Updated plugin to be obsolete. Refreshed tooling and added fixes to a…

…llow to build (#2142)

Co-authored-by: Dympna Laverty <dympna_laverty@rapid7.com>

plugins/trufflehog/.CHECKSUM

@@ -1,15 +1,15 @@
 {
-	"spec": "7872d925ba11186fc48138dee9f05245",
-	"manifest": "845e4f2955fb67f8eb4a8045680f0bac",
-	"setup": "a276832be6eb9991560201e47c145025",
+	"spec": "0729ce0ec87040ae098e6aeab004f228",
+	"manifest": "7fde712a855eb529eac037c730976cf7",
+	"setup": "dd9566830af69fe24c64eb00847fb566",
 	"schemas": [
 		{
 			"identifier": "search/schema.py",
-			"hash": "9b4c2095f84c8443b55ecf30ab803dd0"
+			"hash": "d9cec16375a73c3ea5457a288d4ab36d"
 		},
 		{
 			"identifier": "connection/schema.py",
-			"hash": "cb60c2b5b62fafb9634d667a8ad96277"
+			"hash": "bd524b567f9638ba1c6f7e0c9e45ff2e"
 		}
 	]
 }

plugins/trufflehog/Dockerfile

@@ -1,28 +1,20 @@
-FROM komand/python-pypy3-plugin:2
-# The three supported python parent images are:
-# - komand/python-2-plugin
-# - komand/python-3-plugin
-# - komand/python-pypy3-plugin
-#
-# Update the tag to a full semver version
-
-# Add any custom package dependencies here
-# NOTE: Add pip packages to requirements.txt
-RUN git clone https://github.com/komand/truffleHog.git && cd truffleHog/ && \
-    pip install --user -r requirements.txt && \
-    pip install --user truffleHog
-
-# End package dependencies
-
-# Add source code
+FROM rapid7/insightconnect-python-3-38-plugin:4
+
+LABEL organization=rapid7
+LABEL sdk=python
+
 WORKDIR /python/src
+
 ADD ./plugin.spec.yaml /plugin.spec.yaml
-ADD . /python/src
+ADD ./requirements.txt /python/src/requirements.txt
 
-# Install pip dependencies
 RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
 
-# Install plugin
-RUN python setup.py build && python setup.py install
+ADD . /python/src
+
+RUN	python setup.py build && python setup.py install
+
+# User to run plugin code. The two supported users are: root, nobody
+USER nobody
 
 ENTRYPOINT ["/usr/local/bin/komand_trufflehog"]

plugins/trufflehog/bin/komand_trufflehog

@@ -1,30 +1,44 @@
 #!/usr/bin/env python
-# GENERATED BY KOMAND SDK - DO NOT EDIT
-import komand
-from komand_trufflehog import connection, actions, triggers
-
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+import os
+import json
+from sys import argv
 
 Name = "TruffleHog"
 Vendor = "rapid7"
-Version = "1.1.3"
+Version = "1.1.4"
 Description = "Search through git repositories for high entropy strings and secrets, digging deep into commit history"
 
 
-class ICONTrufflehog(komand.Plugin):
-    def __init__(self):
-        super(self.__class__, self).__init__(
+def main():
+    if 'http' in argv:
+        if os.environ.get("GUNICORN_CONFIG_FILE"):
+            with open(os.environ.get("GUNICORN_CONFIG_FILE")) as gf:
+                gunicorn_cfg = json.load(gf)
+                if gunicorn_cfg.get("worker_class", "sync") == "gevent":
+                    from gevent import monkey
+                    monkey.patch_all()
+        elif 'gevent' in argv:
+            from gevent import monkey
+            monkey.patch_all()
+
+    import insightconnect_plugin_runtime
+    from komand_trufflehog import connection, actions, triggers, tasks
+
+    class ICONTrufflehog(insightconnect_plugin_runtime.Plugin):
+        def __init__(self):
+            super(self.__class__, self).__init__(
                 name=Name,
                 vendor=Vendor,
                 version=Version,
                 description=Description,
                 connection=connection.Connection()
-                )
-        self.add_action(actions.Search())
+            )
+            self.add_action(actions.Search())
+
 
