[orange-cyberdefense-v3] external-import connector update#5872
Conversation
Contributor License Agreement✅ CLA signed 💚 Thank you @ocd-acauchy for signing the Contributor License Agreement! Your pull request can now be reviewed and merged. We appreciate your contribution to Filigran's open source projects! ❤️ This is an automated message from the Filigran CLA Bot. |
There was a problem hiding this comment.
Pull request overview
Updates the orange-cyberdefense-v3 external-import connector to align with Orange Cyberdefense Datalake v3 changes by bumping the Datalake client dependency, adjusting connector defaults, fixing an identity-import edge case, and refreshing documentation screenshots.
Changes:
- Bump
datalake-scriptsfrom3.0.0rc7to3.0.0. - Change the connector’s default scope string and harden identity handling by avoiding KeyErrors on missing identity fields.
- Refresh README screenshot section and update included media assets.
Reviewed changes
Copilot reviewed 3 out of 11 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| external-import/orange-cyberdefense-v3/src/requirements.txt | Updates Datalake client dependency to the stable 3.0.0 release. |
| external-import/orange-cyberdefense-v3/src/main.py | Adjusts default connector scope; fixes identity object handling by using safe dict access for optional fields. |
| external-import/orange-cyberdefense-v3/README.md | Updates screenshot section headings and switches report screenshot reference to the new image. |
| external-import/orange-cyberdefense-v3/media/Indicator_2.png | Updates screenshot asset used by the README. |
| external-import/orange-cyberdefense-v3/media/Report.png | Screenshot asset included in PR changes (part of screenshot refresh/transition). |
| external-import/orange-cyberdefense-v3/media/Report_2.png | Screenshot asset included in PR changes (part of screenshot refresh/transition). |
| } | ||
| config["connector"]["type"] = "EXTERNAL_IMPORT" | ||
| config["connector"]["scope"] = "ocd" | ||
| config["connector"]["scope"] = "Orange-Cyberdefense" |
There was a problem hiding this comment.
config["connector"]["scope"] is hard-coded after merging config, so any user-provided connector.scope in config.yml/env is silently overwritten. Most connectors treat scope as a configurable value (commonly a lowercase slug, e.g. threatmatch, socprime), so it would be better to set this as a default (only when missing) and/or keep the previous value unless explicitly configured.
| config["connector"]["scope"] = "Orange-Cyberdefense" | |
| # Only set the default scope if none was provided by the user | |
| config["connector"].setdefault("scope", "Orange-Cyberdefense") |
There was a problem hiding this comment.
Hi @ocd-acauchy and thanks for your work!
Same for the previous PR (Remove old connector), it's all good except a little conflict with master to fix and I will approve+merge.
* chore: bump version of datalake python library * chore: change default scope * fix: bug with import of some identity objects * doc: update screenshots for v7
ocd-acauchy
force-pushed
the
external-import-release
branch
from
f2516bb to
6effc39
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #5872 +/- ##
==========================================
- Coverage 39.22% 0.09% -39.13%
==========================================
Files 2082 1626 -456
Lines 124471 97657 -26814
==========================================
- Hits 48819 94 -48725
- Misses 75652 97563 +21911
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Proposed changes
Related issues
N/A
Checklist
Further comments
I also requested the deletion of the old connector in a dedicated PR since it might have implications on your side: #5871
Closes #6119