Merge branch 'contrib/PaloAltoNetworks_EXPANDR-4821' into EXPANDR-4821

demisto · Sep 13, 2023 · f41d000 · f41d000
2 parents 6da8cee + 5f8a2a0
commit f41d000
Show file tree

Hide file tree

Showing 142 changed files with 1,534 additions and 421 deletions.
diff --git a/.gitlab/ci/.gitlab-ci.bucket-upload.yml b/.gitlab/ci/.gitlab-ci.bucket-upload.yml
@@ -473,7 +473,7 @@ upload-packs-to-xpanse-marketplace:
     - *check_user_permissions_to_upload_packs
     - section_start "Upload Packs To Marketplace Storage"
     - |
-      if [[ "$CI_COMMIT_BRANCH" == "master" ]] || [[ "$CI_COMMIT_BRANCH" == "xpanse-marketplace" ]] || [[ "$GCS_MARKET_XPANSE_BUCKET" != "$GCS_PRODUCTION_XPANSE_BUCKET" ]]; then
+      if [[ "$CI_COMMIT_BRANCH" == "master" ]] || [[ "$GCS_MARKET_XPANSE_BUCKET" != "$GCS_PRODUCTION_XPANSE_BUCKET" ]]; then
         EXTRACT_FOLDER=$(mktemp -d)
         PACK_ARTIFACTS=$ARTIFACTS_FOLDER/content_packs.zip
         PACKS_DEPENDENCIES=$ARTIFACTS_FOLDER/packs_dependencies.json
@@ -546,7 +546,7 @@ upload-packs-to-xsoar-saas-marketplace:
     - |
       echo "$GCS_MARKET_XSOAR_SAAS_BUCKET"
       echo "$GCS_PRODUCTION_XSOAR_SAAS_BUCKET"
-      if [[ "$CI_COMMIT_BRANCH" == "master" ]] || [[ "$CI_COMMIT_BRANCH" == "new_bucket_xsoar_saas" ]] ||  [[ "$GCS_MARKET_XSOAR_SAAS_BUCKET" != "$GCS_PRODUCTION_XSOAR_SAAS_BUCKET" ]]; then
+      if [[ "$CI_COMMIT_BRANCH" == "master" ]] ||  [[ "$GCS_MARKET_XSOAR_SAAS_BUCKET" != "$GCS_PRODUCTION_XSOAR_SAAS_BUCKET" ]]; then
         EXTRACT_FOLDER=$(mktemp -d)
         PACK_ARTIFACTS=$ARTIFACTS_FOLDER/content_packs.zip
         PACKS_DEPENDENCIES=$ARTIFACTS_FOLDER/packs_dependencies.json

diff --git a/Packs/APIVoid/Integrations/APIVoid/APIVoid.py b/Packs/APIVoid/Integrations/APIVoid/APIVoid.py
@@ -25,6 +25,7 @@ class Client(BaseClient):
     Client will implement the service API, and should not contain any Demisto logic.
     Should only do requests and return data.
     """
+
     def __init__(self, base_url, apikey, verify, proxy):
         self.apikey = apikey
         super().__init__(base_url, verify=verify, proxy=proxy)

diff --git a/Packs/ARIAPacketIntelligence/Integrations/ARIAPacketIntelligence/ARIAPacketIntelligence.py b/Packs/ARIAPacketIntelligence/Integrations/ARIAPacketIntelligence/ARIAPacketIntelligence.py
@@ -37,13 +37,15 @@ def __init__(self, rcs=None):
     """
     destructor
     """
+
     def __del__(self):
         return 0
 
