Jl credentialize instances

.gitlab/ci/.gitlab-ci.yml

@@ -13,7 +13,7 @@ stages:
   - prepare-testing-bucket
   - run-instances
   - upload-to-marketplace
-  - are-jobs-realy-done
+  - are-jobs-really-done
   - fan-in  # concentrate pipeline artifacts to single job before triggering child slack pipeline
 
 

.gitlab/ci/bucket-upload.yml

@@ -35,6 +35,8 @@
       if [[ $TEST_UPLOAD == "false" ]]; then
         section_start "Upload content graph GraphML to GCP" --collapsed
         gsutil cp $ARTIFACTS_FOLDER/content_graph/$MARKETPLACE_VERSION.zip "gs://$GCS_MARKET_BUCKET_DEV/content_graph/$MARKETPLACE_VERSION.zip"
+        # copy the packs.json file to the bucket, used in contribution management
+        gsutil cp $ARTIFACTS_FOLDER/packs.json "gs://$GCS_MARKET_BUCKET_DEV/content_graph/"$MARKETPLACE_VERSION"_packs.json"
         section_end "Upload content graph GraphML to GCP"
       fi
 
@@ -64,7 +66,7 @@ jobs-done-check-upload-flow:
   extends:
     - .jobs-done-check
     - .bucket-upload-rule
-  needs: ['run-unittests-and-lint-upload-flow', 'run-validations-upload-flow', 'mpv2-prepare-testing-bucket-upload-flow', 'upload-id-set-bucket', 'xpanse-prepare-testing-bucket-upload-flow', 'xsoar-prepare-testing-bucket-upload-flow', 'install-packs-in-server6_5', 'install-packs-in-server6_6', 'install-packs-in-server6_8', 'install-packs-in-server-master', 'install-packs-in-xsiam-ga', 'sync-buckets-between-projects', 'upload-packs-to-marketplace', 'upload-packs-to-marketplace-v2', 'upload-packs-to-xpanse-marketplace']
+  needs: ['run-unittests-and-lint-upload-flow', 'run-validations-upload-flow', 'mpv2-prepare-testing-bucket-upload-flow', 'upload-id-set-bucket', 'xpanse-prepare-testing-bucket-upload-flow', 'xsoar-prepare-testing-bucket-upload-flow', 'install-packs-in-server6_6', 'install-packs-in-server6_8', 'install-packs-in-server6_9', 'install-packs-in-server6_10', 'install-packs-in-server-master', 'install-packs-in-xsiam-ga', 'sync-buckets-between-projects', 'upload-packs-to-marketplace', 'upload-packs-to-marketplace-v2', 'upload-packs-to-xpanse-marketplace']
   tags:
     - gke
 
@@ -154,11 +156,6 @@ xpanse-prepare-testing-bucket-upload-flow:
     - exit "$EXIT_CODE"
 
 
-install-packs-in-server6_5:
-  extends: .install_packs_in_xsoar_server
-  variables:
-    INSTANCE_ROLE: "Server 6.5"
-
 install-packs-in-server6_6:
   extends: .install_packs_in_xsoar_server
   variables:
@@ -169,6 +166,15 @@ install-packs-in-server6_8:
   variables:
     INSTANCE_ROLE: "Server 6.8"
 
+install-packs-in-server6_9:
+  extends: .install_packs_in_xsoar_server
+  variables:
+    INSTANCE_ROLE: "Server 6.9"
+
+install-packs-in-server6_10:
+  extends: .install_packs_in_xsoar_server
+  variables:
+    INSTANCE_ROLE: "Server 6.10"
 
 install-packs-in-server-master:
   extends: .install_packs_in_xsoar_server
@@ -256,7 +262,7 @@ install-packs-in-xsiam-ga:
 upload-packs-to-marketplace:
   tags:
     - gke
-  needs: ["run-validations-upload-flow", "install-packs-in-server6_5", "install-packs-in-server6_6", "install-packs-in-server6_8", "run-unittests-and-lint-upload-flow"]
+  needs: ["run-validations-upload-flow", "install-packs-in-server6_6", "install-packs-in-server6_8", "install-packs-in-server6_9", "install-packs-in-server6_10", "run-unittests-and-lint-upload-flow"]
   stage: upload-to-marketplace
   artifacts:
     expire_in: 48 hrs

.gitlab/ci/global.yml

@@ -362,6 +362,6 @@
     - job-done
 
 .jobs-done-check:
-  stage: are-jobs-realy-done
+  stage: are-jobs-really-done
   script:
     - python3 Tests/scripts/check_jobs_done.py --job-done-files $PIPELINE_JOBS_FOLDER

