Skip to content

Commit

Permalink
Git lab add trigger pipeline command (demisto#27544)
Browse files Browse the repository at this point in the history
* add command

* fixes

* change client function name

* RN

* Cloud Incident Response pack and Cloud Token Theft playbook (#27331)

* new pack for Cloud Incident Response playbooks

* new pack for Cloud Incident Response playbooks

* updates common playbooks RN

* updates common playbooks RN

* Added scripts

* Added trigger

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/Playbooks/playbook-Cloud_Enrichment_-_Generic_README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/Playbooks/playbook-Cloud_Enrichment_-_Generic_README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/ReleaseNotes/2_3_74.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/ReleaseNotes/2_3_74.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence_README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* fixes the Hunting Results section in the layout

* Added the pack and scripts readme

* updates pack meta-data

* Review fixes

* PBs screenshot

* removes quiet mode

* removes quiet mode

* fixes shared sub-playbooks.

* inputs validation

* fixes tasks description

* Added playbook outputs

* update RN and PBs description

* changes to MP2 only

* new script

* review fixes

* update RN

* fix typo

* updates the readme png links

* unit test and fixes

* fix layout

* added pack ignore for the dynamic sections unit tests

* secrets

* fixes

* fixes

* pack ignore

* fixes

* docker image version

* fix flake errors

* remove trigger due to sdk bug

* added unit test

* fix unit test coverage

* fix unit test coverage

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* [ASM] - Expander - Update Service Ownership (#27140) (#27522)

* Update Cortex ASM - Service Ownership

- Updated Cortex ASM - GCP Enrichment playbook to retrieve the service account on the instance and writes it to incident field **asmserviceownerunrankedraw** for use by the **Cortex ASM - Service Ownership** playbook.
- Updated the Service Ownership playbook to run for all cloud service providers and added support for retrieving GCP project owners from user-managed, cross-project service accounts.
- Add script GetProjectOwners which prses a GCP service account email for the project ID, then looks up the project owners and adds them to a list of potential service owners for ranking.
- Updated script RankServiceOwners to no longer limit to the top-5 service owners

Test plan: pytest + tested in callu tenant on AWS and GCP alerts, verified the expected owners were written to `asmserviceowner`

* Mark GetProjectOwners task as skip unavailable since it depends on GCP-IAM integration

* Revert change to fromversion in RankServiceOwners

* Bump pack version

* Use regex to validate user-managed service account

* Raise/catch exceptions rather than using nested if statements

* Update docker image.

* exclude GCP-IAM core-pack dependency

* Update GCP Enrichment playbook with service account

* Update pack README with new script

* Update release notes

* Add unit tests for error handling in GetProjectOwners

- Validate error message on existing tests
- Add unit test for get_iam_policy

* Add tests to verify exception handling in main

* Revert to ' | ' delimiter for Source field

* Move up check for Cortex ASM integration

* Update docker images

* Update release notes

* Update Packs/CortexAttackSurfaceManagement/README.md



* Update docker image and release notes

---------

Co-authored-by: kball-pa <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>
Co-authored-by: John <[email protected]>

* [VMRay] fix encoding of file names (#27429) (#27527)

* fix encoding of file names

* update docker image

* add given, when, then to test

* updated docker image

---------

Co-authored-by: Jens Thom <[email protected]>
Co-authored-by: RotemAmit <[email protected]>

* Xsoar file management (#26455)

* commonserver.js

* working

* ok

* fileDeleteAttachmentCommand

* read me

* removing examples file

* removing changes

* rl update

* small fixes

* removing extra space

* RL

* remove RL

* adding version

* RL base

* commit

* temp

* coreApiFileCheckCommand fix

* fixing fileDeleteCommand

* fileUploadCommand fix

* rl

* Bump pack from version Base to 1.32.5.

* after conflicts

* Rl

* xsoar concate bug fix

* docstring

* undo changes in unrelevant files

* removing _mm

* Bump pack from version Base to 1.32.6.

* Bump pack from version Base to 1.32.7.

* val changes

* removing notes

* small fixes

* cr fixes

* fileUploadCommand fix

* small update

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* specifying what the FileResult function does

* RL

* known word

* ignore word

* adding to read me

* Update Packs/Base/ReleaseNotes/1_32_7.md

Co-authored-by: Shelly Tzohar <[email protected]>

* removed from read me old demisto command

* adding to ignore

* ignore

* Bump pack from version Base to 1.32.8.

* m

* Bump pack from version Base to 1.32.9.

* Bump pack from version Base to 1.32.10.

* Bump pack from version Base to 1.32.11.

* Bump pack from version Base to 1.32.12.

* demo fixes

* Bump pack from version Base to 1.32.15.

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Shelly Tzohar <[email protected]>

* [VirusTotal] Fix only_stats default value (#27454)

* [VirusTotal] Fix only_stats default value (#27428)

* Fix only_stats default value

* Made the change in the code instead yaml

* fix

* restore yaml defailtValue

* fixed rn

* updated docker

---------

Co-authored-by: Daniel Pascual <[email protected]>
Co-authored-by: michal-dagan <[email protected]>
Co-authored-by: michal-dagan <[email protected]>

* [Marketplace Contribution] Community Common Scripts - Content Pack Update (#27457) (#27532)

* "contribution update to pack "Community Common Scripts""

* Add README

* Move to version upgrade to revision.
Concise RN.
Move desc to README

* Bump docker version.

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* [Jira v2] Added 3 new commands (#27523)

* [Jira v2] Added 3 new commands (#27431)

* master

* jira command

* reverting headers

* reverting union option

* reverted the latest message

* reverting debug message

* get_organization_name

* reverting update_issue_assignee_command

* moving up the update_issue_assignee_command

* git user

* issue assign

* command

* customfields removed

* jirav2copy

* rmed jirav2copy

* jira

* format

* jirav2

* reverted defaultmapperin

* reverted hidden marketplace

* jira

* moved down edit-issue

* wrong command

* jira

* replaced a line

* Readme

* watchers

* added release notes

* revert CrowdStrike

* typo

* test get_organizations

* added a unit test

* mocker error

* fixing unit test

* rmed 1_*

* unit testing for organizations

* removed .gitignore

* taking care of comments

* rmed 1_* files

* new commands into README

* Update Packs/Jira/Integrations/JiraV2/JiraV2.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Jira/Integrations/JiraV2/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Jira/ReleaseNotes/3_0_3.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Jira/ReleaseNotes/3_0_3.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Jira/ReleaseNotes/3_0_3.md

Co-authored-by: ShirleyDenkberg <[email protected]>

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update docker image.

---------

Co-authored-by: Enes Özdemir <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* Updated description (#27524)

* Updated description (#27440)

* Updated description

* Updated docker image version

* Updated docker image version - update

* updated docker image

---------

Co-authored-by: grzegorzpapkala <[email protected]>
Co-authored-by: RotemAmit <[email protected]>

* Added new fields to context output and UI (#27069)

* added new fields

* separated context and UI

* updated human readable

* fixed "cannot concatenate dict" bug

* fixed the mess in profiles

* updated tests

* location now appears in UI

* removed field restrictions for panorama

* Updated yml

* updated readme

* updated release notes

* added docs to xml_get

* fixed test errors

* Apply suggestions from code review

Co-authored-by: Guy Afik <[email protected]>

* post CR commit

* Update 1_17_4.md

* Update Packs/PAN-OS/ReleaseNotes/1_17_4.md

Co-authored-by: Guy Afik <[email protected]>

* CR changes

* merged context/pretty rules to single dict

* added test jsons

* cleaned tests; added dict_test (dummy)

* added unsafe_dict_get

* added docs to unsafe_dict_get

* unsafe_dict_get is now dict_recursive_get with changes

* updated yml

* fixed UI not showing all bug

* updated readme

* solved release notes conflict

* CR changes

* update release notes

* Update 1_17_7.md

* removed dict_recursive_get

* updated release notes

* Apply suggestions from code review

Co-authored-by: Guy Afik <[email protected]>

* removed pylint ignore

* added known words

* removed unrelated release notes

* added pylint ignore

* return string by default

* ignore pylint false positives

* added defaults for profiles

* added defaults for profiles 2

* ignore pylint

* updated docker

* resolve conflicts

---------

Co-authored-by: Guy Afik <[email protected]>
Co-authored-by: Adi Daud <[email protected]>

* Fix small grammar typos in documentation (#27489) (#27533)

* Fix small grammar typos in documentation

* Update docker image.
Update RN and versions.

