npm - @jupiterone/integration-sdk-cli - Versions diffs - 9.4.1 → 9.6.0 - Mend

@jupiterone/integration-sdk-cli 9.4.1 → 9.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/src/generator/relationshipsFlow.ts ADDED Viewed

@@ -0,0 +1,73 @@
+import { askRepeatedly, generateChoicesFromEntities } from './util';
+import { RelationshipClass } from '@jupiterone/data-model';
+export type Relationship = {
+  from: any;
+  to: any;
+  _class: any;
+};
+async function relationshipsFlow(inquirer, entities): Promise<Relationship[]> {
+  const relationships: Relationship[] = [];
+  const { doPrompt } = await inquirer.prompt({
+    type: 'confirm',
+    name: 'doPrompt',
+    message: 'Do you want to add relationships?',
+  });
+  if (!doPrompt) return relationships;
+  const entityChoices = generateChoicesFromEntities(entities);
+  await askRepeatedly(inquirer, async () => {
+    const relationship = await createRelationship(inquirer, entityChoices);
+    relationships.push(relationship);
+  });
+  return relationships;
+}
+async function createRelationship(inquirer, entityChoices) {
+  const { from } = await inquirer.prompt({
+    type: 'list',
+    name: 'from',
+    message: 'What entity should the relationship be from?',
+    choices: entityChoices,
+    pageSize: entityChoices.length,
+  });
+  const { to } = await inquirer.prompt({
+    type: 'list',
+    name: 'to',
+    message: 'What entity should the relationship be to?',
+    choices: entityChoices,
+    pageSize: entityChoices.length,
+  });
+  const { _class } = await inquirer.prompt({
+    type: 'list',
+    name: '_class',
+    message: 'What should the _class be?',
+    choices: relationshipClassChoices(),
+    pageSize: 10,
+  });
+  return { from, to, _class };
+}
+function relationshipClassChoices() {
+  const choices: { name: string; value: string }[] = [];
+  for (const [name, value] of Object.entries(RelationshipClass)) {
+    choices.push({
+      name,
+      value,
+    });
+  }
+  choices.sort((a, b) => {
+    if (a.name < b.name) {
+      return -1;
+    } else {
+      return 1;
+    }
+  });
+  return choices;
+}
+export { relationshipsFlow };

package/src/generator/stepTemplate/index.ts.hbs ADDED Viewed

@@ -0,0 +1,24 @@
+import {
+  IntegrationStep,
+  IntegrationStepExecutionContext,
+} from '@jupiterone/integration-sdk-core';
+import { IntegrationConfig } from '../../config';
+import { Steps{{#if entities}}, Entities{{/if}}{{#if relationships}}, Relationships{{/if}} } from '../constants';
+export const {{camelCase name}}Steps: IntegrationStep<IntegrationConfig>[] = [
+  {
+    id: Steps.{{constantCase name}},
+    name: '{{titleCase name}}',
+    entities: [{{#each entities}}Entities.{{constantCase resourceName}}{{#unless @last}},{{/unless}}{{/each}}],
+    relationships: [{{#each relationships}}Relationships.{{constantCase (generateRelationshipName this)}}{{#unless @last}},{{/unless}}{{/each}}],
+    dependsOn: [],
+    executionHandler: {{camelCase name}},
+  },
+];
+export async function {{camelCase name}}({
+  jobState,
+}: IntegrationStepExecutionContext<IntegrationConfig>) {
+  // TODO
+}