.gitlab/ci/on-push.yml

@@ -149,10 +149,10 @@ validate-content-conf:
       if [[ $MARKETPLACE_VERSION == "xsoar" ]];
       then
         echo "Starting to create artifacts with zip for XSOAR."
-        python Tests/scripts/create_artifacts_graph/create_artifacts.py --marketplace "xsoar" --artifacts-output $ARTIFACTS_FOLDER/content_packs --dependencies-output $ARTIFACTS_FOLDER/packs_dependencies.json --bucket-upload "$BUCKET_UPLOAD"
+        python Tests/scripts/create_artifacts_graph/create_artifacts.py --marketplace "xsoar" --artifacts-output $ARTIFACTS_FOLDER/content_packs --dependencies-output $ARTIFACTS_FOLDER/packs_dependencies.json --packs-output $ARTIFACTS_FOLDER/packs.json --bucket-upload "$BUCKET_UPLOAD"
       else
         echo "Starting to create artifacts without zip."
-        python Tests/scripts/create_artifacts_graph/create_artifacts.py --marketplace "$MARKETPLACE_VERSION" --artifacts-output $ARTIFACTS_FOLDER/content_packs --dependencies-output $ARTIFACTS_FOLDER/packs_dependencies.json --no-zip --bucket-upload "$BUCKET_UPLOAD"
+        python Tests/scripts/create_artifacts_graph/create_artifacts.py --marketplace "$MARKETPLACE_VERSION" --artifacts-output $ARTIFACTS_FOLDER/content_packs --dependencies-output $ARTIFACTS_FOLDER/packs_dependencies.json --packs-output $ARTIFACTS_FOLDER/packs.json --no-zip --bucket-upload "$BUCKET_UPLOAD"
       fi
 
     - gcloud auth activate-service-account --key-file="$GCS_ARTIFACTS_KEY"
@@ -288,32 +288,41 @@ xpanse-prepare-testing-bucket:
     - job-done
     - exit $EXIT_CODE
 
-xsoar_server_6_5:
+xsoar_server_6_6:
   extends: .test_content_on_xsoar_server_instances_base
   #  No need to trigger in case of release branch or docker update branches (non-nightly packs)
   rules:
     - !reference [.filter-non-nightly-docker-updates-rule, rules]
     - if: '$CI_PIPELINE_SOURCE =~ /^(push|contrib)$/'
   variables:
-    INSTANCE_ROLE: "Server 6.5"
+    INSTANCE_ROLE: "Server 6.6"
 
-xsoar_server_6_6:
+xsoar_server_6_8:
   extends: .test_content_on_xsoar_server_instances_base
   #  No need to trigger in case of release branch or docker update branches (non-nightly packs)
   rules:
     - !reference [.filter-non-nightly-docker-updates-rule, rules]
     - if: '$CI_PIPELINE_SOURCE =~ /^(push|contrib)$/'
   variables:
-    INSTANCE_ROLE: "Server 6.6"
+    INSTANCE_ROLE: "Server 6.8"
 
-xsoar_server_6_8:
+xsoar_server_6_9:
   extends: .test_content_on_xsoar_server_instances_base
   #  No need to trigger in case of release branch or docker update branches (non-nightly packs)
   rules:
     - !reference [.filter-non-nightly-docker-updates-rule, rules]
     - if: '$CI_PIPELINE_SOURCE =~ /^(push|contrib)$/'
   variables:
-    INSTANCE_ROLE: "Server 6.8"
+    INSTANCE_ROLE: "Server 6.9"
+
+xsoar_server_6_10:
+  extends: .test_content_on_xsoar_server_instances_base
+  #  No need to trigger in case of release branch or docker update branches (non-nightly packs)
+  rules:
+    - !reference [.filter-non-nightly-docker-updates-rule, rules]
+    - if: '$CI_PIPELINE_SOURCE =~ /^(push|contrib)$/'
+  variables:
+    INSTANCE_ROLE: "Server 6.10"
 
 xsoar_server_master:
   extends:
@@ -367,12 +376,14 @@ jobs-done-check-on-push:
       optional: true
     - job: xsiam_server_ga
       optional: true
-    - job: xsoar_server_6_5
-      optional: true
     - job: xsoar_server_6_6
       optional: true
     - job: xsoar_server_6_8
       optional: true
+    - job: xsoar_server_6_9
+      optional: true
+    - job: xsoar_server_6_10
+      optional: true
     - job: xsoar_server_master
       optional: true
   tags:
@@ -544,6 +555,7 @@ xsoar_ng_server_ga:
   needs:
     - job: xsoar-prepare-testing-bucket
       optional: true
+  allow_failure: true
 
 
 test-upload-flow:

Packs/Cylance_Protect/.pack-ignore

@@ -5,7 +5,7 @@ ignore=BA101
 ignore=PA116
 
 [file:Cylance_Protect_v2.yml]
-ignore=IN126,BA108,BA109,IN145
+ignore=IN126,BA108,BA109
 
