From c713fa23b19a461bced56344baffdaf6eb5e3a85 Mon Sep 17 00:00:00 2001 From: Conor <93926445+cmcnally-r7@users.noreply.github.com> Date: Wed, 4 Dec 2024 15:38:56 +0000 Subject: [PATCH] Greynoise unit test fix (#2983) * Fix unit tests * Update SDK * Fix final unit test * Last unit tests fix hopefully --- plugins/greynoise/.CHECKSUM | 2 +- plugins/greynoise/Dockerfile | 2 +- plugins/greynoise/plugin.spec.yaml | 2 +- .../greynoise/unit_test/payloads/__init__.py | 0 .../unit_test/payloads/similar_ip.json | 66 +++++----- .../unit_test/payloads/timeline_ip.json | 114 +++++++++--------- .../unit_test/test_community_lookup.py | 2 +- .../unit_test/test_context_lookup.py | 2 +- .../unit_test/test_get_tag_details.py | 2 +- .../greynoise/unit_test/test_gnql_query.py | 3 +- .../greynoise/unit_test/test_quick_lookup.py | 2 +- .../greynoise/unit_test/test_riot_lookup.py | 2 +- .../unit_test/test_similar_lookup.py | 52 ++++---- .../unit_test/test_timeline_lookup.py | 86 +++++++------ .../unit_test/test_vulnerability_lookup.py | 2 +- 15 files changed, 165 insertions(+), 174 deletions(-) create mode 100644 plugins/greynoise/unit_test/payloads/__init__.py diff --git a/plugins/greynoise/.CHECKSUM b/plugins/greynoise/.CHECKSUM index 606c308864..3a363e0f68 100644 --- a/plugins/greynoise/.CHECKSUM +++ b/plugins/greynoise/.CHECKSUM @@ -1,5 +1,5 @@ { - "spec": "e8f3a3060f1800fcad0ffc216c09d193", + "spec": "408dee8094333da675fded694bdef341", "manifest": "9d3f4a959fda3eb80588c86648597b40", "setup": "7d0148b4efc7745f17003a77e9e73c55", "schemas": [ diff --git a/plugins/greynoise/Dockerfile b/plugins/greynoise/Dockerfile index 418ba21ac1..60397d66f8 100755 --- a/plugins/greynoise/Dockerfile +++ b/plugins/greynoise/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.0 +FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.2 LABEL organization=greynoise LABEL sdk=python diff --git a/plugins/greynoise/plugin.spec.yaml b/plugins/greynoise/plugin.spec.yaml index 8b736125dc..ac342eaa76 100644 --- a/plugins/greynoise/plugin.spec.yaml +++ b/plugins/greynoise/plugin.spec.yaml @@ -9,7 +9,7 @@ connection_version: 2 cloud_ready: false sdk: type: slim - version: 6.2.0 + version: 6.2.2 user: nobody supported_versions: ["GreyNoise API v1/2/3"] vendor: greynoise diff --git a/plugins/greynoise/unit_test/payloads/__init__.py b/plugins/greynoise/unit_test/payloads/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/plugins/greynoise/unit_test/payloads/similar_ip.json b/plugins/greynoise/unit_test/payloads/similar_ip.json index b5ff53d0e5..6e55fc2b14 100644 --- a/plugins/greynoise/unit_test/payloads/similar_ip.json +++ b/plugins/greynoise/unit_test/payloads/similar_ip.json @@ -1,40 +1,38 @@ -[ - { - "ip": { - "actor": "Acme Inc", +{ + "ip": { + "actor": "Acme Inc", + "asn": "AS12345", + "city": "Berlin", + "classification": "benign", + "country": "Germany", + "country_code": "DE", + "first_seen": "2019-07-29", + "ip": "1.2.3.4", + "last_seen": "2024-11-04", + "organization": "Acme Inc" + }, + "similar_ips": [ + { + "actor": "Alpha Strike Labs", "asn": "AS12345", "city": "Berlin", "classification": "benign", "country": "Germany", "country_code": "DE", - "first_seen": "2019-07-29", - "ip": "1.2.3.4", + "features": [ + "hassh_fp", + "mass_scan_bool", + "os", + "ports", + "useragents", + "web_paths" + ], + "first_seen": "2019-07-11", + "ip": "2.3.4.5", "last_seen": "2024-11-04", - "organization": "Acme Inc" - }, - "similar_ips": [ - { - "actor": "Alpha Strike