-
-def main():
     """Run plugin"""
-    cli = komand.CLI(ICONTrufflehog())
+    cli = insightconnect_plugin_runtime.CLI(ICONTrufflehog())
     cli.run()
 
 

plugins/trufflehog/help.md

@@ -93,7 +93,7 @@ _This plugin does not contain any troubleshooting information._
 
 # Version History
 
-* 1.1.3 - Updated spec and help.md format for the Extension Library
+* 1.1.3 - Setting plugin to obsolete as is being deprecated and will no longer be supported 
 * 1.1.2 - New spec and help.md format for the Extension Library
 * 1.1.1 - Fix issue where custom_regexes input field in Search action was not working
 * 1.1.0 - Update to v2 Python plugin architecture | Support web server mode

plugins/trufflehog/komand_trufflehog/actions/__init__.py

@@ -1,2 +1,4 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+
 from .search.action import Search
+

plugins/trufflehog/komand_trufflehog/actions/search/__init__.py

@@ -1,2 +1,2 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 from .action import Search

plugins/trufflehog/komand_trufflehog/actions/search/action.py

@@ -1,13 +1,16 @@
-import komand
+import insightconnect_plugin_runtime
 from .schema import SearchInput, SearchOutput
 
 # Custom imports below
+import os
+os.environ["GIT_PYTHON_REFRESH"] = "quiet"
+import git
 from truffleHog import truffleHog
 import json
 import re
 
 
-class Search(komand.Action):
+class Search(insightconnect_plugin_runtime.Action):
     def __init__(self):
         super(self.__class__, self).__init__(
             name="search",

plugins/trufflehog/komand_trufflehog/actions/search/schema.py

@@ -1,5 +1,5 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
-import komand
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+import insightconnect_plugin_runtime
 import json
 
 
@@ -14,14 +14,14 @@ class Input:
     GIT_URL = "git_url"
     MAX_DEPTH = "max_depth"
     SINCE_COMMIT = "since_commit"
-    
+
 
 class Output:
     ISSUES = "issues"
-
 
-class SearchInput(komand.Input):
-    schema = json.loads("""
+
+class SearchInput(insightconnect_plugin_runtime.Input):
+    schema = json.loads(r"""
    {
   "type": "object",
   "title": "Variables",
@@ -68,16 +68,17 @@ class SearchInput(komand.Input):
   },
   "required": [
     "git_url"
-  ]
+  ],
+  "definitions": {}
 }
     """)
 
     def __init__(self):
         super(self.__class__, self).__init__(self.schema)
 
 
-class SearchOutput(komand.Output):
-    schema = json.loads("""
+class SearchOutput(insightconnect_plugin_runtime.Output):
+    schema = json.loads(r"""
    {
   "type": "object",
   "title": "Variables",
@@ -97,58 +98,52 @@ class SearchOutput(komand.Output):
       "type": "object",
       "title": "issue",
       "properties": {
+        "date": {
+          "type": "string",
+          "order": 1
+        },
+        "path": {
+          "type": "string",
+          "description": "File path",
+          "order": 2
+        },
         "branch": {
           "type": "string",
-          "title": "Branch",
           "description": "Commit branch",
           "order": 3
         },
         "commit": {
           "type": "string",
-          "title": "Commit",
           "description": "Commit subject",
           "order": 4
         },
-        "commitHash": {
-          "type": "string",
-          "title": "Commit Hash",
-          "order": 8
-        },
-        "date": {
-          "type": "string",
-          "title": "Date",
-          "order": 1
-        },
         "diff": {
           "type": "string",
-          "title": "Diff",
           "order": 5
         },
-        "path": {
-          "type": "string",
-          "title": "Path",
-          "description": "File path",
-          "order": 2
+        "stringsFound": {
+          "type": "array",
+          "title": "Strings Found",
+          "description": "List of found strings",
+          "items": {
+            "type": "string"
+          },
+          "order": 6
         },
         "printfDiff": {
           "type": "string",
           "title": "Diff",
           "order": 7
         },
+        "commitHash": {
+          "type": "string",
+          "title": "Commit Hash",
+          "order": 8
+        },
         "reason": {
           "type": "string",
-          "title": "Reason",
           "order": 9
         },
-        "stringsFound": {
-          "type": "array",
-          "title": "Strings Found",
-          "description": "List of found strings",
-          "items": {
-            "type": "string"
-          },
-          "order": 6
-        },
         "url": {
           "type": "string",
           "title": "Commit URL",

