All notable changes to the @jupiterone/integration-sdk-*
projects will be
documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Remove batching logs from runtime.
- Update
@jupiterone/data-model
to v0.61.15
- runtime: Add diff object in the duplicate entity report for rawData and properties mismatch
- http-client: added retryCalculateDelay method to allow for custom delay
- http-client: BRAKING CHANGE: moved the initialization of the agent class to the HTTP client. Now integration configurations should be passed to the http client when initialize.
- Upgrade @jupiterone/data-model to v0.61.13
- Breaking changes to the Device & Host _class schema validation.
- More details can be found here and here or here
- Add agent option to http client
- Add retry logic to sync job requests /abort and /finalize.
- Added steps_finished Info Log Event
- http-client: Added option to refresh authentication headers on 401/403 errors
- http-client: deprecated
retryOptions.retryErrorHandler
in favor of protected methoddefaultErrorHandler
- Minor breaking change to JobState methods iterateEntities and iterateRelationships function signatures. The graph object passed to the iteratee is now Readonly. The intention is to prevent modification of the object during iteration. This is not a breaking change since the long-standing understanding is that these objects should never be modified once added to the jobState.
- export type GraphObjectIteratee<T> = (obj: T) => void | Promise<void>;
+ export type GraphObjectIteratee<T> = (obj: Readonly<T>) => void | Promise<void>;
- Temporary logging that should be removed after investigation.
- bump @jupiterone/data-model to 0.61.11
- http-client: Added option to format and send body for content type
application/x-www-form-urlencoded
- Add new options parameter
GraphObjectIterateeOptions
to jobState.iterateEntities() and jobState.iterateRelationships() that allows a concurrency option to be specified. The options parameters is passed to in memory and the file based object stores. Example:
await jobState.iterateEntities(
{ _type: EcrEntities.ECR_IMAGE._type },
async (image) => {
...
},
{ concurrency: 5 },
);
- Added a
toMatchEntityStepMetadata
Jest matcher for validating step results against the live production data model schema. - Added a
toMatchDataModelSchema
Jest matcher for validating entities against the live production data model schema. - Deprecated the
toMatchStepMetadata
method in favor oftoMatchEntityStepMetadata
. - Deprecated the
toMatchGraphObjectSchema
method in favor oftoMatchDataModelSchema
.
- De-nest resulting single-class validation schema.
- Bump data-model package in relevant packages.
- Send
terminalStatus
in the/abort
sync API endpoint.
- Keep track of graphObjects iterated in memory in
iterateEntities
anditerateRelationships
.
- Add support for multiple class entities in
createIntegrationHelpers
.
- Stop flushing after a step completes.
- General flushing optimizations.
- Mark as partials all types releated to failed uploads.
- integration-sdk-core: Fix typing in createIntegrationHelpers
- Fix publish workflow (republish 12.8.0)
- integration-sdk-cli: Export entity schema to graph schema
- integration-sdk-core: Add createIntegrationHelpers
- Add
NO_COLLECTION_METRICS
for disabling data collection metrics
- Add expiremental
OnDiskDuplicateKeyTracker
- Add asn validator to j1Formats
- Replace validateEntityWithSchema
- http-client: add option to pass body as plain text
- entity-validator: republish
- entity-validator: first release
- updated
json-diff
dependency - removed redudant
??
fromhasCachePath
function
- http-client: add default timeout handler
- http-client: consume body when paginate's response status is 204 to avoid memory leaks
- update @jupiterone/data-model
- @jupiterone/data-model has new restrictions on some classes such as Host
- update yarn.lock
- http-client: upgrade node-fetch to latest 2.x version (2.7.0)
- update http-client README.md
- http-client: add method to override default response parse in paginate
- http-client: pass headers to error cause
- http-client: fix withBaseUrl method to not encode urls
- fix withBaseUrl method on http-client
- add bodyType option to handle both multipart/form-data and application/json on http-client
- Handle standard and non-standard rate limits in BaseAPIClient.
- Fix issues related to pagination and token bucket in BaseAPIClient.
- Implement BaseAPIClient in http-client package.
- Enhanced step summaries to include
encounteredTypeCounts
property.
- Added in
collectEncounteredKeys
to invocation config. This will allow keys encountered during the integration to be returned after execution. - breaking Updated interface for
resultsCallback
inexecuteIntegration
to include the entire job summary. - Enhanced step summaries to include
startTime
,endTime
, andduration
properties.
- Added
_rawData
property to entity spec by default. This can be overridden usingschema: { _rawData: { exclude: true } }
.
- Updated types for Jest toImplementSpec matcher
- Added option to require all implemented steps to have a spec.
- Added in
exclude
option to entity schema which can be used to override required properties before validation.
- No new changes. Needed to force a new deployment.
- No new changes. Needed to force a new deployment.
- Introduce
resultsCallback
hook - Make
IntegrationEntityData.source
optional
- Support Node 20.x
- Improved logging for upload errors
- Added
region
and_key
properties to visualized entities
- Patch to fix issue with deployment pipeline not processing
- Change Step Start/End logs to debug level and add duration field to Step summary
- Add
stepConcurrency
toInvocationConfig
allowing customization of step concurrency.
-
Add
compressUploads
toCreateAPIClientOptions
. Enabling this will send gzipped payloads. -
Allow loading modules by name (ex. @jupiterone/graph-rumble) in the
generate-ingestion-sources-config
andgenerate-integration-graph-schema
commands
- Moved
vis
dependency to devDependencies
- Republish 11.0.1
- Breaking: Also remove the deprecated/unused
graphObjectBufferThreshold
on the FileSystemGraphObjectStoreParams
-
Breaking: Change
TargetFilterKey
type to only allow composite keys. Plain string keys are no longer allowed. -
Breaking: Batch size Options removed:
- Removed unused
--upload-batch-size
and--upload-relationship-batch-size
options from CLI sync commands - Removed unused
uploadBatchSize
anduploadRelationshipBatchSize
parameters from programmatic sync methods
- Removed unused
- Use batching by size as default - and the only option.