Labs", - "asn": "AS12345", - "city": "Berlin", - "classification": "benign", - "country": "Germany", - "country_code": "DE", - "features": [ - "hassh_fp", - "mass_scan_bool", - "os", - "ports", - "useragents", - "web_paths" - ], - "first_seen": "2019-07-11", - "ip": "2.3.4.5", - "last_seen": "2024-11-04", - "organization": "Acme Inc", - "score": 0.98933446 - } - ], - "total": 1 - } -] \ No newline at end of file + "organization": "Acme Inc", + "score": 0.98933446 + } + ], + "total": 1 +} \ No newline at end of file diff --git a/plugins/greynoise/unit_test/payloads/timeline_ip.json b/plugins/greynoise/unit_test/payloads/timeline_ip.json index df19555950..afa04f554e 100644 --- a/plugins/greynoise/unit_test/payloads/timeline_ip.json +++ b/plugins/greynoise/unit_test/payloads/timeline_ip.json @@ -1,60 +1,58 @@ -[ - { - "activity": [ - { - "asn": "AS12345", - "category": "hosting", - "city": "Berlin", - "classification": "benign", - "country": "Germany", - "country_code": "DE", - "destinations": [ - { - "country": "South Africa", - "country_code": "ZA" - } - ], - "hassh_fingerprints": [], - "http_paths": [ - "/favicon.ico" - ], - "http_user_agents": [ - "Mozilla/5.0" - ], - "ja3_fingerprints": [ - "04b3f524166caafd433b6864250945be" - ], - "organization": "Alpha Strike Labs GmbH", - "protocols": [ - { - "port": 80, - "transport_protocol": "TCP" - } - ], - "rdns": "", - "region": "Berlin", - "spoofable": true, - "tags": [ - { - "category": "actor", - "description": "description.", - "intention": "benign", - "name": "Acme, Inc." - } - ], - "timestamp": "2024-11-03T00:00:00Z", - "tor": false, - "vpn": false, - "vpn_service": "" - } - ], - "ip": "1.2.3.4", - "metadata": { - "end_time": "2024-11-04T19:13:35.892189739Z", - "ip": "1.2.3.4", - "limit": 50, - "next_cursor": "", - "start_time": "2024-11-03T00:00:00Z" +{ + "activity": [ + { + "asn": "AS12345", + "category": "hosting", + "city": "Berlin", + "classification": "benign", + "country": "Germany", + "country_code": "DE", + "destinations": [ + { + "country": "South Africa", + "country_code": "ZA" + } + ], + "hassh_fingerprints": [], + "http_paths": [ + "/favicon.ico" + ], + "http_user_agents": [ + "Mozilla/5.0" + ], + "ja3_fingerprints": [ + "04b3f524166caafd433b6864250945be" + ], + "organization": "Alpha Strike Labs GmbH", + "protocols": [ + { + "port": 80, + "transport_protocol": "TCP" + } + ], + "rdns": "", + "region": "Berlin", + "spoofable": true, + "tags": [ + { + "category": "actor", + "description": "description.", + "intention": "benign", + "name": "Acme, Inc." + } + ], + "timestamp": "2024-11-03T00:00:00Z", + "tor": false, + "vpn": false, + "vpn_service": "" } + ], + "ip": "1.2.3.4", + "metadata": { + "end_time": "2024-11-04T19:13:35.892189739Z", + "ip": "1.2.3.4", + "limit": 50, + "next_cursor": "", + "start_time": "2024-11-03T00:00:00Z" } -] \ No newline at end of file +} \ No newline at end of file diff --git a/plugins/greynoise/unit_test/test_community_lookup.py b/plugins/greynoise/unit_test/test_community_lookup.py index 39856fccf1..ea112cdd0e 100644 --- a/plugins/greynoise/unit_test/test_community_lookup.py +++ b/plugins/greynoise/unit_test/test_community_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.community_lookup import CommunityLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestCommunityLookup(TestCase): diff --git a/plugins/greynoise/unit_test/test_context_lookup.py b/plugins/greynoise/unit_test/test_context_lookup.py index 38917b44fc..c4994fe7c9 100644 --- a/plugins/greynoise/unit_test/test_context_lookup.py +++ b/plugins/greynoise/unit_test/test_context_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.context_lookup import ContextLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestContextLookup(TestCase): diff --git a/plugins/greynoise/unit_test/test_get_tag_details.py b/plugins/greynoise/unit_test/test_get_tag_details.py index 96f8e14221..104f3a9218 100644 --- a/plugins/greynoise/unit_test/test_get_tag_details.py +++ b/plugins/greynoise/unit_test/test_get_tag_details.