* Update Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.py



---------

Co-authored-by: Peter Elmers <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>

* Support level tags for external contributions bug fix (#27167)

* fix bug on new files

* add existing file path change

* add new partner pack for testing

* update test

* update

* add python to pipenv

* test change cwd works

* remove panorama

* check if works without change-cwd

* add the option to checkout branch

* try to see behaivor with checkout

* comment out

* fix import issue

* search in paranets path

* fixes

* align the print

* update

* remove test files

* remove pipfile

* handle bug

* add support to checkout forked branches

* test

* add support for checking out forked branches

* add print

* pragma no cover

* small fix

* enhancments

* bug fix

* remove unused imports

* add forked repo even if not content

* uncomment main code

* always checkout to the branch

* remove  copy

* cr fixes

* cr fixes

* empty packs support level in case of exception

* Ivanti Pulse Secure Mapping (#27407)

* Created IvantiPulseSecureVTM pack

* Updated README

* Updated README

* Updated README

* Updated README

* Updated README

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/IvantiPulseSecureVTM/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Updated ModelingRules

* Updated ModelingRules

* Updated ModelingRules

* Updated ModelingRules

* Update README.md

* Update README.md

* Updated ModelingRules

* Updated ModelingRules

* Updated ModelingRules

* Updated ModelingRules

* Updated ModelingRules

* Updated the pack name in pack_metadata

* Updated ParsingRules

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Aws iam enhancement (#27271)

* in progress

* added rn

* added put role policy command

* added put_user_policy_command

* added put_user_policy_command

* done

* readme update

* pre-commit fixes

* rn fix

* improvments

* update tpb

* update rn

* readme fix

* cr fix

* pre-commit fixes

* cr fix

* fixes

* docs addition

* docs addition

* docs addition

* docker update

* Align credentials stores part 18 (#27441)

* Align credentials part 18

* MxToolBox

* RM110

* fix

* Cs falcon enhancement (#26136)

* initial branch commit; first command ready

* 'build_cs_falcon_filter' gets kwargs instead of dict

* added stubs for all seven commands, not tested

* finished up to pending design functions

* updated user response when no IDs match the filter

* fixed scheduled scan validation bug

* fixed scheduled scan validation bug

* added commands to README; fixed create scans bug

* ready for CR

* added ODS to description

* added cancel scan to readme; improved UI

* beautified create scan output

* beautified create scan output

* beautified create scan output

* updated release notes

* updated release notes

* fixed tests

* fixed tests (v2)

* shortened readme

* test commit

* removed cancel-scan command

* removed unified yml

* updated release notes

* reset yml

* possible solution for test fails

* real solution to test fail

* removed irrelevant files

* update ReadNetstatFile

* fixed error fails

* formatted pack

* updated docker image

* fixed ruff errors

* updated release notes

* fixed pylint errors

* added tests

* fixed flake8 errors

* fixed ruff errors

* updated descriptions; changed start_timestamp

* added create scheduled scan command

* added polling to create/query scan

* added polling to arg to yml

* removed demo function

* fixed 404 bug

* func is now defined

* fixed bug

* corrected scan_in_progress

* changed default cpu_priority

* fixed bugs, now works

* added new args

* updated yml with new args

* fixed dict_safe_get bug

* fixed tests; added outputs to yml

* human readable for scheduled scan only

* updated readme

* updated release notes

* fixed backwards compatibility

* fixed backwards compatibility 2

* Update examples.txt

* capitalized descriptions

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* CR changes

* update examples.txt

* regenerated readme

* updated tests

* removed blank lines

* added tests; duration is now in hours

* atempt at no return polling (NOT TESTED)

* atempt at no return polling

* hide polling results

* added tests

* added tests for polling

* removed temporary comments

* updated examples

* added test playbook

* resolve conflicts

* added fromversion field

* improved playbook

* update docker; improve UI

* fixed unit tests

* fixed unit tests

* update docker in RN

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* pan-os-edit-rule command: Added support for removing and adding group profile settings (#27449)

* add support for remove profile setting group

* commit

* add and replace same behavior

* RN

* Resolve conflict

* add comment

* add UT

* fix a comment CR

* fix the UT

* mypy error

* RN resolve conflict

* [Marketplace Contribution] Generic Export Indicators Service - Content Pack Update (#27540)

* [Marketplace Contribution] Generic Export Indicators Service - Content Pack Update (#27338)

* "contribution update to pack "Generic Export Indicators Service""

* Revert changes to yml and description.
Add RN
Add known words.

* Revert unnecessary changes.

* Long line.

---------

Co-authored-by: Danny_Fried <[email protected]>

* Bump docker verion.

* Remove comment.

* fix known_words section

---------

Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* Update Docker Image To demisto/python3  (#27554)

* Updated Metadata Of Pack URLHaus

* Added release notes to pack URLHaus

* Packs/URLHaus/Integrations/URLHaus/URLHaus.yml Docker image update

* Updated Metadata Of Pack CrowdStrikeIntel

* Added release notes to pack CrowdStrikeIntel

* Packs/CrowdStrikeIntel/Integrations/CrowdStrikeFalconIntel_v2/CrowdStrikeFalconIntel_v2.yml Docker image update

* Updated Metadata Of Pack Shodan

* Added release notes to pack Shodan

* Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update

* Updated Metadata Of Pack FeedOffice365

* Added release notes to pack FeedOffice365

* Packs/FeedOffice365/Integrations/FeedOffice365/FeedOffice365.yml Docker image update

* Updated Metadata Of Pack PrismaCloud

* Added release notes to pack PrismaCloud

* Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml Docker image update

* Update Docker Image To demisto/py3-tools  (#27553)

* Updated Metadata Of Pack Active_Directory_Query

* Added release notes to pack Active_Directory_Query

* Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml Docker image update

* Wildfire v2 - fix an issue in the wildfire-report command (#27547)

* fixes

* bump rn

* revert irrelevent changes

* update rn

* update test-playbook

* update docker image

* Azure Active Directory Identity: added test-module handling for client_credentials mode (#27462)

* added test-module handling in client_credentials mode

* fixed cr comments and added rn

* fixed rn

* update version

* revert

* Incident context core pb fix (#27546)

* change setparentincident tasks to skipunavailable:true

* RN after changed setparentincident tasks to skipunavailable:true

* fix for validation errors

* RN after fix for validation errors

* fix for validation error

* Fixed empty installation  (#27541)

* fix empty installation

* Update Tests/Marketplace/search_and_install_packs.py

Co-authored-by: Yaakov Praisler <[email protected]>

---------

Co-authored-by: Yaakov Praisler <[email protected]>

* Fixes for 'CrowdStrike Falcon - False Positive Incident Handling' pla… (#27453)

* Fixes for 'CrowdStrike Falcon - False Positive Incident Handling' playbbok

* Updated README file and generated RN

* Bump pack from version CrowdStrikeFalcon to 1.10.22.

* Added playbook PNG file

* Removed the 'Test - CrowdStrike Falcon' and changed the 'completeafterv2' conf of task number 2 to 'false'.

* Bump pack from version CrowdStrikeFalcon to 1.10.23.

