def make_classifier_depend_on_incident_type_default(classifier: JSONBased, incident_type: JSONBased):
incident_type_id = incident_type.read_json_as_dict().get('id')
classifier.update({'defaultIncidentType': incident_type_id})
def make_integration_depend_on_incident_type(integration: Integration, incident_type: JSONBased):
incident_type_id = incident_type.read_json_as_dict().get('id')
integration.yml.update({'defaultIncidentType': incident_type_id})
def make_widget_depend_on_script(widget: JSONBased, script: Script):
script_id = script.yml.read_dict().get('commonfields').get('id')
widget.update({'dataType': 'scripts', 'query': script_id})
def make_integration_depend_on_mapper_out(integration: Integration, mapper: JSONBased):
mapper_id = mapper.read_json_as_dict().get('id')
integration.yml.update({'defaultmapperout': mapper_id})
def make_integration_depend_on_classifier(integration: Integration, classifier: JSONBased):
classifier_id = classifier.read_json_as_dict().get('id')
integration.yml.update({'defaultclassifier': classifier_id})
def __init__(self, packs_dir: Path, name: str, repo):
# Initiate lists:
self._repo = repo
self.repo_path = repo.path
self.integrations: List[Integration] = list()
self.scripts: List[Script] = list()
self.classifiers: List[JSONBased] = list()
self.mappers: List[JSONBased] = list()
self.dashboards: List[JSONBased] = list()
self.incident_types: List[JSONBased] = list()
self.incident_fields: List[JSONBased] = list()
self.indicator_fields: List[JSONBased] = list()
self.indicator_types: List[JSONBased] = list()
self.layouts: List[JSONBased] = list()
self.layoutcontainers: List[JSONBased] = list()
self.reports: List[JSONBased] = list()
self.widgets: List[JSONBased] = list()
self.playbooks: List[Playbook] = list()
self.test_playbooks: List[Playbook] = list()
self.release_notes: List[TextBased] = list()
# Create base pack
self._pack_path = packs_dir / name
self._pack_path.mkdir()
self.path = str(self._pack_path)
# Create repo structure
self._integrations_path = self._pack_path / 'Integrations'
self._integrations_path.mkdir()
self._scripts_path = self._pack_path / 'Scripts'
self._scripts_path.mkdir()
self._playbooks_path = self._pack_path / 'Playbooks'
self._playbooks_path.mkdir()
self._test_playbooks_path = self._pack_path / 'TestPlaybooks'
self._test_playbooks_path.mkdir()
self._classifiers_path = self._pack_path / 'Classifiers'
self._classifiers_path.mkdir()
self._mappers_path = self._classifiers_path
self._dashboards_path = self._pack_path / 'Dashboards'
self._dashboards_path.mkdir()
self._incidents_field_path = self._pack_path / 'IncidentFields'
self._incidents_field_path.mkdir()
self._incident_types_path = self._pack_path / 'IncidentTypes'
self._incident_types_path.mkdir()
self._indicator_fields = self._pack_path / 'IndicatorFields'
self._indicator_fields.mkdir()
self._indicator_types = self._pack_path / 'IndicatorTypes'
self._indicator_types.mkdir()
self._layout_path = self._pack_path / 'Layouts'
self._layout_path.mkdir()
self._report_path = self._pack_path / 'Reports'
self._report_path.mkdir()
self._widget_path = self._pack_path / 'Widgets'
self._widget_path.mkdir()
self._release_notes = self._pack_path / 'ReleaseNotes'
self._release_notes.mkdir()
self.secrets = Secrets(self._pack_path)
self.pack_ignore = TextBased(self._pack_path, '.pack-ignore')
self.readme = TextBased(self._pack_path, 'README.md')
self.pack_metadata = JSONBased(self._pack_path, 'pack_metadata', '')
class Repo:
"""A class that mocks a content repo
Note:
Do not include the `self` parameter in the ``Args`` section.