package/src/generator/stepsFlow.ts ADDED Viewed

@@ -0,0 +1,123 @@
+import {
+  generateChoicesFromEntities,
+  confirmPrompt,
+  askRepeatedly,
+} from './util';
+import { generateRelationshipType } from '@jupiterone/integration-sdk-core';
+import { Entity } from './entitiesFlow';
+import { Relationship } from './relationshipsFlow';
+export type Step = {
+  name: string;
+  entities: Entity[];
+  relationships: Relationship[];
+  dependsOn?: string[];
+};
+async function stepsFlow(inquirer, entities, relationships): Promise<Step[]> {
+  const steps: Step[] = [];
+  const { doPrompt } = await inquirer.prompt({
+    type: 'confirm',
+    name: 'doPrompt',
+    message: 'Do you want to declare any steps?',
+  });
+  if (!doPrompt) return steps;
+  await askRepeatedly(inquirer, async () => {
+    const step = await createStep(inquirer, entities, relationships);
+    steps.push(step);
+  });
+  if (steps.length < 1) return steps;
+  const useStepDependenciesFlow = await confirmPrompt(
+    inquirer,
+    'Do you want to declare any step dependencies?',
+  );
+  if (!useStepDependenciesFlow) return steps;
+  for (const [i, step] of steps.entries()) {
+    const { dependsOn } = await inquirer.prompt({
+      type: 'checkbox-plus',
+      name: 'dependsOn',
+      message: `Which steps does '${step.name}' directly depend on?`,
+      searchable: true,
+      pageSize: 10,
+      validate(input) {
+        return true;
+      },
+      source(ans, input) {
+        return new Promise((resolve) => {
+          const choices = choicesWithoutSelf(steps, i);
+          if (input) {
+            const filteredChoices = searchSteps(steps, input);
+            resolve(filteredChoices);
+          } else {
+            resolve(choices);
+          }
+        });
+      },
+    });
+    step.dependsOn = dependsOn;
+  }
+  return steps;
+}
+function choicesWithoutSelf(steps: Step[], stepIndex) {
+  return steps
+    .filter((_, ix) => ix !== stepIndex)
+    .map((v) => ({ name: v.name, value: v.name }));
+}
+function searchSteps(steps: Step[], searchString: string) {
+  return steps.filter((v) =>
+    v.name.toLowerCase().includes(searchString.toLowerCase()),
+  );
+}
+async function createStep(inquirer, entities, relationships) {
+  const { name } = await inquirer.prompt({
+    type: 'input',
+    name: 'name',
+    message: 'What should the steps name be?',
+  });
+  const { stepEntities } = await inquirer.prompt({
+    type: 'checkbox',
+    name: 'stepEntities',
+    message: 'What entities will this step produce?',
+    choices: generateChoicesFromEntities(entities),
+  });
+  const { stepRelationships } = await inquirer.prompt({
+    type: 'checkbox',
+    name: 'stepRelationships',
+    message: 'What relationships will this step produce?',
+    choices: generateRelationshipChoices(relationships),
+  });
+  return {
+    name,
+    entities: stepEntities,
+    relationships: stepRelationships,
+  };
+}
+function generateRelationshipChoices(relationships) {
+  const choices: { name: string; value: Relationship }[] = [];
+  for (const rel of relationships) {
+    choices.push({
+      name: generateRelationshipType(rel._class, rel.from, rel.to),
+      value: rel,
+    });
+  }
+  return choices;
+}
+export { stepsFlow };

package/src/generator/template/.env.example.hbs ADDED Viewed

@@ -0,0 +1,3 @@
+{{#each configFields}}
+{{constantCase field}}=
+{{/each}}

package/src/generator/template/.eslintignore.hbs ADDED Viewed

	@@ -0,0 +1 @@
1	+ dist

package/src/generator/template/.eslintrc.hbs ADDED Viewed

@@ -0,0 +1,6 @@
+{
+  "root": true,
+  "extends": [
+    "./node_modules/@jupiterone/integration-sdk-dev-tools/config/eslint.json"
+  ]
+}

package/src/generator/template/.github/pull_request_template.md.hbs ADDED Viewed

@@ -0,0 +1,17 @@
+# Description
+Thank you for contributing to a JupiterOne integration!
+## Summary
+<!-- Summary here! -->
+## Type of change
+Please leave any irrelevant options unchecked.
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to
+      not work as expected)
+- [ ] This change requires a documentation update

package/src/generator/template/.github/workflows/build.yml.hbs ADDED Viewed

@@ -0,0 +1,53 @@
+name: Build
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code repository source code
+        uses: actions/checkout@v3
+      - id: setup-node
+        name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18.x
+          cache: yarn
+      - name: Install dependencies
+        run: yarn --frozen-lockfile
+      - name: Run tests
+        run: yarn test:ci
+      - name: Run build
+        run: yarn build
+  # Publishing is done in a separate job to allow
+  # for all matrix builds to complete.
+  BuildRelease:
+    needs: test
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
+    name: Checkout Code
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.AUTO_GITHUB_PAT_TOKEN }}
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18.x
+          cache: yarn
+      - name: Build and Release
+        uses: jupiterone/action-npm-build-release@v1
+        with:
+          npm_auth_token: ${{ secrets.NPM_AUTH_TOKEN }}
+          gh_token: ${{ secrets.AUTO_GITHUB_PAT_TOKEN }}

package/src/generator/template/.github/workflows/codeql-analysis.yml.hbs ADDED Viewed

