From 1c1a123ec34ff15f376def49a15ac3748473fc7d Mon Sep 17 00:00:00 2001 From: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Date: Tue, 21 Nov 2023 13:46:20 +0200 Subject: [PATCH] [Prisma Cloud V2] Fix Namespace Extraction (#30996) * fix * update docker --- Packs/PrismaCloud/.pack-ignore | 1 + .../PrismaCloudV2/PrismaCloudV2.py | 4 +- .../PrismaCloudV2/PrismaCloudV2.yml | 2 +- .../PrismaCloudV2/PrismaCloudV2_test.py | 41 +++++++++++++++++++ Packs/PrismaCloud/ReleaseNotes/4_2_11.md | 7 ++++ Packs/PrismaCloud/pack_metadata.json | 2 +- 6 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 Packs/PrismaCloud/ReleaseNotes/4_2_11.md diff --git a/Packs/PrismaCloud/.pack-ignore b/Packs/PrismaCloud/.pack-ignore index 35bee75af6d9..40c606309390 100644 --- a/Packs/PrismaCloud/.pack-ignore +++ b/Packs/PrismaCloud/.pack-ignore @@ -48,6 +48,7 @@ fqdn vpc cloudtrail Prioritization +namespaces [file:classifier-Prisma_Cloud.json] ignore=BA101 diff --git a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.py b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.py index dae4875b1964..9ed3707d5843 100644 --- a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.py +++ b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.py @@ -517,7 +517,9 @@ def extract_namespace(response_items: List[Dict[str, Any]]): Extract namespaces from resource list items. """ for item in response_items: - for member in item.get('members', []): # members is a list of dicts + for member in item.get('members', []): # members is a list of dict or strs + if isinstance(member, str): + continue if item_namespace := member.get('namespaces', []): item['namespaces'] = item_namespace break diff --git a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml index d1489034cfca..7ee2acd8c1ec 100644 --- a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml +++ b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml @@ -111,7 +111,7 @@ script: script: '' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.74666 + dockerimage: demisto/python3:3.10.13.80593 isfetch: true isremotesyncin: true isremotesyncout: true diff --git a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2_test.py b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2_test.py index cd5e0e0dbf50..75902cbfe244 100644 --- a/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2_test.py +++ b/Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2_test.py @@ -866,6 +866,47 @@ def test_calculate_offset(page_size, page_number, offset): assert calculate_offset(page_size, page_number) == (page_size, offset) +def test_extract_namespace(): + """ + Given: + - A response to extract namespace from. + When: + - Extracting namespaces from resource list items. + Then: + - The response is updated with the right namespaces. + """ + from PrismaCloudV2 import extract_namespace + + res = [{'id': '1', 'name': 'No namespaces', 'resourceListType': 'TAG', + 'description': 'some values', + 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1611682405313, + 'members': [{'env': 'env'}, {'projec': 'project'}, {'securit': 'security'}]}, + {'id': '2', 'name': 'Members is strings', 'resourceListType': 'RESOURCE_GROUP', + 'description': '', 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1648181381197, + 'members': ['common']}, + {'id': '3', 'name': 'Have namespaces', + 'resourceListType': 'GROUP', 'description': 'Have namespaces', + 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1648507192479, + 'members': [{'hosts': ['*'], 'appIDs': ['*'], 'images': ['*'], 'labels': ['*'], 'clusters': ['*'], + 'codeRepos': ['*'], 'functions': ['*'], 'containers': ['*'], 'namespaces': ['*']}]}] + expected_res = [{'id': '1', 'name': 'No namespaces', 'resourceListType': 'TAG', + 'description': 'some values', + 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1611682405313, + 'members': [{'env': 'env'}, {'projec': 'project'}, {'securit': 'security'}]}, + {'id': '2', 'name': 'Members is strings', 'resourceListType': 'RESOURCE_GROUP', + 'description': '', 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1648181381197, + 'members': ['common']}, + {'id': '3', 'name': 'Have namespaces', + 'resourceListType': 'GROUP', 'description': 'Have namespaces', + 'lastModifiedBy': 'name@company.com', 'lastModifiedTs': 1648507192479, + 'members': [{'hosts': ['*'], 'appIDs': ['*'], 'images': ['*'], 'labels': ['*'], + 'clusters': ['*'], 'codeRepos': ['*'], 'functions': ['*'], + 'containers': ['*'], 'namespaces': ['*']}], + 'namespaces': ['*']}] + extract_namespace(res) + assert res == expected_res + + ''' FETCH HELPER FUNCTIONS TESTS ''' diff --git a/Packs/PrismaCloud/ReleaseNotes/4_2_11.md b/Packs/PrismaCloud/ReleaseNotes/4_2_11.md new file mode 100644 index 000000000000..50045087fb6b --- /dev/null +++ b/Packs/PrismaCloud/ReleaseNotes/4_2_11.md @@ -0,0 +1,7 @@ + +#### Integrations + +##### Prisma Cloud v2 + +- Fixed an issue in extracting namespaces in the ***prisma-cloud-resource-list*** command. +- Updated the Docker image to: *demisto/python3:3.10.13.80593*. diff --git a/Packs/PrismaCloud/pack_metadata.json b/Packs/PrismaCloud/pack_metadata.json index f72a3438e50d..9669509f4cef 100644 --- a/Packs/PrismaCloud/pack_metadata.json +++ b/Packs/PrismaCloud/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Prisma Cloud by Palo Alto Networks", "description": "Automate and unify security incident response across your cloud environments, while still giving a degree of control to dedicated cloud teams.", "support": "xsoar", - "currentVersion": "4.2.10", + "currentVersion": "4.2.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",