Merge pull request #13 from splunk-soar-connectors/next

Merging next to main for release 3.0.2

.github/workflows/generate-doc.yml

@@ -0,0 +1,20 @@
+name: Generate Readme Doc
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - '*.json'
+      - 'readme.html'
+      - 'manual_readme_content.md'
+    tags-ignore:
+      - '**'
+    branches-ignore:
+      - next
+      - main
+jobs:
+  generate-doc:
+    runs-on: ubuntu-latest
+    steps:
+     - uses: 'phantomcyber/dev-cicd-tools/github-actions/generate-doc@main'
+       with:
+         GITHUB_TOKEN: ${{ secrets.SOAR_APPS_TOKEN }}

.github/workflows/review-release.yml

@@ -0,0 +1,22 @@
+name: Review Release
+concurrency:
+  group: app-release
+  cancel-in-progress: true
+permissions:
+  contents: read
+  id-token: write
+  statuses: write
+on:
+  workflow_dispatch:
+    inputs:
+      task_token:
+        description: 'StepFunction task token'
+        required: true
+
+jobs:
+  review:
+    uses: 'phantomcyber/dev-cicd-tools/.github/workflows/review-release.yml@main'
+    with:
+      task_token: ${{ inputs.task_token }}
+    secrets:
+      resume_release_role_arn: ${{ secrets.RESUME_RELEASE_ROLE_ARN }}

.pre-commit-config.yaml

@@ -1,11 +1,11 @@
 repos:
 -   repo: https://github.com/phantomcyber/dev-cicd-tools
-    rev: v1.11
+    rev: v1.16
     hooks:
     -   id: org-hook
     -   id: package-app-dependencies
 -   repo: https://github.com/Yelp/detect-secrets
-    rev: v1.1.0
+    rev: v1.4.0
     hooks:
     -   id: detect-secrets
         args: ['--no-verify', '--exclude-files', '^ciscoise.json$']

LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright (c) 2014-2022 Splunk Inc.
+   Copyright (c) 2014-2023 Splunk Inc.
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

NOTICE

@@ -1,5 +1,5 @@
 Splunk SOAR Cisco ISE
-Copyright (c) 2014-2022 Splunk Inc.
+Copyright (c) 2014-2023 Splunk Inc.
 
 Third-party Software Attributions:
 
@@ -8,11 +8,6 @@ Version: 1.3.4
 License: ISC
 Copyright 2012-2016 Nicola Iarocci
 
-Library: requests
-Version: 2.25.0
-License: Apache 2.0
-Kenneth Reitz
-
 Library: xmltodict
 Version: 0.12.0
 License: MIT

__init__.py

@@ -1,6 +1,6 @@
 # File: __init__.py
 #
-# Copyright (c) 2014-2022 Splunk Inc.
+# Copyright (c) 2014-2023 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

