All notable changes to the @jupiterone/integration-sdk-* projects will be
documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Remove batching logs from runtime.
- Update
@jupiterone/data-modelto v0.61.15
- runtime: Add diff object in the duplicate entity report for rawData and properties mismatch
- http-client: added retryCalculateDelay method to allow for custom delay
- http-client: BRAKING CHANGE: moved the initialization of the agent class to the HTTP client. Now integration configurations should be passed to the http client when initialize.
- Upgrade @jupiterone/data-model to v0.61.13
- Breaking changes to the Device & Host _class schema validation.
- More details can be found here and here or here
- Add agent option to http client
- Add retry logic to sync job requests /abort and /finalize.
- Added steps_finished Info Log Event
- http-client: Added option to refresh authentication headers on 401/403 errors
- http-client: deprecated
retryOptions.retryErrorHandlerin favor of protected methoddefaultErrorHandler
- Minor breaking change to JobState methods iterateEntities and iterateRelationships function signatures. The graph object passed to the iteratee is now Readonly. The intention is to prevent modification of the object during iteration. This is not a breaking change since the long-standing understanding is that these objects should never be modified once added to the jobState.
- export type GraphObjectIteratee<T> = (obj: T) => void | Promise<void>;
+ export type GraphObjectIteratee<T> = (obj: Readonly<T>) => void | Promise<void>;- Temporary logging that should be removed after investigation.
- bump @jupiterone/data-model to 0.61.11
- http-client: Added option to format and send body for content type
application/x-www-form-urlencoded
- Add new options parameter
GraphObjectIterateeOptionsto jobState.iterateEntities() and jobState.iterateRelationships() that allows a concurrency option to be specified. The options parameters is passed to in memory and the file based object stores. Example:
await jobState.iterateEntities(
{ _type: EcrEntities.ECR_IMAGE._type },
async (image) => {
...
},
{ concurrency: 5 },
);- Added a
toMatchEntityStepMetadataJest matcher for validating step results against the live production data model schema. - Added a
toMatchDataModelSchemaJest matcher for validating entities against the live production data model schema. - Deprecated the
toMatchStepMetadatamethod in favor oftoMatchEntityStepMetadata. - Deprecated the
toMatchGraphObjectSchemamethod in favor oftoMatchDataModelSchema.
- De-nest resulting single-class validation schema.
- Bump data-model package in relevant packages.
- Send
terminalStatusin the/abortsync API endpoint.
- Keep track of graphObjects iterated in memory in
iterateEntitiesanditerateRelationships.
- Add support for multiple class entities in
createIntegrationHelpers.
- Stop flushing after a step completes.
- General flushing optimizations.
- Mark as partials all types releated to failed uploads.
- integration-sdk-core: Fix typing in createIntegrationHelpers
- Fix publish workflow (republish 12.8.0)
- integration-sdk-cli: Export entity schema to graph schema
- integration-sdk-core: Add createIntegrationHelpers
- Add
NO_COLLECTION_METRICSfor disabling data collection metrics
- Add expiremental
OnDiskDuplicateKeyTracker - Add asn validator to j1Formats
- Replace validateEntityWithSchema
- http-client: add option to pass body as plain text
- entity-validator: republish
- entity-validator: first release
- updated
json-diffdependency - removed redudant
??fromhasCachePathfunction
- http-client: add default timeout handler
- http-client: consume body when paginate's response status is 204 to avoid memory leaks
- update @jupiterone/data-model
- @jupiterone/data-model has new restrictions on some classes such as Host
- update yarn.lock
- http-client: upgrade node-fetch to latest 2.x version (2.7.0)
- update http-client README.md
- http-client: add method to override default response parse in paginate
- http-client: pass headers to error cause
- http-client: fix withBaseUrl method to not encode urls
- fix withBaseUrl method on http-client
- add bodyType option to handle both multipart/form-data and application/json on http-client
- Handle standard and non-standard rate limits in BaseAPIClient.
- Fix issues related to pagination and token bucket in BaseAPIClient.
- Implement BaseAPIClient in http-client package.
- Enhanced step summaries to include
encounteredTypeCountsproperty.
- Added in
collectEncounteredKeysto invocation config. This will allow keys encountered during the integration to be returned after execution. - breaking Updated interface for
resultsCallbackinexecuteIntegrationto include the entire job summary. - Enhanced step summaries to include
startTime,endTime, anddurationproperties.
- Added
_rawDataproperty to entity spec by default. This can be overridden usingschema: { _rawData: { exclude: true } }.
- Updated types for Jest toImplementSpec matcher
- Added option to require all implemented steps to have a spec.
- Added in
excludeoption to entity schema which can be used to override required properties before validation.
- No new changes. Needed to force a new deployment.
- No new changes. Needed to force a new deployment.
- Introduce
resultsCallbackhook - Make
IntegrationEntityData.sourceoptional
- Support Node 20.x
- Improved logging for upload errors
- Added
regionand_keyproperties to visualized entities
- Patch to fix issue with deployment pipeline not processing
- Change Step Start/End logs to debug level and add duration field to Step summary
- Add
stepConcurrencytoInvocationConfigallowing customization of step concurrency.
-
Add
compressUploadstoCreateAPIClientOptions. Enabling this will send gzipped payloads. -
Allow loading modules by name (ex. @jupiterone/graph-rumble) in the
generate-ingestion-sources-configandgenerate-integration-graph-schemacommands
- Moved
visdependency to devDependencies
- Republish 11.0.1
- Breaking: Also remove the deprecated/unused
graphObjectBufferThresholdon the FileSystemGraphObjectStoreParams
-
Breaking: Change
TargetFilterKeytype to only allow composite keys. Plain string keys are no longer allowed. -
Breaking: Batch size Options removed:
- Removed unused
--upload-batch-sizeand--upload-relationship-batch-sizeoptions from CLI sync commands - Removed unused
uploadBatchSizeanduploadRelationshipBatchSizeparameters from programmatic sync methods
- Removed unused
- Use batching by size as default - and the only option.
