.py @yucohen
/Tests/scripts/install_content_and_test_integrations.sh @yucohen
/Tests/configure_and_test_integration_instances.py @yucohen
/Tests/scripts/print_cloud_machine_details.sh @yucohen
/Tests/scripts/run_tests.sh @yucohen
/Tests/scripts/download_demisto_conf.sh @yucohen
Tests/scripts/test_modeling_rules.sh @AradCarmi
Tests/scripts/lock_cloud_machines.py @yucohen
Tests/Marketplace/server_content_items.json @dantavori
validation_config.toml @YuvHayun @JudahSchwartz @anara123 @SamuelFain

# SDK Related
.gitlab/ci/.gitlab-ci.sdk-nightly.yml @SamuelFain
.pre-commit-config_template.yaml @SamuelFain
.pre-commit-config_template.yaml @SamuelFain @YuvHayun

# XDR Related
/Packs/CortexXDR/Integrations/ @maimorag
Expand Down
128 changes: 128 additions & 0 deletions Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py
Original file line number Diff line number Diff line change
Expand Up @@ -2102,6 +2102,47 @@ def get_cps_change_status(self,
headers=headers,
)

def cancel_cps_change(self, change_path: str, account_switch_key: str = "") -> dict:
"""
Cancels a pending change.
Args:
change_path: Change path on which to perform the desired operation.
account_switch_key: For customers who manage more than one account,
this runs the operation from another account. The Identity and
Access Management API provides a list of available account switch keys.
Returns:
The response provides a dict of change_path.
"""
method = 'delete'
headers = {"accept": "application/vnd.akamai.cps.change-id.v1+json"}
params = {"accountSwitchKey": account_switch_key}
return self._http_request(method=method,
url_suffix=change_path,
headers=headers,
params=params,
)

def get_cps_enrollment_by_id(self,
enrollment_id: int) -> dict:
"""
Returns the Enarollment by enrollment id
Args:
enrollment_id: Unique Identifier of the Enrollment on which to perform the desired operation.
Returns:
The response provides a deployment associcated to the enrollment id
"""
headers = {"accept": "application/vnd.akamai.cps.enrollment.v12+json"}
method = "GET"
return self._http_request(method=method,
url_suffix=f'cps/v2/enrollments/{enrollment_id}',
headers=headers,
)


''' HELPER FUNCTIONS '''

Expand Down Expand Up @@ -5912,6 +5953,91 @@ def get_cps_change_status_command(client: Client,
return human_readable, context_entry, raw_response


@logger
def cancel_cps_change_command(client: Client,
change_id: str = '0',
enrollment_id: str = '0',
change_path: str = "",
account_switch_key: str = "",
) -> tuple[str, dict, Union[list, dict]]:
"""
Cancels a pending change.
Reference: https://techdocs.akamai.com/cps/reference/delete-enrollment-change
Args:
client:
change_id: The change for this enrollment on which to perform the desired operation. Default is 0.
enrollment_id: Enrollment on which to perform the desired operation. Default is 0.
change_path: Change path on which to perform the desired operation.
- Sample: /cps/v2/enrollments/100000/changes/88888888
- Note: change_path is not listed in the reference as a parameter.
However it can be extracted directly from "list_enrollments_command".
This should be the most common useage when generate RestAPI's URL.
account_switch_key: For customers who manage more than one account, this runs
the operation from another account. The Identity and Access Management API
provides a list of available account switch keys.
- Sample: "1-5C0YLB:1-8BYUX"
NOTE: There is no need to provice "change_id"/"enrollment_id" and "change_path"
at the same time. "change_id"/"enrollment_id" can be used to generate
"change_path" as well.
Returns:
human readable (markdown format), entry context and raw response
"""

if not (change_id == '0' and enrollment_id == '0'):
change_path = f'/cps/v2/enrollments/{enrollment_id}/changes/{change_id}'

raw_response: dict = client.cancel_cps_change(change_path=change_path, account_switch_key=account_switch_key)

title = f'{INTEGRATION_NAME} - cps cancel change'
entry_context = raw_response
human_readable_ec = raw_response
context_entry: dict = {
f"{INTEGRATION_CONTEXT_NAME}.Cps.Change.Canceled": entry_context
}

human_readable = tableToMarkdown(
name=title,
t=human_readable_ec,
removeNull=True,
)
return human_readable, context_entry, raw_response


