Dig - (SDK Automation prep) (#3271) (#3280)

* Dig - (SDK Automation prep)

* Fixing rogue space

Author: rmurray-r7

plugins/dig/.CHECKSUM

@@ -1,7 +1,7 @@
 {
-	"spec": "8ff0f3308351b1a44cf24084dbf42ce8",
-	"manifest": "2e3c5a1e4029c779bf99991d18b47a67",
-	"setup": "b5a0e6ff2254c0ce4138185e153bfe5c",
+	"spec": "27c69da329e52ad56295c324244dd5bc",
+	"manifest": "12033dcedfa9de909a9d0a864d163d46",
+	"setup": "bce73ad5aedfe707b30a60de01a4f385",
 	"schemas": [
 		{
 			"identifier": "forward/schema.py",

plugins/dig/Dockerfile

@@ -1,9 +1,9 @@
-FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.2.2
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.2.5
 
 LABEL organization=rapid7
 LABEL sdk=python
 
-RUN apk update && apk add --no-cache bind-tools
+RUN apk update && apk add --no-cache --virtual bind-tools
 
 WORKDIR /python/src
 
@@ -14,7 +14,7 @@ RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
 
 ADD . /python/src
 
-RUN python setup.py build && python setup.py install
+RUN pip install .
 
 # User to run plugin code. The two supported users are: root, nobody
 USER nobody

plugins/dig/bin/komand_dig

@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "DNS"
 Vendor = "rapid7"
-Version = "2.0.4"
+Version = "2.0.5"
 Description = "The DNS plugin is used for forward and reverse DNS lookups. This plugin uses [Dig](https://linux.die.net/man/1/dig), or Domain Information Groper, which is a network administration command-line tool for querying Domain Name System (DNS) name servers"
 
 

plugins/dig/help.md

@@ -60,7 +60,7 @@ Example input:
 |question|string|False|Question asked|google.com|
 |status|string|False|Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED ...]|NOERROR|
 
-On success, the raw output will look like the following:
+Example output:
 
 ```
 {
@@ -76,20 +76,6 @@ On success, the raw output will look like the following:
 }
 ```
 
-On failure, the raw output will look like the following:
-
-```
-
-{
-  "status": "NOERROR",
-  "answer": "google-public-dns-a.google.com",
-  "nameserver": "10.0.2.3",
-  "question": "8.8.8.8.8",
-  "fulloutput": "\n; <<>> Dig 9.9.5-9+deb8u9-Debian <<>> -x 8.8.8.8.8\n;; global options: +cmd\n;; Got answer:\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20097\n;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;8.8.8.8.8.in-addr.arpa.\t\tIN\tPTR\n\n;; ANSWER SECTION:\n8.8.8.8.8.in-addr.arpa.\t62286\tIN\tPTR\tgoogle-public-dns-a.google.com.\n\n;; Query time: 2 msec\n;; SERVER: 10.0.2.3#53(10.0.2.3)\n;; WHEN: Fri Jan 27 01:21:10 UTC 2017\n;; MSG SIZE  rcvd: 84\n\n"
-},
-
-```
-
 #### Reverse Lookup
 
 This action is used to request a reverse lookup for an IP address
@@ -120,7 +106,7 @@ Example input:
 |question|string|False|Question asked|8.8.8.8|
 |status|string|False|Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED ...]|NOERROR|
 
-On success, the raw output will look like the following:
+Example output:
 
 ```
 {
@@ -131,19 +117,6 @@ On success, the raw output will look like the following:
   "status": "NOERROR"
 }
 ```
-
-On failure, the raw output will look like the following:
-
-```
-{
-  "status": "NOERROR",
-  "answer": "dns.google",
-  "fulloutput": "\n; <<>> DiG 9.14.8 <<>> -x 8.8.8.8\n;; global optio...",
-  "nameserver": "192.168.65.1",
-  "question": "8.8.8.8"
-}
-```
-
 ### Triggers
 
 *This plugin does not contain any triggers.*
@@ -157,7 +130,7 @@ On failure, the raw output will look like the following:
 