ciscoise.json

@@ -5,7 +5,7 @@
     "publisher": "Splunk",
     "type": "network security",
     "main_module": "ciscoise_connector.py",
-    "app_version": "3.0.1",
+    "app_version": "3.0.2",
     "utctime_updated": "2022-03-11T04:16:56.000000Z",
     "package_name": "phantom_ciscoise",
     "product_vendor": "Cisco Systems",
@@ -14,7 +14,7 @@
     "min_phantom_version": "5.1.0",
     "logo": "logo_cisco.svg",
     "logo_dark": "logo_cisco_dark.svg",
-    "license": "Copyright (c) 2014-2022 Splunk Inc.",
+    "license": "Copyright (c) 2014-2023 Splunk Inc.",
     "python_version": "3",
     "fips_compliant": true,
     "latest_tested_version": [
@@ -1903,30 +1903,10 @@
                 "module": "Cerberus",
                 "input_file": "wheels/py3/Cerberus-1.3.4-py3-none-any.whl"
             },
-            {
-                "module": "certifi",
-                "input_file": "wheels/shared/certifi-2021.10.8-py2.py3-none-any.whl"
-            },
-            {
-                "module": "chardet",
-                "input_file": "wheels/shared/chardet-3.0.4-py2.py3-none-any.whl"
-            },
-            {
-                "module": "idna",
-                "input_file": "wheels/shared/idna-2.10-py2.py3-none-any.whl"
-            },
-            {
-                "module": "requests",
-                "input_file": "wheels/shared/requests-2.25.0-py2.py3-none-any.whl"
-            },
             {
                 "module": "setuptools",
                 "input_file": "wheels/py3/setuptools-59.6.0-py3-none-any.whl"
             },
-            {
-                "module": "urllib3",
-                "input_file": "wheels/shared/urllib3-1.26.8-py2.py3-none-any.whl"
-            },
             {
                 "module": "xmltodict",
                 "input_file": "wheels/shared/xmltodict-0.12.0-py2.py3-none-any.whl"
@@ -1939,34 +1919,14 @@
                 "module": "Cerberus",
                 "input_file": "wheels/py3/Cerberus-1.3.4-py3-none-any.whl"
             },
-            {
-                "module": "certifi",
-                "input_file": "wheels/shared/certifi-2021.10.8-py2.py3-none-any.whl"
-            },
-            {
-                "module": "chardet",
-                "input_file": "wheels/shared/chardet-3.0.4-py2.py3-none-any.whl"
-            },
-            {
-                "module": "idna",
-                "input_file": "wheels/shared/idna-2.10-py2.py3-none-any.whl"
-            },
-            {
-                "module": "requests",
-                "input_file": "wheels/shared/requests-2.25.0-py2.py3-none-any.whl"
-            },
             {
                 "module": "setuptools",
-                "input_file": "wheels/py3/setuptools-60.8.2-py3-none-any.whl"
-            },
-            {
-                "module": "urllib3",
-                "input_file": "wheels/shared/urllib3-1.26.8-py2.py3-none-any.whl"
+                "input_file": "wheels/py3/setuptools-69.0.2-py3-none-any.whl"
             },
             {
                 "module": "xmltodict",
                 "input_file": "wheels/shared/xmltodict-0.12.0-py2.py3-none-any.whl"
             }
         ]
     }
-}
+}

ciscoise_connector.py

@@ -1,6 +1,6 @@
 # File: ciscoise_connector.py
 #
-# Copyright (c) 2014-2022 Splunk Inc.
+# Copyright (c) 2014-2023 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -87,11 +87,11 @@ def _validate_integers(self, action_result, parameter, key, allow_zero=False):
         if parameter is not None:
             try:
                 if not float(parameter).is_integer():
-                    return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_INVALID_PARAM.format(key)), None
+                    return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_INVALID_PARAM.format(key)), None
                 parameter = int(parameter)
 
             except Exception:
-                return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_INVALID_PARAM.format(key)), None
+                return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_INVALID_PARAM.format(key)), None
 
             if parameter < 0:
                 return action_result.set_status(phantom.APP_ERROR,
@@ -132,7 +132,7 @@ def _call_ers_api(self, endpoint, action_result, data=None, allow_unknown=True,
             request_func = getattr(requests, method)
         except AttributeError as e:
             self.debug_print("Exception occurred: {}".format(e))
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_REST_API, e), ret_data
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_REST_API, e), ret_data
         try:
             headers = {"Content-Type": "application/json", "ACCEPT": "application/json"}
             resp = request_func(  # nosemgrep: python.requests.best-practice.use-timeout.use-timeout
@@ -144,7 +144,7 @@ def _call_ers_api(self, endpoint, action_result, data=None, allow_unknown=True,
             )
         except Exception as e:
             self.debug_print("Exception occurred: {}".format(e))
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_REST_API, e), ret_data
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_REST_API, e), ret_data
 
