Merge pull request #6 from splunk-soar-connectors/next

Merging next to main for release 1.1.2

Author: sodle-splunk

.github/workflows/generate-doc.yml

@@ -0,0 +1,20 @@
+name: Generate Readme Doc
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - '*.json'
+      - 'readme.html'
+      - 'manual_readme_content.md'
+    tags-ignore:
+      - '**'
+    branches-ignore:
+      - next
+      - main
+jobs:
+  generate-doc:
+    runs-on: ubuntu-latest
+    steps:
+     - uses: 'phantomcyber/dev-cicd-tools/github-actions/generate-doc@main'
+       with:
+         GITHUB_TOKEN: ${{ secrets.SOAR_APPS_TOKEN }}

.github/workflows/review-release.yml

@@ -0,0 +1,22 @@
+name: Review Release
+concurrency:
+  group: app-release
+  cancel-in-progress: true
+permissions:
+  contents: read
+  id-token: write
+  statuses: write
+on:
+  workflow_dispatch:
+    inputs:
+      task_token:
+        description: 'StepFunction task token'
+        required: true
+
+jobs:
+  review:
+    uses: 'phantomcyber/dev-cicd-tools/.github/workflows/review-release.yml@main'
+    with:
+      task_token: ${{ inputs.task_token }}
+    secrets:
+      resume_release_role_arn: ${{ secrets.RESUME_RELEASE_ROLE_ARN }}

.github/workflows/start-release.yml

@@ -1,5 +1,9 @@
 name: Start Release
-on: workflow_dispatch
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - '*-beta*'
 jobs:
   start-release:
     runs-on: ubuntu-latest

.pre-commit-config.yaml

@@ -1,11 +1,11 @@
 repos:
 -   repo: https://github.com/phantomcyber/dev-cicd-tools
-    rev: v1.6
+    rev: v1.16
     hooks:
     -   id: org-hook
     -   id: package-app-dependencies
 -   repo: https://github.com/Yelp/detect-secrets
-    rev: v1.1.0
+    rev: v1.4.0
     hooks:
     -   id: detect-secrets
         args: ['--no-verify', '--exclude-files', '^hashicorp_vault.json$']

LICENSE

@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

README.md

@@ -2,11 +2,11 @@
 # Hashicorp Vault
 
 Publisher: Splunk Community  
-Connector Version: 1\.1\.1  
+Connector Version: 1.1.2  
 Product Vendor: Dallan  
 Product Name: Hashicorp Vault  
-Product Version Supported (regex): "\.\*"  
-Minimum Product Version: 5\.0\.0  
+Product Version Supported (regex): ".\*"  
+Minimum Product Version: 5.0.0  
 
 This is an app that supports various interactions with the Hashicorp Vault REST API
 
@@ -38,13 +38,13 @@ The below configuration variables are required for this Connector to operate.  T
 
 VARIABLE | REQUIRED | TYPE | DESCRIPTION
 -------- | -------- | ---- | -----------
-**verify\_server\_cert** |  optional  | boolean | Verify server certificate
-**vault\_url** |  required  | string | URL of the Hashicorp Vault instance
-**vault\_mountpoint** |  required  | string | Vault mountpoint to connect with
-**vault\_token** |  required  | password | Token used to authenticate requests to Hashicorp Vault when using token authentication
-**vault\_namespace** |  optional  | string | Vault Namespace
-**vault\_role\_id** |  optional  | password | Role ID if using AppRole authentication
-**vault\_secret\_id** |  optional  | password | Secret ID if using AppRole authentication
+**verify_server_cert** |  optional  | boolean | Verify server certificate
+**vault_url** |  required  | string | URL of the Hashicorp Vault instance
+**vault_mountpoint** |  required  | string | Vault mountpoint to connect with
+**vault_token** |  required  | password | Token used to authenticate requests to Hashicorp Vault when using token authentication
+**vault_namespace** |  optional  | string | Vault Namespace
+**vault_role_id** |  optional  | password | Role ID if using AppRole authentication
+**vault_secret_id** |  optional  | password | Secret ID if using AppRole authentication
 
 ### Supported Actions  
 [test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied credentials  
@@ -75,20 +75,20 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
 --------- | -------- | ----------- | ---- | --------
 **location** |  required  | Location to keep the secret value | string |  `hashicorp vault location` 
 **update** |  optional  | Update secret value if already exists | boolean | 
-**secret\_json** |  required  | JSON formatted object of dictionary to store at the given location | string | 
+**secret_json** |  required  | JSON formatted object of dictionary to store at the given location | string | 
 