- Changed the log level of the
Collected metric
log that is published when logger.publishMetric is called to "debug"
- Release with 10.1.0 changes again:
- 'InMemoryGraphObjectStore' no longer stores a set amount of entities or relationships, rather it works by measuring size in bytes of graph objects by default.
- Use the same logger for all logs created via the
j1-integration run
command to improve formatting consistency - Update internal
err
log serializer
- Improvements to integration graph generator
- Add
error_unexpected_error
to IntegrationErrorEventName
- Revert change in 10.1.0 due to system health issues
- Update
jest.js
config to remove deprecated option. - Add
--noPretty
option to cli to disable pretty printing of logs locally.
- Allow user to override
AlphaOptions
increateApiClient
- 'InMemoryGraphObjectStore' no longer stores a set amount of entities or relationships, rather it works by measuring size in bytes of graph objects by default.
-
Bump TypeScript, ESLint, and Prettier to next major versions. Integration projects may encounter breaking changes when they adopt these new versions. For example, Prettier changed some default formatting. To fix the Prettier formatting, you may run the following command:
yarn:format
orprettier --write \"**/*.{ts,js,json,css,md,yml}\"
- Introduce batchingBySize option.
- Introduce
executionHandlerWrapper
execution wrapper. See development documentation for more information.
- Pass an instantiated credential provider to
@lifeomic/alpha
client so that credentials stop getting re-loaded when hitting the synchronization API from a private endpoint
- Add log for skipped steps for each disabled child step.
- Introduce
afterExecution
integration execution hook. See development documentation for more information.
Adds logging when an integration fails to initialize or finalize a synchronization job
Introduces a new feature to j1-integration
that allows generating a new
integration using a series of inputs.
Example:
j1-integration generate
- modify
generateIngestionSourcesConfigCommand
to include child steps metadata in thechildIngestionSources
property
- fix dependencies to be node 18 compatible
- Updated
@lifeomic/alpha
dependency tov5.1.1
.
- Remove steps using the ingestion source id to
childIngestionSources
- optimized memory usage in
DuplicateKeyTracker
executeWithContext(context: TExecutionContext, ...)
now accepts acontext.instance
property- modify step start states using ingestionSourcesConfig / disabledSources.
- Added
disabledSources
field to theIntegrationInstance
type from the@jupiterone/integration-sdk-core
package.
-
BREAKING - Bump version of Node.js to v18 and require version >=18.16.0 <19.x.
-
BREAKING - Remove asynchronous
jobState.hasKey()
The
hasKey
function has no asynchronous implementation, and awaitingjobState.hasKey
can unexpectedly cause duplicate key errors in some specific edge cases (see https://github.com/JupiterOne/sdk/pull/694/files). -
Remove the following Node.js event listeners due to Node.js core deprecation:
unhandledRejection
multipleResolves
- Add steps using the ingestion source id to
childIngestionSources
- Reduced log level of graph object uploads from info to debug
- Set the integrationJobId to the syncJob's integrationJobId if a job id was not passed in in the jobConfiguration.
- Add a new field
ingestionConfig
to theinvocationConfig
in@jupiterone/integration-sdk-core
. This is used to store information about data ingestion sources that can be enabled or disabled. - Add new command
generate-ingestion-sources-config
in@jupiterone/integration-sdk cli
. This is used to create e new fileingestionSourcesConfig.json
and store it in a s3 bucket.
- Added support for
json
environment variables. Example:
.env
file:
// .env
SEVERITIES=["HIGH", "CRITICAL"]
Code:
import { Client } from './client';
import { createVulnEntity } from './converter';
type IntegrationConfig = { apiKey: string; severities: string[] };
const invocationConfig: IntegrationInvocationConfig = {
instanceConfigFields: [
{
apiKey: { type: 'string', mask: true },
severities: { type: 'json' },
},
],
integrationSteps: [
{
id: 'fetch-vulnerabilities',
name: 'Fetch Vulnerabilities',
entities: [{ resourceName: 'Vuln', _type: 'vuln', _class: 'Finding' }],
relationships: [],
executionHandler: ({ instance }) => {
const { apiKey, severities } = instance.config;
const client = new Client({ apiKey });
await iterateVulnerabilitiesForSeverity(
{ severities },
async (vuln) => {
await jobState.addEntity(createVulnEntity(vuln));
},
);
},
},
],
};
- Fixed assigning empty tags not working if tags have
Value
property rather thanvalue
.
- The presence of TypeScript deceleration files will no longer trigger the loading of ts-node to run the project.
- BREAKING - Require Node.js version >=14.17.0 <15.x due to replacement of
uuid
module withcrypto
randomUUID
- Update automatic integration documentation generator strategy to avoid creating duplicate records for entities, relationships, and mapped relationships.
- Add
collectEntities
andcollectRelationships
functions toInMemoryGraphObjectStore
.
- Update
@jupiterone/date-model
to version v0.54.0
- Update
assignTags()
to add keys withvalue: ''
to entity.tags
property
- Added
troubleshoot
command to CLI to help diagnose problems with local execution of integrations.
- Added DisabledStepReason.API_VERSION for use when the version of a third party API does not support a given step.
- Added new
DuplicateEntityReport
when an integration errors with a duplicate _key.
- Step summary refactored to be
summary.$TYPE: { total: number }
. This will enable better logs querying.