         if not (200 <= resp.status_code < 399):
             error_message = resp.text
@@ -156,7 +156,7 @@ def _call_ers_api(self, endpoint, action_result, data=None, allow_unknown=True,
             return (
                 action_result.set_status(
                     phantom.APP_ERROR,
-                    CISCOISE_ERR_REST_API_ERR_CODE,
+                    CISCOISE_REST_API_ERROR_CODE,
                     code=resp.status_code,
                     message=error_message
                 ),
@@ -190,13 +190,13 @@ def _call_rest_api(self, endpoint, action_result, schema=None, data=None, allow_
                 auth=self._auth)
         except Exception as e:
             self.debug_print("Exception occurred: {}".format(e))
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_REST_API, e), ret_data
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_REST_API, e), ret_data
 
         if resp.status_code != 200:
             return (
                 action_result.set_status(
                     phantom.APP_ERROR,
-                    CISCOISE_ERR_REST_API_ERR_CODE,
+                    CISCOISE_REST_API_ERROR_CODE,
                     code=resp.status_code,
                     message=resp.text,
                 ),
@@ -210,14 +210,14 @@ def _call_rest_api(self, endpoint, action_result, schema=None, data=None, allow_
             response_dict = xmltodict.parse(xml)
         except Exception as e:
             self.debug_print("Exception occurred: {}".format(e))
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_UNABLE_TO_PARSE_REPLY, e), ret_data
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_UNABLE_TO_PARSE_REPLY, e), ret_data
 
         ret_data = response_dict
 
         if schema is not None:
             v = Validator(schema, allow_unknown=allow_unknown)
             if v.validate(ret_data) is False:
-                action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_UNABLE_TO_PARSE_REPLY)
+                action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_UNABLE_TO_PARSE_REPLY)
                 action_result.append_to_message(v.errors)
                 return action_result.get_status(), ret_data
 
@@ -372,15 +372,15 @@ def _logoff_system(self, param):
         remote_coa = ret_data.get("remoteCoA")
 
         if remote_coa is None:
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_PARSE_REPLY)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_PARSE_REPLY)
 
         result = remote_coa.get("results")
 
         if result is None:
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_PARSE_REPLY)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_PARSE_REPLY)
 
         if result == "false":
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_LOGOFF_SYSTEM)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_LOGOFF_SYSTEM)
 
         return action_result.set_status(phantom.APP_SUCCESS)
 
@@ -412,15 +412,15 @@ def _terminate_session(self, param):
         remote_coa = ret_data.get("remoteCoA")
 
         if remote_coa is None:
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_PARSE_REPLY)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_PARSE_REPLY)
 
         result = remote_coa.get("results")
 
         if result is None:
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_PARSE_REPLY)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_PARSE_REPLY)
 
         if result == "false":
-            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_TERMINATE_SESSION)
+            return action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_TERMINATE_SESSION)
 
         return action_result.set_status(phantom.APP_SUCCESS, CISCOISE_SUCC_SESSION_TERMINATED)
 
@@ -602,7 +602,7 @@ def _handle_policy_change(self, action_result, param, change_type="apply"):
             payload["OperationAdditionalData"]["additionalData"][0]["name"] = "ipAddress"
         else:
             return (
-                action_result.set_status(phantom.APP_ERROR, CISCOISE_ERR_MAC_AND_IP_NOT_SPECIFIED),
+                action_result.set_status(phantom.APP_ERROR, CISCOISE_ERROR_MAC_AND_IP_NOT_SPECIFIED),
                 ret_data,
             )
 