 ## Troubleshooting
 
-The `status` variable contains the [DNS status code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml) name from the DNS server's response.
+* The `status` variable contains the [DNS status code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml) name from the DNS server's response.
 Dig has at least the following status codes implemented:
 
 ```
@@ -167,7 +140,7 @@ SERVFAIL
 NXDOMAIN
 NOTIMP
 REFUSED
-YXDOMAIN
+YXDOMAIN 
 YXRRSET
 NXRRSET
 NOTAUTH
@@ -183,9 +156,9 @@ Common examples:
 * `status = "NOERRROR"` - The DNS response contains an answer
 * `status = "NXDOMAIN"` - The DNS response did not have an answer i.e. Non-Existent Domain
 
-
 # Version History
 
+* 2.0.5 - Updated SDK to the latest version (6.2.5)
 * 2.0.4 - Updated SDK to the latest version (v6.2.2) | Address vulnerabilities
 * 2.0.3 - Initial updates for fedramp compliance | Updated SDK to the latest
 * 2.0.2 - Updated SDK to the latest version | Added validation for input parameters

plugins/dig/plugin.spec.yaml

@@ -3,85 +3,77 @@ extension: plugin
 products: [insightconnect]
 name: dig
 title: DNS
-description: The DNS plugin is used for forward and reverse DNS lookups. This plugin uses [Dig](https://linux.die.net/man/1/dig), or Domain Information Groper, which is a network administration command-line tool for querying Domain Name System (DNS) name servers
-version: 2.0.4
+description: The DNS plugin is used for forward and reverse DNS lookups. This plugin
+  uses [Dig](https://linux.die.net/man/1/dig), or Domain Information Groper, which
+  is a network administration command-line tool for querying Domain Name System (DNS)
+  name servers
+version: 2.0.5
 connection_version: 2
 vendor: rapid7
 support: community
-supported_versions: ["2024-09-10"]
+supported_versions: ['2024-09-10']
 status: []
 sdk:
   type: full
-  version: 6.2.2
+  version: 6.2.5
   user: nobody
   packages:
-    - bind-tools
+  - bind-tools
 cloud_ready: true
 fedramp_ready: true
 resources:
   source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/plugins/dig
   license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE
 tags:
-  - dig
-  - dns
+- dig
+- dns
 hub_tags:
   use_cases: [threat_detection_and_response, offensive_security]
   keywords: [dig, dns, cloud_enabled]
   features: []
-troubleshooting: |
-  The `status` variable contains the [DNS status code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml) name from the DNS server's response.
-  Dig has at least the following status codes implemented:
-  
-  ```
-  NOERROR
-  FORMERR
-  SERVFAIL
-  NXDOMAIN
-  NOTIMP
-  REFUSED
-  YXDOMAIN
-  YXRRSET
-  NXRRSET
-  NOTAUTH
-  NOTZONE
-  BADVERS
-  ```
-  
-  You can test the `status` variable in a Decision or Filter step to check for its value.
-  For example, in your workflow, if the resolution doesn't return an answer, then you may want to attempt a second lookup from a passive DNS service.
-  
-  Common examples:
-  
-  * `status = "NOERRROR"` - The DNS response contains an answer
-  * `status = "NXDOMAIN"` - The DNS response did not have an answer i.e. Non-Existent Domain
+troubleshooting:
+- "The `status` variable contains the [DNS status code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml)
+  name from the DNS server's response.\nDig has at least the following status codes
+  implemented:\n\n```\nNOERROR\nFORMERR\nSERVFAIL\nNXDOMAIN\nNOTIMP\nREFUSED\nYXDOMAIN
+    \nYXRRSET\nNXRRSET\nNOTAUTH\nNOTZONE\nBADVERS\n```\n\nYou can test the `status` variable
+  in a Decision or Filter step to check for its value.\nFor example, in your workflow,
+  if the resolution doesn't return an answer, then you may want to attempt a second
+  lookup from a passive DNS service.\n\nCommon examples:\n\n* `status = \"NOERRROR\"\
+  ` - The DNS response contains an answer\n* `status = \"NXDOMAIN\"` - The DNS response
+  did not have an answer i.e. Non-Existent Domain"
 key_features:
-  - "Forward DNS lookup to find an IP address from a domain name"
-  - "Reverse DNS lookup to find a domain name from an IP address"
+- Forward DNS lookup to find an IP address from a domain name
+- Reverse DNS lookup to find a domain name from an IP address
 links:
-  - "[Dig](https://linux.die.net/man/1/dig)"
+- '[Dig](https://linux.die.net/man/1/dig)'
 references:
-  - "[Dig](https://linux.die.net/man/1/dig)"
-  - "[DNS Status Code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml)"
+- '[Dig](https://linux.die.net/man/1/dig)'
+- '[DNS Status Code](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml)'
 version_history:
-  - "2.0.4 - Updated SDK to the latest version (v6.2.2) | Address vulnerabilities"
-  - "2.0.3 - Initial updates for fedramp compliance | Updated SDK to the latest"
-  - "2.0.2 - Updated SDK to the latest version | Added validation for input parameters"
-  - "2.0.1 - Added `__init__.py` file to `unit_test` folder | Refreshed with new Tooling"
-  - "2.0.0 - Rename Dig plugin to DNS"
-  - "1.0.7 - Fix bug in `safe_parse` function | Fix bug when `answers` in function `execute_command` is str"
-  - "1.0.6 - Upgrade to latest Python plugin runtime | Define `cloud_ready` in spec"
