From d940f3f3be1ed24f9735e7cbd61c961490609d9d Mon Sep 17 00:00:00 2001 From: igorski-r7 Date: Mon, 13 Jan 2025 13:25:11 +0100 Subject: [PATCH] Powershell - 18586 - Updated dependencies | Updated SDK to the latest version --- plugins/powershell/.CHECKSUM | 6 +++--- plugins/powershell/Dockerfile | 13 +++++++++---- plugins/powershell/bin/icon_powershell | 2 +- plugins/powershell/help.md | 3 ++- .../icon_powershell/connection/connection.py | 1 - plugins/powershell/plugin.spec.yaml | 13 +++++++------ plugins/powershell/requirements.txt | 10 +++++----- plugins/powershell/setup.py | 2 +- 8 files changed, 28 insertions(+), 22 deletions(-) diff --git a/plugins/powershell/.CHECKSUM b/plugins/powershell/.CHECKSUM index 00d328cc37..62eba3ad41 100644 --- a/plugins/powershell/.CHECKSUM +++ b/plugins/powershell/.CHECKSUM @@ -1,7 +1,7 @@ { - "spec": "9145719b881a784092c317354561287b", - "manifest": "a95ee1b81a2944967e48aaca45022fa3", - "setup": "e7d0bf5db9c37f6d59ff44e5d735b165", + "spec": "3ec3f7e236aa97d0d18157f3bf617faa", + "manifest": "61de88b740ca64a1828d828542d76aeb", + "setup": "6e825188d75fce9536419c1f67bacd39", "schemas": [ { "identifier": "execute_script/schema.py", diff --git a/plugins/powershell/Dockerfile b/plugins/powershell/Dockerfile index 938e7528e6..45a7f42ab3 100755 --- a/plugins/powershell/Dockerfile +++ b/plugins/powershell/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.0 +FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.2 LABEL organization=rapid7 LABEL sdk=python @@ -42,11 +42,16 @@ ADD . /python/src WORKDIR /python/src -# End package dependencies +ADD ./plugin.spec.yaml /plugin.spec.yaml +ADD ./requirements.txt /python/src/requirements.txt + RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + +ADD . /python/src + RUN python setup.py build && python setup.py install # User to run plugin code. The two supported users are: root, nobody -USER root +USER nobody -ENTRYPOINT ["/usr/local/bin/icon_powershell"] \ No newline at end of file +ENTRYPOINT ["/usr/local/bin/icon_powershell"] diff --git a/plugins/powershell/bin/icon_powershell b/plugins/powershell/bin/icon_powershell index 9fa0bf0aec..203837f8a9 100755 --- a/plugins/powershell/bin/icon_powershell +++ b/plugins/powershell/bin/icon_powershell @@ -6,7 +6,7 @@ from sys import argv Name = "PowerShell" Vendor = "rapid7" -Version = "3.0.6" +Version = "3.0.7" Description = "[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator" diff --git a/plugins/powershell/help.md b/plugins/powershell/help.md index 7dc4ec022e..9de69b5415 100644 --- a/plugins/powershell/help.md +++ b/plugins/powershell/help.md @@ -199,7 +199,8 @@ Invoke-Expression ((New-Object System.Net.Webclient).DownloadString('https://raw # Version History -* 3.0.6 - Bump SDK to 6.2.0 +* 3.0.6 - Updated dependencies | Updated SDK to the latest version +* 3.0.5 - Bump SDK to 6.2.0 * 3.0.5 - Bump requirements.txt | Bump SDK to 6.1.4 | Update help.md to enforce that the use of round-robin DNS lookups is not supported * 3.0.4 - Upgrade user from `nobody` to `root` | bump SDK to 6.0.1 and switch back to `Bullseye` based SDK image * 3.0.3 - Fix decoding error in `Execute Script` action | Update SDK | Update packages for alpine image diff --git a/plugins/powershell/icon_powershell/connection/connection.py b/plugins/powershell/icon_powershell/connection/connection.py index 1de8dca21a..f1b0ed0c9f 100755 --- a/plugins/powershell/icon_powershell/connection/connection.py +++ b/plugins/powershell/icon_powershell/connection/connection.py @@ -25,5 +25,4 @@ def connect(self, params={}): "password": params.get(Input.SCRIPT_USERNAME_AND_PASSWORD, {}).get("password"), "secret_key": params.get(Input.SCRIPT_SECRET_KEY, {}).get("secretKey"), } - self.logger.info("Connect: Connecting..") diff --git a/plugins/powershell/plugin.spec.yaml b/plugins/powershell/plugin.spec.yaml index 962741577c..f9b7b47fa2 100644 --- a/plugins/powershell/plugin.spec.yaml +++ b/plugins/powershell/plugin.spec.yaml @@ -4,7 +4,7 @@ products: [insightconnect] name: powershell title: PowerShell description: "[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator" -version: 3.0.6 +version: 3.0.7 connection_version: 3 key_features: - "Run a PowerShell script to manage (remote) computers from the command line" @@ -15,7 +15,7 @@ requirements: - "The use of round-robin DNS lookups is not supported" sdk: type: slim - version: 6.2.0 + version: 6.2.2 user: nobody links: - "[InsightConnect Powershell Plugin Guide](https://docs.rapid7.com/insightconnect/mass-delete-with-PowerShell/)" @@ -42,6 +42,7 @@ hub_tags: keywords: [powershell, microsoft] features: [] version_history: + - "3.0.6 - Updated dependencies | Updated SDK to the latest version" - "3.0.5 - Bump SDK to 6.2.0" - "3.0.5 - Bump requirements.txt | Bump SDK to 6.1.4 | Update help.md to enforce that the use of round-robin DNS lookups is not supported" - "3.0.4 - Upgrade user from `nobody` to `root` | bump SDK to 6.0.1 and switch back to `Bullseye` based SDK image" @@ -99,10 +100,10 @@ connection: description: Authentication type type: string enum: - - NTLM - - Kerberos - - CredSSP - - None + - NTLM + - Kerberos + - CredSSP + - None default: None required: true example: Kerberos diff --git a/plugins/powershell/requirements.txt b/plugins/powershell/requirements.txt index 227ddf8f19..a667f6eda1 100755 --- a/plugins/powershell/requirements.txt +++ b/plugins/powershell/requirements.txt @@ -1,10 +1,10 @@ # List third-party dependencies here, separated by newlines. # All dependencies must be version-pinned, eg. requests==1.2.0 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files -git+https://github.com/komand/pywinrm.git@v0.3.1dev0 -requests-kerberos==0.14.0 +pywinrm==0.5.0 +requests-kerberos==0.15.0 requests-credssp==2.0.0 parameterized==0.8.1 -requests==2.32.2 -cryptography==43.0.1 -idna==3.7 +requests==2.32.3 +cryptography==44.0.0 +idna==3.10 diff --git a/plugins/powershell/setup.py b/plugins/powershell/setup.py index c9c66ecfd0..55a8a813c9 100755 --- a/plugins/powershell/setup.py +++ b/plugins/powershell/setup.py @@ -3,7 +3,7 @@ setup(name="powershell-rapid7-plugin", - version="3.0.6", + version="3.0.7", description="[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator", author="rapid7", author_email="",