Merge branch 'next' into fix/update_axios_and_sentry

NeuraLegion · Dec 12, 2024 · ce96287 · ce96287
2 parents e32471f + 3fee121
commit ce96287
Show file tree

Hide file tree

Showing 15 changed files with 582 additions and 29 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -98,10 +98,7 @@ jobs:
         if: startsWith(matrix.os, 'ubuntu')
         run: |
           dnf install -y dnf-utils \
-          && dnf config-manager --enable ubi-8-appstream \
-          && dnf config-manager --enable ubi-8-baseos \
           && dnf install -y python3 gcc gcc-c++ make \
-          && dnf clean all \
           && rm -rf /var/cache/dnf
 
       - name: Install deps

diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -49,17 +49,17 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            container: ubuntu:18.04
+            container: ubuntu:20.04
             executable: bright-cli-linux-x64
-            node: 16
+            node: 20
           - os: ubuntu-latest
-            container: ubuntu:16.04
+            container: ubuntu:22.04
             executable: bright-cli-linux-x64
-            node: 16
+            node: 20
           - os: ubuntu-latest
-            container: fedora:24
+            container: fedora:29
             executable: bright-cli-linux-x64
-            node: 16
+            node: 20
           - os: ubuntu-latest
             container: fedora:latest
             executable: bright-cli-linux-x64
@@ -234,17 +234,17 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, windows-latest, ubuntu-latest]
-        node: [16, 18, 20]
+        node: [20, 22]
         include:
           - os: ubuntu-latest
-            container: ubuntu:16.04
-            node: 16
+            container: ubuntu:20.04
+            node: 20
           - os: ubuntu-latest
-            container: fedora:24
-            node: 16
+            container: fedora:29
+            node: 20
           - os: ubuntu-latest
             container: fedora:latest
-            node: 18
+            node: 22
           - os: ubuntu-latest
             container: fedora:latest
             node: 20

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@brightsec/cli",
-  "version": "13.0.0-next.8",
+  "version": "13.0.0",
   "private": false,
   "repository": {
     "type": "git",
@@ -22,7 +22,7 @@
     ]
   },
   "engines": {
-    "node": ">=16 <=20"
+    "node": ">=20 <=22"
   },
   "dependencies": {
     "@neuralegion/os-service": "^1.2.6",
@@ -132,7 +132,7 @@
       "./node_modules/win-ca/lib/crypt32-*.node",
       "./node_modules/@neuralegion/os-service/prebuilds/win32-*/node.abi115.node",
       "./node_modules/@neuralegion/raw-socket/prebuilds/win32-*/node.abi115.node",
-      "./node_modules/@neuralegion/raw-socket/prebuilds/linux-x64/node.abi93.glibc.node",
+      "./node_modules/@neuralegion/raw-socket/prebuilds/linux-x64/node.abi115.glibc.node",
       "./node_modules/@neuralegion/raw-socket/prebuilds/darwin-x64+arm64/node.abi115.node"
     ],
     "targets": [

diff --git a/src/Commands/PollingScanStatus.ts b/src/Commands/PollingScanStatus.ts
@@ -9,7 +9,7 @@ import { Arguments, Argv, CommandModule } from 'yargs';
 import { container } from 'tsyringe';
 
 export class PollingScanStatus implements CommandModule {
-  public readonly command = 'scan:polling [options] <scan>';
+  public readonly command = 'scan:polling [options] <scanId>';
   public readonly describe = 'Allows to configure a polling of scan status.';
 
   public builder(argv: Argv): Argv {
@@ -42,7 +42,7 @@ export class PollingScanStatus implements CommandModule {
         requiresArg: true,
         default: BreakpointType.ANY
       })
-      .positional('scan', {
+      .positional('scanId', {
         describe: 'ID of an existing scan which you want to check.',
         type: 'string',
         demandOption: true
@@ -64,7 +64,7 @@ export class PollingScanStatus implements CommandModule {
     try {
       const pollingFactory = container.resolve<PollingFactory>(PollingFactory);
       const polling = pollingFactory.create({
-        scanId: args.scan as string,
+        scanId: args.scanId as string,
         timeout: args.timeout as number,
         interval: args.interval as number,
         breakpoint: args.breakpoint as BreakpointType