Args:
tmpdir: A Path to the root of the repo
Attributes:
path: A path to the content pack.
secrets: Exception error code.
packs: A list of created packs
"""
def __init__(self, tmpdir: Path):
self.packs: List[Pack] = list()
self._tmpdir = tmpdir
self._packs_path = tmpdir / 'Packs'
self._packs_path.mkdir()
self.path = str(self._tmpdir)
# Initiate ./Tests/ dir
self._test_dir = tmpdir / 'Tests'
self._test_dir.mkdir()
# Secrets
self.secrets = GlobalSecrets(self._test_dir)
self.secrets.write_secrets()
self.global_secrets_path = self.secrets.path
# Conf.json
self.conf = ConfJSON(self._test_dir, 'conf.json', '')
self.conf.write_json()
self.content_descriptor = JSONBased(self._tmpdir, 'content-descriptor',
'')
self.content_descriptor.write_json({})
self.id_set = JSONBased(self._test_dir, 'id_set', '')
self.id_set.write_json({
'scripts': [],
'playbooks': [],
'integrations': [],
'TestPlaybooks': [],
'Classifiers': [],
'Dashboards': [],
'IncidentFields': [],
'IncidentTypes': [],
'IndicatorFields': [],
'IndicatorTypes': [],
'Layouts': [],
'Reports': [],
'Widgets': [],
'Mappers': [],
})
def __del__(self):
shutil.rmtree(self.path, ignore_errors=True)
def setup_one_pack(self, name):
"""Sets up a new pack in the repo, and includes one per each content entity.
Args:
name (string): Name of the desired pack.
"""
pack = self.create_pack(name)
script = pack.create_script(f'{name}_script')
script.create_default_script()
script.yml.update({'commonfields': {'id': f'{name}_script'}})
script.yml.update({'name': f'{name}_script'})
script.yml.update({'display': f'{name}_script'})
integration = pack.create_integration(f'{name}_integration')
integration.create_default_integration()
integration.yml.update({'commonfields': {'id': f'{name}_integration'}})
integration.yml.update({'name': f'{name}_integration'})
integration.yml.update({'display': f'{name}_integration'})
integration_content = integration.yml.read_dict()
integration_content['script']['commands'][0][
'name'] = f'command_{name}_integration'
integration.yml.write_dict(integration_content)
classifier = pack.create_classifier(f'{name}_classifier')
classifier.write_json({'id': f'{name} - classifier'})
classifier.update({'name': f'{name} - classifier'})
classifier.update({'transformer': ''})
classifier.update({'keyTypeMap': {}})
classifier.update({'type': 'classification'})
layout = pack.create_layout(f'{name}_layout')
layout.write_json({'id': f'{name} - layout'})
layout.update({'name': f'{name} - layout'})
layout.update({'kind': ''})
layoutcontainer = pack.create_layoutcontainer(
f'{name}_layoutcontainer')
layoutcontainer.write_json({'id': f'{name} - layoutcontainer'})
layoutcontainer.update({'group': f'{name} - layoutcontainer'})
layoutcontainer.update({'detailsV2': {}})
mapper = pack.create_mapper(f'{name}_mapper')
mapper.write_json({'id': f'{name} - mapper'})
mapper.update({'name': f'{name} - mapper'})
mapper.update({'mapping': {}})
mapper.update({'type': 'mapping'})
incident_type = pack.create_incident_type(f'{name}_incident-type')
incident_type.write_json({'id': f'{name} - incident_type'})
incident_type.update({'name': f'{name} - incident_type'})
incident_type.update({'preProcessingScript': ''})
incident_type.update({'color': 'test'})
incident_field = pack.create_incident_field(f'{name}_incident-field')
incident_field.write_json({'id': f'incident_{name} - incident_field'})
incident_field.update({'name': f'incident_{name} - incident_field'})
indicator_type = pack.create_indicator_type(f'{name}_indicator-type')
indicator_type.write_json({'id': f'{name} - indicator_type'})
indicator_type.update({'name': f'{name} - indicator_type'})
indicator_type.update({'regex': ''})
indicator_field = pack.create_indicator_field(
f'{name}_indicator-field')
indicator_field.write_json(
{'id': f'indicator_{name} - indicator_field'})
indicator_field.update({'name': f'indicator_{name} - indicator_field'})
dashboard = pack.create_dashboard(f'{name}_dashboard')
dashboard.write_json({'id': f'{name} - dashboard'})
dashboard.update({'name': f'{name} - dashboard'})
dashboard.update({'layout': ''})
report = pack.create_report(f'{name}_report')
report.write_json({'id': f'{name} - report'})
report.update({'name': f'{name} - report'})
report.update({'orientation': ''})
widget = pack.create_widget(f'{name}_widget')
widget.write_json({'id': f'{name} - widget'})
widget.update({'name': f'{name} - widget'})
widget.update({'widgetType': ''})
playbook = pack.create_playbook(f'{name}_playbook')
playbook.create_default_playbook()
playbook.yml.update({'id': f'{name}_playbook'})
playbook.yml.update({'name': f'{name}_playbook'})
test_playbook = pack.create_test_playbook(f'{name}_test_playbook')
test_playbook.create_default_playbook()
test_playbook.yml.update({'id': f'{name}_test_playbook'})
test_playbook.yml.update({'name': f'{name}_test_playbook'})
def setup_content_repo(self, number_of_packs):
"""Creates a fully constructed content repository, where packs names will pack_<index>.