@@ -0,0 +1,69 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: 'CodeQL'
+on:
+  push:
+    branches: ['main']
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: ['main']
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          queries: security-extended,security-and-quality
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+      #   If the Autobuild fails above, remove it and uncomment the following three lines.
+      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+      # - run: |
+      #   echo "Run, Build Application using script"
+      #   ./location_of_script_within_repo/buildscript.sh
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

package/src/generator/template/.github/workflows/integration-deployment.yml.hbs ADDED Viewed

@@ -0,0 +1,36 @@
+name: J1 Integration deployment
+on:
+  release:
+    types:
+      - published
+jobs:
+  j1-integration-deployment:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get integration name
+        id: get-integration-name
+        uses: actions/github-script@0.9.0
+        with:
+          script: |
+            const repositoryName = context.payload.repository.name
+            const integrationName = repositoryName.replace("graph-", "")
+            core.setOutput('integrationName', integrationName)
+      - name: Get version number
+        id: get-version-number
+        uses: actions/github-script@0.9.0
+        with:
+          script: |
+            const tagName = context.payload.release.tag_name
+            const versionNumber = tagName.replace("v", "")
+            core.setOutput('versionNumber', versionNumber)
+      - name: Bump integration deployment version
+        uses: JupiterOne/integration-github-actions/create-integration-deployment@v1
+        with:
+          integrationName:
+            ${{ steps.get-integration-name.outputs.integrationName }}
+          releaseNotes: ${{ github.event.release.body }}
+          version: ${{ steps.get-version-number.outputs.versionNumber }}
+          githubToken: ${{ secrets.AUTO_GITHUB_PAT_TOKEN }}
+          npmAuthToken: ${{ secrets.NPM_AUTH_TOKEN }}

package/src/generator/template/.github/workflows/peril.yml.hbs ADDED Viewed

@@ -0,0 +1,90 @@
+name: 'Peril'
+on:
+  pull_request:
+env:
+  TRANSPONDER_DOCKER_IMAGE: 081157560428.dkr.ecr.us-east-1.amazonaws.com/transponder:1
+  SECURITY_SCAN_IMAGE: ghcr.io/jupiterone/security-scan:latest
+jobs:
+  Peril:
+    name: Peril
+    permissions:
+      id-token: write
+      contents: read
+      packages: read
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Setup Node
+        uses: actions/setup-node@v1
+        with:
+          node-version: 18.x
+      - name: Run build
+        run: yarn install
+      - name: Get Variables
+        id: get-vars
+        run: |
+          if [[ "${GITHUB_REF}" == 'ref/head/main' && "${GITHUB_EVENT_NAME}" == 'push' ]];
+          then
+            echo ::set-output name=aws-oidc-role::arn:aws:iam::081157560428:role/github-main-role
+          else
+            echo ::set-output name=aws-oidc-role::arn:aws:iam::081157560428:role/github-pull-request-role
+          fi
+      - name: Configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          role-to-assume: ${{ steps.get-vars.outputs.aws-oidc-role }}
+          role-session-name: pr-role-session
+          aws-region: us-east-1
+      - name: ECR login
+        uses: aws-actions/amazon-ecr-login@v1
+        id: amazon-ecr-login
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.PACKAGE_TOKEN }}
+      - name: Pull security-scan
+        run: |
+          docker pull $SECURITY_SCAN_IMAGE
+      - name: Run security-scan
+        run: |
+          docker run \
+          --user root \
+          -v /var/run/docker.sock:/var/run/docker.sock \
+          -v `pwd`:`pwd` \
+          -e AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }} \
+          -e AWS_SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }} \
+          -e AWS_SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }} \
+          -e GITHUB_REPOSITORY=$GITHUB_REPOSITORY \
+          -e GITHUB_REF_NAME=$GITHUB_REF_NAME \
+          -e GITHUB_RUN_NUMBER=$GITHUB_RUN_NUMBER \
+          -e GITHUB_SERVER_URL=$GITHUB_SERVER_URL \
+          -e GITHUB_RUN_ID=$GITHUB_RUN_ID \
+          -e MODE=ci \
+          -w `pwd` $SECURITY_SCAN_IMAGE
+      - name: Pull transponder
+        run: |
+          docker pull $TRANSPONDER_DOCKER_IMAGE
+      - name: Run transponder
+        run: |
+          docker run --rm -v `pwd`:`pwd` -w `pwd` \
+          -e J1_API_KEY=${{ secrets.J1_API_KEY_TRANSPONDER }} \
+          -e J1_API_DOMAIN=${{ secrets.J1_API_DOMAIN_TRANSPONDER }} \
+          -e J1_ACCOUNT_ID=${{ secrets.J1_ACCOUNT_ID_TRANSPONDER }} \
+          $TRANSPONDER_DOCKER_IMAGE