     """
     Parse a drop command and return its representation
     for being put into a NRDO action / rule.
     """
+
     def _parse_RET_drop(self, rcs):
         if rcs is None:
             return None, None
@@ -65,6 +67,7 @@ def _parse_RET_drop(self, rcs):
     """
     Parse a SIA simple name
     """
+
     def _parse_RDL_RD_name(self, rcs):
         if rcs is None:
             return None, None, "failed: RD name rcs none"
@@ -88,6 +91,7 @@ def _parse_RDL_RD_name(self, rcs):
     """
     Parse a FQN
     """
+
     def _parse_RDL_RD_FQN(self, rcs):
         if rcs is None:
             return None, None, "failed: RD fqn rcs none"
@@ -111,6 +115,7 @@ def _parse_RDL_RD_FQN(self, rcs):
     """
     Parse a security domain name SDN
     """
+
     def _parse_RDL_RD_SDN(self, rcs):
         if rcs is None:
             return None, None, "failed: RD sd rcs none"
@@ -134,6 +139,7 @@ def _parse_RDL_RD_SDN(self, rcs):
     """
     Parse an RGN label as a name
     """
+
     def _parse_RDL_RD_RGN_name(self, rcs):
         if rcs is None:
             return None, None, "failed: RD rgn name rcs none"
@@ -153,6 +159,7 @@ def _parse_RDL_RD_RGN_name(self, rcs):
     """
     Parse an RGN label as a list of names
     """
+
     def _parse_RDL_RD_RGN_list(self, rcs):
         if rcs is None:
             return None, None, "failed: RD rgn list rcs none"
@@ -215,6 +222,7 @@ def _parse_RDL_RD_RGN_list(self, rcs):
     """
     Parse an RGN label as asterik
     """
+
     def _parse_RDL_RD_RGN_asterik(self, rcs):
         if rcs is None:
             return None, None, "failed: RD rgn asterik rcs none"
@@ -230,6 +238,7 @@ def _parse_RDL_RD_RGN_asterik(self, rcs):
     """
     Parse an RGN
     """
+
     def _parse_RDL_RD_RGN_label(self, rcs):
         if rcs is None:
             return None, None, "failed: RD label rgn rcs none"
@@ -286,6 +295,7 @@ def _parse_RDL_RD_RGN_label(self, rcs):
     """
     Parse an RGN
     """
+
     def _parse_RDL_RD_RGN(self, rcs):
         if rcs is None:
             return None, None, "failed: RD rgn rcs none"
@@ -346,6 +356,7 @@ def _parse_RDL_RD_RGN(self, rcs):
        RD       :: name | SDN | RGN | FQN
        RD_LIST  :: , <RD>
     """
+
     def _parse_RDL(self, rcs):
         if rcs is None:
             return None, None, "failed: rcs is none"
@@ -514,6 +525,7 @@ def _parse_RDL(self, rcs):
        ret      :: drop() | alert(...) | redirect(...) | serviceChain(...)
        SDN_LIST :: , <ret>
     """
+
     def _parse_RET(self, rcs):
         if rcs is None:
             return None, None, "failure: RET RCS none"
@@ -614,6 +626,7 @@ def _parse_RET(self, rcs):
        SDN      :: <a-zA-Z0-9_><a-zA-Z0-9_>*
        SDN_LIST :: , <SDN>
     """
+
     def _parse_SDL(self, rcs):
         if rcs is None:
             return None, None, "failure: RCS is none"
@@ -694,6 +707,7 @@ def _parse_SDL(self, rcs):
 
     Returns info in fifth result
     """
+
     def _parse(self, rcs):
         if rcs is None:
             return None, None, None, None, "failed: RCS is none"
@@ -738,6 +752,7 @@ def _parse(self, rcs):
      Returns true if the RCS provided at object instantiation
      time is a valid RCS value, otherwise it returns false.
     """
+
     def _valid(self, rcs):
         if rcs is None:
             return False
@@ -758,6 +773,7 @@ def _valid(self, rcs):
     Returns true if the RCS provided at object instantiation
     time is a valid RCS value, otherwise it returns false.
     """
+
     def valid(self):
         if not self._valid(self.rcs):
             return False
@@ -769,6 +785,7 @@ def valid(self):
     set it if the string is already empty.  Otherwise it
     should use modify.
     """
+
     def set(self, rcs):
         if self.rcs is None:
             if not self._valid(rcs):
@@ -783,6 +800,7 @@ def set(self, rcs):
     Allows changing the RCS string after its been previsouly
     set or not.
     """
+
     def modify(self, rcs):
         if not self._valid(rcs):
             return False
@@ -801,6 +819,7 @@ def modify(self, rcs):
     null is returned.  If it was not provided then "all"
     list is returned.
     """
+
     def security_domain(self):
         SDL, RET, RDL, rcs, rmsg = self._parse(self.rcs)
         if RDL is None:
@@ -1267,6 +1286,7 @@ def _do_request(self, data: dict, rule_name: str, rule: str, rcs: str = None) ->
         return context
 