---------

Co-authored-by: Content Bot <[email protected]>

* Add retries to Trigger Test Upload Flow (#27537)

* add retries to Trigger Test Upload Flow

* add comment

* revert lock_cloud_machines.py

* Tenable sc enhancment (#26319)

* code improvments

* in progress

* in progress

* in progress

* in progress

* in progress

* in progress

* in progress

* in progress

* fix

* fixes

* fixes

* fixes

* fixes

* deprecate playbook

* update list-zones

* added tenable-sc-list-groups command

* adding tenable-sc-create-user command

* in progress

* finish create-user command

* finish update-user command

* in progress

* added command results

* add dock strings

* added rn

* all commands developed

* validate fixes and added RN

* generated readme

* pre-commit fixes

* adding unit tests

* fixes

* tests

* pre-commit fixes

* tests

* more test cases

* tests

* add more tests

* docker update

* docker update

* added tests

* changes

* updated readme

* cr and validation fixes

* validation fixes

* added tpb

* added tpb

* fixes

* fixes

* fixes

* fixes

* fix tpb issues

* revers

* fixes

* fixes

* fixes

* fixes

* fixes

* update

* pre-commit fixes

* pre-commit fixes

* fix tpb

* docs fix

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* cr fix

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* dor review

* doc review

* fixes

* fixes

* in progress

* demo fixes

* demo fixes

* readme update

* update tpb

* revert

* fixes

* fixes

* transfer password to secret

* revert tpb

* fixes

* fixes

* update docker

* Test fix

* Test fix

* add more tests

* add more tests

* docker update

* add more tests

* add more tests

* add more tests

* add more tests

* add more tests

* fixes

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Align Credentials Part 2 (#27350)

* Attlasian_IAM complete

* C2sec complete

* Tidy complete

* CircleCI complete

* update release notes

* Update .pack-ignore

* update docker

* updated know words

* updated release notes

* removed CJ105 from .pack-ignore

* FreeEnrichers Pack - small fix to pack names that were wrong (#27445)

* small fix to related packs

* Update Packs/FreeEnrichers/pack_metadata.json

Co-authored-by: Sasha Sokolovich <[email protected]>

---------

Co-authored-by: Sasha Sokolovich <[email protected]>

* add readme to Zscaler  (#27465)

* update modeling rules

* add readme to the pack

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/Zscaler/README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* add readme to the pack

* add readme to the pack

* add readme to the pack

---------

Co-authored-by: ShirleyDenkberg <[email protected]>

* Skyhigh SWG init (#27526)

* Skyhigh SWG init (#27060)

* Skyhigh SWG init

* fix validation errors

* fix mypy typing issues with ET

* changes following the review

* get method args and default empty string for mypy

* changed doc review suggestions

* Context rework

* doc review

* changed integration directory

* rn

* deprecation info and docker

* rn

* rn

---------

Co-authored-by: ckaadic <[email protected]>
Co-authored-by: epintzov <[email protected]>

* [DBotPredictURLPhishing] - fix bug with None entires (#27563)

* [DBotPredictURLPhishing] - fix issue bug with None entires

* add retry mechanisem to tpb in case of failure

* bump rn

* pre-commit fixes

* Align Credentials for GoogleCloudTranslate, Google Vision API, Google Resource Manager (#27560)

* GoogleCloudTranslate complete

* GoogleVisionAPI complete

* GoogleResourceManager complete

* GoogleResourceManager complete

* Fixed GoogleVisionAPI.py

* Versioned core packs (#25989)

* Versioned Corepacks files

* Changed content pack to triger an upload

* flake8

* test upload to target bucket from prepare_content_packs_for_testing.sh

* added versions-metadata.json file

* cleaned code

* uploading versions-metadata.json to bucket

* copy versions-metadata to bucket

* upload versions-metadata to artifacts

* upload versions-metadata to production bucket

* fix validations

* copy with blob

* corepacks upload and versions-metadata logic working, before relative paths

* changed corepack file contents to relative paths

* fixed validations

* Cleand code

* Test adding another version to the versions-metadata

* changed corepacks.json file back to full paths

* test multiple unlocked files

* cleaned code

* Fixed parameter name

* fixed corepacks if

* added UT for versions-metadata file format

* pre-commit hooks

* UT for upload_packs.py

* CR updates

* First commit for corepacks hotfix

* pre-commit

* pre-commit

* test - should not override 8.2.0

* removed UT

* CR updates

* Added UTs for the hotfix part

* Added UTs for copy_and_upload_packs

* Updates

* Added MP to versions-metadata. should upload 6.11.0 and 8.3.0

* Added MP to override. should upload 6.11.0 to xpanse only and override 8.2.0 in marketplacev2 only

* flake8

* cleaned code and fixed UT

* Cleaned versions-metadata.json file

* CR updates

* fixed UTs

* fixed lint

* CR updates

* Ivanti Update (#27564)

* Updated Ivanti

* Updated ReleaseNotes

* Updated ReleaseNotes

* RTIR: fix add-comment (#27549)

* remove more `encode`s

* update image

* Update Packs/RTIR/ReleaseNotes/1_0_16.md

Co-authored-by: yuvalbenshalom <[email protected]>

---------

Co-authored-by: yuvalbenshalom <[email protected]>

* move pre-commit template to content (#27535)

* Fix packs with demisto-sdk lint issues (#27392)

* Added the missing defaultValue arg in the yml files (#27443)

* added the missing default value

* Bump pack from version CrowdStrikeFalcon to 1.10.22.

* update docker

* update release notes with docker update

* fix docker image issue

* fix validation

* update docker

* update RN after merge master

* fix duplicate field

* fix rn

---------

Co-authored-by: Content Bot <[email protected]>

* Fix For ADFS ModelingRules (#27568)

* Update Docker Image To demisto/python3  (#27577)

* Updated Metadata Of Pack PrismaCloudCompute

* Added release notes to pack PrismaCloudCompute

* Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml Docker image update

* Packs/PrismaCloudCompute/Scripts/PrismaCloudComputeParseVulnerabilityAlert/PrismaCloudComputeParseVulnerabilityAlert.yml Docker image update

* Updated Metadata Of Pack PrismaSaasSecurity

* Added release notes to pack PrismaSaasSecurity

* Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml Docker image update

* Updated Metadata Of Pack AbuseDB

* Added release notes to pack AbuseDB

* Packs/AbuseDB/Scripts/AbuseIPDBPopulateIndicators/AbuseIPDBPopulateIndicators.yml Docker image update

* Updated Metadata Of Pack PANWComprehensiveInvestigation

* Added release notes to pack PANWComprehensiveInvestigation

* Packs/PANWComprehensiveInvestigation/Scripts/PanwIndicatorCreateQueries/PanwIndicatorCreateQueries.yml Docker image update

* GsuiteAdmin empty page token error (#27481)

* Fixed an issue where an empty page_token would sometimes be sent

* Updated RNs

* Updated docker image

* Added ruff suggestions

---------

Co-authored-by: Content Bot <[email protected]>

* import-indicator-commands (#27558)

* import-indicator-commands

* fix doc review CR

* Update carbon black deprecated content (#27100)

* update content on playbook-Block_Endpoint_-_Carbon_Black_Response.yml

* updated sub-playbook playbook-Block_Endpoint_-_Carbon_Black_Response_2_1 instead playbook-Block_Endpoint_-_Carbon_Black_Response

* RN after create new playbook for block endpoint carbon black v2.1

* RN after replaced sub-playbook `Block Endpoint - Carbon Black Response V2` with sub-playbook `Block Endpoint - Carbon Black Response V2.1` on isolated endpoint - generic v2

* replace extrha hop deprecated command and update carbon black command on Endpoint Enrichment v2.1

* RN after replace extrha hop deprecated command and update carbon black command on Endpoint Enrichment v2.1

* Bump pack from version CommonPlaybooks to 2.3.73.

