Doug/update sync tool with sdk

.gitignore

@@ -9,4 +9,10 @@ venv
 *.egg-info
 bin
 build
-dist
+dist
+main.py
+test.py
+.venv
+*.build
+*.dist
+*.cpython-312.pyc

Pipfile

@@ -0,0 +1,19 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+elasticsearch = "*"
+google-cloud-bigquery = "*"
+slack-sdk = "*"
+requests = "*"
+socket-sdk-python = "*"
+
+[dev-packages]
+wheel = "*"
+build = "*"
+twine = "*"
+
+[requires]
+python_version = "3.9"

README.md

@@ -23,11 +23,11 @@ Some SIEM tools have different ways of getting the data into their system.
 The connectors supported by this script have some shared configuration in order to pull the data from Socket.
 
 ### Options
-| Option     | Required | Format                        | Description                                                                                                                                                             |
-|------------|----------|-------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| api_key    | True     | string                        | This is the Socket API Key created in the Socket dashboard. This should have the scoped permissions to access reports                                                   |
-| start_date | False    | string(`YYYY-MM-DD HH:MM:SS`) | If this is not defined then it will pull all reports and their corresponding issues. If defined only reports that match or are newer than the start_date will be pulled |
-| report_id  | False    | Socket Report ID              | If this is provided then only the specified report ID will be processed                                                                                                 |
+| Option    | Required | Format           | Description                                                                                                               |
+|-----------|----------|------------------|---------------------------------------------------------------------------------------------------------------------------|
+| api_key   | True     | string           | This is the Socket API Key created in the Socket dashboard. This should have the scoped permissions to access reports     |
+| from_time | False    | int              | This is the number of seconds to pull reports from. If this is not defined then it will pull the last 30 days of reports. |
+| report_id | False    | Socket Report ID | If this is provided then only the specified report ID will be processed                                                   |
 
 
 ### Example

pyproject.toml

@@ -4,32 +4,31 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "socketsync"
-version = "1.0.1"
+dynamic = ["version"]
 requires-python = ">= 3.9"
 dependencies = [
     'requests',
-    'brotli',
-    'lxml',
-    'elasticsearch',
-    'google-cloud-bigquery',
-    'slack_sdk'
+    "socket-sdk-python"
 ]
-readme = "README.md"
-description = "Socket Security SIEM Sync Tool"
-keywords = ["socketsync", "socket.dev", "sca", "oss", "security"]
+readme = "README.rst"
+license = {file = "LICENSE"}
+description = "Socket Security Sync Tool"
+keywords = ["socketsecurity", "socket.dev", "sca", "oss", "security", "sdk"]
 authors = [
     {name = "Douglas Coburn", email = "[email protected]"}
 ]
 maintainers = [
     {name = "Douglas Coburn", email = "[email protected]"}
 ]
 classifiers = [
-    "Development Status :: 4 - Beta",
+    "Development Status :: 5 - Production/Stable",
     "Intended Audience :: Developers",
     "Programming Language :: Python :: 3.9",
     "Programming Language :: Python :: 3.10",
     "Programming Language :: Python :: 3.11",
     "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Programming Language :: Python :: 3.14"
 ]
 
 [project.urls]
@@ -39,4 +38,7 @@ Homepage = "https://github.com/SocketDev/socket-siem-connector"
 include = [
     "socketsync",
     "socketsync.connectors"
-]
+]
+
+[tool.setuptools.dynamic]
+version = {attr = "socketsync.__version__"}

scripts/build.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+VERSION=$(grep -o "__version__.*" socketsync/__init__.py | awk '{print $3}' | tr -d "'" | tr -d '\r' | tr -dc '[:alnum:]\.' )
+ENABLE_PYPI_BUILD=$1
+
+if [ -z $ENABLE_PYPI_BUILD ]; then
+  echo "$0 pypi-prod=enable"
+  printf "\tpypi-build: Build and publish a new version of the package to pypi. If disabled will push to test pypi"
+  exit
+fi
+
+if [ "$ENABLE_PYPI_BUILD" = "pypi-prod=enable" ]; then
+  echo "Doing production build of version $VERSION"
+  python -m build --wheel --sdist
+  twine upload dist/*$VERSION*
+else
+  echo "Doing test build of version $VERSION"
+  python -m build --wheel --sdist \
+    && ls dist/*$VERSION*\
+    && twine upload --repository testpypi "dist/*$VERSION*"
+fi
+

socket-integration-example.py

@@ -1,7 +1,6 @@
 import json
 import os
 from socketsync.core import Core
-from datetime import datetime, timedelta, timezone
 from socketsync.connectors.elastic import Elastic
 from socketsync.connectors.bigquery import BigQuery
 from socketsync.connectors.panther import Panther
@@ -11,17 +10,15 @@
 
 
 if __name__ == '__main__':
-    now = datetime.now(tz=timezone.utc) - timedelta(minutes=300)
-    now_str = now.strftime("%Y-%m-%d %H:%M")
     api_key = os.getenv("SOCKET_API_KEY") or exit(1)
-    start_date = os.getenv("START_DATE") or now_str
+    from_time = os.getenv("FROM_TIME") or 300
     default_branches = [
         "master",
         "main"
     ]
     core = Core(
         api_key=api_key,
-        start_date=start_date,
+        from_time=from_time,
         default_branch_only=False
     )
     issue_data = core.get_issues()

socketsync/__init__.py

@@ -1,7 +1,7 @@
 import logging
 
 __author__ = 'socket.dev'
-__version__ = '1.0.1'
+__version__ = '1.0.3'
 __all__ = [
     "log",
     "__version__",