# Created by D.S. 2024-06-18
@logger
def get_cps_enrollment_by_id_command(client: Client,
enrollment_id: int) -> tuple[str, dict, Union[list, dict]]:
"""
Returns the certification/Enarollment.
Args:
client:
enrollment_id: Unique Identifier of the Enrollment on which to perform the desired operation.
And it can be retrived via list_enrollments_command
Returns:
human readable (markdown format), entry context and raw response
"""

raw_response: dict = client.get_cps_enrollment_by_id(enrollment_id=enrollment_id)

title = f'{INTEGRATION_NAME} - get cps enrollment by id command'
entry_context = raw_response
human_readable_ec = raw_response
context_entry: dict = {
f"{INTEGRATION_CONTEXT_NAME}.Cps.Enrollments": entry_context
}

human_readable = tableToMarkdown(
name=title,
t=human_readable_ec,
removeNull=True,
)
return human_readable, context_entry, raw_response


''' COMMANDS MANAGER / SWITCH PANEL '''


Expand Down Expand Up @@ -6006,6 +6132,8 @@ def main():
f'{INTEGRATION_COMMAND_NAME}-update-cps-enrollment': update_cps_enrollment_command,
f'{INTEGRATION_COMMAND_NAME}-update-cps-enrollment-schedule': update_cps_enrollment_schedule_command,
f'{INTEGRATION_COMMAND_NAME}-get-cps-change-status': get_cps_change_status_command,
f'{INTEGRATION_COMMAND_NAME}-cancel-cps-change': cancel_cps_change_command,
f'{INTEGRATION_COMMAND_NAME}-get-cps-enrollment-by-id': get_cps_enrollment_by_id_command,
}
try:
readable_output, outputs, raw_response = commands[command](client=client, **demisto.args())
Expand Down
23 changes: 22 additions & 1 deletion Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1489,7 +1489,28 @@ script:
- contextPath: Akamai.Enrollments.Change.Status
description: Akamai enrollments change status.
type: Dictionary
dockerimage: demisto/auth-utils:1.0.0.94075
- arguments:
- defaultValue: '0'
description: The change for this enrollment on which to perform the desired operation. Default is 0. "change_path" is used.
name: change_id
required: true
- defaultValue: '0'
description: Enrollment on which to perform the desired operation. Default is 0. "change_path" is used.
name: enrollment_id
required: true
- description: "Change path on which to perform the desired operation. Sample: /cps/v2/enrollments/100000/changes/88888888. Note: change_path is not listed in the reference as a parameter. However it can be extracted directly from \"list_enrollments_command\". This should be the most common usage when generating the RestAPI's URL."
name: change_path
- description: For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.
name: account_switch_key
description: Cancels a pending change on CPS.
name: akamai-cancel-cps-change
- arguments:
- description: Enrollment ID on which to perform the desired operation.
name: enrollment_id
required: true
description: Get an enrollment in CPS by enrollment id.
name: akamai-get-cps-enrollment-by-id
dockerimage: demisto/auth-utils:1.0.0.105764
script: ''
subtype: python3
type: python
Expand Down
57 changes: 57 additions & 0 deletions Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@ def util_load_json(path):
return json.loads(f.read())


def util_load_txt(path: str):
"""
Utility to load text data from a local folder.
"""
with open(path, encoding='utf-8') as file:
return file.read()