diff --git a/src/Commands/RerunDiscovery.ts b/src/Commands/RerunDiscovery.ts
@@ -0,0 +1,69 @@
+import { Discoveries, RestDiscoveryOptions } from 'src/Discovery';
+import { ErrorMessageFactory, logger } from 'src/Utils';
+import { container } from 'tsyringe';
+import { Arguments, Argv, CommandModule } from 'yargs';
+
+export class RerunDiscovery implements CommandModule {
+  public readonly command = 'discovery:rerun [options] <discoveryId>';
+  public readonly describe =
+    'Request to start a new discovery using the same configuration as an existing discovery, by discovery ID.';
+
+  public builder(argv: Argv): Argv {
+    return argv
+      .option('token', {
+        alias: 't',
+        describe: 'Bright API-key',
+        string: true,
+        requiresArg: true,
+        demandOption: true
+      })
+      .positional('discoveryId', {
+        describe: 'ID of an existing discovery which you want to re-run.',
+        requiresArg: true,
+        demandOption: true,
+        type: 'string'
+      })
+      .option('project', {
+        alias: 'p',
+        describe: 'ID of the project',
+        string: true,
+        requiresArg: true,
+        demandOption: true
+      })
+      .middleware((args: Arguments) =>
+        container.register<RestDiscoveryOptions>(RestDiscoveryOptions, {
+          useValue: {
+            insecure: args.insecure as boolean,
+            baseURL: args.api as string,
+            apiKey: args.token as string,
+            proxyURL: (args.proxyBright ?? args.proxy) as string,
+            timeout: args.timeout as number
+          }
+        })
+      );
+  }
+
+  public async handler(args: any): Promise<void> {
+    try {
+      const discoveryManager: Discoveries = container.resolve(Discoveries);
+      const projectId = args.project as string;
+      const discoveryId = args.discoveryId as string;
+      const newDiscoveryId = await discoveryManager.rerun(
+        projectId,
+        discoveryId
+      );
+
+      // eslint-disable-next-line no-console
+      console.log(newDiscoveryId);
+      process.exit(0);
+    } catch (error) {
+      logger.error(
+        ErrorMessageFactory.genericCommandError({
+          error,
+          command: 'discovery:rerun'
+        })
+      );
+      process.exit(1);
+    }
+  }
+}
diff --git a/src/Commands/RetestScan.ts b/src/Commands/RetestScan.ts
@@ -4,7 +4,7 @@ import { Arguments, Argv, CommandModule } from 'yargs';
 import { container } from 'tsyringe';
 
 export class RetestScan implements CommandModule {
-  public readonly command = 'scan:retest [options] <scan>';
+  public readonly command = 'scan:retest [options] <scanId>';
   public readonly describe =
     'Request to start a new scan using the same configuration as an existing scan, by scan ID.';
 
@@ -16,7 +16,7 @@ export class RetestScan implements CommandModule {
         requiresArg: true,
         demandOption: true
       })
-      .positional('scan', {
+      .positional('scanId', {
         describe: 'ID of an existing scan which you want to re-run.',
         type: 'string',
         demandOption: true
@@ -37,7 +37,7 @@ export class RetestScan implements CommandModule {
   public async handler(args: Arguments): Promise<void> {
     try {
       const scanManager: Scans = container.resolve(Scans);
-      const scanId: string = await scanManager.retest(args.scan as string);
+      const scanId: string = await scanManager.retest(args.scanId as string);
 
       // eslint-disable-next-line no-console
       console.log(scanId);