- Do not modify the value supplied to
JUPITERONE_API_KEY
when using the integration CLI
- Fixed incorrect path of import in
getStepExecutionOrder
- Added option to allow duplicate types in
getSortedJupiterOneTypes
- Changed
j1-integration document
command to allow duplicate types - Added optional
dependencyStepIds
toStepTestConfig
- Added support for
dependencyGraphId
toexecuteStepWithDependencies
- Updated
@jupiterone/data-model
version to addRelationshipClass.PUBLISHES
- Publish the following new custom metrics when entities, relationships, and
mapped relationships are added to the
JobState
respectively:collected_entities
collected_relationships
collected_mapped_relationships
- Added log in
uploadDataChunk
to capture successful completion of an upload
- Allow disabling the collection of the disk usage metric by specifying the
DISABLE_DISK_USAGE_METRIC
environment variable
multipleResolves
events are no longer forwarded to loggersonFailure
callback as they are not strict failures. Logging ofmultipleResolves
at log- Updated ESLint to override the
no-misused-promises
rule.
- Skip logging messages when
logged_error
andlogged_warn
metrics are emitted.
- Emit
logged_error
andlogged_warn
metric counters whenIntegrationLogger
logger.error
andlogger.warn
are called respectively.
- Allow relationships to have
undefined
top-level properties
- Add no-console lint rule to catch console.log accidentally left in projects.
Note: Possible breakage when this changes is adopted. The rule can be ignored
if needed using
/* eslint-disable no-console */
j1-integration sync
now supports the--skip-finalize
option to avoid finalizing the synchronization job. This brings parity with therun
command.j1-integration
run
andsync
commands now support--account
and--api-key
options to make them consistent with other commands that support these options. The values provided to these options will override any values set in theJUPITERONE_ACCOUNT
andJUPITERONE_API_KEY
environment variables. Note: it is recommended to avoid--api-key
in a CI/CD or server environment because the values will be visible in the logs.
- Upgrade CLI
commander
dependency to improve options type safety and handling. - Changed some CLI options error messages to be consistent and clearer. Any scripts that were relying on the previous error messages will need to be updated.
- CLI
--development
option can be set to"true"
when--api-base-url
is either ofhttps://api.us.jupiterone.io
orhttps://api.dev.jupiterone.io
(an error will not be thrown). This allowed for declaring the default value of--api-base-url
so it is shown in the help output. Any other value for--api-base-url
will cause an error to be thrown if--development
is set to"true"
.
j1-integration run --skip-finalize
option to avoid finalizing the integration run. This is useful for scenarios where you want to run the integration to collect and upload data to a synchronization job, but do not want to initiate the finalization process.j1-integration [run|sync] --source api --scope anystring
options to allow use of the SDK without configuring an integration instance.--integrationInstanceId
is not required when using these options.
-
Support backwards compatibility for old integration npm package dist format when using
j1-integration generate-integration-graph-schema
.The way that integration npm packages are distributed has changed over time. We are now handling invocation config loading from different file paths to support backwards compatibility and make adoption easier.
- Added
graphObjectFileSize
configuration option toFileSystemGraphObjectStore
- Added optional flag to specify a different Neo4j database name to push to or wipe from than the default 'neo4j' (only available on enterprise instances of Neo4j).
- Allow the use of possibly null or undefined
number
inparseTimePropertyValue
- Added
optional
parameter toIntegrationInstanceConfigField
. - Update
ProviderSourceData
tags
type to matchassignTags
- Support async
beforeAddRelationship
hook inIntegrationInvocationConfig
. See the development documentation for more information on its usage.
- Added
IntegrationInfoEventName.Results
andIntegrationWarnEventName.MissingEntity
.
- Introduce
beforeAddRelationship
hook intoIntegrationInvocationConfig
. See the development documentation for more information on its usage.
- New
j1-integration generate-integration-graph-schema
CLI command added
Usage: j1-integration generate-integration-graph-schema [options]
generate integration graph metadata summary from step metadata
Options:
-o, --output-file <path> project relative path to generated integration graph schema file
-p, --project-path <directory> path to integration project directory (default: "{CWD}")
-h, --help display help for command
- Bumped
@jupiterone/[email protected]
- Added the ability to specify a reason for why a step is disabled. This can be
set in the
StepStartState
interface using theDisabledStepReason
enum. Valid reasons include:PERMISSION
,CONFIG
,BETA
, andNONE
.NONE
is the equivalent to not specifying a reason. IfNONE
or undefined are specified, logging to the job event log is disabled. Here is an example of usage:
{
['fetch-prs']: {
disabled: false
},
['fetch-issues']: {
disabled: !scopes.repoIssues,
disabledReason: DisabledStepReason.PERMISSION
}
}
Sample text output:
Skipped step "Fetch Issues". The required permission was not provided to perform this step.
Skipped step "Fetch Issues". This step is disabled via configuration. Please contact support to enabled.
Skipped step "Fetch Issues". Beta feature, please contact support to enable.
- Added ability to set a separate
uploadRelationshipsBatchSize
.sync
andrun
commands can specify the relationship-specific batch size with the-ur
or--upload-relationship-batch-size
flags. Existing behavior remains the same. If auploadBatchSize
is set, but nouploadRelationshipsBatchSize
, then relationships will be uploaded in batches of sizeuploadBatchSize
.
- Added an optional
encounteredEntityKeys
property on.toMatchStepMetadata()
to verify that any relationship_fromEntityKey
and_toEntityKey
has actually been encountered in the job state.
@jupiterone/data-model
has been bumped to0.50.0
j1-integration
sync
andrun
commands now have the option--upload-batch-size
to specify how many objects to upload in each batch.
j1-integration
now has the commandvisualize-dependencies
to create a visualization of the integration's step dependencies.
- Fixed publish lerna command.
- Allow an integration job id to be passed in when initializing syncronization.
j1-integration run
command now supports--disable-schema-validation
flag.
- Bumped version
@jupiterone/data-model
to v0.49.0
- Fixed issue when unzipping gzipped polly recording entries. Now removes the content.encoding value once content is decoded.
- Fixes issue introduced in 8.13.4
- Moved
shrinkBatchRawData
to its own module for readablity and easy mocking in test - Increased threshold by which we continue to shrink rawData from 6 million bytes to 5.5 million bytes
- change core loop of
shrinkBatchRawData
to ado while
loop instead ofwhile
. This guarantees that at least 1 property will be attempted to be truncated on each call toshrinkBatchRawData
. We only call this function when there has been an upload error due to payload size.
