-
Notifications
You must be signed in to change notification settings - Fork 64
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #84 from ThreatResponse/dev-test-setup
Update setup and docs
- Loading branch information
Showing
17 changed files
with
294 additions
and
280 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -46,6 +46,7 @@ nosetests.xml | |
coverage.xml | ||
*,cover | ||
.hypothesis/ | ||
.pytest_cache/ | ||
|
||
# Translations | ||
*.mo | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,5 @@ | ||
FROM python:3-onbuild | ||
FROM python:3.4 | ||
|
||
RUN mkdir /aws_ir | ||
|
||
COPY requirements.txt /aws_ir/requirements.txt | ||
|
||
RUN pip install --upgrade pip | ||
|
||
ADD . /aws_ir/ | ||
|
||
WORKDIR /aws_ir |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
__version__ = '0.3.1' | ||
__version__ = '0.3.3' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
#!/usr/bin/env python | ||
#!/usr/bin/env python3 | ||
|
||
import sys | ||
import os | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -300,28 +300,58 @@ Step 1. Fork us on Github. | |
# 1. git clone | ||
[email protected]:<your github here>/aws_ir.git | ||
Step 2. Setup | ||
|
||
# 2. setup a virtualenv (must be python3) | ||
cd aws_ir | ||
virtualenv env -p python3 | ||
python3 -m virtualenv env | ||
|
||
# 3. activate the virtualenv | ||
source env/bin/activate | ||
|
||
# 4. install the requirements | ||
pip3 install -r requirements.txt | ||
|
||
# 5. run the test suite (currently pyTest soon to be pyUnit) | ||
pytest tests/ | ||
# 4a. with setuptools | ||
pip install -e . | ||
python setup.py test | ||
python setup.py pytest --addopts='tests/test_cli.py' | ||
|
||
-- or -- | ||
|
||
# 4b. with local plugins and pytest-watch | ||
point requirements.txt to the local version of aws_ir_plugins `-e ../aws_ir_plugins` | ||
.. code-block:: bash | ||
pip3 install -r requirements.txt | ||
./bin/aws_ir -h | ||
ptw --runner "python setup.py test" | ||
-- or -- | ||
|
||
#4c. Use the docker container | ||
.. code-block:: bash | ||
docker-compose build aws_ir | ||
docker-compose run aws_ir bash | ||
pip install -e . | ||
# 6. If all is well you can start developing code! | ||
Step 3. Develop! | ||
|
||
Step 2. Develop! | ||
|
||
*Note:* aws_ir does not require an install to run out of a virtualenv. There | ||
is a helper script in `bin/aws_ir` that can be called to execute your development | ||
version of aws_ir. | ||
*Note:* There is a helper script in `bin/aws_ir` that can be called to execute aws_ir. | ||
|
||
When your feature is finished simply open a PR back to us. | ||
|
||
Happy developing! If you have any questions please do file a github issue | ||
If you have any questions please do file a github issue | ||
or e-mail [email protected] . | ||
|
||
Using testpypi | ||
******************************************* | ||
|
||
.. code-block:: bash | ||
pip install --extra-index-url https://test.pypi.org/simple/ aws_ir==0.3.2b165 | ||
To use a test build of aws_ir_plugins: | ||
in setup.py: | ||
- point the required version at aws_ir_plugins==0.0.3b123 (substitute the build you want) | ||
- add: dependency_links=['https://test.pypi.org/simple/aws-ir-plugins/'] | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,42 +5,28 @@ Installation | |
System Requirements | ||
******************* | ||
|
||
ThreatResponse now requires python >= 3.4. It may still work(ish) with Python 2.7 but is not recommended due | ||
to security problems with cryptography libraries in Python 2.7. | ||
ThreatResponse requires python >= 3.4. | ||
|
||
While aws_ir is written purely in python, some of the libraries used require additional system packages. | ||
|
||
Fedora / RHEL Distributions | ||
--------------------------- | ||
|
||
* python-devel (Python 3.4+) | ||
* python-pip | ||
* libffi-devel | ||
* libssl-devel | ||
|
||
Debian Distributions | ||
-------------------- | ||
|
||
* python-dev (Python 3.4+) | ||