- Changed the log level of the
Collected metriclog that is published when logger.publishMetric is called to "debug"
- Release with 10.1.0 changes again:
- 'InMemoryGraphObjectStore' no longer stores a set amount of entities or relationships, rather it works by measuring size in bytes of graph objects by default.
- Use the same logger for all logs created via the
j1-integration runcommand to improve formatting consistency - Update internal
errlog serializer
- Improvements to integration graph generator
- Add
error_unexpected_errorto IntegrationErrorEventName
- Revert change in 10.1.0 due to system health issues
- Update
jest.jsconfig to remove deprecated option. - Add
--noPrettyoption to cli to disable pretty printing of logs locally.
- Allow user to override
AlphaOptionsincreateApiClient
- 'InMemoryGraphObjectStore' no longer stores a set amount of entities or relationships, rather it works by measuring size in bytes of graph objects by default.
-
Bump TypeScript, ESLint, and Prettier to next major versions. Integration projects may encounter breaking changes when they adopt these new versions. For example, Prettier changed some default formatting. To fix the Prettier formatting, you may run the following command:
yarn:formatorprettier --write \"**/*.{ts,js,json,css,md,yml}\"
- Introduce batchingBySize option.
- Introduce
executionHandlerWrapperexecution wrapper. See development documentation for more information.
- Pass an instantiated credential provider to
@lifeomic/alphaclient so that credentials stop getting re-loaded when hitting the synchronization API from a private endpoint
- Add log for skipped steps for each disabled child step.
- Introduce
afterExecutionintegration execution hook. See development documentation for more information.
Adds logging when an integration fails to initialize or finalize a synchronization job
Introduces a new feature to j1-integration that allows generating a new
integration using a series of inputs.
Example:
j1-integration generate
- modify
generateIngestionSourcesConfigCommandto include child steps metadata in thechildIngestionSourcesproperty
- fix dependencies to be node 18 compatible
- Updated
@lifeomic/alphadependency tov5.1.1.
- Remove steps using the ingestion source id to
childIngestionSources
- optimized memory usage in
DuplicateKeyTracker
executeWithContext(context: TExecutionContext, ...)now accepts acontext.instanceproperty- modify step start states using ingestionSourcesConfig / disabledSources.
- Added
disabledSourcesfield to theIntegrationInstancetype from the@jupiterone/integration-sdk-corepackage.
-
BREAKING - Bump version of Node.js to v18 and require version >=18.16.0 <19.x.
-
BREAKING - Remove asynchronous
jobState.hasKey()The
hasKeyfunction has no asynchronous implementation, and awaitingjobState.hasKeycan unexpectedly cause duplicate key errors in some specific edge cases (see https://github.com/JupiterOne/sdk/pull/694/files). -
Remove the following Node.js event listeners due to Node.js core deprecation:
unhandledRejectionmultipleResolves
- Add steps using the ingestion source id to
childIngestionSources
- Reduced log level of graph object uploads from info to debug
- Set the integrationJobId to the syncJob's integrationJobId if a job id was not passed in in the jobConfiguration.
- Add a new field
ingestionConfigto theinvocationConfigin@jupiterone/integration-sdk-core. This is used to store information about data ingestion sources that can be enabled or disabled. - Add new command
generate-ingestion-sources-configin@jupiterone/integration-sdk cli. This is used to create e new fileingestionSourcesConfig.jsonand store it in a s3 bucket.
- Added support for
jsonenvironment variables. Example:
.env file:
// .env
SEVERITIES=["HIGH", "CRITICAL"]
Code:
import { Client } from './client';
import { createVulnEntity } from './converter';
type IntegrationConfig = { apiKey: string; severities: string[] };
const invocationConfig: IntegrationInvocationConfig = {
instanceConfigFields: [
{
apiKey: { type: 'string', mask: true },
severities: { type: 'json' },
},
],
integrationSteps: [
{
id: 'fetch-vulnerabilities',
name: 'Fetch Vulnerabilities',
entities: [{ resourceName: 'Vuln', _type: 'vuln', _class: 'Finding' }],
relationships: [],
executionHandler: ({ instance }) => {
const { apiKey, severities } = instance.config;
const client = new Client({ apiKey });
await iterateVulnerabilitiesForSeverity(
{ severities },
async (vuln) => {
await jobState.addEntity(createVulnEntity(vuln));
},
);
},
},
],
};- Fixed assigning empty tags not working if tags have
Valueproperty rather thanvalue.
- The presence of TypeScript deceleration files will no longer trigger the loading of ts-node to run the project.
- BREAKING - Require Node.js version >=14.17.0 <15.x due to replacement of
uuidmodule withcryptorandomUUID
- Update automatic integration documentation generator strategy to avoid creating duplicate records for entities, relationships, and mapped relationships.
- Add
collectEntitiesandcollectRelationshipsfunctions toInMemoryGraphObjectStore.
- Update
@jupiterone/date-modelto version v0.54.0
- Update
assignTags()to add keys withvalue: ''to entity.tagsproperty
- Added
troubleshootcommand to CLI to help diagnose problems with local execution of integrations.
- Added DisabledStepReason.API_VERSION for use when the version of a third party API does not support a given step.
- Added new
DuplicateEntityReportwhen an integration errors with a duplicate _key.
- Step summary refactored to be
summary.$TYPE: { total: number }. This will enable better logs querying.
