Update Devo Integration

[ansfan]

New version of Devo integration with enhanced features. Includes new features for fetch-incidents, querying alerts, multi-table querying, and writing back to Devo. Using newer version of the Devo SDK which has been updated to use Devo's most recent APIs.

Status

Ready

Related Issues

Description

New version of Devo integration with enhanced features. Includes new features for fetch-incidents, querying alerts, multi-table querying, and writing back to Devo.

Refer to README.md found here: https://github.com/devods/demisto-devo

Screenshots

Related PRs

List related PRs against other branches:

demisto/dockerfiles#462 <- This is assuming demisto/devo:1.0.0 docker image name to be built.

Required version of Demisto

4.x.x
5.x.x

Does it break backward compatibility?

• Yes
  • We are upgrading this integration to use the newest Devo HTTP APIs. Also using a different authentication method for enhanced security.

Must have

• Tests <- Please advise on documentation on how to write test-playbooks.
• Documentation (https://github.com/devods/demisto-devo)
• Code Review

Dependencies

demisto/dockerfiles#462 <- Dockerfiles to create image needed for Devo's Python SDK.

Additional changes

Re-write of entire existing Devo integration.

Technical writer review

Mention and link to the files that require a technical writer review.

• YAML file
• CHANGELOG

[welcome]

Hi and welcome to the Demisto Content project! Thank you and congrats on your first pull request, we will review it soon! Until then you can check out our documentation for more details. We would be thrilled to see you get involved in our Slack DFIR community for discussions. Hope you have a great time here :)

[guardrails]

⚠️ We detected security issues in this pull request:

Hard-Coded Secrets (1)

https://github.com/demisto/content/blob/6fc8aa6c12ca5b16638be77c0d20e6501f69aed2/Integrations/integration-Devo.yml#L7

More info on how to fix Hard-Coded Secrets in General.

Happy with the results? Give your feedback.

[content-bot]

Thank you for your contribution. Your generosity and caring are unrivaled! Rest assured - our content wizard @anara123 will very shortly look over your proposed changes.

[CLAassistant]

All committers have signed the CLA.

[ansfan]

⚠️ We detected security issues in this pull request:

Hard-Coded Secrets (1)
Happy with the results? Give your feedback.

Guardrails - Base64 encoded image not a secret.

Also for the circleci might have to whitelist the default devo.com domains so not to be categorized as secrets.

[anara123]

@ansfan Hi. Thank you for the contribution.
We changed some the way we store our integration. Please take a look at https://github.com/demisto/content/tree/master/docs/package_directory_structure

1. Navigate to content folder (the folder you cloned to your local env)

2. Installation prerequisites:
   python3
   python2
   pip
   pipenv
   pyyaml
   ruamel.yaml
   docker
   autopep8
   flake8
   mypy

3. You should run in order to convert yml to package format (replace the old integration-Devo.yml with the new Devo folder):

PYTHONPATH="`pwd`:${PYTHONPATH}" python3 package_extractor.py -i /Integrations/integration-Devo.yml -o Integrations/Devo -m -t integration

3. Then run linting

PYTHONPATH="`pwd`:${PYTHONPATH}" python3 Tests/scripts/pkg_dev_test_tasks.py -d Integrations/Devo

4. Validate files before you commit your changes

PYTHONPATH="`pwd`:${PYTHONPATH}" python2 Tests/scripts/validate_files.py

5. Add CHANGELE.md file to the package

You can take a look at the following integration example:
https://github.com/demisto/content/tree/master/Integrations/ProofpointTAP_v2

[ansfan]

@anara123 Please rebase/fast forward the demisto:devods_devo_base branch to the master git commit: 857896ea12c0c360defe1f559390def192fbc4de.

I have done this in order to make sure I had the latest testing environment setup. I believe the rebasing is blocking the license/cla check from passing.

Let me know if this looks okay to you and I also have included pytest unit tests but have set myself to mimic the proofpoint integration by skipping the playbook test.

[anara123]

_description file should only contain instructions on how to configure the integration in order to connect to Devo instance.
For each parameter means like you explained above.
Remove the documentation about the commands. For commands you need to create README.md file in this folder and generate documentation file and fill it with data.
Follow: https://github.com/demisto/content/blob/master/docs/integration_documentation/README.MD

[content-bot]

This PR is starting to get a little stale. @ansfan are there any changes you wanted to make since @anara123's last comment?

[anara123]

remove LOG(e) and LOG.print_log(True)
return_error(e) will do them both

[anara123]

Suggested change

	return_error(e)
	return_error('Failed to execute command {}. Error: {}'.format(demisto.command(), str(e)))

[anara123]

change to Devo v2

[anara123]

change to Devo v2

[anara123]

change to Devo v2

[anara123]

This integration breaking backward compatibility with the previous integration. The instance parameters are different. In this case we should create new integration v2 and deprecate the old one.

[anara123]

undo the deletion, if we will delete this integration and replace by another , then we will break backward compatibility

[content-bot]

This PR is starting to get a little stale. @ansfan are there any changes you wanted to make since @anara123's last comment?

[anara123]

related issues
https://github.com/demisto/etc/issues/19220
https://github.com/demisto/etc/issues/15672

[anara123]

Closing due to inactivity. @ansfan please reopen the PR when you have time to continue the review process