 #### Action Output
-DATA PATH | TYPE | CONTAINS
---------- | ---- | --------
-action\_result\.parameter\.location | string |  `hashicorp vault location` 
-action\_result\.parameter\.secret\_json | string | 
-action\_result\.parameter\.update | boolean | 
-action\_result\.data\.\*\.succeeded | boolean | 
-action\_result\.status | string | 
-action\_result\.summary | string | 
-action\_result\.message | string | 
-summary\.total\_objects | numeric | 
-summary\.total\_objects\_successful | numeric |   
+DATA PATH | TYPE | CONTAINS | EXAMPLE VALUES
+--------- | ---- | -------- | --------------
+action_result.parameter.location | string |  `hashicorp vault location`  |  
+action_result.parameter.secret_json | string |  |  
+action_result.parameter.update | boolean |  |   True  False 
+action_result.data.\*.succeeded | boolean |  |   True  False 
+action_result.status | string |  |   success  failed 
+action_result.summary | string |  |  
+action_result.message | string |  |  
+summary.total_objects | numeric |  |   1 
+summary.total_objects_successful | numeric |  |   1   
 
 ## action: 'get secret'
 Get secret value present at the specified path
@@ -102,16 +102,16 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
 **location** |  required  | Location of the secret value | string |  `hashicorp vault location` 
 
 #### Action Output
-DATA PATH | TYPE | CONTAINS
---------- | ---- | --------
-action\_result\.parameter\.location | string |  `hashicorp vault location` 
-action\_result\.data\.\*\.secret\_value | string | 
-action\_result\.data\.\*\.succeeded | boolean | 
-action\_result\.status | string | 
-action\_result\.summary | string | 
-action\_result\.message | string | 
-summary\.total\_objects | numeric | 
-summary\.total\_objects\_successful | numeric |   
+DATA PATH | TYPE | CONTAINS | EXAMPLE VALUES
+--------- | ---- | -------- | --------------
+action_result.parameter.location | string |  `hashicorp vault location`  |  
+action_result.data.\*.secret_value | string |  |  
+action_result.data.\*.succeeded | boolean |  |   True  False 
+action_result.status | string |  |   success  failed 
+action_result.summary | string |  |  
+action_result.message | string |  |  
+summary.total_objects | numeric |  |   1 
+summary.total_objects_successful | numeric |  |   1   
 
 ## action: 'list secrets'
 List secret values present at the specified path
@@ -125,13 +125,13 @@ PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
 **location** |  required  | Location of the secret values | string |  `hashicorp vault location` 
 
 #### Action Output
-DATA PATH | TYPE | CONTAINS
---------- | ---- | --------
-action\_result\.parameter\.location | string |  `hashicorp vault location` 
-action\_result\.data\.\*\.secret\_values | string | 
-action\_result\.data\.\*\.succeeded | boolean | 
-action\_result\.status | string | 
-action\_result\.summary | string | 
-action\_result\.message | string | 
-summary\.total\_objects | numeric | 
-summary\.total\_objects\_successful | numeric | 
+DATA PATH | TYPE | CONTAINS | EXAMPLE VALUES
+--------- | ---- | -------- | --------------
+action_result.parameter.location | string |  `hashicorp vault location`  |  
+action_result.data.\*.secret_values | string |  |  
+action_result.data.\*.succeeded | boolean |  |   True  False 
+action_result.status | string |  |   success  failed 
+action_result.summary | string |  |  
+action_result.message | string |  |  
+summary.total_objects | numeric |  |   1 
+summary.total_objects_successful | numeric |  |   1 

hashicorp_vault.json

@@ -5,8 +5,8 @@
     "publisher": "Splunk Community",
     "type": "generic",
     "main_module": "hashicorp_vault_connector.py",
-    "app_version": "1.1.1",
-    "utctime_updated": "2022-01-11T12:34:18.000000Z",
+    "app_version": "1.1.2",
+    "utctime_updated": "2024-06-13T15:56:30.000000Z",
     "package_name": "phantom_hashicorp_vault",
     "product_vendor": "Dallan",
     "product_name": "Hashicorp Vault",

hashicorp_vault_connector.py

@@ -154,7 +154,6 @@ def _set_secret(self, param, action_result):
         mountpoint = self._get_mountpoint()
         path = param.get('location')
         secret = param.get('secret_json')
-        self.save_progress(secret)
         try:
             secret = json.loads(secret)
             try:

manual_readme_content.md

@@ -0,0 +1,21 @@
+[comment]: # " File: README.md"
+[comment]: # "  Copyright (c) 2020-2022 Splunk Inc."
+[comment]: # "  Licensed under the Apache License, Version 2.0 (the 'License');"
+[comment]: # "  you may not use this file except in compliance with the License."
+[comment]: # "  You may obtain a copy of the License at"
+[comment]: # ""
+[comment]: # "      http://www.apache.org/licenses/LICENSE-2.0"
+[comment]: # "  Unless required by applicable law or agreed to in writing, software distributed under"
+[comment]: # "  the License is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,"
+[comment]: # "  either express or implied. See the License for the specific language governing permissions"
+[comment]: # "  and limitations under the License."
+[comment]: # ""
+## Port Information
+
+The app uses HTTP/ HTTPS protocol for communicating with the Hashicorp Vault server. Below are the
+default ports used by the Splunk SOAR Connector.
+
+| SERVICE NAME | TRANSPORT PROTOCOL | PORT |
+|--------------|--------------------|------|
+| http         | tcp                | 80   |
+| https        | tcp                | 443  |