- Do not modify the value supplied to
JUPITERONE_API_KEYwhen using the integration CLI
- Fixed incorrect path of import in
getStepExecutionOrder
- Added option to allow duplicate types in
getSortedJupiterOneTypes - Changed
j1-integration documentcommand to allow duplicate types - Added optional
dependencyStepIdstoStepTestConfig - Added support for
dependencyGraphIdtoexecuteStepWithDependencies
- Updated
@jupiterone/data-modelversion to addRelationshipClass.PUBLISHES
- Publish the following new custom metrics when entities, relationships, and
mapped relationships are added to the
JobStaterespectively:collected_entitiescollected_relationshipscollected_mapped_relationships
- Added log in
uploadDataChunkto capture successful completion of an upload
- Allow disabling the collection of the disk usage metric by specifying the
DISABLE_DISK_USAGE_METRICenvironment variable
multipleResolvesevents are no longer forwarded to loggersonFailurecallback as they are not strict failures. Logging ofmultipleResolvesat log- Updated ESLint to override the
no-misused-promisesrule.
- Skip logging messages when
logged_errorandlogged_warnmetrics are emitted.
- Emit
logged_errorandlogged_warnmetric counters whenIntegrationLoggerlogger.errorandlogger.warnare called respectively.
- Allow relationships to have
undefinedtop-level properties
- Add no-console lint rule to catch console.log accidentally left in projects.
Note: Possible breakage when this changes is adopted. The rule can be ignored
if needed using
/* eslint-disable no-console */ j1-integration syncnow supports the--skip-finalizeoption to avoid finalizing the synchronization job. This brings parity with theruncommand.j1-integrationrunandsynccommands now support--accountand--api-keyoptions to make them consistent with other commands that support these options. The values provided to these options will override any values set in theJUPITERONE_ACCOUNTandJUPITERONE_API_KEYenvironment variables. Note: it is recommended to avoid--api-keyin a CI/CD or server environment because the values will be visible in the logs.
- Upgrade CLI
commanderdependency to improve options type safety and handling. - Changed some CLI options error messages to be consistent and clearer. Any scripts that were relying on the previous error messages will need to be updated.
- CLI
--developmentoption can be set to"true"when--api-base-urlis either ofhttps://api.us.jupiterone.ioorhttps://api.dev.jupiterone.io(an error will not be thrown). This allowed for declaring the default value of--api-base-urlso it is shown in the help output. Any other value for--api-base-urlwill cause an error to be thrown if--developmentis set to"true".
j1-integration run --skip-finalizeoption to avoid finalizing the integration run. This is useful for scenarios where you want to run the integration to collect and upload data to a synchronization job, but do not want to initiate the finalization process.j1-integration [run|sync] --source api --scope anystringoptions to allow use of the SDK without configuring an integration instance.--integrationInstanceIdis not required when using these options.
-
Support backwards compatibility for old integration npm package dist format when using
j1-integration generate-integration-graph-schema.The way that integration npm packages are distributed has changed over time. We are now handling invocation config loading from different file paths to support backwards compatibility and make adoption easier.
- Added
graphObjectFileSizeconfiguration option toFileSystemGraphObjectStore
- Added optional flag to specify a different Neo4j database name to push to or wipe from than the default 'neo4j' (only available on enterprise instances of Neo4j).
- Allow the use of possibly null or undefined
numberinparseTimePropertyValue
- Added
optionalparameter toIntegrationInstanceConfigField. - Update
ProviderSourceDatatagstype to matchassignTags
- Support async
beforeAddRelationshiphook inIntegrationInvocationConfig. See the development documentation for more information on its usage.
- Added
IntegrationInfoEventName.ResultsandIntegrationWarnEventName.MissingEntity.
- Introduce
beforeAddRelationshiphook intoIntegrationInvocationConfig. See the development documentation for more information on its usage.
- New
j1-integration generate-integration-graph-schemaCLI command added
Usage: j1-integration generate-integration-graph-schema [options]
generate integration graph metadata summary from step metadata
Options:
-o, --output-file <path> project relative path to generated integration graph schema file
-p, --project-path <directory> path to integration project directory (default: "{CWD}")
-h, --help display help for command
- Bumped
@jupiterone/[email protected]
- Added the ability to specify a reason for why a step is disabled. This can be
set in the
StepStartStateinterface using theDisabledStepReasonenum. Valid reasons include:PERMISSION,CONFIG,BETA, andNONE.NONEis the equivalent to not specifying a reason. IfNONEor undefined are specified, logging to the job event log is disabled. Here is an example of usage:
{
['fetch-prs']: {
disabled: false
},
['fetch-issues']: {
disabled: !scopes.repoIssues,
disabledReason: DisabledStepReason.PERMISSION
}
}Sample text output:
Skipped step "Fetch Issues". The required permission was not provided to perform this step.
Skipped step "Fetch Issues". This step is disabled via configuration. Please contact support to enabled.
Skipped step "Fetch Issues". Beta feature, please contact support to enable.
- Added ability to set a separate
uploadRelationshipsBatchSize.syncandruncommands can specify the relationship-specific batch size with the-uror--upload-relationship-batch-sizeflags. Existing behavior remains the same. If auploadBatchSizeis set, but nouploadRelationshipsBatchSize, then relationships will be uploaded in batches of sizeuploadBatchSize.
- Added an optional
encounteredEntityKeysproperty on.toMatchStepMetadata()to verify that any relationship_fromEntityKeyand_toEntityKeyhas actually been encountered in the job state.
@jupiterone/data-modelhas been bumped to0.50.0
j1-integrationsyncandruncommands now have the option--upload-batch-sizeto specify how many objects to upload in each batch.
j1-integrationnow has the commandvisualize-dependenciesto create a visualization of the integration's step dependencies.
- Fixed publish lerna command.
- Allow an integration job id to be passed in when initializing syncronization.
j1-integration runcommand now supports--disable-schema-validationflag.
- Bumped version
@jupiterone/data-modelto v0.49.0
- Fixed issue when unzipping gzipped polly recording entries. Now removes the content.encoding value once content is decoded.
- Fixes issue introduced in 8.13.4
- Moved
shrinkBatchRawDatato its own module for readablity and easy mocking in test - Increased threshold by which we continue to shrink rawData from 6 million bytes to 5.5 million bytes
- change core loop of
shrinkBatchRawDatato ado whileloop instead ofwhile. This guarantees that at least 1 property will be attempted to be truncated on each call toshrinkBatchRawData. We only call this function when there has been an upload error due to payload size.