 [file:README.md]
 ignore=RM104

Packs/Cylance_Protect/.secrets-ignore

@@ -1 +1,3 @@
-api_call(uri=URI_LISTS,
+api_call(uri=URI_LISTS,
+ displaypassword: Application Secret 
+ displaypassword: Tenant API Key 

Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.py

@@ -1513,19 +1513,24 @@ def add_capitalized_hash_to_context(threats_context):  # pragma: no cover
 
 # EXECUTION
 def main():    # pragma: no cover
+    params = demisto.params()
+
     global APP_ID
-    APP_ID = demisto.params()['app_id']
+    APP_ID = params.get('app_creds', {}).get('identifier') or params.get('app_id')
     global APP_SECRET
-    APP_SECRET = demisto.params()['app_secret']
+    APP_SECRET = params.get('app_creds', {}).get('password') or params.get('app_secret')
     global TID
-    TID = demisto.params()['tid']
+    TID = params.get('api_key', {}).get('password') or params.get('tid')
     global SERVER_URL
     SERVER_URL = load_server_url()
     global FILE_THRESHOLD
-    FILE_THRESHOLD = demisto.params()['file_threshold']
+    FILE_THRESHOLD = params['file_threshold']
     global USE_SSL
-    USE_SSL = not demisto.params().get('unsecure', False)
+    USE_SSL = not params.get('unsecure', False)
     command = demisto.command()
+
+    if not all((APP_ID, APP_SECRET, TID)):
+        raise DemistoException('Please fill out the Application ID, Application Secret and Tenant API Key')
 
     LOG(f'Command being called is {command}')
     try:

Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml

@@ -14,19 +14,31 @@ configuration:
   section: Connect
 - display: Application ID
   name: app_id
-  required: true
   type: 0
   section: Connect
+  hidden: true
 - display: Application Secret
   name: app_secret
-  required: true
   type: 4
   section: Connect
+  hidden: true
 - display: Tenant API Key
   name: tid
-  required: true
   type: 4
   section: Connect
+  hidden: true
+- display: Application ID
+  name: app_creds
+  required: false
+  type: 9
+  section: Connect
+  displaypassword: Application Secret
+- name: api_key
+  required: false
+  type: 9
+  section: Connect
+  hiddenusername: true
+  displaypassword: Tenant API Key
 - display: Use system proxy settings
   name: proxy
   required: false
@@ -953,7 +965,7 @@ script:
     - contextPath: InstaQuery.List
       description: The list of InstaQuery
       type: string
-  dockerimage: demisto/pyjwt3:1.0.0.58911
+  dockerimage: demisto/pyjwt3:1.0.0.62273
   isfetch: true
   runonce: false
   script: ''

Packs/Cylance_Protect/ReleaseNotes/1_2_0.md

@@ -0,0 +1,10 @@
+
+#### Integrations
+
+##### Cylance Protect v2
+- Updated the Docker image to: *demisto/pyjwt3:1.0.0.59487*.
+
+- Added the following integration parameters to support credentials fetching object:
+  - *Application ID*
+  - *Application Secret*
+  - *Tenant API Key*

Packs/Cylance_Protect/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Cylance Protect",
     "description": "Manage Endpoints using Cylance protect",
     "support": "xsoar",
-    "currentVersion": "1.1.15",
+    "currentVersion": "1.2.0",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/GoogleDrive/.pack-ignore

@@ -5,7 +5,7 @@ ignore=RM104
 ignore=BA101
 
 [file:GoogleDrive.yml]
-ignore=IN145
+ignore=
 
 [file:GoogleDrive_image.png]
 ignore=IM111

Packs/GoogleDrive/Integrations/GoogleDrive/GoogleDrive.py

@@ -1686,7 +1686,14 @@ def main() -> None:
 
     try:
         params = demisto.params()
-        service_account_dict = GSuiteClient.safe_load_non_strict_json(params.get('user_service_account_json'))
+
+        account_json = params.get('user_creds', {}).get('password') or params.get('user_service_account_json')
+        user_id = params.get('user_creds', {}).get('identifier') or params.get('user_id', '')
+
+        if not account_json:
+            raise DemistoException('Please fill out the User\'s Service Account JSON field.')
+
+        service_account_dict = GSuiteClient.safe_load_non_strict_json(account_json)
         verify_certificate = not params.get('insecure', False)
         proxy = params.get('proxy', False)
 
@@ -1698,7 +1705,7 @@ def main() -> None:
         gsuite_client = GSuiteClient(service_account_dict,
                                      base_url='https://www.googleapis.com/', verify=verify_certificate, proxy=proxy,
                                      headers=headers,
-                                     user_id=params.get('user_id', ''))
+                                     user_id=user_id)
 
         # Trim the arguments
         args = GSuiteClient.strip_dict(demisto.args())