Args:
number_of_packs (int): Amount of packs to be created in the repo.
"""
for i in range(number_of_packs):
self.setup_one_pack(f'pack_{i}')
def create_pack(self, name: Optional[str] = None):
if name is None:
name = f'pack_{len(self.packs)}'
pack = Pack(self._packs_path, name, repo=self)
self.packs.append(pack)
return pack
def working_dir(self):
return self.path
class Contribution:
"""A class that mocks a contribution zip file downloaded from a demisto server
Note:
Do not include the `self` parameter in the ``Args`` section.
Args:
name: name of the contribution (used in metadata.json file)
Attributes:
path (str): A path to the contribution zip file.
integrations: A list contains any created integration
scripts: A list contains any created Script
"""
def __init__(self, tmpdir: Path, name: str, repo):
# Initiate lists:
self._repo = repo
self.repo_path = repo.path
self.target_dir = tmpdir
self.integrations: List[Integration] = list()
self.scripts: List[Script] = list()
self.classifiers: List[JSONBased] = list()
self.mapper: List[JSONBased] = list()
self.dashboards: List[JSONBased] = list()
self.incident_types: List[JSONBased] = list()
self.incident_field: List[JSONBased] = list()
self.indicator_field: List[JSONBased] = list()
self.layouts: List[JSONBased] = list()
self.layouts_containers: List[JSONBased] = list()
self.name = name
self.created_zip_filepath = ''
# Create contribution structure
self._integrations_path = self.target_dir / 'integration'
self._integrations_path.mkdir()
self._scripts_path = self.target_dir / 'automation'
self._scripts_path.mkdir()
self._playbooks_path = self.target_dir / 'playbook'
self._playbooks_path.mkdir()
self._classifiers_path = self.target_dir / 'classifier'
self._classifiers_path.mkdir()
self._mappers_path = self._classifiers_path
self._dashboards_path = self.target_dir / 'dashboard'
self._dashboards_path.mkdir()
self._incident_fields_path = self.target_dir / 'incidentfield'
self._incident_fields_path.mkdir()
self._incident_types_path = self.target_dir / 'incidenttype'
self._incident_types_path.mkdir()
self._indicator_fields_path = self.target_dir / 'indicatorfield'
self._indicator_fields_path.mkdir()
self._reports_path = self.target_dir / 'report'
self._reports_path.mkdir()
self._reputations_path = self.target_dir / 'reputation'
self._reputations_path.mkdir()
self._layouts_path = self.target_dir / 'layout'
self._layouts_path.mkdir()
self._layoutscontainer_path = self.target_dir / 'layoutscontainer'
self._layoutscontainer_path.mkdir()
def create_integration(self,
name: Optional[str] = None,
unified: Optional[bool] = True):
if name is None:
name = f'integration{len(self.integrations)}'
integration = Integration(self._integrations_path, name, self._repo,
unified)
integration.create_default_integration()
self.integrations.append(integration)
return integration
def create_script(self,
name: Optional[str] = None,
unified: Optional[bool] = True):
if name is None:
name = f'script{len(self.scripts)}'
script = Script(self._scripts_path, name, self._repo, unified)
script.create_default_script()
self.scripts.append(script)
return script
def create_test_script(self):
script = self.create_script('sample_script')
script.create_default_script()
return script
def _create_json_based(self,
name,
prefix: str,
content: dict = None,
dir_path: Path = None):
if content is None:
content = {}
if dir_path:
obj = JSONBased(dir_path, name, prefix)
else:
obj = JSONBased(self.target_dir, name, prefix)
obj.write_json(content)
return obj