- Bumped version
@jupiterone/data-modelto v0.48.0
- Neo4j uploads no longer occasionally create duplicate nodes on relationship creation.
- Hanging execution when encountering upload failure due to entity properties being too large
- add logging surrounding the size distribution of upload batch and its largest entity when such a situation occurs
- throw fatal error when such a situation occurs
- Added base64 support for unzipping gzipped polly recording entries.
- Updated Neo4j upload commands to improve performance.
- Fixed CodeQL warning around Neo4j value sanitization previously not properly accounting for potential escape characters.
- Initial release of HTTP client with basic rate limit retry handling.
- Updated dependency
@lifeomic/attemptto version 3.0.3 Fixes an error handling issues when using the timeout option.
-
The following packages have been upgraded:
@pollyjs/adapter-node-http@pollyjs/core@pollyjs/persister-fs
-
The new Polly.JS packages ship with TypeScript definition files, so the old
@type/pollyjs__packages have been removed -
Support
executeStepWithDependenciesfor steps with nodependencyGraphId, even ifinvocationConfig.dependencyGraphOrderis present
- Additional error type
IntegrationProviderRetriesExceededErrorto be used when integration has exhausted all of the retries. This error type won't be sent in as an alert to the operators.
- Reduced max upload size to 1 MB.
- Additional logging when upload errors occur
- Bumped version
@jupiterone/data-modelto v0.47.0
j1commandsexportandimportnow accept optional command parameter --api-base-url to specify a different URL to run against.
j1-integrationcommandssync,run, andvalidate-question-filenow accept optional command parameter --api-base-url to specify a different URL to run against.
- SDK now proactively truncates rawData entries when uploads would exceed 6 megabytes.
- Bumped version of
@jupiterone/data-modelto v0.46.0
- pass client-generated correlation id with sync job uploads
- Log error
codewhen an integration logs an error - Throw an
IntegrationErrorwith codeINTEGRATION_UPLOAD_FAILEDwhen the JupiterOne system responds withRequestEntityTooLargeException
- [#660] - Trigger fatal error when JupiterOne system responds with
JOB_NOT_AWAITING_UPLOADS
- Fixed an error where if
retryOptionswasundefineddefault options would not be adopted
retryOptionsparameter tocreateApiClientto allow configuration of the retry behavior forAlpha
- Neo4j uploads now include all properties for mapped entities.
IngestionLimitEncountered type to IntegrationErrorEventName and
IntegrationWarnEventName.
- Bumped version of
@jupiterone/data-modelto v0.45.0
Add support for empty string values to assignTags.
Export EntityCoreProperties to all type inference to work outside this project.
Fix #638 - The Neo4j ingestion tool was ignoring properties with the value
false.
With this fix, the following query is supported:
MATCH (user:User {
mfaEnabled: false
}) RETURN user- #633 Support
_classas a node label property for entities created by the Neo4j store.
Example query by _type:
MATCH (account:github_account)-[OWNS]->
(repo:github_repo)-[ALLOWS]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, userExample query by _class:
MATCH (account:Account)-[OWNS]->
(repo:CodeRepo)-[ALLOWS]->
(user:User {
role:"OUTSIDE"
})
RETURN account, repo, user- All types and classes used for labels are now being sanitized.
Fix #629 - Create relationships
from Neo4j store using _class as the label instead of _type
Which GitHub repositories are accessible to outside collaborators?
Old query:
MATCH (n:github_repo)-[r:github_repo_allows_user]->(u:github_user{role:"OUTSIDE"})
RETURN n, u
MATCH (account:github_account)-[github_account_owns_repo]->
(repo:github_repo)-[github_repo_allows_user]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, userNew query:
MATCH (account:github_account)-[OWNS]->
(repo:github_repo)-[ALLOWS]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, user- Bumped
@types/jest@^27.1.0in order to fix Namespace 'NodeJS' has no exported member 'Global'. issues captured here: jestjs/jest#11640
- Changed logger to fully mask config field values, rather than displaying last 4 chars
-
Added
.toMatchStepMetadatajest matcher. This matcher complements theexecuteStepWithDependenciesutility. Usage:const stepResult = await executeStepWithDependencies({ stepId: Steps.FETCH_USERS.id, invocationConfig, instanceConfig, }); expect(stepResult).toMatchStepMetadata({ stepId: Steps.FETCH_USERS.id, invocationConfig, });
-
Updated jest matchers in the following way:
- added optional
_typeargument to.toMatchGraphObjectSchemamatcher - added optional
_typeand_classarguments to.toMatchDirectRelationshipSchemamatcher
This enables developers to simply pass the
StepEntityMetadataandStepRelationshipMetadatainterfaces to these matchers. Usage:expect(collectedEntities).toMatchGraphObjectSchema(Entities.USER); expect(collectedRelationships).toMatchDirectRelationshipSchema( Relationships.ACCOUNT_HAS_USER, );
- added optional
-
Added optional
schemaproperty toStepGraphObjectMetadata. This allows developers to provide the property schema to expect on entities, relationships, and mapped relationships. This serves two uses:- Schemas can be used at runtime or test-time to verify that an entity has the correct properties
- The
j1-integration documentcommand could automatically produce consumer documentation about the properties that an entity / relationship is expected to have
-
Added
executeStepWithDependenciesutility to@jupiterone/integration-sdk-testingpackage. This allows developers to test specific integration steps in isolation, while assuring that all of its dependencies have indeed executed. Usage:const { collectedEntities, collectedRelationships, collectedData } = await executeStepWithDependencies({ stepId: Steps.FETCH_USERS.id, invocationConfig, instanceConfig, }); expect(collectedEntities.length).toBeGreaterThan(0); expect(collectedEnities).toMatchGraphObjectSchema({ _class: Entities.USER._class, schema: Entities.USER.schema, }); // ... additional expectations
-
Added
MockJobState.collectedDatato capture data that has been collected in the job state. Usage:const jobState = createMockJobState({ setData: { existingKey: 'existing-value' }, }); await executeStepThatAddsAccountEntity(); expect(jobState.collectedData).toEqual({ ACCOUNT_ENTITY: { _type: 'account', _class: 'Account', _key: 'account1', }, }); expect(jobState.collectedData.existingKey).toBeUndefined();
- Added ability to disable matching class schema in toMatchGraphObjectSchema
- Fixed #603 - Add missing
chalkproduction dependency to@jupiterone/integration-sdk-cli
- Bumped version of
@jupiterone/data-modelto addstateproperty toHostentity class
Updated the error message within the sdk-core to reference support email instead of the support.jupiterone.io site.