* python-pip | ||
* libffi-dev | ||
* libssl-dev | ||
|
||
Installing from PyPi | ||
******************** | ||
|
||
.. code-block:: bash | ||
$ python3 -m virtualenv env | ||
$ source/env/bin/activate | ||
$ pip install aws_ir | ||
$ aws_ir -h | ||
Installing From Github | ||
********************** | ||
|
||
.. code-block:: bash | ||
$ python3 -m virtualenv env | ||
$ source/env/bin/activate | ||
$ pip install git+ssh://[email protected]/ThreatResponse/aws_ir.git@master | ||
$ margaritashotgun -h | ||
$ aws_ir -h | ||
Local Build and Install | ||
*********************** | ||
|
@@ -49,9 +35,10 @@ Local Build and Install | |
$ git clone https://github.com/ThreatResponse/aws_ir.git | ||
$ cd aws_ir | ||
$ python setup.py | ||
$ pip install dist/aws_ir-*.tar.gz | ||
$ margaritashotgun -h | ||
$ python3 -m virtualenv env | ||
$ source/env/bin/activate | ||
$ pip install . | ||
$ aws_ir -h | ||
Local Execution | ||
*************** | ||
|
@@ -62,6 +49,62 @@ In the previous two example dependencies are automatically resolved, if you simp | |
$ git clone https://github.com/ThreatResponse/aws_ir.git | ||
$ cd aws_ir | ||
$ python3 -m virtualenv env | ||
$ source/env/bin/activate | ||
$ pip install -r requirements.txt | ||
$ ./bin/aws_ir -h | ||
Using Docker | ||
************ | ||
|
||
.. code-block:: bash | ||
$ git clone https://github.com/ThreatResponse/aws_ir.git | ||
$ cd aws_ir | ||
$ docker-compose build aws_ir | ||
$ docker-compose run aws_ir bash | ||
$ pip install . | ||
AWS Credentials Using MFA and AssumeRole | ||
***************************************** | ||
|
||
Many users of aws_ir have requested the ability to use the tooling with mfa and | ||
assumeRole functionality. While we don't natively support this yet v0.3.0 sets | ||
the stage to do this natively by switching to boto-session instead of thick clients. | ||
|
||
For now if you need to use the tool with MFA we recommend: | ||
|
||
`https://pypi.python.org/pypi/awsmfa/0.2.4 <https://pypi.python.org/pypi/awsmfa/0.2.4>`_. | ||
|
||
.. code-block:: bash | ||
aws-mfa \ | ||
--device arn:aws:iam::12345678:mfa/bobert \ | ||
-assume-role arn:aws:iam::12345678:role/ResponderRole \ | ||
--role-session-name \"bobert-ir-session\" | ||
awsmfa takes a set of long lived access keys from a boto profile called [default-long-lived] | ||
and uses those to generate temporary session tokens that are automatically put into | ||
the default boto profile. This ensures that any native tooling that doesn't support | ||
MFA + AssumeRole can still leverage MFA and short lived credentials for access. | ||
|
||
|
||
Some Linux distributions require additional system packages | ||
*********************************************************** | ||
|
||
Fedora / RHEL Distributions | ||
--------------------------- | ||
|
||
* python-devel (Python 3.4+) | ||
* python-pip | ||
* libffi-devel | ||
* libssl-devel | ||
|
||
Debian Distributions | ||
-------------------- | ||
|
||
* python-dev (Python 3.4+) | ||
* python-pip | ||
* libffi-dev | ||
* libssl-dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,28 @@ | ||
jinja2 | ||
pytest | ||
pytest-cov | ||
boto3>=1.3.0 | ||
progressbar-latest | ||
gnupg | ||
requests | ||
structlog | ||
pytz | ||
logutils==0.3.3 | ||
margaritashotgun>=0.4.1 | ||
pluginbase | ||
|
||
mock | ||
moto | ||
pytest | ||
pytest-cov | ||
pytest-moto | ||
mock | ||
margaritashotgun | ||
pluginbase | ||
aws-ir-plugins | ||
pytest-watch | ||
|
||
### Latest Stable | ||
aws_ir_plugins==0.0.3 | ||
|
||
### Test build | ||
# --extra-index-url https://test.pypi.org/simple | ||
# aws-ir-plugins==0.0.3b52 | ||
|
||
### Local | ||
# -e ../aws_ir_plugins | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,12 @@ | ||
[aliases] | ||
test=pytest | ||
|
||
[metadata] | ||
description-file = README.rst | ||
|
||
[flake8] | ||
ignore=E402,H238 | ||
max-line-length=99 | ||
|
||
[tool:pytest] | ||
[pytest-watch] |
Oops, something went wrong.