Surface Command Plugin (#3365) (#3413)

* Surface Command Plugin

* Surface Command Connector

* Update Vendor

* Update plugins/rapid7_surface_command/build/lib/icon_rapid7_surface_command/connection/connection.py



* Fixes from review

* Add timeout to Requests

* Add test connection

* Fix Linting

* More fixes from linting

* linting

* Add tests

* remove json import

* unittest fixes

* testing

* Add more tests

* Remove pyenv file

* Add more tests

* Final linting fixes

* {SC Plugin} update region enums

- add more docs

* {SC Plugin} fix test

* {SC Plugin} update checksum

---------

Co-authored-by: croberts-r7 <[email protected]>
Co-authored-by: igorski-r7 <[email protected]>
Co-authored-by: Shane Curtin <[email protected]>

Author: 4 people

plugins/rapid7_surface_command/.CHECKSUM

@@ -0,0 +1,15 @@
+{
+	"spec": "5febf21fbe44e862139ab3766d09c1ea",
+	"manifest": "1705ea353660f8471dfb517a2f53f9ca",
+	"setup": "0ef6fdfaf9b7c048050f77a57dc08d5b",
+	"schemas": [
+		{
+			"identifier": "run_query/schema.py",
+			"hash": "c5424ab1593ab341da6fe2513002eca3"
+		},
+		{
+			"identifier": "connection/schema.py",
+			"hash": "b9f6e2e9f113d4f91ebf027d03978ca4"
+		}
+	]
+}

plugins/rapid7_surface_command/.dockerignore

@@ -0,0 +1,9 @@
+unit_test/**/*
+unit_test
+examples/**/*
+examples
+tests
+tests/**/*
+**/*.json
+**/*.tar
+**/*.gz

plugins/rapid7_surface_command/Dockerfile

@@ -0,0 +1,34 @@
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:latest AS builder
+
+WORKDIR /python/src
+
+ADD ./plugin.spec.yaml /plugin.spec.yaml
+ADD ./requirements.txt /python/src/requirements.txt
+ADD . /python/src
+
+
+
+RUN pip install .
+RUN pip uninstall -y setuptools
+
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:latest
+
+LABEL organization=rapid7
+LABEL sdk=python
+
+WORKDIR /python/src
+
+COPY --from=builder /python/src /python/src
+COPY --from=builder /plugin.spec.yaml /plugin.spec.yaml
+
+
+RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+
+ENV PYTHONPATH="/python/src:${PYTHONPATH}"
+
+RUN rm -rf /root/.cache;
+
+# User to run plugin code. The two supported users are: root, nobody
+USER nobody
+
+ENTRYPOINT ["python", "/python/src/bin/icon_rapid7_surface_command"]

plugins/rapid7_surface_command/Makefile

@@ -0,0 +1,53 @@
+# Include other Makefiles for improved functionality
+INCLUDE_DIR = ../../tools/Makefiles
+MAKEFILES := $(wildcard $(INCLUDE_DIR)/*.mk)
+# We can't guarantee customers will have the include files
+# - prefix to ignore Makefiles when not present
+# https://www.gnu.org/software/make/manual/html_node/Include.html
+-include $(MAKEFILES)
+
+ifneq ($(MAKEFILES),)
+  $(info [$(YELLOW)*$(NORMAL)] Use ``make menu`` for available targets)
+  $(info [$(YELLOW)*$(NORMAL)] Including available Makefiles: $(MAKEFILES))
+  $(info --)
+else
+  $(warning Makefile includes directory not present: $(INCLUDE_DIR))
+endif
+
+VERSION?=$(shell grep '^version: ' plugin.spec.yaml | sed 's/version: //')
+NAME?=$(shell grep '^name: ' plugin.spec.yaml | sed 's/name: //')
+VENDOR?=$(shell grep '^vendor: ' plugin.spec.yaml | sed 's/vendor: //')
+CWD?=$(shell basename $(PWD))
+_NAME?=$(shell echo $(NAME) | awk '{ print toupper(substr($$0,1,1)) tolower(substr($$0,2)) }')
+PKG=$(VENDOR)-$(NAME)-$(VERSION).tar.gz
+
+# Set default target explicitly. Make's default behavior is the first target in the Makefile.
+# We don't want that behavior due to includes which are read first
+.DEFAULT_GOAL := default # Make >= v3.80 (make -version)
+
+
+default: image tarball
+
+tarball:
+	$(info [$(YELLOW)*$(NORMAL)] Creating plugin tarball)
+	rm -rf build
+	rm -rf $(PKG)
+	tar -cvzf $(PKG) --exclude=$(PKG) --exclude=tests --exclude=run.sh *
+
+image:
+	$(info [$(YELLOW)*$(NORMAL)] Building plugin image)
+	docker build --pull -t $(VENDOR)/$(NAME):$(VERSION) .
+	docker tag $(VENDOR)/$(NAME):$(VERSION) $(VENDOR)/$(NAME):latest
+
+regenerate:
+	$(info [$(YELLOW)*$(NORMAL)] Refreshing schema from plugin.spec.yaml)
+	insight-plugin refresh
+
+export: image
+	$(info [$(YELLOW)*$(NORMAL)] Exporting docker image)
+	@printf "\n ---> Exporting Docker image to ./$(VENDOR)_$(NAME)_$(VERSION).tar\n"
+	@docker save $(VENDOR)/$(NAME):$(VERSION) | gzip > $(VENDOR)_$(NAME)_$(VERSION).tar
+
+# Make will not run a target if a file of the same name exists unless setting phony targets
+# https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
+.PHONY: default tarball image regenerate

