[SOAR-15852] WHOIS Version Bump (#2093)

* add empty init file and refresh and plugin.spec updates

* unit tests

* Domain action unit tests and Address unit tests started

* Address action unit tests

* Added custom version to requirements.txt

* Changed name of unit test

* ran black

plugins/whois/.CHECKSUM

@@ -1,19 +1,19 @@
 {
-	"spec": "07e61afc61329eddafd572b937e10746",
-	"manifest": "12b6a25b98a92d19ce77924eb5b02cde",
-	"setup": "4889069ba412bd9db5897f177e616f22",
+	"spec": "3a7d86e5fd81a2c2b509afb5082c0809",
+	"manifest": "d017956e73aa52cebf36bb618a75ecb1",
+	"setup": "c159bd33a00b0b2dcd34810018d83f9d",
 	"schemas": [
 		{
 			"identifier": "address/schema.py",
-			"hash": "0cc9eeec848619d580985ff56b407ced"
+			"hash": "3c518027a07a0388a03c5d0982dffda5"
 		},
 		{
 			"identifier": "domain/schema.py",
-			"hash": "262807bfb2fb5735efc5e9ba0ea1fc97"
+			"hash": "ed05313e454847638eeec6cbd38ddbc8"
 		},
 		{
 			"identifier": "connection/schema.py",
-			"hash": "da5382221ca2a33a2f854e17b068d502"
+			"hash": "bd524b567f9638ba1c6f7e0c9e45ff2e"
 		}
 	]
 }

plugins/whois/Dockerfile

@@ -1,5 +1,6 @@
-FROM rapid7/insightconnect-python-3-38-plugin:4
-LABEL organization=komand
+FROM rapid7/insightconnect-python-3-38-plugin:5
+
+LABEL organization=rapid7
 LABEL sdk=python
 LABEL type=plugin
 

plugins/whois/bin/komand_whois

@@ -1,13 +1,13 @@
 #!/usr/bin/env python
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 import os
 import json
 from sys import argv
 
 Name = "WHOIS"
 Vendor = "rapid7"
-Version = "3.1.0"
-Description = "The WHOIS plugin enables address and domain lookups in the WHOIS databases"
+Version = "3.1.1"
+Description = "WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignee's of an Internet resource, such as a domain name, an IP address block, or an autonomous system"
 
 
 def main():
@@ -23,7 +23,7 @@ def main():
             monkey.patch_all()
 
     import insightconnect_plugin_runtime
-    from komand_whois import connection, actions, triggers
+    from komand_whois import connection, actions, triggers, tasks
 
     class ICONWhois(insightconnect_plugin_runtime.Plugin):
         def __init__(self):
@@ -34,10 +34,10 @@ def main():
                 description=Description,
                 connection=connection.Connection()
             )
-            self.add_action(actions.Address())
-
             self.add_action(actions.Domain())
-
+
+            self.add_action(actions.Address())
+
 
     """Run plugin"""
     cli = insightconnect_plugin_runtime.CLI(ICONWhois())

plugins/whois/help.md

@@ -5,95 +5,39 @@ databases that store the registered users or assignee's of an Internet resource,
 block, or an autonomous system.
 
 # Key Features
-
+  
 * Perform a WHOIS lookup for a provided IP address or domain to gain information on who is responsible for a domain or IP
 
 # Requirements
+
+* This plugin does not contain any requirements
 
-* _This plugin does not contain any requirements._
+# Supported Product Versions
+
+* 2023-10-31
 