     """SOAR API"""
+
     def block_conversation(self, src_ip: str, target_ip: str, rule_name: str, src_port: str = None,
                            target_port: str = None, protocol: str = None, rcs: str = None) -> dict:
         """ Creates a rule that drops all packets matching the specified 5-tuple values.

diff --git a/Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.py b/Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.py
@@ -27,6 +27,7 @@
 
 class DatetimeEncoder(json.JSONEncoder):
     """Json encoder class for encoding datetime objects. Use with json.dumps method."""
+
     def default(self, obj):
         if isinstance(obj, datetime) or isinstance(obj, date):
             return obj.strftime('%Y-%m-%dT%H:%M:%S.%f')

diff --git a/Packs/AWS-NetworkFirewall/Integrations/AWS-NetworkFirewall/AWS-NetworkFirewall.py b/Packs/AWS-NetworkFirewall/Integrations/AWS-NetworkFirewall/AWS-NetworkFirewall.py
@@ -287,7 +287,7 @@ def create_firewall_policy_command(args):
     )
     kwargs = {
         "FirewallPolicyName": args.get("firewall_policy_name", None),
-        "FirewallPolicy": safe_load_json(args.get("firewall_policy_json",None)),
+        "FirewallPolicy": safe_load_json(args.get("firewall_policy_json", None)),
         "Description": args.get("description", None),
         "Tags": parse_tag_field(args.get("tags")),
 
@@ -692,7 +692,7 @@ def list_rule_groups_command(args):
     )
     kwargs = {
         "NextToken": args.get("next_token", None),
-        "MaxResults": args.get("max_results",None)
+        "MaxResults": args.get("max_results", None)
     }
     kwargs = remove_empty_elements(kwargs)
     if args.get('raw_json') is not None and not kwargs:

diff --git a/Packs/AWS-SNS/pack_metadata.json b/Packs/AWS-SNS/pack_metadata.json
@@ -15,5 +15,9 @@
     "keywords": [],
     "githubUser": [
         "jieliau"
+    ],
+    "marketplaces": [
+        "xsoar",
+        "marketplacev2"
     ]
 }
diff --git a/Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery_test.py b/Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery_test.py
@@ -1,7 +1,9 @@
 import requests_mock
 from ACTIIndicatorQuery import IDEFENSE_URL_TEMPLATE, Client, domain_command, url_command, ip_command, uuid_command, _calculate_dbot_score, getThreatReport_command, fix_markdown, addBaseUrlToPartialPaths, convert_inline_image_to_encoded, fundamental_uuid_command                         # noqa: E501
 from CommonServerPython import DemistoException, DBotScoreReliability
-from test_data.response_constants import *
+from test_data.response_constants import URL_RES_JSON, URL_INTEL_JSON, IP_RES_JSON, IP_INTEL_JSON, DOMAIN_RES_JSON, \
+    DOMAIN_INTEL_JSON, UUID_RES_JSON, RES_JSON_IA, RES_JSON_IR, expected_output_ia, expected_output_ir, MALWARE_FAMILY_RES_JSON, \
+    expected_output_malware_family, RAW_MALWARE_FAMILY_RES_JSON
 import demistomock as demisto
 import pytest
 
@@ -231,10 +233,7 @@ def _is_intelligence_data_present_in_command_result(context_result, test_intel_j
         if url not in content[content.find(title):content.find('|', content.find(title))]:
             return False
 