-
Added the
loadExecutionConfiglifecycle method to theInvocationConfiginterface.loadExecutionConfigloads shared configuration assets, such as shared API credentials. Example:import { fromTemporaryCredentials } from '@aws-sdk/credential-providers'; /** * The AWS integration uses shared `fromTemporaryCredentials` across all of * its clients. */ export function loadExecutionConfig({ config: { roleArn: string, externalId: string }, }) { return { credentials: fromTemporaryCredentials({ params: { RoleArn: config.roleArn, ExternalId: config.externalId, RoleSessionName: `juptierone-${uuid()}`, }, }), }; }
- Bump
@jupiterone/data-modelto exposeRelationshipClass.SENDS
- Bump
@jupiterone/data-modelto remove warning messages forUserandPersonentities
- Fixed an issue where the
j1-integration neo4jcommand was callingtoString()on undefined properties in some cases
- Bump
@jupiterone/data-modelto exposeRelationshipClass.HOSTSandRelationshipClass.LOGS
- CLI now has a command called
neo4jthat will upload any collected data in a project to a local Neo4j database. This requires that a NEO4J_URI, NEO4J_USER, and NEO4J_PASSWORD be supplied in the local .env file.
-
*BREAKING* Explicitly require a
_keyproperty when usingcreateIntegrationEntity(). Previously, thecreateIntegrationEntity()function allowed the_keyproperty to be optional, and when not present, the function automatically uses eitheridorproviderIdas the entity_key.This caused (entirely preventable) runtime errors if the given
sourcedata did not have anidorproviderIdproperty available. -
Updated the interfaces for
jobState.findEntityandjobState.hasKeyto allowundefined. Oftentimes, we use optional chaining withjobState.findEntityorjobState.hasKey, so having the ability to passundefinedinto these methods can make our code easier to read.// without allowing `undefined`, we often need to assert values as `string` const virtualMachineId = await jobState.findEntity( nic.virtualMachine?.id as string, ); // by allowing `undefined`, we can more safely use these methods without type assertions const virtualMachineId = await jobState.findEntity(nic.virtualMachine?.id);
- Fixed the way that symlinks are created on windows machines. Directories are
still created as simlinks, but files are now hardlinks to prevent the
requirement that
yarn startbe run with admin credentials.
- Bump
@pollyjspackages in@jupiterone/integration-sdk-testingand@jupiterone/integration-sdk-cli
- Bump
@jupiterone/data-modelto exposeVIOLATESrelationship class.
- #567 - Add utility function that truncates an entity property value
- Do not retry
RequestEntityTooLargeExceptions
-
Added support to publish job log events at level
info,warn, anderror.Usage:
logger.publishInfoEvent({ name: IntegrationErrorEventName.Stats, description: 'fetched 100000 records', }); logger.publishWarnEvent({ name: IntegrationErrorEventName.MissingPermission, description: 'Missing permission users.read', }); logger.publishErrorEvent({ name: IntegrationErrorEventName.MissingPermission, description: 'Missing permission users.read', });
-
Added support for relative paths in
yarn j1-integration *commands
- Drop support for any version below Node 14.x. The build now only targets 14.x
- When an
IntegrationErrorreceives acauseproperty, appendcause.stackto the error's stack trace
- Bump
@jupiterone/data-modelto exposeIssueentity class.
- Use the default path
{CWD}/jupiterone/questions/questions.yamlfor the--file-pathargument ofj1-integration validate-question-file
- Introduce
j1-integration validate-question-filecommand that is used to automatically validate managed questions and JupiterOne queries
- Added
toImplementSpecjest matcher - Added
StepSpecandIntegrationSpecConfigtypes in order to define integration specifications
- Changed language for relationships created that document command produces.
- Add mapped relationship details to documentation output
- Bump
@jupiterone/data-modelto exposeSecretentity class.
- Bump
@jupiterone/data-modelto exposeQuestionentity class.
- Bump
@jupiterone/data-modelto exposeRelationshipClass.ENFORCES
- Add
j1-integration collect --project-pathto allow for executing against a project in any location - Add
j1-integration sync --project-pathto allow for executing against a project in any location - Add
j1-integration run --project-pathto allow for executing against a project in any location - Add
j1-integration run --developmentto match other commands that connect to JupiterOne development environment - Add
j1-integration visualize --output-fileto allow for specifying the output file path - Add the
j1-integration visualize --data-dirvalue to the error content of the generated file when there were no entities or relationships to render
- Improve grammar and consistency of CLI help content
- Change
j1-integration visualize --data-dirto support absolute path, complementing added support for--project-pathon other commands
- Fix
j1-integration document --output-fileto reflect that it is a path relative to--project-path - Fixed the way that symlinks are created on windows machines, which previously
threw
EPERM: operation not permitted, symlink
- Add optional
mappedRelationshipsto step metadata
- Changed how
j1-integration visualizedisplays placeholder entities. Now only properties present intargetFilterKeysare displayed in the graph, making target entities smaller. Also, set borders of placeholder entities to dashed. - Bump
@jupiterone/data-modelto exposeAlertentity schema. createEventPublishingQueuetakes in an optional Axios config.