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.get_tag_details import GetTagDetails -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestGetTagDetails(TestCase): diff --git a/plugins/greynoise/unit_test/test_gnql_query.py b/plugins/greynoise/unit_test/test_gnql_query.py index ebf34e2e1b..a6d69b8954 100644 --- a/plugins/greynoise/unit_test/test_gnql_query.py +++ b/plugins/greynoise/unit_test/test_gnql_query.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.gnql_query import GnqlQuery -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestGnqlQuery(TestCase): @@ -61,7 +61,6 @@ def test_gnql_query(self, mock_get): ], "message": "ok", "query": "query", - "scroll": "token", } self.assertNotEqual({}, results, "returns non - empty results") diff --git a/plugins/greynoise/unit_test/test_quick_lookup.py b/plugins/greynoise/unit_test/test_quick_lookup.py index 54c52e1b83..4b3dadeaad 100644 --- a/plugins/greynoise/unit_test/test_quick_lookup.py +++ b/plugins/greynoise/unit_test/test_quick_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.quick_lookup import QuickLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestQuickLookup(TestCase): diff --git a/plugins/greynoise/unit_test/test_riot_lookup.py b/plugins/greynoise/unit_test/test_riot_lookup.py index d1198c0534..9dd5c9eeec 100644 --- a/plugins/greynoise/unit_test/test_riot_lookup.py +++ b/plugins/greynoise/unit_test/test_riot_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.riot_lookup import RiotLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestRiotLookup(TestCase): diff --git a/plugins/greynoise/unit_test/test_similar_lookup.py b/plugins/greynoise/unit_test/test_similar_lookup.py index 915ecd6ba9..12c33e03f9 100644 --- a/plugins/greynoise/unit_test/test_similar_lookup.py +++ b/plugins/greynoise/unit_test/test_similar_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.similar_lookup import SimilarLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestSimilarLookup(TestCase): @@ -16,39 +16,37 @@ def test_similar_lookup(self, mock_get): working_params = {"ip_address": "similar_lookup"} results = test_similar.run(working_params) - expected = [ - { - "ip": { - "actor": "Acme Inc", + expected = { + "ip": { + "actor": "Acme Inc", + "asn": "AS12345", + "city": "Berlin", + "classification": "benign", + "country": "Germany", + "country_code": "DE", + "first_seen": "2019-07-29", + "ip": "1.2.3.4", + "last_seen": "2024-11-04", + "organization": "Acme Inc", + }, + "similar_ips": [ + { + "actor": "Alpha Strike Labs", "asn": "AS12345", "city": "Berlin", "classification": "benign", "country": "Germany", "country_code": "DE", - "first_seen": "2019-07-29", - "ip": "1.2.3.4", + "features": ["hassh_fp", "mass_scan_bool", "os", "ports", "useragents", "web_paths"], + "first_seen": "2019-07-11", + "ip": "2.3.4.5", "last_seen": "2024-11-04", "organization": "Acme Inc", - }, - "similar_ips": [ - { - "actor": "Alpha Strike Labs", - "asn": "AS12345", - "city": "Berlin", - "classification": "benign", - "country": "Germany", - "country_code": "DE", - "features": ["hassh_fp", "mass_scan_bool", "os", "ports", "useragents", "web_paths"], - "first_seen": "2019-07-11", - "ip": "2.3.4.5", - "last_seen": "2024-11-04", - "organization": "Acme