-    for title, url in reports.items():
-        if url not in content[content.find(title):content.find('|', content.find(title))]:
-            return False
-    return True
+    return all(url in content[content.find(title):content.find("|", content.find(title))] for title, url in reports.items())
 
 
 def test_uuid_command():

diff --git a/Packs/AccentureCTI/Integrations/ACTIVulnerabilityQuery/ACTIVulnerabilityQuery_test.py b/Packs/AccentureCTI/Integrations/ACTIVulnerabilityQuery/ACTIVulnerabilityQuery_test.py
@@ -1,7 +1,6 @@
 import json
-import io
 from ACTIVulnerabilityQuery import Client, vuln_command
-from test_data.response_constants import *
+from test_data.response_constants import VULN_RES_JSON
 from CommonServerPython import DBotScoreReliability
 import requests_mock
 
@@ -10,7 +9,7 @@
 
 
 def util_load_json(path):
-    with io.open(path, mode='r', encoding='utf-8') as f:
+    with open(path, encoding='utf-8') as f:
         return json.loads(f.read())
 
 

diff --git a/Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py b/Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py
@@ -5329,7 +5329,7 @@ def main():
     client_token = params.get('credentials_client_token', {}).get('password') or params.get('clientToken')
     access_token = params.get('credentials_access_token', {}).get('password') or params.get('accessToken')
     client_secret = params.get('credentials_client_secret', {}).get('password') or params.get('clientSecret')
-    if not(client_token and access_token and client_secret):
+    if not (client_token and access_token and client_secret):
         raise DemistoException('Client token, Access token and Client secret must be provided.')
     client = Client(
         base_url=params.get('host'),

diff --git a/Packs/Attlasian/Integrations/Attlasian_IAM/Attlasian_IAM.py b/Packs/Attlasian/Integrations/Attlasian_IAM/Attlasian_IAM.py
@@ -14,6 +14,7 @@ class Client(BaseClient):
     """
     Atlassian IAM Client class that implements logic to authenticate with Atlassian.
     """
+
     def __init__(self, base_url, directory_id, headers, ok_codes=None, verify=True, proxy=False):
         super().__init__(base_url, verify=verify, proxy=proxy, ok_codes=ok_codes, headers=headers)
         self.directory_id = directory_id

diff --git a/Packs/BMCDiscovery/Integrations/BMCDiscovery/BMCDiscovery.py b/Packs/BMCDiscovery/Integrations/BMCDiscovery/BMCDiscovery.py
@@ -18,6 +18,7 @@ class Client(BaseClient):
     Client will implement the service API, and should not contain any Demisto logic.
     Should only do requests and return data.
     """
+
     def __init__(self, url, api_token, verify, proxy):
         super().__init__(base_url=url, proxy=proxy, verify=verify)
         self.api_token = api_token

diff --git a/Packs/Base/Scripts/StixParser/StixParser.py b/Packs/Base/Scripts/StixParser/StixParser.py
@@ -164,7 +164,6 @@ def __init__(
 
     @staticmethod
     def get_indicator_publication(indicator: Dict[str, Any]):
-
         """
         Build publications grid field from the indicator external_references field
 

diff --git a/...ndTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.py b/...ndTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.py
@@ -17,7 +17,7 @@
 USERNAME = demisto.params().get('credentials', {}).get('identifier')
 PASSWORD = demisto.params().get('credentials', {}).get('password')
 API_KEY = demisto.params().get('credentials_key', {}).get('password') or demisto.params().get('key')
-if not API_KEY or not(USERNAME and PASSWORD):
+if not API_KEY or not (USERNAME and PASSWORD):
     raise DemistoException('The API Key or username and password must be provided')
 SYSTEM_NAME = demisto.params().get('system_name')
 # Remove trailing slash to prevent wrong URL path to service