@pytest.fixture(scope='module')
def akamai_waf_client():
return Client(base_url="https://hostname/",
Expand Down Expand Up @@ -250,3 +258,52 @@ def test_acknowledge_warning_command(mocker, akamai_waf_client):
assert expected_raw_response == raw_response
assert expected_human_readable == human_readable
assert expected_context_entry == context_entry


def test_cancel_cps_change_command(mocker, akamai_waf_client):
"""
Given:
- enrollment ID and change ID.
When:
- running the command cancel_cps_change_command.
Then:
- enrollment ID is cancelled correctly.
"""
from Akamai_WAF import cancel_cps_change_command
expected_raw_response = {
"change": "/cps/v2/enrollments/193622/changes/3914270"
}
expected_human_readable = "### Akamai WAF - cps cancel change\n|change|\n|---|\n|\
/cps/v2/enrollments/193622/changes/3914270 |\n"
expected_context_entry = {
'Akamai.Cps.Change.Canceled': {
'change': '/cps/v2/enrollments/193622/changes/3914270'
}
}
mocker.patch.object(akamai_waf_client, 'cancel_cps_change', return_value=expected_raw_response)
human_readable, context_entry, raw_response = cancel_cps_change_command(client=akamai_waf_client,
enrollment_id="193622",
change_id="3914270")
assert expected_raw_response == raw_response
assert expected_human_readable == human_readable
assert expected_context_entry == context_entry


def test_get_cps_enrollment_by_id_command(mocker, akamai_waf_client):
"""
Given:
- enrollment ID.
When:
- running the command get_cps_enrollment_by_id_command.
Then:
- we get details of enrollment.
"""
from Akamai_WAF import get_cps_enrollment_by_id_command
test_data = util_load_json('test_data/get_cps_enrollment_by_id_test.json')
expected_raw_response = test_data
expected_context_entry = util_load_json('test_data/get_cps_enrollment_by_id_context.json')

mocker.patch.object(akamai_waf_client, 'get_cps_enrollment_by_id', return_value=expected_raw_response)
_, context_entry, raw_response = get_cps_enrollment_by_id_command(client=akamai_waf_client, enrollment_id=193622)
assert expected_raw_response == raw_response
assert expected_context_entry == context_entry
41 changes: 40 additions & 1 deletion Packs/Akamai_WAF/Integrations/Akamai_WAF/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -1683,4 +1683,43 @@ Gets the status of a pending change.
}
}
}}}}
```
```
### akamai-get-cps-enrollment-by-id

***
Get an enrollment in CPS by enrollment id

#### Base Command

`akamai-get-cps-enrollment-by-id`

#### Input

| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
| enrollment_id | Enrollment on which to perform the desired operation. | Required |

#### Context Output

There is no context output for this command.
### akamai-cancel-cps-change

***
Cancels a pending change on CPS.

#### Base Command

`akamai-cancel-cps-change`

#### Input

| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
| change_id | The change for this enrollment on which to perform the desired operation. Default is 0. "change_path" is used. Default is 0. | Required |
| enrollment_id | Enrollment on which to perform the desired operation. Default is 0. "change_path" is used. Default is 0. | Required |
| change_path | Change path on which to perform the desired operation. Sample: /cps/v2/enrollments/100000/changes/88888888. Note: change_path is not listed in the reference as a parameter. However it can be extracted directly from "list_enrollments_command". This should be the most common useage when generate RestAPI's URL. | Optional |
| account_switch_key | For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys. | Optional |