-  - "1.0.5 - Update to v4 Python plugin runtime"
-  - "1.0.4 - Add example inputs"
-  - '1.0.3 - Use input and output constants | Change docker image from `komand/python-2-slim-plugin:2` to `komand/python-3-37-slim-plugin:3` to reduce plugin image size | Added "f" strings | Remove duplicate code | Add user nobody to Dockerfile'
-  - "1.0.2 - New spec and help.md format for the Extension Library"
-  - "1.0.1 - Update to use the `komand/python-2-slim-plugin:2` Docker image to reduce plugin size"
-  - "1.0.0 - Support web server mode"
-  - "0.3.2 - Update to v2 Python plugin architecture"
-  - "0.3.1 - SSL bug fix in SDK"
-  - "0.3.0 - Add all_answers and last_answer to the forward lookup action"
-  - "0.2.0 - Add option to use custom resolver"
-  - "0.1.1 - Increased result validation"
-  - "0.1.0 - Initial plugin"
+- 2.0.5 - Updated SDK to the latest version (6.2.5)
+- 2.0.4 - Updated SDK to the latest version (v6.2.2) | Address vulnerabilities
+- 2.0.3 - Initial updates for fedramp compliance | Updated SDK to the latest
+- 2.0.2 - Updated SDK to the latest version | Added validation for input parameters
+- 2.0.1 - Added `__init__.py` file to `unit_test` folder | Refreshed with new Tooling
+- 2.0.0 - Rename Dig plugin to DNS
+- 1.0.7 - Fix bug in `safe_parse` function | Fix bug when `answers` in function `execute_command`
+  is str
+- 1.0.6 - Upgrade to latest Python plugin runtime | Define `cloud_ready` in spec
+- 1.0.5 - Update to v4 Python plugin runtime
+- 1.0.4 - Add example inputs
+- 1.0.3 - Use input and output constants | Change docker image from `komand/python-2-slim-plugin:2`
+  to `komand/python-3-37-slim-plugin:3` to reduce plugin image size | Added "f" strings
+  | Remove duplicate code | Add user nobody to Dockerfile
+- 1.0.2 - New spec and help.md format for the Extension Library
+- 1.0.1 - Update to use the `komand/python-2-slim-plugin:2` Docker image to reduce
+  plugin size
+- 1.0.0 - Support web server mode
+- 0.3.2 - Update to v2 Python plugin architecture
+- 0.3.1 - SSL bug fix in SDK
+- 0.3.0 - Add all_answers and last_answer to the forward lookup action
+- 0.2.0 - Add option to use custom resolver
+- 0.1.1 - Increased result validation
+- 0.1.0 - Initial plugin
 actions:
   forward:
     title: Forward Lookup
@@ -104,14 +96,14 @@ actions:
         description: Query type e.g. ANY, A, MX, NS, etc
         type: string
         enum:
-          - A
-          - AAAA
-          - ANY
-          - CNAME
-          - MX
-          - NS
-          - PTR
-          - SOA
+        - A
+        - AAAA
+        - ANY
+        - CNAME
+        - MX
+        - NS
+        - PTR
+        - SOA
         required: true
         example: MX
     output:
@@ -123,7 +115,8 @@ actions:
         example: \n; <<>> DiG 9.12.4-P2 <<>> google.com A\n;; global ...
       status:
         title: Query Status
-        description: "Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED ...]"
+        description: Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED
+          ...]
         type: string
         required: false
         example: NOERROR
@@ -179,10 +172,17 @@ actions:
         description: Full DNS output
         type: string
         required: false
-        example: '\n; <<>> Dig 9.9.5-9+deb8u9-Debian <<>> -x 8.8.8.8\n;; global options: +cmd\n;; Got answer:\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59406\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version: 0, flags:; udp: 512\n;; QUESTION SECTION:\n;8.8.8.8.in-addr.arpa.\t\tIN\tPTR\n\n;; ANSWER SECTION:\n8.8.8.8.in-addr.arpa.\t68133\tIN\tPTR\tgoogle-public-dns-a.google.com.\n\n;; Query time: 22 msec\n;; SERVER: 10.0.2.3#53(10.0.2.3)\n;; WHEN: Thu Jan 26 23:43:43 UTC 2017\n;; MSG SIZE  rcvd: 93\n\n'
+        example: '\n; <<>> Dig 9.9.5-9+deb8u9-Debian <<>> -x 8.8.8.8\n;; global options:
+          +cmd\n;; Got answer:\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
+          59406\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL:
+          1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version: 0, flags:; udp: 512\n;; QUESTION
+          SECTION:\n;8.8.8.8.in-addr.arpa.\t\tIN\tPTR\n\n;; ANSWER SECTION:\n8.8.8.8.in-addr.arpa.\t68133\tIN\tPTR\tgoogle-public-dns-a.google.com.\n\n;;
+          Query time: 22 msec\n;; SERVER: 10.0.2.3#53(10.0.2.3)\n;; WHEN: Thu Jan
+          26 23:43:43 UTC 2017\n;; MSG SIZE  rcvd: 93\n\n'
       status:
         title: Query Status
-        description: Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED ...]
+        description: Query status [ NOERROR | FORMERR | NXDOMAIN | SERVFAIL | REFUSED
+          ...]
         type: string
         required: false
         example: NOERROR

plugins/dig/setup.py

@@ -3,7 +3,7 @@
 
 
 setup(name="dig-rapid7-plugin",
-      version="2.0.4",
+      version="2.0.5",
       description="The DNS plugin is used for forward and reverse DNS lookups. This plugin uses [Dig](https://linux.die.net/man/1/dig), or Domain Information Groper, which is a network administration command-line tool for querying Domain Name System (DNS) name servers",
       author="rapid7",
       author_email="",