def _create_text_based(self,
name,
content: str = '',
dir_path: Path = None):
if dir_path:
obj = TextBased(dir_path, name)
else:
obj = TextBased(self.target_dir, name)
obj.write_text(content)
return obj
def create_classifier(self, name, content: dict = None):
prefix = 'classifier'
classifier = self._create_json_based(name,
prefix,
content,
dir_path=self._classifiers_path)
self.classifiers.append(classifier)
return classifier
def create_mapper(self, name, content: dict = None):
prefix = 'classifier-mapper'
mapper = self._create_json_based(name,
prefix,
content,
dir_path=self._mappers_path)
self.mapper.append(mapper)
return mapper
def create_dashboard(self, name, content: dict = None):
prefix = 'dashboard'
dashboard = self._create_json_based(name,
prefix,
content,
dir_path=self._dashboards_path)
self.dashboards.append(dashboard)
return dashboard
def create_layout(self, name, content: dict = None):
prefix = LAYOUT
layout = self._create_json_based(name,
prefix,
content,
dir_path=self._layouts_path)
self.layouts.append(layout)
return layout
def create_layoutscontainer(self, name, content: dict = None):
prefix = LAYOUTS_CONTAINER
layoutscontainer = self._create_json_based(
name, prefix, content, dir_path=self._layoutscontainer_path)
self.layouts_containers.append(layoutscontainer)
return layoutscontainer
def create_incident_field(self,
name,
content: dict = None,
release_notes: bool = False):
prefix = 'incident-field'
incident_field = self._create_json_based(
name, prefix, content, dir_path=self._incident_fields_path)
if release_notes:
release_notes_file = self._create_text_based(
f'{incident_field}_CHANGELOG.md',
dir_path=self._incident_fields_path)
self.incident_field.append(release_notes_file)
self.incident_field.append(incident_field)
return incident_field
def create_incident_type(self, name, content: dict = None):
prefix = 'incident-type'
incident_type = self._create_json_based(
name, prefix, content, dir_path=self._incident_types_path)
self.incident_types.append(incident_type)
return incident_type
def create_indicator_field(self, name, content: dict = None):
prefix = 'incident-field'
indicator_field = self._create_json_based(
name, prefix, content, dir_path=self._indicator_fields_path)
self.indicator_field.append(indicator_field)
def create_metadata_for_zip(self):
fake_metadata = {
"name": self.name,
"description": "",
"updated": "0001-01-01T00:00:00Z",
"created": "2020-06-30T10:35:51.24973515Z",
"support": "internalContribution",
"author": "Who Cares",
"authorImage": "",
"supportDetails": {
"url": "",
"email": "*****@*****.**"
}
}
self.metadata = JSONBased(self.target_dir, 'metadata', '')
self.metadata.write_json(fake_metadata)
def create_zip(self,
zip_dst: Optional[Path] = None,
del_src_files: bool = True):
self.create_classifier(name='fakeclassifier')
self.create_dashboard(name='fakedashboard')
self.create_layoutscontainer(name='fakelayoutscontainer')
self.create_layout(name='fakelayout')
self.create_incident_field(name='fakeincidentfield')
self.create_incident_type(name='fakeincidenttype')
self.create_indicator_field(name='fakeindicatorfield')
self.create_mapper(name='fakemapper')
self.create_integration()
self.create_script()
self.create_metadata_for_zip()
if zip_dst:
self.created_zip_filepath = shutil.make_archive(
str(zip_dst / self.name), 'zip', self.target_dir)
else:
self.created_zip_filepath = shutil.make_archive(
str(self.target_dir.parent / self.name), 'zip',
self.target_dir)
if del_src_files:
shutil.rmtree(self.target_dir)