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* the playbook Block IP Generic v2 was deprecated

* the playbook Block IP Generic v2 was deprecated

* RN after playbook Block IP Generic v2 was deprecated

* fix validation errors and change skipunavailable to true on isolated endpoint  - generic v2

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/Playbooks/playbook-Endpoint_Enrichment_-_Generic_v2.1_6_8.yml

Co-authored-by: ShirleyDenkberg <[email protected]>

* fix validation errors add missing png and edit RN for pack EOL date

* Update Packs/Carbon_Black_Enterprise_Response/Playbooks/playbook-Block_Endpoint_-_Carbon_Black_Response_README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* Update Packs/CommonPlaybooks/Playbooks/playbook-Isolate_Endpoint_-_Generic_V2_6_8_README.md

Co-authored-by: ShirleyDenkberg <[email protected]>

* fix Conflicting files

* Bump pack from version Carbon_Black_Enterprise_Response to 2.1.35.

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <[email protected]>

* fix for conflict

---------

Co-authored-by: Content Bot <[email protected]>
Co-authored-by: altmannyarden <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Adi Daud <[email protected]>

* Remove unnecessary  troubleshooting from README.md (#27531)

* remove troubleshooting from README.md

* generated README

---------

Co-authored-by: xsoar-bot <[email protected]>

* Fix python 3 incompatibility for McAfee MAR (#27576)

* CVE command (#27580)

* CVE command (#27241)

* Add ctix-get-vulnerability-data and cve commands

* Add extra_data parameter for new cve-command

* Update documentation for fields that are required in commands that
already exist

* Minor improvements/simplifications from code review

* Remove required attribute that makes the changes backwards incompatible

Replace with defaultValue

* Update docker to latest version

* Updating README to reflect default value added for optional arguments

* Update docker image.

---------

Co-authored-by: Corey Bodendein <[email protected]>
Co-authored-by: Danny_Fried <[email protected]>

* Remove redundant assignment of var (#27571)

* Remove redundant amount_of_events assignments.

* Update RN.
Update docker.
Update version.

* Fix unit tests

* Feature/threatgrid add commands arguments (#27468) (#27590)

* Update Docker Image To demisto/py3-tools  (#25523)

* Updated Metadata Of Pack FeedAWS

* Added release notes to pack FeedAWS

* Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update

* Update the sample-upload command with arguments: vm and playbook

* Add missing arguments

* update docker image

* update docker image in release note

Co-authored-by: TalGumi <[email protected]>

* Partner otrs ag adoption start (#27256) (#27592)

* OTRS AG Pack Adoption

* Update pack_metadata.json

* update release notes

Co-authored-by: jensoliver <[email protected]>

* Snow Transformer Error (#27479)

* Fixed transformer in incoming mapper

* Added RNs

---------

Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* Domain extracted from a file with an extension as part of a URL (#27569)

* Fix for domain regex and formatter to avoid catching files as domains

* RN

* docker bump

* RN

* Test playbook for 'CrowdStrike Falcon - Get Detections by Incident' (#27186)

* Test playbook for 'CrowdStrike Falcon - Get Detections by Incident'

* RN

* Bump pack from version CrowdStrikeFalcon to 1.10.21.

* Deleted duplicated tasks and added validation for CrowdStrike Falcon live incidents

* Bump pack from version CrowdStrikeFalcon to 1.10.22.

* added validations for the existence of CrowdStrike Falcon incidents and detections

* Removed unnecessary 'print error' messages

* Bump pack from version CrowdStrikeFalcon to 1.10.23.

* Bump pack from version CrowdStrikeFalcon to 1.10.24.

* Replaced the 'is not empty' condition with the 'Is defined' condition for tasks 324 and 318

* changed the 'fromversion' to 6.5.0

* RN

---------

Co-authored-by: Content Bot <[email protected]>

* [TestIsMaliciousIndicatorFound] - add sleep for indexing indicators (#27584)

* Microsoft usgov support (#27025)

https://jira-hq.paloaltonetworks.local/browse/CIAC-818

Adding support for All Azure clouds in Azure Key Vault, Azure Sentinel, Azure Kubernetes Service
Adding support for all endpoints in Microsoft Defender for Endpoints

* Generic Webhook enhancements (#27478) (#27596)

* Added request header information to the rawJSON output.
Restructures the rawJSON output to include header and body details.

* Updated Release notes and pack_metadata.json

* Updated Release notes.

* Updated Release notes.

* Updated Release notes. Updated docker version.

* Adjusted raw_json output.
Aligned README.md and release note.

* Updated Docker Image

* Update Packs/GenericWebhook/ReleaseNotes/1_0_25.md



* Remove Authorization header details.

* Updated Known_Words in .pack-ignore

* Fixed header_name

* fixed secret_header

---------

Co-authored-by: Martin Ohl <[email protected]>
Co-authored-by: michal-dagan <[email protected]>

* Update Docker Image To demisto/pymisp2  (#27607)

* Updated Metadata Of Pack MISP

* Added release notes to pack MISP

* Packs/MISP/Integrations/MISPV3/MISPV3.yml Docker image update

* Ciac 3134 workday logs (#27055)

* new pack

* unit tests

* added logic, readme and unit tests. also modeling rules.

* removed test data

* format and pre-commit fixes

* validations and pre commit fixes

* rn

* test

* test

* schema and from version

* docker

* modeling rules and demo rejects

* display name of params

* CR fixes

* build fix

* build fix

* test

* test

* readme fix

* docker

* bug fix

* rn

* rn

* Apply suggestions from code review

Co-authored-by: Dan Tavori <[email protected]>

* Update Packs/Workday/ReleaseNotes/1_3_1.md

Co-authored-by: Dan Tavori <[email protected]>

* Bump pack from version Workday to 1.3.2.

* add logs and fixed a bug with duplications

* added max fetch

* added support for duplications and fix bugs

* rn

* rn and changed last run to contain all log

* rn and docker

* unit test fix

* CR fixes

* pre commit changes

---------

Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: Content Bot <[email protected]>

* CrowdStrike Falcon - Search endpoints by hash enchantment  (#27594)

* Added a condition -> "IsIntegrationEnabled"

* Updated RN

* Removed un-required tests

* Bump pack from version CrowdStrikeFalcon to 1.10.26.

* Update 1_10_26.md

Updated RN

* Update 1_10_26.md

---------

Co-authored-by: Content Bot <[email protected]>

* MacOS Update (#27608)

* Updated MacOS vendor product

* Updated RN

* Updated ReleaseNotes

* fix workday parsing rule id (#27615)

* fix workday parsing rule id

* rn

* move a line in the yml to the correct position (#27610)

* move the line

* RN

* remove the Dev

* docker image

* remove the Dev

* Barracuda Update (#27545)

* Updated the ParsingRules logic

* Updated ReleaseNotes

* Updated ReleaseNotes

* Updated .yml configs for IvantiPulseSecureVTM

* Reverted Ivanti VTM changes

* IvantiPulseSecureVTM .yml update

* Delete IvantiPulseSecureVTM_ParsingRules.yml

* Delete IvantiPulseSecureVTM_ModelingRules.yml

* Updated ReleaseNotes

* Updated ReleaseNotes

* Reverted changed to Ivanti

* Reverted IvantiPulseSecureVTM RN

* Align credentials stores integrations- part 20 (#27534)

* lign credentials stores integrations- part 20

* Carbon Black Live Response Cloud

* added '.'

