Add RL Secure to CCI

Fix File Locations Update test Change test to isinstance instead of issubclass Run snyk on non main
okta · Oct 18, 2024 · 4743a7c · 4743a7c
1 parent 49757d9
commit 4743a7c
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 1 deletion.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -4,6 +4,7 @@ version: 2.1
 orbs:
   python: circleci/[email protected]
   platform-helpers-general: okta/[email protected]
+  aws-cli: circleci/[email protected]
 
 jobs:
   build_and_test:
@@ -33,6 +34,49 @@ jobs:
       - platform-helpers-general/step-run-snyk-monitor:
           scan-all-projects: true
           skip-unresolved: false
+          run-on-non-main: true
+  reversing-labs:
+    docker:
+      - image: cimg/python:3.10
+    steps:
+      - checkout
+
+      - run:
+          name: Install Dependencies
+          command: pip wheel -r requirements.txt -w _vendor/
+
+      - run:
+          name: Download Reverse Labs Scanner
+          command: |
+            curl https://dso-resources.oktasecurity.com/scanner \
+              -H "x-api-key: $RESOURCE_TOKEN" \
+              --output rl_wrapper-0.0.2+35ababa-py3-none-any.whl
+      # Install the wrapper that was downloaded
+      - run:
+          name: Install RL Wrapper
+          command: |
+            pip install ./rl_wrapper-0.0.2+35ababa-py3-none-any.whl
+      # Setup the AWS profile
+      - aws-cli/setup:
+          profile_name: default
+          role_arn: $AWS_ARN
+          region: us-east-1
+      # Get the credentials and save to env
+      - run: >-
+          eval "$(aws configure export-credentials --profile default --format env)" 2> /dev/null
+      # Run the wrapper, do not change anything here
+      - run:
+          name: Run Reversing Labs Wrapper Scanner
+          command: |
+            rl-wrapper \
+              --artifact ${CIRCLE_WORKING_DIRECTORY/#\~/$HOME} \
+              --name $CIRCLE_PROJECT_REPONAME\
+              --version $CIRCLE_SHA1\
+              --repository $CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME \
+              --commit $CIRCLE_SHA1 \
+              --build-env "circleci" \
+              --suppress_output
+
 workflows:
   "Circle CI Tests":
     jobs:
@@ -41,3 +85,9 @@ workflows:
           context:
             - static-analysis
           name: execute-snyk
+
+  "Malware Scanner":
+    jobs:
+      - reversing-labs:
+          context:
+            - okta-dcp
diff --git a/tests/unit/test_http_client.py b/tests/unit/test_http_client.py
@@ -147,7 +147,7 @@ async def test_client_invalid_url():
     })
     assert all(values in [None] for values in [req, res_details, resp_body])
     assert issubclass(type(error), aiohttp.ClientError)
-    assert type(error) == aiohttp.InvalidURL
+    assert isinstance(error, aiohttp.InvalidURL)
 
 
 @ pytest.mark.asyncio