- Track summary of collected graph object
_type's and the number of times that each_typehas been encountered
- Bump
@jupiterone/data-modelto exposeProblementity schema.
- A single DataStore is now used for all dependency graphs executed in an integration run.
- Used default J1 colors for
yarn j1-integration visualize-typescommand.
- a
dependencyGraphOrderproperty to the InvocationConfig and adependencyGraphIdproperty to the StepMetadata which togeather can be used to create multiple ordered dependency graphs per execution.
- Bump
@jupiterone/data-modelto incorporateRelationshipClass.PUBLISHED
- Added
deleteData()for jobState Usage:await jobState.setData('abc', true); await jobState.getData('abc'); // true await jobState.deleteData('abc'); // void await jobState.getData('abc'); // undefined
- Added
developmentoption toj1-integration synccommand.
- Removed
j1-integration comparecommand. Developers should usej1-integration diffin its place.
- Added
j1-integration diffcommand to ouptut colorized diffs of old/new integrations. - Allow overriding integration instance properties when running integrations locally.
- #494 - Expose 401 Unauthorized errors from synchronization API
- Upgrade
@jupiterone/data-model@^0.30.0
- Added
toTargetEntities()jest matcher for mapped relationship validation. Usage:expect([mappedRel1, mappedRel2]).toTargetEntities([ entity1, entity2, entity3, ]);
- Expanded the interface of
findEntityto acceptstring | undefined.
- Upgrade
@jupiterone/data-model@^0.28.0 - Fix missing CLI
comparesub command. - Fix
comparerelationship key tracking. - Ignore metadata graph object properties in
compare.
- Upgrade
@jupiterone/data-model@^0.27.0
- Add
comparemethod to@jupiterone/integration-sdk-cliwhich is used to diff data sets downloaded from JupiterOne.
- Upgrade
@jupiterone/data-model@^0.24.0
- Upgrade
@jupiterone/data-model@^0.22.2
- #470 Introduce
beforeAddEntityhook intoIntegrationInvocationConfig. See the development documentation for more information on its usage.
- Upgrade
@jupiterone/data-model@^0.22.1
- Upgrade
@jupiterone/data-model@^0.22.0
- Improved the performance of
jobState.findEntity()when entities are written on disk. - Removed
GraphObjectStore.getEntity(), and added.findEntity()to the specification.
parseStringPropertyValue()acceptsstring | undefined | nullas a convenience for cases where provider data answersundefinedornullvalues.- Updated numerous dependencies, including
typescriptandeslint.
IntegrationProviderAuthorizationErrorandIntegrationProviderAuthenticationErrorconstructors were not compatible withIntegrationProviderAPIError, making for linting errors in projects that would expect them to be.
- Upgrade
@jupiterone/data-model@^0.18.0
- Additional logged information in uploads error case
- Additional logged information in uploads
- #429 - fixed
toMatchGraphObjectSchemafailure when multiple classes share sameenumproperty name.
- #426 - Update return typings
for
jobState.getDatato be more realistic
Old:
getData: <T>(key: string) => Promise<T>;New:
getData: <T>(key: string) => Promise<T | undefined>;- Updated packages in
@jupiterone/integration-sdk-core
- Expose the following read-only properties on
IntegrationProviderAPIErrorendpointstatusstatusText
- Added log statement after
uploadData()successfully sends data to synchronizer.
- Allow duplicate key tracker to grow greater than V8 engine limit. See #420.
- Whitespace trimming of integration config values.
- Support for skipping writing graph object files when running CLI commands
- Skip logging warn message when a
CredentialsErroris received in graph object uploads.
- Support for specifying the upload batch size via the
uploadBatchSizeincreatePersisterApiStepGraphObjectDataUploader.
JobState.hasKey()as an efficient means of determining whether an entity or relationship has been added. This allows integrations to avoid doing any of their own key tracking.
- A
createIntegrationEntitybug in transferring source properties into an entity caused a memory leak.
-
Support for omitting specific graph objects from file storage. Some entities and relationships do not need to be stored on the file system at all. We only need to store graph objects on the file system if we later intend to fetch the data from the job state or iterate over the
_type.Usage in an integration step:
{ id: 'my-step', name: 'My step', entities: [ { resourceName: 'The Record', _type: 'my_record', _class: ['Record'], indexMetadata: { // This _type will not be written to the file system enabled: false, }, }, ], relationships: [], async exeutionHandler() { ... } }
See PR #404
- Fixed issue where the SDK could upload empty entity and relationship graph object files.
-
OPTIMIZATION: Buffer entities and relationships in memory and allow for fast lookups. This change allows us to skip flushing to disk anytime there is a call to
findEntity,iterateEntitiesoriterateRelationships.See PR #395
-
OPTIMIZATION: Allow
FileSystemGraphObjectStoreto specifygraphObjectBufferThreshold, which defines the maximum number of graph objects that the graph object store can buffer into memory before flushing to disk. Machines with more memory should consider increasing this value as the default is500.See PR #395
-
OPTIMIZATION: Continuously upload integration data during collection phase. Previously, our integrations had two primary phases. The first phase was the collection phase, and the second phase was the upload phase. The integration SDK now mixes these two phases and the integrations will upload the collected data to JupiterOne during the integration execution step that it has been collected in.
See PR #396
-
OPTIMIZATION: Reduce the size of the graph object files that are stored on disk by default. Previously, all graph object files written to disk while running the integration locally and running the integration in the managed JupiterOne runtime, were created with whitespace. The file whitespace is now only created when running the integration locally via the CLI commands.
See PR #399
- Remove
BucketMapas it's no longer used in theFileSystemGraphObjectStore.BucketMapwas technically exposed externally, but should not have been used externally.
