Skip to content

Housekeeping and Testing #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
plasticuproject wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Housekeeping and Testing #27

plasticuproject wants to merge 15 commits into from

Conversation

@plasticuproject
Copy link

@plasticuproject plasticuproject commented Sep 29, 2024
edited
Loading

  • Updated example/default feed to use OTX AlienVault/AT&T Cybersecurity, as EclecticIQ OpenTAXII is no longer operational
  • Updated dependencies
  • Added type annotations passing strict static mypy type checking for local code
  • Minor formatting improvements including reordering imports and changing string formatting to use modern fstrings.
  • Added basic pytest tests (coverage is low, still need to mock more data/tests for external api calls, this is just a start), flake8 linting checks, and mypy strict type checks in a github workflow

NOTE:
I was not able to test the following type consistency change as I do not have access to an ExtraHop server. If it fails just revert back to the commented out variable and call and ignore the type error:

    # file_body = {'file': (file_name, open(file_path, 'rb')), 'name': threatcollection_name}
    file_handle: BinaryIO
    with open(file_path, 'rb') as file_handle:
        files = {'file': (file_name, file_handle)}
        data = {'name': threatcollection_name}

    # log InsecureRequestWarning if making an unverified https request
    if not eh_verify_cert:
        logging.warning("InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning")

    try:
        # send PUT request to create or update
        # r = requests.put(url, headers=headers, files=file_body, verify=eh_verify_cert)
        r = requests.put(url, headers=headers, files=files, data=data, verify=eh_verify_cert)

@plasticuproject
Updated example/default feed to use OTX AlienVault/AT&T Cybersecurity…
26214a4 
…, as EclecticIQ OpenTAXII is no longer operational
@plasticuproject
Updated dependencies
9c9f816
@plasticuproject
Added gitignore file
8bf2813
@plasticuproject
Added type annotations
98028fa
@plasticuproject
Added mypy configuration file
68896e8
@plasticuproject
Reordered imports, changed string formating to use fstrings, minor fo…
9517706 
…rmating changes
@plasticuproject
Added basic pytest tests (coverage is low, still need tests for mock …
d9543ef 
…data, this is just a start), flake8 linting checks, and mypy strict type checks in a github workflow
@plasticuproject
Updated test workflow
74b96cf
@plasticuproject
Fixed type in workflow
d5619f7
@plasticuproject
Forgot to remove unneded mypy command
4ee2ea1
@plasticuproject
Corrected flake8 format error in test file
7314ae2
@plasticuproject
Added more tests, fixed issue where it was possible to attempt to acc…
f93ee3e 
…ess the Address() object before it was initialized
@plasticuproject
Added windows build to test workflow
5713ef1
@plasticuproject
Reverted to test python versions 3.9 and 3.11 only, as 3.12 is not co…
3657fde 
…mpatible. Also added testing for macos build
@plasticuproject
Decided testing against python3.11 only was fine, removed 3.9. Fixed …
a5891ad 
…paths for caching pip across OS matrixes
@Dan-at-Extrahop
Copy link
Contributor

Dan-at-Extrahop commented Oct 9, 2024

Thanks for taking the time to contribute to the project @plasticuproject! Much appreciated! I'll have the team look over the changes and test the updated file upload bits that you called out.

The reason the project has been a bit dormant lately is that since ExtraHop version 9.6 we added the ability to configure a TAXII feed from within the ExtraHop UI. Check out the following blog and docs if you're interested:

Regardless, this script/toolkit is still useful for backwards compatibility and also specific local filtering or refinement use cases.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@plasticuproject @Dan-at-Extrahop