- Bumped version
@jupiterone/data-model
to v0.48.0
- Neo4j uploads no longer occasionally create duplicate nodes on relationship creation.
- Hanging execution when encountering upload failure due to entity properties being too large
- add logging surrounding the size distribution of upload batch and its largest entity when such a situation occurs
- throw fatal error when such a situation occurs
- Added base64 support for unzipping gzipped polly recording entries.
- Updated Neo4j upload commands to improve performance.
- Fixed CodeQL warning around Neo4j value sanitization previously not properly accounting for potential escape characters.
- Initial release of HTTP client with basic rate limit retry handling.
- Updated dependency
@lifeomic/attempt
to version 3.0.3 Fixes an error handling issues when using the timeout option.
-
The following packages have been upgraded:
@pollyjs/adapter-node-http
@pollyjs/core
@pollyjs/persister-fs
-
The new Polly.JS packages ship with TypeScript definition files, so the old
@type/pollyjs__
packages have been removed -
Support
executeStepWithDependencies
for steps with nodependencyGraphId
, even ifinvocationConfig.dependencyGraphOrder
is present
- Additional error type
IntegrationProviderRetriesExceededError
to be used when integration has exhausted all of the retries. This error type won't be sent in as an alert to the operators.
- Reduced max upload size to 1 MB.
- Additional logging when upload errors occur
- Bumped version
@jupiterone/data-model
to v0.47.0
j1
commandsexport
andimport
now accept optional command parameter --api-base-url to specify a different URL to run against.
j1-integration
commandssync
,run
, andvalidate-question-file
now accept optional command parameter --api-base-url to specify a different URL to run against.
- SDK now proactively truncates rawData entries when uploads would exceed 6 megabytes.
- Bumped version of
@jupiterone/data-model
to v0.46.0
- pass client-generated correlation id with sync job uploads
- Log error
code
when an integration logs an error - Throw an
IntegrationError
with codeINTEGRATION_UPLOAD_FAILED
when the JupiterOne system responds withRequestEntityTooLargeException
- [#660] - Trigger fatal error when JupiterOne system responds with
JOB_NOT_AWAITING_UPLOADS
- Fixed an error where if
retryOptions
wasundefined
default options would not be adopted
retryOptions
parameter tocreateApiClient
to allow configuration of the retry behavior forAlpha
- Neo4j uploads now include all properties for mapped entities.
IngestionLimitEncountered
type to IntegrationErrorEventName and
IntegrationWarnEventName.
- Bumped version of
@jupiterone/data-model
to v0.45.0
Add support for empty string values to assignTags.
Export EntityCoreProperties to all type inference to work outside this project.
Fix #638 - The Neo4j ingestion tool was ignoring properties with the value
false
.
With this fix, the following query is supported:
MATCH (user:User {
mfaEnabled: false
}) RETURN user
- #633 Support
_class
as a node label property for entities created by the Neo4j store.
Example query by _type
:
MATCH (account:github_account)-[OWNS]->
(repo:github_repo)-[ALLOWS]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, user
Example query by _class
:
MATCH (account:Account)-[OWNS]->
(repo:CodeRepo)-[ALLOWS]->
(user:User {
role:"OUTSIDE"
})
RETURN account, repo, user
- All types and classes used for labels are now being sanitized.
Fix #629 - Create relationships
from Neo4j store using _class
as the label instead of _type
Which GitHub repositories are accessible to outside collaborators?
Old query:
MATCH (n:github_repo)-[r:github_repo_allows_user]->(u:github_user{role:"OUTSIDE"})
RETURN n, u
MATCH (account:github_account)-[github_account_owns_repo]->
(repo:github_repo)-[github_repo_allows_user]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, user
New query:
MATCH (account:github_account)-[OWNS]->
(repo:github_repo)-[ALLOWS]->
(user:github_user {
role:"OUTSIDE"
})
RETURN account, repo, user
- Bumped
@types/jest@^27.1.0
in order to fix Namespace 'NodeJS' has no exported member 'Global'. issues captured here: jestjs/jest#11640
- Changed logger to fully mask config field values, rather than displaying last 4 chars
-
Added
.toMatchStepMetadata
jest matcher. This matcher complements theexecuteStepWithDependencies
utility. Usage:const stepResult = await executeStepWithDependencies({ stepId: Steps.FETCH_USERS.id, invocationConfig, instanceConfig, }); expect(stepResult).toMatchStepMetadata({ stepId: Steps.FETCH_USERS.id, invocationConfig, });
-
Updated jest matchers in the following way:
- added optional
_type
argument to.toMatchGraphObjectSchema
matcher - added optional
_type
and_class
arguments to.toMatchDirectRelationshipSchema
matcher
This enables developers to simply pass the
StepEntityMetadata
andStepRelationshipMetadata
interfaces to these matchers. Usage:expect(collectedEntities).toMatchGraphObjectSchema(Entities.USER); expect(collectedRelationships).toMatchDirectRelationshipSchema( Relationships.ACCOUNT_HAS_USER, );
- added optional
-
Added optional
schema
property toStepGraphObjectMetadata
. This allows developers to provide the property schema to expect on entities, relationships, and mapped relationships. This serves two uses:- Schemas can be used at runtime or test-time to verify that an entity has the correct properties
- The
j1-integration document
command could automatically produce consumer documentation about the properties that an entity / relationship is expected to have
-
Added
executeStepWithDependencies
utility to@jupiterone/integration-sdk-testing
package. This allows developers to test specific integration steps in isolation, while assuring that all of its dependencies have indeed executed. Usage:const { collectedEntities, collectedRelationships, collectedData } = await executeStepWithDependencies({ stepId: Steps.FETCH_USERS.id, invocationConfig, instanceConfig, }); expect(collectedEntities.length).toBeGreaterThan(0); expect(collectedEnities).toMatchGraphObjectSchema({ _class: Entities.USER._class, schema: Entities.USER.schema, }); // ... additional expectations
-
Added
MockJobState.collectedData
to capture data that has been collected in the job state. Usage:const jobState = createMockJobState({ setData: { existingKey: 'existing-value' }, }); await executeStepThatAddsAccountEntity(); expect(jobState.collectedData).toEqual({ ACCOUNT_ENTITY: { _type: 'account', _class: 'Account', _key: 'account1', }, }); expect(jobState.collectedData.existingKey).toBeUndefined();
- Added ability to disable matching class schema in toMatchGraphObjectSchema
- Fixed #603 - Add missing
chalk
production dependency to@jupiterone/integration-sdk-cli
- Bumped version of
@jupiterone/data-model
to addstate
property toHost
entity class
Updated the error message within the sdk-core to reference support email instead of the support.jupiterone.io site.