diff --git a/src/Commands/RunDiscovery.ts b/src/Commands/RunDiscovery.ts
@@ -0,0 +1,156 @@
+import { Discoveries, DiscoveryConfig } from '../Discovery';
+import { ErrorMessageFactory, logger } from '../Utils';
+import { RestDiscoveryOptions } from 'src/Discovery/RestDiscoveries';
+import { container } from 'tsyringe';
+import { Arguments, Argv, CommandModule } from 'yargs';
+
+export class RunDiscovery implements CommandModule {
+  public readonly command = 'discovery:run [options]';
+  public readonly describe =
+    'Start a new discovery for the received configuration.';
+
+  public builder(argv: Argv): Argv {
+    return argv
+      .option('token', {
+        alias: 't',
+        describe: 'Bright API-key',
+        string: true,
+        requiresArg: true,
+        demandOption: true
+      })
+      .option('project', {
+        alias: 'p',
+        describe: 'ID of the project',
+        string: true,
+        requiresArg: true,
+        demandOption: true
+      })
+      .option('name', {
+        alias: 'n',
+        describe: 'Name of the discovery.',
+        string: true,
+        requiresArg: true,
+        demandOption: true
+      })
+      .option('auth', {
+        alias: 'o',
+        describe: 'Auth object ID.',
+        string: true,
+        requiresArg: true
+      })
+      .option('repeater', {
+        alias: 'agent',
+        requiresArg: true,
+        array: true,
+        describe: 'ID of any repeaters connected with the discovery.'
+      })
+      .option('archive', {
+        alias: 'a',
+        normalize: true,
+        requiresArg: true,
+        describe:
+          "A collection of your app's http/websockets logs into HAR file. " +
+          'Usually you can use browser dev tools or our browser web extension'
+      })
+      .option('crawler', {
+        alias: 'c',
+        requiresArg: true,
+        array: true,
+        describe:
+          'A list of specific urls that should be included into crawler.',
+        demandOption: true
+      })
+      .option('host-filter', {
+        alias: 'F',
+        requiresArg: true,
+        array: true,
+        describe: 'A list of specific hosts that should be included into scan.'
+      })
+      .option('header', {
+        alias: 'H',
+        requiresArg: true,
+        array: true,
+        describe:
+          'A list of specific headers that should be included into request.'
+      })
+      .option('smart', {
+        boolean: true,
+        describe:
+          'Use automatic smart decisions such as: parameter skipping, detection phases, etc. to minimize scan time.'
+      })
+      .option('crawl-parent-subdomains', {
+        boolean: true,
+        describe: 'Crawl parent path folders and subdomains',
+        default: false
+      })
+      .option('concurrency', {
+        number: true,
+        default: 10,
+        describe:
+          'Number of maximum concurrent requests allowed to be sent to the target, can range between 1 to 50 (default: 10).',
+        requiresArg: true
+      })
+      .option('interactions-depth', {
+        number: true,
+        default: 3,
+        describe:
+          'Number of maximum interactions with nested objects, can range between 1 to 5 (default: 3).',
+        requiresArg: true
+      })
+      .middleware((args: Arguments) =>
+        container.register<RestDiscoveryOptions>(RestDiscoveryOptions, {
+          useValue: {
+            insecure: args.insecure as boolean,
+            baseURL: args.api as string,
+            apiKey: args.token as string,
+            proxyURL: (args.proxyBright ?? args.proxy) as string,
+            timeout: args.timeout as number
+          }
+        })
+      );
+  }
+
+  public async handler(args: Arguments): Promise<void> {
+    try {
+      const discoveryManager: Discoveries = container.resolve(Discoveries);
+
+      const projectId = args.project as string;
+
+      const { id: discoveryId, warnings } = await discoveryManager.create(
+        projectId,
+        {
+          name: args.name,
+          authObjectId: args.auth,
+          hostsFilter: args.hostFilter,
+          crawlerUrls: args.crawler,
+          fileId: args.archive,
+          repeaters: args.repeater,
+          optimizedCrawler: args.smart,
+          poolSize: args.concurrency,
+          maxInteractionsChainLength: args.interactionsDepth,
+          subdomainsCrawl: args.crawlParentSubdomains,
+          headers: args.header
+        } as DiscoveryConfig
+      );
+
+      // eslint-disable-next-line no-console
+      console.log(discoveryId);
+
+      if (warnings?.length) {
+        logger.warn(
+          `${warnings.map((warning) => warning.message).join('\n')}\n`
+        );
+      }
+
+      process.exit(0);
+    } catch (error) {
+      logger.error(
+        ErrorMessageFactory.genericCommandError({
+          error,
+          command: 'discovery:run'
+        })
+      );
+      process.exit(1);
+    }
+  }
+}