Inc", - "score": 0.98933446, - } - ], - "total": 1, - } - ] + "score": 0.98933446, + } + ], + "total": 1, + } self.assertNotEqual({}, results, "returns non - empty results") self.assertEqual(expected, results) diff --git a/plugins/greynoise/unit_test/test_timeline_lookup.py b/plugins/greynoise/unit_test/test_timeline_lookup.py index 6a0a24ce03..9da8e2a100 100644 --- a/plugins/greynoise/unit_test/test_timeline_lookup.py +++ b/plugins/greynoise/unit_test/test_timeline_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.timeline_lookup import TimelineLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestTimelineLookup(TestCase): @@ -16,50 +16,48 @@ def test_timeline_lookup(self, mock_get): working_params = {"ip_address": "timeline_lookup"} results = test_timeline.run(working_params) - expected = [ - { - "activity": [ - { - "asn": "AS12345", - "category": "hosting", - "city": "Berlin", - "classification": "benign", - "country": "Germany", - "country_code": "DE", - "destinations": [{"country": "South Africa", "country_code": "ZA"}], - "hassh_fingerprints": [], - "http_paths": ["/favicon.ico"], - "http_user_agents": ["Mozilla/5.0"], - "ja3_fingerprints": ["04b3f524166caafd433b6864250945be"], - "organization": "Alpha Strike Labs GmbH", - "protocols": [{"port": 80, "transport_protocol": "TCP"}], - "rdns": "", - "region": "Berlin", - "spoofable": True, - "tags": [ - { - "category": "actor", - "description": "description.", - "intention": "benign", - "name": "Acme, Inc.", - } - ], - "timestamp": "2024-11-03T00:00:00Z", - "tor": False, - "vpn": False, - "vpn_service": "", - } - ], + expected = { + "activity": [ + { + "asn": "AS12345", + "category": "hosting", + "city": "Berlin", + "classification": "benign", + "country": "Germany", + "country_code": "DE", + "destinations": [{"country": "South Africa", "country_code": "ZA"}], + "hassh_fingerprints": [], + "http_paths": ["/favicon.ico"], + "http_user_agents": ["Mozilla/5.0"], + "ja3_fingerprints": ["04b3f524166caafd433b6864250945be"], + "organization": "Alpha Strike Labs GmbH", + "protocols": [{"port": 80, "transport_protocol": "TCP"}], + "rdns": "", + "region": "Berlin", + "spoofable": True, + "tags": [ + { + "category": "actor", + "description": "description.", + "intention": "benign", + "name": "Acme, Inc.", + } + ], + "timestamp": "2024-11-03T00:00:00Z", + "tor": False, + "vpn": False, + "vpn_service": "", + } + ], + "ip": "1.2.3.4", + "metadata": { + "end_time": "2024-11-04T19:13:35.892189739Z", "ip": "1.2.3.4", - "metadata": { - "end_time": "2024-11-04T19:13:35.892189739Z", - "ip": "1.2.3.4", - "limit": 50, - "next_cursor": "", - "start_time": "2024-11-03T00:00:00Z", - }, - } - ] + "limit": 50, + "next_cursor": "", + "start_time": "2024-11-03T00:00:00Z", + }, + } self.assertNotEqual({}, results, "returns non - empty results") self.assertEqual(expected, results) diff --git a/plugins/greynoise/unit_test/test_vulnerability_lookup.py b/plugins/greynoise/unit_test/test_vulnerability_lookup.py index c6d14b0433..0e3e45df86 100644 --- a/plugins/greynoise/unit_test/test_vulnerability_lookup.py +++ b/plugins/greynoise/unit_test/test_vulnerability_lookup.py @@ -3,7 +3,7 @@ from icon_greynoise.actions.vulnerability_lookup import VulnerabilityLookup -from unit_test.util import MockConnection, mocked_requests_get +from util import MockConnection, mocked_requests_get class TestVulnerabilityLookup(TestCase):