* fix rl

* fix unit tests

* raise exception

* SMB - fix path concatenation (#27604)

* SMB - fix wrong path concatenation

* added RNs

* fixed RNs

* updated docker image

* Moved path creation to function

* Updated func

* updated RN

* removed yml rename

* 1.17.0 sdk release (#27618)

* Update ewsv2 exc2019 (#26670)

* update

* test

* changes

* changes

* final commands changes

* clean code

* update TPBs

* rvert name change

* revert name change

* cr changes

* fix name

* fix TPBs

* remove skip of perm_set field

* fix tpb and validations

* revert arg removal

* remove added tpb

* update memory threshold

* fix ut

* fix ut

* Fix urllib.parse import in CommonServerPython (#27252)

* Allow applying a new profile over an existing one in ***pan-os-apply-security-profile*** command (#27237)

* Add XSOAR support for updating existing profile types

* RN

* fix UT

* Update Packs/PAN-OS/ReleaseNotes/1_17_5.md

Co-authored-by: Guy Afik <[email protected]>

* fix CR

* RN

* UT was added

* Update Packs/PAN-OS/Integrations/Panorama/Panorama.py

Co-authored-by: Guy Afik <[email protected]>

* Update Packs/PAN-OS/Integrations/Panorama/Panorama.py

Co-authored-by: Guy Afik <[email protected]>

* Update Packs/PAN-OS/Integrations/Panorama/Panorama.py

Co-authored-by: Guy Afik <[email protected]>

* Update Packs/PAN-OS/Integrations/Panorama/Panorama.py

Co-authored-by: Guy Afik <[email protected]>

* Update Packs/PAN-OS/Integrations/Panorama/Panorama.py

Co-authored-by: Guy Afik <[email protected]>

* fix

* flake8

* UT stability

---------

Co-authored-by: Guy Afik <[email protected]>

* Update Docker Image To demisto/splunksdk-py3  (#27263)

* Updated Metadata Of Pack SplunkPy

* Added release notes to pack SplunkPy

* Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml Docker image update

* Updated domain extraction playbook - changing .zip to a valid TLD (#27264)

* Updated domain extraction playbook

* some formatting.

* Update playbook-Domain_extraction_test.yml

* Update playbook-Domain_extraction_test.yml

* Update Docker Image To demisto/duoadmin3  (#27268)

* Updated Metadata Of Pack DuoAdminApi

* Added release notes to pack DuoAdminApi

* Packs/DuoAdminApi/Integrations/DuoEventCollector/DuoEventCollector.yml Docker image update

* Packs/DuoAdminApi/Integrations/DuoAdminApi/DuoAdminApi.yml Docker image update

* Update Docker Image To demisto/googleapi-python3  (#27267)

* Updated Metadata Of Pack GoogleDrive

* Added release notes to pack GoogleDrive

* Packs/GoogleDrive/Integrations/GoogleDrive/GoogleDrive.yml Docker image update

* Update Docker Image To demisto/python3  (#27266)

* Updated Metadata Of Pack Darktrace

* Added release notes to pack Darktrace

* Packs/Darktrace/Integrations/DarktraceMBs/DarktraceMBs.yml Docker image update

* Packs/Darktrace/Integrations/DarktraceAIA/DarktraceAIA.yml Docker image update

* Updated Metadata Of Pack CybleEvents

* Added release notes to pack CybleEvents

* Packs/CybleEvents/Integrations/CybleEvents/CybleEvents.yml Docker image update

* Updated Metadata Of Pack Censys

* Added release notes to pack Censys

* Packs/Censys/Integrations/CensysV2/CensysV2.yml Docker image update

* Updated Metadata Of Pack VirusTotal

* Added release notes to pack VirusTotal

* Packs/VirusTotal/Integrations/FeedLivehunt/FeedLivehunt.yml Docker image update

* Packs/VirusTotal/Integrations/FeedRetrohunt/FeedRetrohunt.yml Docker image update

* Updated Metadata Of Pack CofenseIntelligenceV2

* Added release notes to pack CofenseIntelligenceV2

* Packs/CofenseIntelligenceV2/Integrations/CofenseIntelligenceV2/CofenseIntelligenceV2.yml Docker image update

* Updated Metadata Of Pack CheckPointDome9

* Added release notes to pack CheckPointDome9

* Packs/CheckPointDome9/Integrations/CheckPointDome9/CheckPointDome9.yml Docker image update

* Updated Metadata Of Pack Reco

* Added release notes to pack Reco

* Packs/Reco/Integrations/Reco/Reco.yml Docker image update

* Updated Metadata Of Pack CimTrak-SystemIntegrityAssurance

* Added release notes to pack CimTrak-SystemIntegrityAssurance

* Packs/CimTrak-SystemIntegrityAssurance/Integrations/CimTrak/CimTrak.yml Docker image update

* Update Docker Image To demisto/python3  (#27272)

* Updated Metadata Of Pack FeedProofpoint

* Added release notes to pack FeedProofpoint

* Packs/FeedProofpoint/Integrations/FeedProofpoint/FeedProofpoint.yml Docker image update

* Updated Metadata Of Pack FortiSIEM

* Added release notes to pack FortiSIEM

* Packs/FortiSIEM/Integrations/FortiSIEM/FortiSIEM.yml Docker image update

* Updated Metadata Of Pack Ipstack

* Added release notes to pack Ipstack

* Packs/Ipstack/Integrations/Ipstack/Ipstack.yml Docker image update

* Updated Metadata Of Pack SafeBreach

* Added release notes to pack SafeBreach

* Packs/SafeBreach/Integrations/SafeBreach_v2/SafeBreach_v2.yml Docker image update

* Updated Metadata Of Pack RedCanary

* Added release notes to pack RedCanary

* Packs/RedCanary/Integrations/RedCanary/RedCanary.yml Docker image update

* Updated Metadata Of Pack PiHole

* Added release notes to pack PiHole

* Packs/PiHole/Integrations/PiHole/PiHole.yml Docker image update

* Updated Metadata Of Pack FeedDShield

* Added release notes to pack FeedDShield

* Packs/FeedDShield/Integrations/FeedDShield/FeedDShield.yml Docker image update

* Updated Metadata Of Pack SafeNet_Trusted_Access

* Added release notes to pack SafeNet_Trusted_Access

* Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccess/SafeNetTrustedAccess.yml Docker image update

* Updated Metadata Of Pack OpenPhish

* Added release notes to pack OpenPhish

* Packs/OpenPhish/Integrations/OpenPhish_v2/OpenPhish_v2.yml Docker image update

* Updated Metadata Of Pack NistNVD

* Added release notes to pack NistNVD

* Packs/NistNVD/Integrations/NistNVD/NistNVD.yml Docker image update

* Updated Metadata Of Pack Cognni

* Added release notes to pack Cognni

* Packs/Cognni/Integrations/Cognni/Cognni.yml Docker image update

* Updated Metadata Of Pack PANOSPolicyOptimizer

* Added release notes to pack PANOSPolicyOptimizer

* Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update

* Updated Metadata Of Pack DeveloperTools

* Added release notes to pack DeveloperTools

* Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update

* Packs/DeveloperTools/Integrations/CustomIndicatorDemo/CustomIndicatorDemo.yml Docker image update

* Packs/DeveloperTools/Integrations/APIMetricsValidation/APIMetricsValidation.yml Docker image update

* Updated Metadata Of Pack NozomiNetworks

* Added release notes to pack NozomiNetworks

* Packs/NozomiNetworks/Integrations/NozomiNetworks/NozomiNetworks.yml Docker image update

* Updated Metadata Of Pack ANYRUN

* Added release notes to pack ANYRUN

* Packs/ANYRUN/Integrations/ANYRUN/ANYRUN.yml Docker image update

* Updated Metadata Of Pack Carbon_Black_Enterprise_Response

* Added release notes to pack Carbon_Black_Enterprise_Response

* Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml Docker image update

* Updated Metadata Of Pack Absolute

* Added release notes to pack Absolute

* Packs/Absolute/Integrations/Absolute/Absolute.yml Docker image update

* Updated Metadata Of Pack Ironscales

* Added release notes to pack Ironscales

* Packs/Ironscales/Integrations/Ironscales/Ironscales.yml Docker image update

* Updated Metadata Of Pack FeedURLhaus

* Added release notes to pack FeedURLhaus

* Packs/FeedURLhaus/Integrations/FeedURLhaus/FeedURLhaus.yml Docker image update

* Updated Metadata Of Pack Lokpath_Keylight

* Added release notes to pack Lokpath_Keylight

* Packs/Lokpath_Keylight/Integrations/Lockpath_KeyLight_v2/Lockpath_KeyLight_v2.yml Docker image update