#### Context Output

There is no context output for this command.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"Akamai.Cps.Enrollments": {"adminContact": {"addressLineOne": "601 Riverside Avenue", "addressLineTwo": null, "city": null, "country": null, "email": "[email protected]", "firstName": "FIS", "lastName": "Akamaizers", "organizationName": null, "phone": "123-123-1234", "postalCode": null, "region": null, "title": null}, "assignedSlots": [168334], "autoRenewalStartTime": null, "certificateChainType": "default", "certificateType": "third-party", "changeManagement": true, "csr": {"c": "US", "cn": "tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com", "l": "Jacksonville", "o": "Fidelity National Information Services", "ou": "Fidelity National Information Services", "preferredTrustChain": null, "sans": ["tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com"], "st": "Florida"}, "enableMultiStackedCertificates": true, "id": 190080, "location": "/cps/v2/enrollments/190080", "maxAllowedSanNames": 100, "maxAllowedWildcardSanNames": 100, "networkConfiguration": {"clientMutualAuthentication": null, "disallowedTlsVersions": ["TLSv1","TLSv1_1"], "dnsNameSettings": {"cloneDnsNames":true,"dnsNames":["tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com"]}, "fipsMode": null, "geography": "core", "mustHaveCiphers": "ak-akamai-2020q1", "ocspStapling": "on", "preferredCiphers": "ak-akamai-2020q1", "quicEnabled": true, "secureNetwork": "enhanced-tls", "sniOnly": true}, "org": {"addressLineOne": "601 Riverside Avenue", "addressLineTwo": null, "city": "Jacksonville", "country": "US", "name": "Fidelity National Information Services", "phone": "501-220-5100", "postalCode": "32204", "region": "Florida"}, "orgId": null, "pendingChanges": [{"changeType":"renewal","location":"/cps/v2/enrollments/190080/changes/5231996"}], "productionSlots": [168334], "ra": "third-party", "signatureAlgorithm": null, "stagingSlots": [168334], "techContact": {"addressLineOne": null, "addressLineTwo": null, "city": null, "country": null, "email": "[email protected]", "firstName": "FIS", "lastName": "PS", "organizationName": null, "phone": "877-425-2832", "postalCode": null, "region": null, "title": null}, "thirdParty": {"excludeSans": false}, "validationType": "third-party"}}
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"adminContact":{
"addressLineOne":"601 Riverside Avenue",
"addressLineTwo":null,
"city":null,
"country":null,
"email":"[email protected]",
"firstName":"FIS",
"lastName":"Akamaizers",
"organizationName":null,
"phone":"123-123-1234",
"postalCode":null,
"region":null,
"title":null
},
"assignedSlots":[168334],
"autoRenewalStartTime":null,
"certificateChainType":"default",
"certificateType":"third-party",
"changeManagement":true,
"csr":{"c":"US","cn":"tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com","l":"Jacksonville","o":"Fidelity National Information Services","ou":"Fidelity National Information Services","preferredTrustChain":null,"sans":["tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com"],"st":"Florida"},"enableMultiStackedCertificates":true,"id":190080,"location":"/cps/v2/enrollments/190080","maxAllowedSanNames":100,"maxAllowedWildcardSanNames":100,"networkConfiguration":{"clientMutualAuthentication":null,"disallowedTlsVersions":["TLSv1","TLSv1_1"],"dnsNameSettings":{"cloneDnsNames":true,"dnsNames":["tools-portal-app-mbp-amex-batest.dev.fiscloudservices.com"]},"fipsMode":null,"geography":"core","mustHaveCiphers":"ak-akamai-2020q1","ocspStapling":"on","preferredCiphers":"ak-akamai-2020q1","quicEnabled":true,"secureNetwork":"enhanced-tls","sniOnly":true},"org":{"addressLineOne":"601 Riverside Avenue","addressLineTwo":null,"city":"Jacksonville","country":"US","name":"Fidelity National Information Services","phone":"501-220-5100","postalCode":"32204","region":"Florida"},"orgId":null,"pendingChanges":[{"changeType":"renewal","location":"/cps/v2/enrollments/190080/changes/5231996"}],"productionSlots":[168334],"ra":"third-party","signatureAlgorithm":null,"stagingSlots":[168334],"techContact":{"addressLineOne":null,"addressLineTwo":null,"city":null,"country":null,"email":"[email protected]","firstName":"FIS","lastName":"PS","organizationName":null,"phone":"877-425-2832","postalCode":null,"region":null,"title":null},
"thirdParty":{"excludeSans":false},
"validationType":"third-party"
}
9 changes: 9 additions & 0 deletions Packs/Akamai_WAF/ReleaseNotes/2_0_12.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@

#### Integrations

##### Akamai WAF
- Updated the Docker image to: *demisto/auth-utils:1.0.0.105764*.

- Added 2 commands:
- ***akamai-cancel-cps-change***
- ***akamai-get-cps-enrollment-by-id***
Loading

0 comments on commit f15f14b

Please sign in to comment.