plugins/trufflehog/komand_trufflehog/connection/__init__.py

@@ -1,2 +1,2 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 from .connection import Connection

plugins/trufflehog/komand_trufflehog/connection/connection.py

@@ -1,10 +1,8 @@
-import komand
+import insightconnect_plugin_runtime
 from .schema import ConnectionSchema
 
-# Custom imports below
 
-
-class Connection(komand.Connection):
+class Connection(insightconnect_plugin_runtime.Connection):
     def __init__(self):
         super(self.__class__, self).__init__(input=ConnectionSchema())
 

plugins/trufflehog/komand_trufflehog/connection/schema.py

@@ -1,13 +1,14 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
-import komand
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+import insightconnect_plugin_runtime
 import json
 
 
 class Input:
     pass
 
-class ConnectionSchema(komand.Input):
-    schema = json.loads("""
+
+class ConnectionSchema(insightconnect_plugin_runtime.Input):
+    schema = json.loads(r"""
    {}
     """)
 

plugins/trufflehog/komand_trufflehog/tasks/__init__.py

@@ -0,0 +1,2 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+

plugins/trufflehog/komand_trufflehog/triggers/__init__.py

@@ -1 +1,2 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+

plugins/trufflehog/plugin.spec.yaml

@@ -4,10 +4,10 @@ products: [insightconnect]
 name: trufflehog
 title: TruffleHog
 description: Search through git repositories for high entropy strings and secrets, digging deep into commit history
-version: 1.1.3
+version: 1.1.4
 vendor: rapid7
 support: community
-status: []
+status: [obsolete]
 resources:
   source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/plugins/trufflehog
   license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE

plugins/trufflehog/requirements.txt

@@ -1,4 +1,4 @@
 # List third-party dependencies here, separated by newlines.
 # All dependencies must be version-pinned, eg. requests==1.2.0
 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files
-truffleHog==2.0.97
+truffleHog

plugins/trufflehog/setup.py

@@ -1,14 +1,14 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 from setuptools import setup, find_packages
 
 
 setup(name="trufflehog-rapid7-plugin",
-      version="1.1.3",
+      version="1.1.4",
       description="Search through git repositories for high entropy strings and secrets, digging deep into commit history",
       author="rapid7",
       author_email="",
       url="",
       packages=find_packages(),
-      install_requires=['komand'],  # Add third-party dependencies to requirements.txt, not here!
+      install_requires=['insightconnect-plugin-runtime'],  # Add third-party dependencies to requirements.txt, not here!
       scripts=['bin/komand_trufflehog']
       )

plugins/trufflehog/unit_test/__init__.py

@@ -0,0 +1 @@
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT

plugins/trufflehog/unit_test/test_search.py

@@ -0,0 +1,20 @@
+import sys
+import os
+sys.path.append(os.path.abspath('../'))
+
+from unittest import TestCase
+from komand_trufflehog.connection.connection import Connection
+from komand_trufflehog.actions.search import Search
+import json
+import logging
+
+
+class TestSearch(TestCase):
+    def test_search(self):
+        """
+        DO NOT USE PRODUCTION/SENSITIVE DATA FOR UNIT TESTS
+
+        TODO: Implement test cases here
+        """
+
+        self.fail("Unimplemented Test Case")