* Updated Metadata Of Pack FeedMISP

* Added release notes to pack FeedMISP

* Packs/FeedMISP/Integrations/FeedMISP/FeedMISP.yml Docker image update

* Updated Metadata Of Pack FraudWatch

* Added release notes to pack FraudWatch

* Packs/FraudWatch/Integrations/FraudWatch/FraudWatch.yml Docker image update

* Updated Metadata Of Pack AbnormalSecurity

* Added release notes to pack AbnormalSecurity

* Packs/AbnormalSecurity/Integrations/AbnormalSecurityEventCollector/AbnormalSecurityEventCollector.yml Docker image update

* Updated Metadata Of Pack CovalenceManagedSecurity

* Added release notes to pack CovalenceManagedSecurity

* Packs/CovalenceManagedSecurity/Integrations/CovalenceManagedSecurity/CovalenceManagedSecurity.yml Docker image update

* Updated Metadata Of Pack IllusiveNetworks

* Added release notes to pack IllusiveNetworks

* Packs/IllusiveNetworks/Integrations/IllusiveNetworks/IllusiveNetworks.yml Docker image update

* Updated Metadata Of Pack Edgescan

* Added release notes to pack Edgescan

* Packs/Edgescan/Integrations/Edgescan/Edgescan.yml Docker image update

* Updated Metadata Of Pack PerceptionPoint

* Added release notes to pack PerceptionPoint

* Packs/PerceptionPoint/Integrations/PerceptionPoint/PerceptionPoint.yml Docker image update

* Updated Metadata Of Pack Druva

* Added release notes to pack Druva

* Packs/Druva/Integrations/Druva/Druva.yml Docker image update

* Updated Metadata Of Pack APIVoid

* Added release notes to pack APIVoid

* Packs/APIVoid/Integrations/APIVoid/APIVoid.yml Docker image update

* Updated Metadata Of Pack PingIdentity

* Added release notes to pack PingIdentity

* Packs/PingIdentity/Integrations/PingOne/PingOne.yml Docker image update

* Updated Metadata Of Pack cisco-ise

* Added release notes to pack cisco-ise

* Packs/cisco-ise/Integrations/cisco-ise/cisco-ise.yml Docker image update

* Updated Metadata Of Pack SailPointIdentityIQ

* Added release notes to pack SailPointIdentityIQ

* Packs/SailPointIdentityIQ/Integrations/SailPointIdentityIQ/SailPointIdentityIQ.yml Docker image update

* Updated Metadata Of Pack Cymulate

* Added release notes to pack Cymulate

* Packs/Cymulate/Integrations/Cymulate/Cymulate.yml Docker image update

* Packs/Cymulate/Integrations/Cymulate_v2/Cymulate_v2.yml Docker image update

* Updated Metadata Of Pack XSOARmirroring

* Added release notes to pack XSOARmirroring

* Packs/XSOARmirroring/Integrations/XSOARmirroring/XSOARmirroring.yml Docker image update

* Updated Metadata Of Pack XMatters

* Added release notes to pack XMatters

* Packs/XMatters/Integrations/xMatters/xMatters.yml Docker image update

* Updated Metadata Of Pack Zimperium

* Added release notes to pack Zimperium

* Packs/Zimperium/Integrations/Zimperium/Zimperium.yml Docker image update

* Updated Metadata Of Pack RSANetWitnessEndpoint

* Added release notes to pack RSANetWitnessEndpoint

* Packs/RSANetWitnessEndpoint/Integrations/RSANetWitnessEndpoint/RSANetWitnessEndpoint.yml Docker image update

* Updated Metadata Of Pack SymantecBlueCoatMalwareAnalysis

* Added release notes to pack SymantecBlueCoatMalwareAnalysis

* Packs/SymantecBlueCoatMalwareAnalysis/Integrations/SymantecBlueCoatMalwareAnalysis/SymantecBlueCoatMalwareAnalysis.yml Docker image update

* Updated Metadata Of Pack InfoArmor_VigilanteATI

* Added release notes to pack InfoArmor_VigilanteATI

* Packs/InfoArmor_VigilanteATI/Integrations/InfoArmorVigilanteATI/InfoArmorVigilanteATI.yml Docker image update

* Updated Metadata Of Pack AccentureCTI

* Added release notes to pack AccentureCTI

* Packs/AccentureCTI/Integrations/ACTIVulnerabilityQuery/ACTIVulnerabilityQuery.yml Docker image update

* Updated Metadata Of Pack PingCastle

* Added release notes to pack PingCastle

* Packs/PingCastle/Integrations/PingCastle/PingCastle.yml Docker image update

* Updated Metadata Of Pack MaxMind_GeoIP2

* Added release notes to pack MaxMind_GeoIP2

* Packs/MaxMind_GeoIP2/Integrations/MaxMind_GeoIP2/MaxMind_GeoIP2.yml Docker image update

* Updated Metadata Of Pack Maltiverse

* Added release notes to pack Maltiverse

* Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.yml Docker image update

* Updated Metadata Of Pack CarbonBlackDefense

* Added release notes to pack CarbonBlackDefense

* Packs/CarbonBlackDefense/Integrations/CarbonBlackEndpointStandard/CarbonBlackEndpointStandard.yml Docker image update

* Updated Metadata Of Pack AlienVault_USM_Anywhere

* Added release notes to pack AlienVault_USM_Anywhere

* Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.yml Docker image update

* Updated Metadata Of Pack ProofpointServerProtection

* Added release notes to pack ProofpointServerProtection

* Packs/ProofpointServerProtection/Integrations/ProofpointProtectionServerV2/ProofpointProtectionServerV2.yml Docker image update

* Updated Metadata Of Pack OpsGenie

* Added release notes to pack OpsGenie

* Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Docker image update

* Fixed lint and validate

---------

Co-authored-by: sberman <[email protected]>

* Ignore modeling/parsing rules suffix error (#27274)

* [EDL] Fixed a typo in the description (#27269)

* Fixed a typo in the description

* Update the docker image

* Macos Regex Fix (#27270)

* Updated ModelingRules

* Updated ReleaseNotes

* Updated ReleaseNotes

* Updated ModelingRules

* Updated ModelingRules

* Cs falcon add tags to cs-falcon-upload-custom-ioc command (#27234)

* CS Flacon add tags to upload-custom-ioc command

* added RNs

* Align credentials stores part 11 (#27253)

* Align credentials part 11

* Trend Micro Apex

* ignore

* adding tests to hostlo

* Trend Micro Apex tests

* trend more test

* change test

* Syslogv2 was removed from xsiam marketplace (#27278)

* remove Syslogv2 from xsiam marketplace

* RN

* known_words

* Update Packs/Syslog/ReleaseNotes/2_0_16.md

Co-authored-by: dorschw <[email protected]>

* DO

---------

Co-authored-by: dorschw <[email protected]>

* Microsoft Graph Single User - Edit documentation (#27275)

* edit documentation

* edit documentation

* RN and DO

* fix doc

* mistake

* ExtraHop release v2.1.0 (#27056) (#27279)

* Update .devcontainer.json name

* added changes related to ExtrHop 2.1.0 release

---------

Co-authored-by: Crest Data Systems <[email protected]>
Co-authored-by: crestdatasystems <[email protected]>

* Recordedfuture listapi v1.0.0 (#26996) (#27281)

* First version/implementation of new List Integration

* Added new List integration

* Updated validation step requirements and fixed tests to be working as expected

* Updated test Coverage

* Version bump and fixed frombersion for list app

* Added custom content, incident type and classifier for coderepo leakage

* Updated some documentation and fixed dockerimages

* Bumped version of playbook alert app

* Fixed changelog for 1.6.0 to not include an old change

* fixed type0 in changelog

* removed base64 import

* Updated release notes

* Update based on review

* Removed references to old playbook alerts documentation from creation of integration