- Added
registerEventHandlersandunregisterEventHandlersexports from the runtime package. These functions will register a common set of event handlers that handle out-of-band errors that can be thrown in integration steps, such asunhandledRejectionandmultipleResolves. These handlers should be added to any deployment projects that invokeexecuteIntegrationInstance. Developers should instrument these event handlers as early as possible in the node process. - Added
registerIntegrationLoggerEventHandlersandunregisterIntegrationLoggerEventHandlersas convenience functions, since JupiterOne infrastructure will handle these event emitter failures by callinglogger.error(). - Added
registerEventHandlerstoexecuteIntegrationLocally, so that events are caught when runningyarn j1-integration collect. - Made
registerIntegrationEventHandlerscall the integration loggeronFailurefunction.
- Increase concurrency on integration data uploads
- Implement retry logic around integration data uploads
ExecutionContext.executionHistoryis always provided to integrationsExecutionHistory.current: Executionto provide information about the current execution.
ExecutionHistoryproperties have been renamed as part of addingcurrent: Execution, to avoid duplication in the naming:lastExecution->previous,lastSuccessfulExecution->lastSuccessful.- BREAKING:
executeIntegrationInstancenow requires anExecutionHistoryargument containing thecurrent: Execution. - BREAKING:
executeWithContext(context: ExecutionContext, ...)now requires thatExecutionContext.executionHistoryis provided.
- Log whether compression is enabled or not at beginning of execution
- Specifying the
INTEGRATION_FILE_COMPRESSION_ENABLEDenvironment variable will now compress local integration graph object files with Brotli compression on writes and decompress on reads.
-
Stop handling
IntegrationDuplicateKeyErroras fatal. Previously, this type of error would terminate the integration completely and no data would be ingested. Now, the step that raises this error will not complete, but all other steps will complete and partial datasets will be processed. -
Publish integration disk size event on interval
ExecutionContext.history?: ExecutionHistoryprovides information about thelastExecutionandlastSuccessfulExecution. Integrations may use this to limit data ingestion.- Allow
executeIntegrationInstanceto take a customGraphObjectStore - Expose
BucketMapandFileSystemGraphObjectStorefrom@jupiterone/integration-sdk-runtime - Steps may declare that a type of graph object will be
partialto indicate that they will never ingest a complete set of some_types of entities/relationships.
- Refactored some tests
- Upgrade
@jupiterone/data-model@^0.15.0
- Removed
createApiClientWithApiKeyhelper from runtime package. You must usecreateApiClientfor compatibility with new service tokens.
- Pass
onFailurefunction to children ofIntegrationLogger
- Expose
onFailurecallback increateIntegrationLogger
- #362 - Added
onFailurecallback to integration logger constructor.
- #355 - Added
normalizeGraphObjectKeyargument to normalize lookups inDuplicateKeyTracker. - Print link to
data-modelwhentoMatchGraphObjectSchemajest matcher fails.
- Update
@jupiterone/data-model
- Fixed unexpected behavior in
createIntegrationEntity()whenstatusproperty is set to anything exceptOnlineorActive
- Updated
@jupiterone/data-modelto version 0.13.0.
- Added
toMatchDirectRelationshipSchemamatcher.
- Upgrade to
@jupiterone/[email protected] Entity.idis nowstring | string[]in thedata-model(see PR). Integrations may enrich existing entities through mapped relationshiptargetEntity.idvalues.
j1-integration visualize-typecommand generates metadata graph of types- Added
--disable-schema-validationflag toj1-integration collectcommand. - Added optional
setDatainput tocreateMockJobState()test util.
- Introduced
shouldReportErrorToOperatorfunction for integration runtime environments to check whether anErroris of a type that need not be alerted to deployment operators. AllErrors other than those only an end user can resolve should be reported. - #333 - Made
ToMatchGraphObjectSchemaParams.schemaproperty optional in jest matcher. - Changed index signature of
AdditionalRelationshipPropertiesto not allow Array or Object types.
- #321 -
j1-integration documentoutput in alphabetical order by entity metadataresourceNameproperty and relationship metadata_typeproperty.
- Upgrade to
@jupiterone/[email protected]
- #301 - Fix test
findEntityfor initialized entities in aMockJobState.
-
#291 - Introduce
j1-integration documentcommand that is used to automatically generate documentation in{integration-proj-dir}/docs/jupiterone.md. -
#284 - Introduce
jobState.findEntity, which will returnnullif the entity does not exist.
Example:
const entity = await jobState.findEntity('entity-key-here');- #303 Export
RelationshipClassfrom the@jupiterone/data-modelinside of@jupiterone/integration-sdk-core.
Usage:
import { RelationshipClass } from '@jupiterone/integration-sdk-core';-
BREAKING #291 - Remove
typesfromIntegrationStepin favor ofentitiesandrelationships, which contain metadata used to generate documentation. -
BREAKING #285 - Require a
RelationshipClassfrom@jupiterone/data-modelto be specified in relationship creation functions.
Example:
import {
createDirectRelationship,
RelationshipClass
} from '@jupiterone/integration-sdk-core';
createDirectRelationship({
_class: RelationshipClass.HAS,
...
});-
#288 - Remove deprecated
createIntegrationRelationshipfunction -
#306 - Remove
jobState.getEntityin favor ofjobState.findEntity
- #293
toMatchGraphObjectSchemagenerates an invalid JSON schema when using_classwith duplicaterequiredortypesproperties.
- Updated
@jupiterone/data-modelto latest version (0.8.1).
- #288 - Remove
sourceEntityTypefromRelationshipMappinginterface
-
#279 - Update
.eslintrcto include eslint rules that will help catch async errors -
Updated root
.eslintrcto use@jupiterone/integration-sdk-dev-tools/config/eslint.jsondirectly with specific overrides.
jobState.addRelationshipsfloating promise in@jupiterone/integration-sdk-testing- Various async fixes in test suites
- Test instance of
jobState.getEntity()threw error saying entity not found even though it was added to the job state.