plugins/rapid7_surface_command/bin/icon_rapid7_surface_command

@@ -0,0 +1,46 @@
+#!/usr/bin/env python
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+import os
+import json
+from sys import argv
+
+Name = "Rapid7 Surface Command"
+Vendor = "rapid7"
+Version = "1.0.0"
+Description = "Surface Command gives you full visibility over your assets and identities across multiple technology platforms"
+
+
+def main():
+    if 'http' in argv:
+        if os.environ.get("GUNICORN_CONFIG_FILE"):
+            with open(os.environ.get("GUNICORN_CONFIG_FILE")) as gf:
+                gunicorn_cfg = json.load(gf)
+                if gunicorn_cfg.get("worker_class", "sync") == "gevent":
+                    from gevent import monkey
+                    monkey.patch_all()
+        elif 'gevent' in argv:
+            from gevent import monkey
+            monkey.patch_all()
+
+    import insightconnect_plugin_runtime
+    from icon_rapid7_surface_command import connection, actions, triggers, tasks
+
+    class ICONRapid7SurfaceCommand(insightconnect_plugin_runtime.Plugin):
+        def __init__(self):
+            super(self.__class__, self).__init__(
+                name=Name,
+                vendor=Vendor,
+                version=Version,
+                description=Description,
+                connection=connection.Connection()
+            )
+            self.add_action(actions.RunQuery())
+        
+
+    """Run plugin"""
+    cli = insightconnect_plugin_runtime.CLI(ICONRapid7SurfaceCommand())
+    cli.run()
+
+
+if __name__ == "__main__":
+    main()

plugins/rapid7_surface_command/extension.png

@@ -0,0 +1,100 @@
+# Description
+
+Surface Command gives you full visibility over your assets and identities across multiple technology platforms
+
+# Key Features
+
+* Query Surface Command Data
+
+# Requirements
+
+* User or Organization Key from the Insight Platform. To create one follow [Generate User API Key guide](https://docs.rapid7.com/insight/managing-platform-api-keys/#generating-a-user-key)
+* The Region where your Rapid7 Surface Command instance is hosted. To identify your region, see [Identify Data Region](https://docs.rapid7.com/insight/navigate-the-insight-platform/#check-your-data-region)
+* A valid Query ID (UUID) from Rapid7 Surface Command. To obtain a Query ID, edit a Saved Query in the Surface Command UI and retrieve its ID from the URL
+
+# Supported Product Versions
+
+* v1
+
+# Documentation
+
+## Setup
+
+The connection configuration accepts the following parameters:  
+
+|Name|Type|Default|Required|Description|Enum|Example|Placeholder|Tooltip|
+| :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
+|api_key|credential_secret_key|None|True|User or Organization Key from the Insight Platform|None|a5zy0a6g-504e-46bz-84xx-1b3f5ci36l99|None|None|
+|region|string|us|True|Region|["us", "us2", "us3", "eu", "ca", "au", "ap"]|us|None|None|
+
+Example input:
+
+```
+{
+  "api_key": "a5zy0a6g-504e-46bz-84xx-1b3f5ci36l99",
+  "region": "us"
+}
+```
+
+## Technical Details
+
+### Actions
+
+
+#### Run Surface Command Query
+
+This action is used to run and execute Surface Command Query
+
+##### Input
+
+|Name|Type|Default|Required|Description|Enum|Example|Placeholder|Tooltip|
+| :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
+|query_id|string|None|True|Query ID (UUID) to Run from Surface Command|None|12345678-1234-1234-1234-123456789012|None|None|
+  
+Example input:
+
+```
+{
+  "query_id": "12345678-1234-1234-1234-123456789012"
+}
+```
+
+##### Output
+
+|Name|Type|Required|Description|Example|
+| :--- | :--- | :--- | :--- | :--- |
+|items|[]object|False|Array of Items|[]|
+  
+Example output:
+
+```
+{
+  "items": []
+}
+```
+### Triggers
+  
+*This plugin does not contain any triggers.*
+### Tasks
+  
+*This plugin does not contain any tasks.*
+
+### Custom Types
+  
+*This plugin does not contain any custom output types.*
+
+## Troubleshooting
+
+
+# Version History
+
+* 1.0.0 - Initial plugin
+
+# Links
+
+* [Rapid7 Surface Command](https://www.rapid7.com/products/command/attack-surface-management-asm/)
+
+## References
+
+* [Identify Data Region](https://docs.rapid7.com/insight/navigate-the-insight-platform/#check-your-data-region)
+* [Generate User API Key](https://docs.rapid7.com/insight/managing-platform-api-keys/#generating-a-user-key)