@@ -708,14 +708,14 @@ def _test_connectivity_to_device(self, base_url, verify=True):
                 verify=verify)
         except Exception as e:
             self.debug_print("Exception is test connectivity: {}".format(e))
-            return self.set_status_save_progress(phantom.APP_ERROR, CISCOISE_ERR_TEST_CONNECTIVITY_FAILED)
+            return self.set_status_save_progress(phantom.APP_ERROR, CISCOISE_ERROR_TEST_CONNECTIVITY_FAILED)
 
         if resp.status_code == 200:
             return self.set_status_save_progress(phantom.APP_SUCCESS, CISCOISE_SUCC_TEST_CONNECTIVITY_PASSED)
         else:
             return self.set_status_save_progress(
                 phantom.APP_ERROR,
-                CISCOISE_ERR_TEST_CONNECTIVITY_FAILED_ERR_CODE,
+                CISCOISE_TEST_CONNECTIVITY_FAILED_ERROR_CODE,
                 code=resp.status_code
             )
 

ciscoise_consts.py

@@ -1,6 +1,6 @@
 # File: ciscoise_consts.py
 #
-# Copyright (c) 2014-2022 Splunk Inc.
+# Copyright (c) 2014-2023 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -33,22 +33,22 @@
 ERS_POLICIES = ":9060/ers/config/ancpolicy"
 
 # Error/Success
-CISCOISE_ERR_TEST_CONNECTIVITY_FAILED = "Test connectivity failed"
-CISCOISE_ERR_TEST_CONNECTIVITY_FAILED_ERR_CODE = "Test connectivity failed with status code: '{code}'"
+CISCOISE_ERROR_TEST_CONNECTIVITY_FAILED = "Test connectivity failed"
+CISCOISE_TEST_CONNECTIVITY_FAILED_ERROR_CODE = "Test connectivity failed with status code: '{code}'"
 CISCOISE_SUCC_TEST_CONNECTIVITY_PASSED = "Test connectivity passed"
-CISCOISE_ERR_REST_API = "REST Api error"
-CISCOISE_ERR_REST_API_ERR_CODE = "REST Api error with status code: {code}, Message from server: {message}"
-CISCOISE_ERR_UNABLE_TO_PARSE_REPLY = "Parsing error, Unable to convert xml reply to json"
+CISCOISE_ERROR_REST_API = "REST Api error"
+CISCOISE_REST_API_ERROR_CODE = "REST Api error with status code: {code}, Message from server: {message}"
+CISCOISE_ERROR_UNABLE_TO_PARSE_REPLY = "Parsing error, Unable to convert xml reply to json"
 CISCOISE_SUCC_SESSION_TERMINATED = "Session terminated"
-CISCOISE_ERR_PARSE_REPLY = "Error parsing reply"
-CISCOISE_ERR_TERMINATE_SESSION = "Session termination failed. Session possibly not found"
-CISCOISE_ERR_LOGOFF_SYSTEM = "System Logoff failed"
-CISCOISE_ERR_MAC_AND_IP_NOT_SPECIFIED = "Please specify a valid mac or ip address to execute action"
-CISCOISE_ERR_ACTION_FAILED = "Action failed with error code: {error_code}"
+CISCOISE_ERROR_PARSE_REPLY = "Error parsing reply"
+CISCOISE_ERROR_TERMINATE_SESSION = "Session termination failed. Session possibly not found"
+CISCOISE_ERROR_LOGOFF_SYSTEM = "System Logoff failed"
+CISCOISE_ERROR_MAC_AND_IP_NOT_SPECIFIED = "Please specify a valid mac or ip address to execute action"
+CISCOISE_ERROR_ACTION_FAILED = "Action failed with error code: {error_code}"
 CISCOISE_SUCC_LIST_ENDPOINTS = "{0} Endpoints found"
 CISCOISE_SUCC_GET_ENDPOINT = "Endpoint found"
 CISCOISE_SUCC_UPDATE_ENDPOINT = "Endpoint updated"
-CISCOISE_ERR_INVALID_PARAM = "Please provide a non-zero positive integer in {param}"
+CISCOISE_ERROR_INVALID_PARAM = "Please provide a non-zero positive integer in {param}"
 CISCOISE_MAP_IP_ABSENT_ERROR = "Please provide either mac address or ip address"
 CISCOISE_ERS_CRED_MISSING = "ERS credentials in asset configuration are required for this action"
 DEFAULT_MAX_RESULTS = 7