 # Documentation
 
 ## Setup
-
-_This plugin does not contain a connection._
+  
+*This plugin does not contain a connection.*
 
 ## Technical Details
 
 ### Actions
 
-#### Domain Lookup
-
-This action is used to retrieve data about a domain name.
-
-##### Input
-
-|Name|Type|Default|Required|Description|Enum|Example|
-|----|----|-------|--------|-----------|----|-------|
-|domain|string|None|True|Domain name to lookup|None|rapid7.com|
-
-Example input:
-
-```
-{
-  "domain": "rapid7.com"
-}
-```
-
-##### Output
-
-|Name|Type|Required|Description|
-|----|----|--------|-----------|
-|creation_date|date|False|Creation date|
-|dnssec|string|False|DNSSEC|
-|domain_status|[]string|False|Domain status|
-|expiration_date|date|False|Expiration date|
-|last_updated|date|False|Last updated date|
-|name|string|False|Domain name|
-|name_servers|[]string|False|Nameservers|
-|registrant_cc|string|False|Registrant country|
-|registrant_name|string|False|Registrant name|
-|registrar|string|False|Domain registrar|
-|registrar_abuse_contact_email|string|False|Registrar abuse contact email|
-|registrar_abuse_contact_phone|string|False|Registrar abuse Contact phone|
-|registrar_iana_id|string|False|Registrar IANA ID|
-|registrar_url|string|False|Registrar URL|
-|registrar_whois_server|string|False|Registrar WHOIS server|
-|registry_domain_id|string|False|Registry domain ID|
-
-Example output:
-
-```
-
-{
-  "registrar_whois_server": "whois.markmonitor.com",
-  "registry_domain_id": "2138514_domain_com-vrsn",
-  "last_updated": "2011-07-20T16:55:31",
-  "registrar_iana_id": "292",
-  "registrar": "MarkMonitor Inc.",
-  "dnssec": "unsigned",
-  "domain_status": ["clientdeleteprohibited https://icann.org/epp#clientdeleteprohibited", "clienttransferprohibited https://icann.org/epp#clienttransferprohibited", "clientupdateprohibited https://icann.org/epp#clientupdateprohibited", "serverdeleteprohibited https://icann.org/epp#serverdeleteprohibited", "servertransferprohibited https://icann.org/epp#servertransferprohibited", "serverupdateprohibited https://icann.org/epp#serverupdateprohibited"],
-  "registrar_url": "http://www.markmonitor.com",
-  "creation_date": "1997-09-15T04:00:00",
-  "name_servers": ["ns2.google.com", "ns3.google.com", "ns1.google.com", "ns4.google.com"],
-  "registrar_abuse_contact_email": "[email protected]",
-  "registrar_abuse_contact_phone": "+1.2083895740",
-  "name": "google.com"
-}
-
-```
 
 #### Address Lookup
-
-This action is used to retrieve data about an IP address.
+  
+This action is used to retrieve data about an IP address
 
 ##### Input
 
 |Name|Type|Default|Required|Description|Enum|Example|
-|----|----|-------|--------|-----------|----|-------|
+| :--- | :--- | :--- | :--- | :--- | :--- | :--- |
 |address|string|None|True|IP to Lookup|None|198.51.100.100|
 |registrar|string|Autodetect|False|Domain Registrar|['Autodetect', 'RIPE', 'ARIN', 'LACNIC', 'APNIC']|Autodetect|
-
+  
 Example input:
 
 ```
@@ -105,30 +49,29 @@ Example input:
 
 ##### Output
 
-|Name|Type|Required|Description|
-|----|----|--------|-----------|
-|address|string|False|Address|
-|cidr|string|False|CIDR|
-|city|string|False|City|
-|country|string|False|Country|
-|netname|string|False|Network name|
-|netrange|string|False|Network Range|
-|nettype|string|False|Network type|
-|org_abuse_email|string|False|Organization abuse e-mail|
-|org_abuse_phone|string|False|Organization abuse phone|
-|org_tech_email|string|False|Organization tech e-mail|
-|org_tech_phone|string|False|Organization tech phone|
-|organization|string|False|Organization|
-|orgname|string|False|Organization name|
-|postal|string|False|Postal|
-|regdate|string|False|Registration date|
-|state|string|False|State|
-|update|string|False|WHOIS updated date|
-
+|Name|Type|Required|Description|Example|
+| :--- | :--- | :--- | :--- | :--- |
+|address|string|False|Address|1025 Eldorado Blvd.|
+|cidr|string|False|CIDR|8.0.0.0/8|
+|city|string|False|City|Broomfield|
+|country|string|False|Country|US|
+|netname|string|False|Network name|LVLT-ORG-8-8|
+|netrange|string|False|Network Range|8.0.0.0 - 8.255.255.255|
+|nettype|string|False|Network type|Direct Allocation|
+|org_abuse_email|string|False|Organization abuse e-mail|[email protected]|
+|org_abuse_phone|string|False|Organization abuse phone|+1-877-453-8353 |
+|org_tech_email|string|False|Organization tech e-mail|[email protected]|
+|org_tech_phone|string|False|Organization tech phone|+1-877-453-8353 |
+|organization|string|False|Organization|Level 3 Communications, Inc. (LVLT)|
+|orgname|string|False|Organization name|Level 3 Communications, Inc.|
+|postal|string|False|Postal|80021|
+|regdate|string|False|Registration date|1992-12-01|
+|state|string|False|State|CO|
+|update|string|False|WHOIS updated date|2012-02-24|
+  
 Example output:
 
 ```
-
 {
   "address": "1025 Eldorado Blvd.",
   "cidr": "8.0.0.0/8",
@@ -143,28 +86,105 @@ Example output:
   "org_tech_phone": "+1-877-453-8353 ",
   "organization": "Level 3 Communications, Inc. (LVLT)",
   "orgname": "Level 3 Communications, Inc.",
-  "postal": "80021",
+  "postal": 80021,
   "regdate": "1992-12-01",
   "state": "CO",
   "update": "2012-02-24"
 }
+```
+
+#### Domain Lookup
+
+This action is used to retrieve data about a domain name
+
+##### Input
+
+|Name|Type|Default|Required|Description|Enum|Example|
+| :--- | :--- | :--- | :--- | :--- | :--- | :--- |
+|domain|string|None|True|Domain name to lookup|None|rapid7.com|
+
+Example input:
 