---------

Co-authored-by: recordedfuture-simonhornestedt <109588368+recordedfuture-simonhornestedt@users.noreply.github.com>
Co-authored-by: michal-dagan <[email protected]>

* fix bug by convert the password to bytes (#27283)

* fix bug by convert the password to bytes

* commit

* update RN and Docker

* comment corrections

* commit

* [greynoise-266] - Add greynoise-similar and greynoise-timeline commands (#27067) (#27291)

* add sim and timeline updates

* fix test file prints

* update readme fix tests

* updates to readme for pre-commit

* updates from pre-commit run

* more linting updates

* update secrets

* fix url in timeline

Co-authored-by: Brad Chiappetta <[email protected]>

* [ASM] -  Expandr 4075 (#27258) (#27287)

* init

* RN

* fix RN

* Apply suggestions from code review



-----…
  • Loading branch information
Show file tree
Hide file tree
Showing 8 changed files with 345 additions and 63 deletions.
157 changes: 103 additions & 54 deletions Packs/GitLab/Integrations/GitLabv2/GitLabv2.py

Large diffs are not rendered by default.

80 changes: 80 additions & 0 deletions Packs/GitLab/Integrations/GitLabv2/GitLabv2.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@ configuration:
hiddenusername: true
required: true
type: 9
- displaypassword: Trigger Token
additionalinfo: The trigger token to run pipelines. For more info see https://docs.gitlab.com/ee/ci/triggers
name: trigger_token
hiddenusername: true
required: false
type: 9
- display: Project ID
additionalinfo: The project ID, it can be found under the project name.
name: project_id
Expand Down Expand Up @@ -3258,6 +3264,80 @@ script:
- contextPath: GitLab.Artifact.artifact_data
description: Data of the artifact requested.
type: String
- name: gitlab-trigger-pipeline
arguments:
- default: false
description: Project ID on which to run the pipeline.
isArray: false
name: project_id
required: false
secret: false
- default: false
description: The branch on which to run the pipeline. Default is 'master'.
isArray: false
name: ref_branch
required: false
secret: false
- default: false
description: JSON containing the pipeline variables.
isArray: false
name: trigger_variables
required: false
secret: false
description: Triggers a GitLab pipeline on a selected project and branch.
execution: false
outputs:
- contextPath: GitLab.Pipeline.id
description: Pipeline ID.
type: Number
- contextPath: GitLab.Pipeline.project_id
description: Project ID that the pipeline belongs to.
type: Number
- contextPath: GitLab.Pipeline.status
description: Status of the pipeline.
type: String
- contextPath: GitLab.Pipeline.ref
description: Reference of the pipeline.
type: String
- contextPath: GitLab.Pipeline.sha
description: SHA of the pipeline.
type: String
- contextPath: GitLab.Pipeline.created_at
description: Time when the pipeline was created.
type: Date
- contextPath: GitLab.Pipeline.updated_at
description: Time when the pipeline was last updated.
type: Date
- contextPath: GitLab.Pipeline.started_at
description: Time when the pipeline was started.
type: Date
- contextPath: GitLab.Pipeline.finished_at
description: Time when the pipeline was finished.
type: Date
- contextPath: GitLab.Pipeline.duration
description: Duration of the pipeline in seconds.
type: Number
- contextPath: GitLab.Pipeline.web_url
description: Web URL of the pipeline.
type: String
- contextPath: GitLab.Pipeline.user.name
description: Name of the user who triggered the pipeline.
type: String
- contextPath: GitLab.Pipeline.user.username
description: Username that triggered the pipeline.
type: String
- contextPath: GitLab.Pipeline.user.id
description: ID of the user who triggered the pipeline.
type: Number
- contextPath: GitLab.Pipeline.user.state
description: State of the user who triggered the pipeline.
type: String
- contextPath: GitLab.Pipeline.user.avatar_url
description: Avatar URL of the user who triggered the pipeline.
type: String
- contextPath: GitLab.Pipeline.user.web_url
description: Web URL of the user who triggered the pipeline.
type: String
runonce: false
script: '-'
type: python
Expand Down
55 changes: 48 additions & 7 deletions Packs/GitLab/Integrations/GitLabv2/GitLabv2_test.py
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
import io
import json
from typing import Dict, List
import pytest
from freezegun import freeze_time


def util_load_json(path):
with io.open(path, mode='r', encoding='utf-8') as f:
with open(path, encoding='utf-8') as f:
return json.loads(f.read())


Expand Down Expand Up @@ -769,7 +767,7 @@ def test_gitlab_pipelines_schedules_list_command(mocker):
headers={'PRIVATE-TOKEN': 'api_key'})
response_client = util_load_json('test_data/commands_test_data.json').get('pipeline_schedule')
args = {"project_id": 1}
expected_outputs: List[Dict] = response_client['expected_outputs']
expected_outputs: list[dict] = response_client['expected_outputs']
expected_prefix: str = response_client['expected_prefix']
expected_key_field: str = response_client['expected_key_field']
mocker.patch.object(Client, '_http_request', return_value=response_client['mock_response'])
Expand All @@ -796,7 +794,7 @@ def test_gitlab_pipelines_list_command(mocker):
headers={'PRIVATE-TOKEN': 'api_key'})
response_client = util_load_json('test_data/commands_test_data.json').get('pipeline')
args = {"project_id": "3"}
expected_outputs: List[Dict] = response_client['expected_outputs']
expected_outputs: list[dict] = response_client['expected_outputs']
expected_prefix: str = response_client['expected_prefix']
expected_key_field: str = response_client['expected_key_field']
mocker.patch.object(Client, '_http_request', return_value=response_client['mock_response'])
Expand Down Expand Up @@ -826,7 +824,7 @@ def test_gitlab_jobs_list_command(mocker):
"project_id": "4",
"pipeline_id": "12"
}
expected_outputs: List[Dict] = response_client['expected_outputs']
expected_outputs: list[dict] = response_client['expected_outputs']
expected_prefix: str = response_client['expected_prefix']
expected_key_field: str = response_client['expected_key_field']
mocker.patch.object(Client, '_http_request', return_value=response_client['mock_response'])
Expand Down Expand Up @@ -856,7 +854,7 @@ def test_gitlab_artifact_get_command(mocker):
"project_id": "45",
"job_id": "32",
"artifact_path_suffix": "artifacts/failed_tests.txt"}
expected_outputs: List[Dict] = response_client['expected_outputs']
expected_outputs: list[dict] = response_client['expected_outputs']
expected_prefix: str = response_client['expected_prefix']
expected_key_field: str = response_client['expected_key_field']
mocker.patch.object(Client, '_http_request', return_value=response_client['mock_response'])
Expand Down Expand Up @@ -986,3 +984,46 @@ def test_return_date_arg_as_iso(arg, isValidDate, expected_response):
return_date_arg_as_iso(arg)

assert str(e.value) == expected_response


@pytest.mark.parametrize('trigger_token, args, expected_result', [
('', {}, util_load_json('test_data/commands_test_data.json').get('trigger_pipeline1')),
(1111, {'project_id': 2222, 'ref_branch': 'test'},
util_load_json('test_data/commands_test_data.json').get('trigger_pipeline2'))
])
def test_trigger_pipeline(mocker, trigger_token, args, expected_result):
"""
Given:
- client and demisto args
- case 1 - client without trigger token.
- case 2 - client with trigger token and args with a different project ID than the instance.
When:
- gitlab_trigger_pipeline_command
Then:
- The response is as expected
- case 1 - Throws an error about the trigger token that is missing
- case 2 - The response is correct with the same branch and project_id as in the args.
"""
from GitLabv2 import Client, gitlab_trigger_pipeline_command
client = Client(project_id=1234,
base_url="base_url",
verify=False,
proxy=False,
headers={'PRIVATE-TOKEN': 'api_key'},
trigger_token=trigger_token)
expected_outputs: list[dict] = expected_result['expected_outputs']
expected_prefix: str = expected_result['expected_prefix']
expected_key_field: str = expected_result['expected_key_field']
mocker.patch.object(Client, '_http_request', return_value=expected_result['mock_response'])
mock_error = mocker.patch('GitLabv2.return_error')