-
Added the
loadExecutionConfig
lifecycle method to theInvocationConfig
interface.loadExecutionConfig
loads shared configuration assets, such as shared API credentials. Example:import { fromTemporaryCredentials } from '@aws-sdk/credential-providers'; /** * The AWS integration uses shared `fromTemporaryCredentials` across all of * its clients. */ export function loadExecutionConfig({ config: { roleArn: string, externalId: string }, }) { return { credentials: fromTemporaryCredentials({ params: { RoleArn: config.roleArn, ExternalId: config.externalId, RoleSessionName: `juptierone-${uuid()}`, }, }), }; }
- Bump
@jupiterone/data-model
to exposeRelationshipClass.SENDS
- Bump
@jupiterone/data-model
to remove warning messages forUser
andPerson
entities
- Fixed an issue where the
j1-integration neo4j
command was callingtoString()
on undefined properties in some cases
- Bump
@jupiterone/data-model
to exposeRelationshipClass.HOSTS
andRelationshipClass.LOGS
- CLI now has a command called
neo4j
that will upload any collected data in a project to a local Neo4j database. This requires that a NEO4J_URI, NEO4J_USER, and NEO4J_PASSWORD be supplied in the local .env file.
-
*BREAKING* Explicitly require a
_key
property when usingcreateIntegrationEntity()
. Previously, thecreateIntegrationEntity()
function allowed the_key
property to be optional, and when not present, the function automatically uses eitherid
orproviderId
as the entity_key
.This caused (entirely preventable) runtime errors if the given
source
data did not have anid
orproviderId
property available. -
Updated the interfaces for
jobState.findEntity
andjobState.hasKey
to allowundefined
. Oftentimes, we use optional chaining withjobState.findEntity
orjobState.hasKey
, so having the ability to passundefined
into these methods can make our code easier to read.// without allowing `undefined`, we often need to assert values as `string` const virtualMachineId = await jobState.findEntity( nic.virtualMachine?.id as string, ); // by allowing `undefined`, we can more safely use these methods without type assertions const virtualMachineId = await jobState.findEntity(nic.virtualMachine?.id);
- Fixed the way that symlinks are created on windows machines. Directories are
still created as simlinks, but files are now hardlinks to prevent the
requirement that
yarn start
be run with admin credentials.
- Bump
@pollyjs
packages in@jupiterone/integration-sdk-testing
and@jupiterone/integration-sdk-cli
- Bump
@jupiterone/data-model
to exposeVIOLATES
relationship class.
- #567 - Add utility function that truncates an entity property value
- Do not retry
RequestEntityTooLargeException
s
-
Added support to publish job log events at level
info
,warn
, anderror
.Usage:
logger.publishInfoEvent({ name: IntegrationErrorEventName.Stats, description: 'fetched 100000 records', }); logger.publishWarnEvent({ name: IntegrationErrorEventName.MissingPermission, description: 'Missing permission users.read', }); logger.publishErrorEvent({ name: IntegrationErrorEventName.MissingPermission, description: 'Missing permission users.read', });
-
Added support for relative paths in
yarn j1-integration *
commands
- Drop support for any version below Node 14.x. The build now only targets 14.x
- When an
IntegrationError
receives acause
property, appendcause.stack
to the error's stack trace
- Bump
@jupiterone/data-model
to exposeIssue
entity class.
- Use the default path
{CWD}/jupiterone/questions/questions.yaml
for the--file-path
argument ofj1-integration validate-question-file
- Introduce
j1-integration validate-question-file
command that is used to automatically validate managed questions and JupiterOne queries
- Added
toImplementSpec
jest matcher - Added
StepSpec
andIntegrationSpecConfig
types in order to define integration specifications
- Changed language for relationships created that document command produces.
- Add mapped relationship details to documentation output
- Bump
@jupiterone/data-model
to exposeSecret
entity class.
- Bump
@jupiterone/data-model
to exposeQuestion
entity class.
- Bump
@jupiterone/data-model
to exposeRelationshipClass.ENFORCES
- Add
j1-integration collect --project-path
to allow for executing against a project in any location - Add
j1-integration sync --project-path
to allow for executing against a project in any location - Add
j1-integration run --project-path
to allow for executing against a project in any location - Add
j1-integration run --development
to match other commands that connect to JupiterOne development environment - Add
j1-integration visualize --output-file
to allow for specifying the output file path - Add the
j1-integration visualize --data-dir
value to the error content of the generated file when there were no entities or relationships to render
- Improve grammar and consistency of CLI help content
- Change
j1-integration visualize --data-dir
to support absolute path, complementing added support for--project-path
on other commands
- Fix
j1-integration document --output-file
to reflect that it is a path relative to--project-path
- Fixed the way that symlinks are created on windows machines, which previously
threw
EPERM: operation not permitted, symlink
- Add optional
mappedRelationships
to step metadata
- Changed how
j1-integration visualize
displays placeholder entities. Now only properties present intargetFilterKeys
are displayed in the graph, making target entities smaller. Also, set borders of placeholder entities to dashed. - Bump
@jupiterone/data-model
to exposeAlert
entity schema. createEventPublishingQueue
takes in an optional Axios config.
