TheHive-Project · 8ear · Nov 15, 2018 · Nov 15, 2018 · Nov 15, 2018 · Oct 4, 2020
diff --git a/.docker/s6/prepare b/.docker/s6/prepare
@@ -0,0 +1,41 @@
+#!/usr/bin/with-contenv bash
+CONFIG_FILE=${CONFIG_FILE:-"$myWORKDIR/conf/synapse.conf"}
+LOG_FILE="$myWORKDIR/logs/synapse.log"
+
+echo "${0##*/} || Write config file..."
+cat << EOF > $CONFIG_FILE
+[api]
+debug:${DEBUG:-False}
+host:${HOST:-"0.0.0.0"}
+port:${PORT:-5000}
+threaded:${API_THREADED:-True}
+
+[TheHive]
+url:${TH_URL:-http://thehive:9000}
+user:${TH_USER:-synapse}
+api_key:${TH_API_KEY}
+
+[EWS]
+#ip or domain to EWS server
+server:${EWS_HOST}
+#According to exchangelib doc:
+#"username is usually in WINDOMAIN\username format
+#some servers also accept usernames in PrimarySMTPAddress
+#('myusername@example.com') format (Office365 requires it)
+username:${EWS_USERNAME}
+password:${EWS_PASSWORD}
+auth_type:${EWS_AUTH_TYPE:-"NTLM"}
+smtp_address:${EWS_SMTP_ADDRESS}
+folder_name:${EWS_FOLDER_NAME:-"TheHive"}
+
+[QRadar]
+#ip or domain to QRadar
+server:${QRADAR_SERVER}
+auth_token:${QRADAR_AUTH_TOKEN}
+cert_filepath:${QRADAR_CERT_FILEPATH:-"/opt/synapse/qradar.crt"}
+api_version:${QRADAR_API_VERSION:"0.8"}
+
+EOF
+
+echo "${0##*/} || Change permission for configuration file..." && chmod 644 "$CONFIG_FILE"
+echo "${0##*/} || Fix permissions in ${myWORKDIR}..." && chown -r abc. ${myWORKDIR}
diff --git a/.docker/s6/run b/.docker/s6/run
@@ -0,0 +1,4 @@
+#!/usr/bin/with-contenv bash
+
+exec s6-setuidgid abc \
+    ${myWORKDIR}/venv/bin/python ${myWORKDIR}/app.py
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,11 @@
+LICENSE
+README.md
+.gitignore
+.github
+.git
+make.sh
+Makefile
+docs
+example*
+Dockerfile
+.dockerignore
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,10 @@
+`````release_notes
+## Whats new
+- ...
+
+## Which Bugfixes
+- ...
+
+## Whats removed
+- ...
+````
diff --git a/.github/workflows/dockerfile_lint.yml b/.github/workflows/dockerfile_lint.yml
@@ -0,0 +1,15 @@
+# https://github.com/marketplace/actions/docker-lint
+name: Dockerfile Lint
+on: [push]
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps: 
+    - name: Checkout
+      uses: actions/checkout@master
+    - name: lint
+      uses: luke142367/Docker-Lint-Action@v1.1.1
+      with:
+        target: ./Dockerfile
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/git_help.yml b/.github/workflows/git_help.yml
@@ -0,0 +1,27 @@
+name: Git - Mark Issue with Help Wanted - actions-ecosystem
+
+on:
+  issues:
+    types:
+      - opened
+      - edited
+      - reopened
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions-ecosystem/action-regex-match@v2
+        id: regex-match
+        with:
+          text: ${{ github.event.issue.title }}
+          regex: "help|not work"
+          flags: 'gi'
+
+      - uses: actions-ecosystem/action-add-labels@v1
+        if: ${{ steps.regex-match.outputs.match != '' }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          labels: 'help wanted'
diff --git a/.github/workflows/git_lint_pull_request.yml b/.github/workflows/git_lint_pull_request.yml
@@ -0,0 +1,40 @@
+name: Git - Lint Pull Request Title - actions-ecosystem
+
+on:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - reopened
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions-ecosystem/action-regex-match@v2
+        id: regex-match
+        with:
+          text: ${{ github.event.pull_request.title }}
+          regex: '(?:add|update|fix)\([a-z]+\):\s.+'
+
+      - uses: actions-ecosystem/action-create-comment@v1
+        if: ${{ steps.regex-match.outputs.match == '' }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          body: |
+            :warning: The title of this PR is invalid.
+
+            Please make the title match the regex `(?:add|update|fix)\([a-z]+\):\s.+`.