plugins/rapid7_surface_command/help.md

@@ -0,0 +1 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT

plugins/rapid7_surface_command/icon.png

@@ -0,0 +1,3 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+
+from .run_query.action import RunQuery

plugins/rapid7_surface_command/icon_rapid7_surface_command/__init__.py

@@ -0,0 +1,2 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+from .action import RunQuery

plugins/rapid7_surface_command/icon_rapid7_surface_command/actions/__init__.py

@@ -0,0 +1,22 @@
+import insightconnect_plugin_runtime
+from .schema import RunQueryInput, RunQueryOutput, Input, Output, Component
+
+# Custom imports below
+
+
+class RunQuery(insightconnect_plugin_runtime.Action):
+
+    def __init__(self):
+        super(self.__class__, self).__init__(
+            name="run_query",
+            description=Component.DESCRIPTION,
+            input=RunQueryInput(),
+            output=RunQueryOutput(),
+        )
+
+    def run(self, params={}):
+        # START INPUT BINDING - DO NOT REMOVE - ANY INPUTS BELOW WILL UPDATE WITH YOUR PLUGIN SPEC AFTER REGENERATION
+        query_id = params.get(Input.QUERY_ID)
+        # END INPUT BINDING - DO NOT REMOVE
+
+        return self.connection.api.run_query(query_id=query_id)

plugins/rapid7_surface_command/icon_rapid7_surface_command/actions/run_query/__init__.py

@@ -0,0 +1,67 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+import insightconnect_plugin_runtime
+import json
+
+
+class Component:
+    DESCRIPTION = "Run and execute Surface Command Query"
+
+
+class Input:
+    QUERY_ID = "query_id"
+
+
+class Output:
+    ITEMS = "items"
+
+
+class RunQueryInput(insightconnect_plugin_runtime.Input):
+    schema = json.loads(
+        r"""
+   {
+  "type": "object",
+  "title": "Variables",
+  "properties": {
+    "query_id": {
+      "type": "string",
+      "title": "ID of Query to Run",
+      "description": "Query ID (UUID) to Run from Surface Command",
+      "order": 1
+    }
+  },
+  "required": [
+    "query_id"
+  ],
+  "definitions": {}
+}
+    """
+    )
+
+    def __init__(self):
+        super(self.__class__, self).__init__(self.schema)
+
+
+class RunQueryOutput(insightconnect_plugin_runtime.Output):
+    schema = json.loads(
+        r"""
+   {
+  "type": "object",
+  "title": "Variables",
+  "properties": {
+    "items": {
+      "type": "array",
+      "title": "Items",
+      "description": "Array of Items",
+      "items": {
+        "type": "object"
+      },
+      "order": 1
+    }
+  },
+  "definitions": {}
+}
+    """
+    )
+
+    def __init__(self):
+        super(self.__class__, self).__init__(self.schema)

plugins/rapid7_surface_command/icon_rapid7_surface_command/actions/run_query/action.py

@@ -0,0 +1,2 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+from .connection import Connection