- Track summary of collected graph object
_type
's and the number of times that each_type
has been encountered
- Bump
@jupiterone/data-model
to exposeProblem
entity schema.
- A single DataStore is now used for all dependency graphs executed in an integration run.
- Used default J1 colors for
yarn j1-integration visualize-types
command.
- a
dependencyGraphOrder
property to the InvocationConfig and adependencyGraphId
property to the StepMetadata which togeather can be used to create multiple ordered dependency graphs per execution.
- Bump
@jupiterone/data-model
to incorporateRelationshipClass.PUBLISHED
- Added
deleteData()
for jobState Usage:await jobState.setData('abc', true); await jobState.getData('abc'); // true await jobState.deleteData('abc'); // void await jobState.getData('abc'); // undefined
- Added
development
option toj1-integration sync
command.
- Removed
j1-integration compare
command. Developers should usej1-integration diff
in its place.
- Added
j1-integration diff
command to ouptut colorized diffs of old/new integrations. - Allow overriding integration instance properties when running integrations locally.
- #494 - Expose 401 Unauthorized errors from synchronization API
- Upgrade
@jupiterone/data-model@^0.30.0
- Added
toTargetEntities()
jest matcher for mapped relationship validation. Usage:expect([mappedRel1, mappedRel2]).toTargetEntities([ entity1, entity2, entity3, ]);
- Expanded the interface of
findEntity
to acceptstring | undefined
.
- Upgrade
@jupiterone/data-model@^0.28.0
- Fix missing CLI
compare
sub command. - Fix
compare
relationship key tracking. - Ignore metadata graph object properties in
compare
.
- Upgrade
@jupiterone/data-model@^0.27.0
- Add
compare
method to@jupiterone/integration-sdk-cli
which is used to diff data sets downloaded from JupiterOne.
- Upgrade
@jupiterone/data-model@^0.24.0
- Upgrade
@jupiterone/data-model@^0.22.2
- #470 Introduce
beforeAddEntity
hook intoIntegrationInvocationConfig
. See the development documentation for more information on its usage.
- Upgrade
@jupiterone/data-model@^0.22.1
- Upgrade
@jupiterone/data-model@^0.22.0
- Improved the performance of
jobState.findEntity()
when entities are written on disk. - Removed
GraphObjectStore.getEntity()
, and added.findEntity()
to the specification.
parseStringPropertyValue()
acceptsstring | undefined | null
as a convenience for cases where provider data answersundefined
ornull
values.- Updated numerous dependencies, including
typescript
andeslint
.
IntegrationProviderAuthorizationError
andIntegrationProviderAuthenticationError
constructors were not compatible withIntegrationProviderAPIError
, making for linting errors in projects that would expect them to be.
- Upgrade
@jupiterone/data-model@^0.18.0
- Additional logged information in uploads error case
- Additional logged information in uploads
- #429 - fixed
toMatchGraphObjectSchema
failure when multiple classes share sameenum
property name.
- #426 - Update return typings
for
jobState.getData
to be more realistic
Old:
getData: <T>(key: string) => Promise<T>;
New:
getData: <T>(key: string) => Promise<T | undefined>;
- Updated packages in
@jupiterone/integration-sdk-core
- Expose the following read-only properties on
IntegrationProviderAPIError
endpoint
status
statusText
- Added log statement after
uploadData()
successfully sends data to synchronizer.
- Allow duplicate key tracker to grow greater than V8 engine limit. See #420.
- Whitespace trimming of integration config values.
- Support for skipping writing graph object files when running CLI commands
- Skip logging warn message when a
CredentialsError
is received in graph object uploads.
- Support for specifying the upload batch size via the
uploadBatchSize
increatePersisterApiStepGraphObjectDataUploader
.
JobState.hasKey()
as an efficient means of determining whether an entity or relationship has been added. This allows integrations to avoid doing any of their own key tracking.
- A
createIntegrationEntity
bug in transferring source properties into an entity caused a memory leak.
-
Support for omitting specific graph objects from file storage. Some entities and relationships do not need to be stored on the file system at all. We only need to store graph objects on the file system if we later intend to fetch the data from the job state or iterate over the
_type
.Usage in an integration step:
{ id: 'my-step', name: 'My step', entities: [ { resourceName: 'The Record', _type: 'my_record', _class: ['Record'], indexMetadata: { // This _type will not be written to the file system enabled: false, }, }, ], relationships: [], async exeutionHandler() { ... } }
See PR #404
- Fixed issue where the SDK could upload empty entity and relationship graph object files.
-
OPTIMIZATION: Buffer entities and relationships in memory and allow for fast lookups. This change allows us to skip flushing to disk anytime there is a call to
findEntity
,iterateEntities
oriterateRelationships
.See PR #395
-
OPTIMIZATION: Allow
FileSystemGraphObjectStore
to specifygraphObjectBufferThreshold
, which defines the maximum number of graph objects that the graph object store can buffer into memory before flushing to disk. Machines with more memory should consider increasing this value as the default is500
.See PR #395
-
OPTIMIZATION: Continuously upload integration data during collection phase. Previously, our integrations had two primary phases. The first phase was the collection phase, and the second phase was the upload phase. The integration SDK now mixes these two phases and the integrations will upload the collected data to JupiterOne during the integration execution step that it has been collected in.
See PR #396
-
OPTIMIZATION: Reduce the size of the graph object files that are stored on disk by default. Previously, all graph object files written to disk while running the integration locally and running the integration in the managed JupiterOne runtime, were created with whitespace. The file whitespace is now only created when running the integration locally via the CLI commands.
See PR #399
- Remove
BucketMap
as it's no longer used in theFileSystemGraphObjectStore
.BucketMap
was technically exposed externally, but should not have been used externally.