- Install direct
deepmergedependency into@jupiterone/integration-sdk-testingpackage.
- #270 - Return the Entity from
jobState.addEntityandjobState.addEntities
Example:
const entity = await jobState.addEntity(convertToEntity(data));
const entity2 = await jobState.addEntity(convertToOtherEntity(entity2));
await jobState.addRelationship(
convertToRelationship(entity, entity2)
);
// Or this:
await jobState.addRelationship(
convertToRelationship(
await jobState.addEntity(convertToEntity(data))
await jobState.addEntity(convertToOtherEntity(entity2))
)
);- Fixed
visualizecmd where mapped relationships did not considertargetFilterKeywhen matching entities - Fixed
visualizecmd where multiple nodes with the same nodeId could be created, which causes rendering to fail
- Automatically register custom Jest test matchers when using
@jupiterone/integration-sdk-dev-tools. See: #265
- Added Jest test matcher for validating collected entities against a JSON schema. See: #263
Example:
expect(context.jobState.collectedEntities).toMatchGraphObjectSchema({
_class: ['Service'],
schema: {
additionalProperties: false,
properties: {
_type: { const: 'google_cloud_api_service' },
category: { const: ['infrastructure'] },
state: {
type: 'string',
enum: ['STATE_UNSPECIFIED', 'DISABLED', 'ENABLED'],
},
enabled: { type: 'boolean' },
usageRequirements: {
type: 'array',
items: { type: 'string' },
},
_rawData: {
type: 'array',
items: { type: 'object' },
}
}
});- Added
getEntity({ _type, _key })function - Added optional
sourceEntityTypeproperty onRelationshipMapping
- Deprecated
createIntegrationRelationship. Developers should use the exportedcreateDirectRelationshiporcreateMappedRelationshipfunctions.
j1-integration visualizeadded mapped relationships as dashed lines.
j1-integration visualizeentities are colored by_type.- Updated
IntegrationConfigto support asynchronousgetStepStartStates. See #254 for more information.
Example:
export const invocationConfig: IntegrationInvocationConfig<IntegrationConfig> = {
async getStepStartStates(ctx) {
return {
'fetch-users': { disabled: await checkFetchUsersStepDisabled(ctx) }
};
},
...
};- Disk usage metrics are now published by the logger.
- Updated
@jupiterone/data-modelto latest version (0.7.1).
@jupiterone/integration-sdk-dev-toolsdid not includets-node, so thatyarn startwould fail to execute with 'Integration invocation configuration not found. Configuration should be exported as "invocationConfig" from "src/index".'
publishMetricnow logs the metric that is published.
- The
validateInvocationfunction will have certain types of errors it throws (IntegrationValidationError,IntegrationProviderAuthenticationError) logged atlevel: 40(warn) instead oflevel: 50(error). These are types that are considered handled user errors and are expected to be communicated to the user in a way that allows them to address the problem. All other error types thrown from the function will continue to be logged atlevel: 50.
- Replace
createMockIntegrationLoggerimplementation with a silent version of the logger exposed by@jupiterone/integration-sdk-runtime.
- Decoupled synchronization event publishing from the
IntegrationLogger. Event publishing can now be performed by listening to events that the logger publishes.
- Remove the need for the
JUPITERONE_DISABLE_EVENT_LOGGINGenvironment variable. - Removed
ApiClienttype from the@jupiterone/integration-sdk-corepackage. Also removed the dependency onaxiosfrom the package as well. - Removed
registerSynchronizationContextfunction from theIntegrationLogger
convertPropertiessupports an optionparseTime, directing the function to convert properties that are named with common suffixes (on, at, time, date) to a UNIX timestamp (number).- Added
publishMetricfunction toIntegrationLoggerthat now causes ametricevent to be emit.
- Allow extended types of Relationships/Entities to be iterated over with
iterateEntitiesanditerateRelationshipsonJobState
- Added the
@jupiterone/integration-sdk-dev-toolspackage which contains some shared development dependencies and configuration files.
createIntegrationRelationshipmade_keyoptional for relationship mappings, a fine thing to do because specifying the_keyfor those insn't necessary. However, the function was changed at the same time to stop generating a_key, which is required to ensure the collected relationships are unique. This fixes things so the_keyremains an optional argument, and improves the generation of the_keyto ensure better uniqueness.
- Regression:
createIntegrationRelationship()lost a change to accept optional_typefor relationship mappings, overriding the generated value or values provided inpropertiesoption. - Removed
@types/visfrom dependencies to devDependencies because having the type forces typescript consumers to haveDOMin the theirlibcompiler option.
- Make published packages leaner by only including
distfiles.
createIntegrationRelationshipfor a mapped relationship would attempt to generate a_keyvalue when none was provided. This is not useful for a mapped relationship since these are not actually a relationship, but a directive to the mapper to produce one or more relationships, each of which would not have the provided/generated_key.
- Removed the deprecated convention based invocation config loading.
convertPropertieswould transfer an Array such as[ null ]. Now an Array where the first entry is an object is not transferred unlessstringifyArray: true, orstringifyObjects: true(the property will be an array full of JSON strings), and where the first value isnullorundefined, the property is not transferred at all.- Related to the removal of convention based configuration loading, the
createMockExecutionContextandcreateMockStepExecutionContextutilities exposed by@jupiterone/integration-sdk-testingnow requireinstanceConfigFieldsto be passed in for config value generation to work.
- Upgrade to
@jupiterone/[email protected]
Prior to the 1.0.0 release, all integration SDK functionality was exposed by
the @jupiterone/integration-sdk package. That package has now been split up
into the following packages:
@jupiterone/integration-sdk-core@jupiterone/integration-sdk-runtime@jupiterone/integration-sdk-testing@jupiterone/integration-sdk-cli
To view the changes that went into @jupiterone/integration-sdk, please see
LEGACY_SDK_CHANGELOG.md.