+```
+{
+  "domain": "rapid7.com"
+}
 ```
 
-### Triggers
+##### Output
+
+|Name|Type|Required|Description|Example|
+| :--- | :--- | :--- | :--- | :--- |
+|creation_date|date|False|Creation date|1997-09-15T04:00:00|
+|dnssec|string|False|DNSSEC|unsigned|
+|domain_status|[]string|False|Domain status|["clientdeleteprohibited https://icann.org/epp#clientdeleteprohibited", "clienttransferprohibited https://icann.org/epp#clienttransferprohibited", "clientupdateprohibited https://icann.org/epp#clientupdateprohibited", "serverdeleteprohibited https://icann.org/epp#serverdeleteprohibited", "servertransferprohibited https://icann.org/epp#servertransferprohibited", "serverupdateprohibited https://icann.org/epp#serverupdateprohibited"]|
+|expiration_date|date|False|Expiration date||
+|last_updated|date|False|Last updated date||
+|name|string|False|Domain name|google.com|
+|name_servers|[]string|False|Nameservers|["ns2.google.com", "ns3.google.com", "ns1.google.com", "ns4.google.com"]|
+|registrant_cc|string|False|Registrant country|US|
+|registrant_name|string|False|Registrant name||
+|registrar|string|False|Domain registrar|MarkMonitor Inc.|
+|registrar_abuse_contact_email|string|False|Registrar abuse contact email|[email protected]|
+|registrar_abuse_contact_phone|string|False|Registrar abuse Contact phone|+1.2083895740|
+|registrar_iana_id|string|False|Registrar IANA ID|292|
+|registrar_url|string|False|Registrar URL|http://www.markmonitor.com|
+|registrar_whois_server|string|False|Registrar WHOIS server|whois.markmonitor.com|
+|registry_domain_id|string|False|Registry domain ID|2138514_domain_com-vrsn|
+
+Example output:
 
-_This plugin does not contain any triggers._
+```
+{
+  "creation_date": "1997-09-15T04:00:00",
+  "dnssec": "unsigned",
+  "domain_status": [
+    "clientdeleteprohibited https://icann.org/epp#clientdeleteprohibited",
+    "clienttransferprohibited https://icann.org/epp#clienttransferprohibited",
+    "clientupdateprohibited https://icann.org/epp#clientupdateprohibited",
+    "serverdeleteprohibited https://icann.org/epp#serverdeleteprohibited",
+    "servertransferprohibited https://icann.org/epp#servertransferprohibited",
+    "serverupdateprohibited https://icann.org/epp#serverupdateprohibited"
+  ],
+  "expiration_date": "",
+  "last_updated": "",
+  "name": "google.com",
+  "name_servers": [
+    "ns2.google.com",
+    "ns3.google.com",
+    "ns1.google.com",
+    "ns4.google.com"
+  ],
+  "registrant_cc": "US",
+  "registrant_name": "",
+  "registrar": "MarkMonitor Inc.",
+  "registrar_abuse_contact_email": "[email protected]",
+  "registrar_abuse_contact_phone": "+1.2083895740",
+  "registrar_iana_id": 292,
+  "registrar_url": "http://www.markmonitor.com",
+  "registrar_whois_server": "whois.markmonitor.com",
+  "registry_domain_id": "2138514_domain_com-vrsn"
+}
+```
+### Triggers
+
+*This plugin does not contain any triggers.*
 
-### Custom Output Types
+### Tasks
+
+*This plugin does not contain any tasks.*
 
-_This plugin does not contain any custom output types._
+### Custom Types
+
+*This plugin does not contain any custom output types.*
 
 ## Troubleshooting
 
 Multiple records can be returned by the server, this plugin currently only returns the first unique records found.
 
 # Version History
 
+* 3.1.1 - Add empty `__init__.py` file to `unit_test` folder | Refresh with new tooling
 * 3.1.0 - Add support for `.monster` and `.nl` domains
 * 3.0.3 - Add PluginException in Domain and Address action when response is empty
 * 3.0.2 - Support non-UTF-8 responses in the Address action
@@ -193,6 +213,8 @@ Multiple records can be returned by the server, this plugin currently only retur
 
 # Links
 
-## References
+* [WHOIS](https://en.wikipedia.org/wiki/WHOIS)
 
+## References
+
 * [WHOIS](https://en.wikipedia.org/wiki/WHOIS)

plugins/whois/komand_whois/actions/__init__.py

@@ -1,3 +1,6 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
-from .address.action import Address
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
+
 from .domain.action import Domain
+
+from .address.action import Address
+

plugins/whois/komand_whois/actions/address/__init__.py

@@ -1,2 +1,2 @@
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 from .action import Address