+
+            e.g.) `add(cli): enable --verbose flag`, `fix(api): avoid unexpected error in handler`
+
+      - uses: actions-ecosystem/action-add-labels@v1
+        if: ${{ steps.regex-match.outputs.match == '' }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          labels: 'invalid/title'
+
+      - run: exit 1
+        if: ${{ steps.regex-match.outputs.match == '' }}
diff --git a/.github/workflows/git_release.yml b/.github/workflows/git_release.yml
@@ -0,0 +1,78 @@
+name: Git Create Release - actions-ecosystem
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types:
+      - labeled
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions-ecosystem/action-get-merged-pull-request@v1
+        id: get-merged-pull-request
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions-ecosystem/action-release-label@v1
+        id: release-label
+        if: ${{ steps.get-merged-pull-request.outputs.title != null }}
+        with:
+          labels: ${{ steps.get-merged-pull-request.outputs.labels }}
+
+      - uses: actions-ecosystem/action-get-latest-tag@v1
+        id: get-latest-tag
+        if: ${{ steps.release-label.outputs.level != null }}
+        with:
+          semver_only: true
+
+      - uses: actions-ecosystem/action-bump-semver@v1
+        id: bump-semver
+        if: ${{ steps.release-label.outputs.level != null }}
+        with:
+          current_version: ${{ steps.get-latest-tag.outputs.tag }}
+          level: ${{ steps.release-label.outputs.level }}
+
+      - uses: actions-ecosystem/action-regex-match@v2
+        id: regex-match
+        if: ${{ steps.bump-semver.outputs.new_version != null }}
+        with:
+          text: ${{ steps.get-merged-pull-request.outputs.body }}
+          regex: '```release_note([\s\S]*)```'
+
+      - uses: actions-ecosystem/action-push-tag@v1
+        if: ${{ steps.bump-semver.outputs.new_version != null }}
+        with:
+          tag: ${{ steps.bump-semver.outputs.new_version }}
+          message: "${{ steps.bump-semver.outputs.new_version }}: PR #${{ steps.get-merged-pull-request.outputs.number }} ${{ steps.get-merged-pull-request.outputs.title }}"
+
+      - uses: actions/create-release@v1
+        if: ${{ steps.release-label.outputs.level == 'major' || steps.release-label.outputs.level == 'minor' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ steps.bump-semver.outputs.new_version }}
+          release_name: ${{ steps.bump-semver.outputs.new_version }}
+          body: ${{ steps.regex-match.outputs.group1 }}
+
+      - uses: actions-ecosystem/action-create-comment@v1
+        if: ${{ steps.bump-semver.outputs.new_version != null }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          number: ${{ steps.get-merged-pull-request.outputs.number }}
+          body: |
+            The new version [${{ steps.bump-semver.outputs.new_version }}](https://github.com/${{ github.repository }}/releases/tag/${{ steps.bump-semver.outputs.new_version }}) has been released :tada:
+
+      - uses: actions-ecosystem/action-create-comment@v1
+        if: ${{ steps.bump-semver.outputs.new_version != null }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          body: |
+            This PR will update [${{ github.repository }}](https://github.com/${{ github.repository }}) from [${{ steps.get-latest-tag.outputs.tag }}](https://github.com/${{ github.repository }}/releases/tag/${{ steps.get-latest-tag.outputs.tag }}) to ${{ steps.bump-semver.outputs.new_version }} :rocket:
+
+            If this update isn't as you expected, you may want to change or remove the *release label*.
diff --git a/.github/workflows/git_release_check.yml b/.github/workflows/git_release_check.yml
@@ -0,0 +1,37 @@
+name: Check Release
+
+on:
+  pull_request:
+    types:
+      - labeled
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions-ecosystem/action-release-label@v1
+        id: release-label
+        if: ${{ startsWith(github.event.label.name, 'release/') }}
+
+      - uses: actions-ecosystem/action-get-latest-tag@v1
+        id: get-latest-tag
+        if: ${{ steps.release-label.outputs.level != null }}
+        with:
+          semver_only: true
+
+      - uses: actions-ecosystem/action-bump-semver@v1
+        id: bump-semver
+        if: ${{ steps.release-label.outputs.level != null }}
+        with:
+          current_version: ${{ steps.get-latest-tag.outputs.tag }}
+          level: ${{ steps.release-label.outputs.level }}
+
+      - uses: actions-ecosystem/action-create-comment@v1
+        if: ${{ steps.bump-semver.outputs.new_version != null }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          body: |
+            This PR will update [${{ github.repository }}](https://github.com/${{ github.repository }}) from [${{ steps.get-latest-tag.outputs.tag }}](https://github.com/${{ github.repository }}/releases/tag/${{ steps.get-latest-tag.outputs.tag }}) to ${{ steps.bump-semver.outputs.new_version }} :rocket:
+            If this update isn't as you expected, you may want to change or remove the *release label*.
diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml
@@ -0,0 +1,28 @@
+name: shellcheck / hadolint - reviewdog
+# https://github.com/reviewdog/action-shellcheck
+on: [pull_request]
+jobs:
+  shellcheck:
+    #name: runner / shellcheck
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: shellcheck
+        uses: reviewdog/action-shellcheck@v1
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-review # Change reporter.
+          path: "." # Optional.
+          pattern: "*.sh" # Optional.
+          exclude: "./.git/*" # Optional.
+  hadolint:
+    #name: runner / hadolint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v2
+      - name: hadolint
+        uses: reviewdog/action-hadolint@v1
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-review # Default is github-pr-check
diff --git a/.github/workflows/sysdig_cis_benchmark.yml b/.github/workflows/sysdig_cis_benchmark.yml
@@ -0,0 +1,15 @@
+name: Sysdig CIS Benchmarks
+on:
+  pull_request:
+    # paths: 
+    #   - '.docker/**'
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+    - name: Sysdig CIS Dockerfile Benchmark
+      uses: sysdiglabs/benchmark-dockerfile@v1.0.0
+      with:
+        directory: .
diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml
@@ -0,0 +1,24 @@
+name: package pip
+on:
+  push:
+    branches:
+    - master
+  schedule:
+    - cron:  '0 0 * * *'
+jobs:
+  run:
+    name: Run
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+    - package-ecosystem: "pip"
+      # Look for `build.gradle` in the `root` directory
+      directory: "/"
+      # Check for updates once weekly
+      schedule:
+        interval: "weekly"
+        ignore:
+        # Ignore updates to packages that start 'aws'
+        # Wildcards match zero or more arbitrary characters
+        - dependency-name: "flask*"