package/src/generator/template/.github/workflows/questions.yml.hbs ADDED Viewed

@@ -0,0 +1,40 @@
+name: Questions
+on: [pull_request_target]
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out `main` branch
+        uses: actions/checkout@v3
+        with:
+          path: source
+      - name: Check out target branch questions
+        uses: actions/checkout@v3
+        with:
+          ref: ${{github.event.pull_request.head.ref}}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          path: target
+      - id: setup-node
+        name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18.x
+      - name: Install dependencies for `main` branch
+        run: yarn install --cwd source --frozen-lockfile
+      - name: Validate questions on target branch
+        env:
+          MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID:
+            ${{ secrets.MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID }}
+          MANAGED_QUESTIONS_JUPITERONE_API_KEY:
+            ${{ secrets.MANAGED_QUESTIONS_JUPITERONE_API_KEY }}
+        run:
+          yarn --cwd source j1-integration validate-question-file -a
+          --frozen-lockfile $MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID -k
+          $MANAGED_QUESTIONS_JUPITERONE_API_KEY -p
+          ../target/jupiterone/questions/questions.yaml

package/src/generator/template/.gitignore.hbs ADDED Viewed

@@ -0,0 +1,8 @@
+node_modules/
+dist/
+.j1-integration/
+.j1-integration-cache/
+.env
+.eslintcache
+tsconfig.tsbuildinfo
+.npmrc

package/src/generator/template/.node-version.hbs ADDED Viewed

	@@ -0,0 +1 @@
1	+ 18

package/src/generator/template/.prettierignore.hbs ADDED Viewed

@@ -0,0 +1,5 @@
+dist
+coverage/
+.j1-integration
+.j1-integration-cache
+.gitleaks.yml

package/src/generator/template/CHANGELOG.md.hbs ADDED Viewed

@@ -0,0 +1,9 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to
+[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [Unreleased]

package/src/generator/template/CODEOWNERS.hbs ADDED Viewed

@@ -0,0 +1,3 @@
+* @jupiterone/integrations
+CODEOWNERS @jupiterone/security

package/src/generator/template/Dockerfile.hbs ADDED Viewed

@@ -0,0 +1,25 @@
+FROM node:18-bullseye-slim as builder
+ENV JUPITERONE_INTEGRATION_DIR=/opt/jupiterone/integration
+COPY package.json yarn.lock tsconfig.dist.json tsconfig.json LICENSE ${JUPITERONE_INTEGRATION_DIR}/
+COPY src/ ${JUPITERONE_INTEGRATION_DIR}/src
+WORKDIR  ${JUPITERONE_INTEGRATION_DIR}
+RUN apt-get update && apt-get install -y python3 make g++ && rm -rf /var/lib/api/lists/*
+RUN yarn install
+RUN yarn build:docker
+FROM node:18-bullseye-slim
+ENV JUPITERONE_INTEGRATION_DIR=/opt/jupiterone/integration
+COPY --from=builder --chown=node:node ${JUPITERONE_INTEGRATION_DIR}/dist ${JUPITERONE_INTEGRATION_DIR}
+COPY --from=builder --chown=node:node ${JUPITERONE_INTEGRATION_DIR}/yarn.lock ${JUPITERONE_INTEGRATION_DIR}
+COPY scripts/ ${JUPITERONE_INTEGRATION_DIR}/scripts
+WORKDIR ${JUPITERONE_INTEGRATION_DIR}
+RUN apt-get update && apt-get install -y python3
+RUN yarn install --production --fronzen-lockfile --cache-folder ./ycache && yarn global add --cache-folder ./ycache @jupiterone/integration-sdk-cli && rm -rf ./ycache  && chown -R node:node /opt/jupiterone
+RUN export PATH="$(yarn global bin):$PATH"
+USER node
+CMD ["sh", "scripts/execute.sh"]