command_result = gitlab_trigger_pipeline_command(client, args)

if not trigger_token:
assert mock_error.call_args[0][0] == 'A trigger token is required in the integration instance configuration'
else:
assert command_result.outputs_prefix == expected_prefix
assert command_result.outputs_key_field == expected_key_field
assert command_result.outputs == expected_outputs
assert command_result.outputs.get('ref') == args.get('ref_branch')
assert command_result.outputs.get('project_id') == args.get('project_id')
57 changes: 57 additions & 0 deletions Packs/GitLab/Integrations/GitLabv2/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ This integration enables you to:
- Get a list of files in the GitLab project.
- Get the contents and details of a file in GitLab.
- Search for code in the GitLab project.
- Trigger a pipeline in the GitLab project.

#### Create a Personal Access Token
Personal access tokens (PATs) are an alternative to using passwords for authentication to GitLab when using the GitLab API.
Expand All @@ -28,6 +29,22 @@ To generate a new token:
6. Select the **scopes**, or **permissions**, you want to grant this token. The minimum is read-only on repo.
7. Click **Create personal access token** and copy the api key generated.-+

#### Create a Trigger Token
Trigger tokens allow you to trigger a pipeline for a branch using it to authenticate on an API call.

**Prerequisite:**

You must have at least the Maintainer role for the project.

**To generate a new token:**

1. Navigate to your project.
2. Select **Settings** > **CI/CD**.
3. Expand Pipeline triggers.
4. Enter a description and select **Add trigger**.
- You can view and copy the full token for all triggers you have created.
- You can only see the first 4 characters for tokens created by other project members.

#### Get Project ID
1. Go to the desired project example gitlab.com/username/project1.
2. Under the project name get the argument project_id
Expand All @@ -42,6 +59,7 @@ To generate a new token:
| --- | --- | --- |
| Server URL (e.g. https://gitlab.com/api/v4) | | False |
| API Key | The API Key to use for connection | True |
| Trigger Token | The trigger token to run pipelines | False |
| Project ID | | True |
| Trust any certificate (not secure) | | False |
| Use system proxy settings | | False |
Expand Down Expand Up @@ -2144,3 +2162,42 @@ Gets an artifact from a given artifact path, corresponding to a given job ID.
| GitLab.Artifact.job_id | String | Job ID from which the artifact was taken. |
| GitLab.Artifact.artifact_path_suffix | String | Suffix of the given artifact path. |
| GitLab.Artifact.artifact_data | String | Data of the artifact requested. |

### gitlab-trigger-pipeline

***
Triggers a GitLab pipeline on a selected project and branch.

#### Base Command

`gitlab-trigger-pipeline`

#### Input

| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
| project_id | Project ID on which to run the pipeline. | Optional |
| ref_branch | The branch on which to run the pipeline. Default is 'master'. | Optional |
| trigger_variables | JSON containing the pipeline variables. | Optional |

#### Context Output

| **Path** | **Type** | **Description** |
| --- | --- | --- |
| GitLab.Pipeline.id | Number | Pipeline ID. |
| GitLab.Pipeline.project_id | Number | Project ID that the pipeline belongs to. |
| GitLab.Pipeline.status | String | Status of the pipeline. |
| GitLab.Pipeline.ref | String | Reference of the pipeline. |
| GitLab.Pipeline.sha | String | SHA of the pipeline. |
| GitLab.Pipeline.created_at | Date | Time when the pipeline was created. |
| GitLab.Pipeline.updated_at | Date | Time when the pipeline was last updated. |
| GitLab.Pipeline.started_at | Date | Time when the pipeline was started. |
| GitLab.Pipeline.finished_at | Date | Time when the pipeline was finished. |
| GitLab.Pipeline.duration | Number | Duration of the pipeline in seconds. |
| GitLab.Pipeline.web_url | String | Web URL of the pipeline. |
| GitLab.Pipeline.user.name | String | Name of the user who triggered the pipeline. |
| GitLab.Pipeline.user.username | String | Username that triggered the pipeline. |
| GitLab.Pipeline.user.id | Number | ID of the user who triggered the pipeline. |
| GitLab.Pipeline.user.state | String | State of the user who triggered the pipeline. |
| GitLab.Pipeline.user.avatar_url | String | Avatar URL of the user who trigerred the pipeline. |
| GitLab.Pipeline.user.web_url | String | Web URL of the user who triggered the pipeline. |
Original file line number Diff line number Diff line change
Expand Up @@ -1193,5 +1193,55 @@
"expected_prefix": "GitLab.PipelineSchedule",
"expected_url_mock_suffix": "projects/1/pipeline_schedules",
"expected_key_field": "id"
},
"trigger_pipeline1": {
"mock_response": {
"id": 1,
"project_id": 1234,
"sha": "skd5h31245ljkasl4kj45l324",
"ref": "master",
"status": "running",
"created_at": "2021-06-15T14:31:29.607Z",
"updated_at": "2021-06-15T14:31:32.964Z",
"web_url": "https://server_url/project/-/pipelines/1"
},
"expected_outputs": {
"id": 1,
"project_id": 1234,
"sha": "skd5h31245ljkasl4kj45l324",
"ref": "master",
"status": "running",
"created_at": "2021-06-15T14:31:29.607Z",
"updated_at": "2021-06-15T14:31:32.964Z",
"web_url": "https://server_url/project/-/pipelines/1"
},
"expected_prefix": "GitLab.Pipeline",
"expected_url_mock_suffix": "projects/1234/pipelines",
"expected_key_field": "id"
},
"trigger_pipeline2": {
"mock_response": {
"id": 1,
"project_id": 2222,
"sha": "skd5h31245ljkasl4kj45l324",
"ref": "test",
"status": "running",
"created_at": "2021-06-15T14:31:29.607Z",
"updated_at": "2021-06-15T14:31:32.964Z",
"web_url": "https://server_url/project/-/pipelines/1"
},
"expected_outputs": {
"id": 1,
"project_id": 2222,
"sha": "skd5h31245ljkasl4kj45l324",
"ref": "test",
"status": "running",
"created_at": "2021-06-15T14:31:29.607Z",
"updated_at": "2021-06-15T14:31:32.964Z",
"web_url": "https://server_url/project/-/pipelines/1"
},
"expected_prefix": "GitLab.Pipeline",
"expected_url_mock_suffix": "projects/2222/pipelines",
"expected_key_field": "id"
}
}
4 changes: 4 additions & 0 deletions Packs/GitLab/ReleaseNotes/2_2_11.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@

#### Integrations
##### GitLab v2
Added the new ***gitlab-trigger-pipeline*** command to trigger a GitLab pipeline.
2 changes: 1 addition & 1 deletion Packs/GitLab/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "GitLab",
"description": "Pack for handling gitlab operations",
"support": "xsoar",
"currentVersion": "2.2.10",
"currentVersion": "2.2.11",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
3 changes: 2 additions & 1 deletion Tests/conf.json
Original file line number Diff line number Diff line change
Expand Up @@ -4366,7 +4366,8 @@
{
"playbookID": "Test-GitLab-v2",
"fromversion": "6.5.0",
"integrations": "GitLabv2"
"integrations": "GitLabv2",
"is_mockable": false
},
{
"playbookID": "LGTM-test-playbook",
Expand Down

0 comments on commit 9f887cf

Please sign in to comment.