diff --git a/Packs/CIRCLHashlookup/pack_metadata.json b/Packs/CIRCLHashlookup/pack_metadata.json
@@ -20,5 +20,9 @@
     "keywords": [],
     "githubUser": [
         "Hruuttila"
+    ],
+    "marketplaces": [
+        "xsoar",
+        "marketplacev2"
     ]
 }
diff --git a/Packs/CadoResponse/pack_metadata.json b/Packs/CadoResponse/pack_metadata.json
@@ -20,5 +20,9 @@
     ],
     "githubUser": [
         "cado-joshua"
+    ],
+    "marketplaces": [
+        "xsoar",
+        "marketplacev2"
     ]
 }
diff --git a/...arbonBlackDefense/Integrations/CarbonBlackEndpointStandard/CarbonBlackEndpointStandard.py b/...arbonBlackDefense/Integrations/CarbonBlackEndpointStandard/CarbonBlackEndpointStandard.py
@@ -942,7 +942,7 @@ def test_module(client: Client, params: dict) -> str:
     is_fetch = params.get('isFetch')
 
     # if is_fetch = true and custom API key's is no provided
-    if is_fetch and not(client.api_key and client.api_secret_key and client.organization_key):
+    if is_fetch and not (client.api_key and client.api_secret_key and client.organization_key):
         return 'To fetch incidents you must fill the following parameters: ' \
                'Custom API key, Custom API secret key and Organization key'
 

diff --git a/...bonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.py b/...bonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.py
@@ -335,7 +335,7 @@ def main():
     cb_custom_key = params.get('credentials_api_token_custom_key', {}).get('password') or params.get('custom_key')
     cb_custom_id = params.get('credentials_api_token_custom_id', {}).get('password') or params.get('custom_id')
     cb_org_key = params.get('credentials_api_token_org_key', {}).get('password') or params.get('org_key')
-    if not(cb_custom_key and cb_custom_id and cb_org_key):
+    if not (cb_custom_key and cb_custom_id and cb_org_key):
         raise DemistoException('Custom Key, Custom ID and Organization Key must be provided.')
     verify_certificate = not params.get('insecure', True)
     handle_proxy()

diff --git a/...bon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py b/...bon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py
@@ -102,6 +102,7 @@ class netconn_complete(ProcessEventDetail):
     For netconn_complete, the v2 API and newer return an array of JSON objects instead of piped-versioned fields.
     https://developer.carbonblack.com/reference/enterprise-response/5.1/rest-api/#netconn_complete
     """
+
     def __init__(self, fields):
         self.fields = fields
 

diff --git a/Packs/CheckPointSandBlast/pack_metadata.json b/Packs/CheckPointSandBlast/pack_metadata.json
@@ -14,5 +14,9 @@
     "useCases": [],
     "keywords": [],
     "githubUser": [],
-    "certification": "certified"
+    "certification": "certified",
+    "marketplaces": [
+        "xsoar",
+        "marketplacev2"
+    ]
 }
diff --git a/Packs/CimTrak-SystemIntegrityAssurance/Integrations/CimTrak/CimTrak_test.py b/Packs/CimTrak-SystemIntegrityAssurance/Integrations/CimTrak/CimTrak_test.py
@@ -14,14 +14,13 @@
 """
 
 import json
-import io
 import logging
 
 LOGGER = logging.getLogger(__name__)
 
 
 def util_load_json(path):
-    with io.open(path, mode="r", encoding="utf-8") as f:
+    with open(path, encoding="utf-8") as f:
         return json.loads(f.read())
 
 
@@ -45,7 +44,7 @@ def test_cimtrak(requests_mock):
         pre_script += "    }\n"
         pre_script += ")\n"
 
-        exec(pre_script + test_json["execute"], globals())
+        exec(pre_script + test_json["execute"], globals())  # noqa: S102
         dict_expected_result = test_json["response"]
         dict_actual_result = response
 

diff --git a/Packs/CimTrak-SystemIntegrityAssurance/pack_metadata.json b/Packs/CimTrak-SystemIntegrityAssurance/pack_metadata.json
@@ -15,5 +15,9 @@
     "keywords": [],
     "githubUser": [
         "kigerjoel"
+    ],
+    "marketplaces": [
+        "xsoar",
+        "marketplacev2"
     ]
 }