- Added
registerEventHandlers
andunregisterEventHandlers
exports from the runtime package. These functions will register a common set of event handlers that handle out-of-band errors that can be thrown in integration steps, such asunhandledRejection
andmultipleResolves
. These handlers should be added to any deployment projects that invokeexecuteIntegrationInstance
. Developers should instrument these event handlers as early as possible in the node process. - Added
registerIntegrationLoggerEventHandlers
andunregisterIntegrationLoggerEventHandlers
as convenience functions, since JupiterOne infrastructure will handle these event emitter failures by callinglogger.error()
. - Added
registerEventHandlers
toexecuteIntegrationLocally
, so that events are caught when runningyarn j1-integration collect
. - Made
registerIntegrationEventHandlers
call the integration loggeronFailure
function.
- Increase concurrency on integration data uploads
- Implement retry logic around integration data uploads
ExecutionContext.executionHistory
is always provided to integrationsExecutionHistory.current: Execution
to provide information about the current execution.
ExecutionHistory
properties have been renamed as part of addingcurrent: Execution
, to avoid duplication in the naming:lastExecution
->previous
,lastSuccessfulExecution
->lastSuccessful
.- BREAKING:
executeIntegrationInstance
now requires anExecutionHistory
argument containing thecurrent: Execution
. - BREAKING:
executeWithContext(context: ExecutionContext, ...)
now requires thatExecutionContext.executionHistory
is provided.
- Log whether compression is enabled or not at beginning of execution
- Specifying the
INTEGRATION_FILE_COMPRESSION_ENABLED
environment variable will now compress local integration graph object files with Brotli compression on writes and decompress on reads.
-
Stop handling
IntegrationDuplicateKeyError
as fatal. Previously, this type of error would terminate the integration completely and no data would be ingested. Now, the step that raises this error will not complete, but all other steps will complete and partial datasets will be processed. -
Publish integration disk size event on interval
ExecutionContext.history?: ExecutionHistory
provides information about thelastExecution
andlastSuccessfulExecution
. Integrations may use this to limit data ingestion.- Allow
executeIntegrationInstance
to take a customGraphObjectStore
- Expose
BucketMap
andFileSystemGraphObjectStore
from@jupiterone/integration-sdk-runtime
- Steps may declare that a type of graph object will be
partial
to indicate that they will never ingest a complete set of some_type
s of entities/relationships.
- Refactored some tests
- Upgrade
@jupiterone/data-model@^0.15.0
- Removed
createApiClientWithApiKey
helper from runtime package. You must usecreateApiClient
for compatibility with new service tokens.
- Pass
onFailure
function to children ofIntegrationLogger
- Expose
onFailure
callback increateIntegrationLogger
- #362 - Added
onFailure
callback to integration logger constructor.
- #355 - Added
normalizeGraphObjectKey
argument to normalize lookups inDuplicateKeyTracker
. - Print link to
data-model
whentoMatchGraphObjectSchema
jest matcher fails.
- Update
@jupiterone/data-model
- Fixed unexpected behavior in
createIntegrationEntity()
whenstatus
property is set to anything exceptOnline
orActive
- Updated
@jupiterone/data-model
to version 0.13.0.
- Added
toMatchDirectRelationshipSchema
matcher.
- Upgrade to
@jupiterone/[email protected]
Entity.id
is nowstring | string[]
in thedata-model
(see PR). Integrations may enrich existing entities through mapped relationshiptargetEntity.id
values.
j1-integration visualize-type
command generates metadata graph of types- Added
--disable-schema-validation
flag toj1-integration collect
command. - Added optional
setData
input tocreateMockJobState()
test util.
- Introduced
shouldReportErrorToOperator
function for integration runtime environments to check whether anError
is of a type that need not be alerted to deployment operators. AllError
s other than those only an end user can resolve should be reported. - #333 - Made
ToMatchGraphObjectSchemaParams.schema
property optional in jest matcher. - Changed index signature of
AdditionalRelationshipProperties
to not allow Array or Object types.
- #321 -
j1-integration document
output in alphabetical order by entity metadataresourceName
property and relationship metadata_type
property.
- Upgrade to
@jupiterone/[email protected]
- #301 - Fix test
findEntity
for initialized entities in aMockJobState
.
-
#291 - Introduce
j1-integration document
command that is used to automatically generate documentation in{integration-proj-dir}/docs/jupiterone.md
. -
#284 - Introduce
jobState.findEntity
, which will returnnull
if the entity does not exist.
Example:
const entity = await jobState.findEntity('entity-key-here');
- #303 Export
RelationshipClass
from the@jupiterone/data-model
inside of@jupiterone/integration-sdk-core
.
Usage:
import { RelationshipClass } from '@jupiterone/integration-sdk-core';
-
BREAKING #291 - Remove
types
fromIntegrationStep
in favor ofentities
andrelationships
, which contain metadata used to generate documentation. -
BREAKING #285 - Require a
RelationshipClass
from@jupiterone/data-model
to be specified in relationship creation functions.
Example:
import {
createDirectRelationship,
RelationshipClass
} from '@jupiterone/integration-sdk-core';
createDirectRelationship({
_class: RelationshipClass.HAS,
...
});
-
#288 - Remove deprecated
createIntegrationRelationship
function -
#306 - Remove
jobState.getEntity
in favor ofjobState.findEntity
- #293
toMatchGraphObjectSchema
generates an invalid JSON schema when using_class
with duplicaterequired
ortypes
properties.
- Updated
@jupiterone/data-model
to latest version (0.8.1
).
- #288 - Remove
sourceEntityType
fromRelationshipMapping
interface
-
#279 - Update
.eslintrc
to include eslint rules that will help catch async errors -
Updated root
.eslintrc
to use@jupiterone/integration-sdk-dev-tools/config/eslint.json
directly with specific overrides.
jobState.addRelationships
floating promise in@jupiterone/integration-sdk-testing
- Various async fixes in test suites
- Test instance of
jobState.getEntity()
threw error saying entity not found even though it was added to the job state.
- Install direct
deepmerge
dependency into@jupiterone/integration-sdk-testing
package.
- #270 - Return the Entity from
jobState.addEntity
andjobState.addEntities
Example:
const entity = await jobState.addEntity(convertToEntity(data));
const entity2 = await jobState.addEntity(convertToOtherEntity(entity2));
await jobState.addRelationship(
convertToRelationship(entity, entity2)
);
// Or this:
await jobState.addRelationship(
convertToRelationship(
await jobState.addEntity(convertToEntity(data))
await jobState.addEntity(convertToOtherEntity(entity2))
)
);
- Fixed
visualize
cmd where mapped relationships did not considertargetFilterKey
when matching entities - Fixed
visualize
cmd where multiple nodes with the same nodeId could be created, which causes rendering to fail
- Automatically register custom Jest test matchers when using
@jupiterone/integration-sdk-dev-tools
. See: #265
- Added Jest test matcher for validating collected entities against a JSON schema. See: #263
Example:
expect(context.jobState.collectedEntities).toMatchGraphObjectSchema({
_class: ['Service'],
schema: {
additionalProperties: false,
properties: {
_type: { const: 'google_cloud_api_service' },
category: { const: ['infrastructure'] },
state: {
type: 'string',
enum: ['STATE_UNSPECIFIED', 'DISABLED', 'ENABLED'],
},
enabled: { type: 'boolean' },
usageRequirements: {
type: 'array',
items: { type: 'string' },
},
_rawData: {
type: 'array',
items: { type: 'object' },
}
}
});
- Added
getEntity({ _type, _key })
function - Added optional
sourceEntityType
property onRelationshipMapping
- Deprecated
createIntegrationRelationship
. Developers should use the exportedcreateDirectRelationship
orcreateMappedRelationship
functions.
j1-integration visualize
added mapped relationships as dashed lines.
j1-integration visualize
entities are colored by_type
.- Updated
IntegrationConfig
to support asynchronousgetStepStartStates
. See #254 for more information.
Example:
export const invocationConfig: IntegrationInvocationConfig<IntegrationConfig> = {
async getStepStartStates(ctx) {
return {
'fetch-users': { disabled: await checkFetchUsersStepDisabled(ctx) }
};
},
...
};
- Disk usage metrics are now published by the logger.
- Updated
@jupiterone/data-model
to latest version (0.7.1
).
@jupiterone/integration-sdk-dev-tools
did not includets-node
, so thatyarn start
would fail to execute with 'Integration invocation configuration not found. Configuration should be exported as "invocationConfig" from "src/index".'
publishMetric
now logs the metric that is published.
- The
validateInvocation
function will have certain types of errors it throws (IntegrationValidationError
,IntegrationProviderAuthenticationError
) logged atlevel: 40
(warn) instead oflevel: 50
(error). These are types that are considered handled user errors and are expected to be communicated to the user in a way that allows them to address the problem. All other error types thrown from the function will continue to be logged atlevel: 50
.
- Replace
createMockIntegrationLogger
implementation with a silent version of the logger exposed by@jupiterone/integration-sdk-runtime
.
- Decoupled synchronization event publishing from the
IntegrationLogger
. Event publishing can now be performed by listening to events that the logger publishes.
- Remove the need for the
JUPITERONE_DISABLE_EVENT_LOGGING
environment variable. - Removed
ApiClient
type from the@jupiterone/integration-sdk-core
package. Also removed the dependency onaxios
from the package as well. - Removed
registerSynchronizationContext
function from theIntegrationLogger
convertProperties
supports an optionparseTime
, directing the function to convert properties that are named with common suffixes (on, at, time, date) to a UNIX timestamp (number).- Added
publishMetric
function toIntegrationLogger
that now causes ametric
event to be emit.
- Allow extended types of Relationships/Entities to be iterated over with
iterateEntities
anditerateRelationships
onJobState
- Added the
@jupiterone/integration-sdk-dev-tools
package which contains some shared development dependencies and configuration files.
createIntegrationRelationship
made_key
optional for relationship mappings, a fine thing to do because specifying the_key
for those insn't necessary. However, the function was changed at the same time to stop generating a_key
, which is required to ensure the collected relationships are unique. This fixes things so the_key
remains an optional argument, and improves the generation of the_key
to ensure better uniqueness.
- Regression:
createIntegrationRelationship()
lost a change to accept optional_type
for relationship mappings, overriding the generated value or values provided inproperties
option. - Removed
@types/vis
from dependencies to devDependencies because having the type forces typescript consumers to haveDOM
in the theirlib
compiler option.
- Make published packages leaner by only including
dist
files.
createIntegrationRelationship
for a mapped relationship would attempt to generate a_key
value when none was provided. This is not useful for a mapped relationship since these are not actually a relationship, but a directive to the mapper to produce one or more relationships, each of which would not have the provided/generated_key
.
- Removed the deprecated convention based invocation config loading.
convertProperties
would transfer an Array such as[ null ]
. Now an Array where the first entry is an object is not transferred unlessstringifyArray: true
, orstringifyObjects: true
(the property will be an array full of JSON strings), and where the first value isnull
orundefined
, the property is not transferred at all.- Related to the removal of convention based configuration loading, the
createMockExecutionContext
andcreateMockStepExecutionContext
utilities exposed by@jupiterone/integration-sdk-testing
now requireinstanceConfigFields
to be passed in for config value generation to work.
- Upgrade to
@jupiterone/[email protected]
Prior to the 1.0.0
release, all integration SDK functionality was exposed by
the @jupiterone/integration-sdk
package. That package has now been split up
into the following packages:
@jupiterone/integration-sdk-core
@jupiterone/integration-sdk-runtime
@jupiterone/integration-sdk-testing
@jupiterone/integration-sdk-cli
To view the changes that went into @jupiterone/integration-sdk
, please see
LEGACY_SDK_CHANGELOG.md.