migrate illusive_networks

[haggit-eliyahu]

No description provided.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new integration for Illusive Networks into the repository. The changes include the implementation of core management logic, various actions for managing deceptive items and forensic scans, and a connector for incident ingestion. This integration aims to provide security teams with capabilities to deploy and manage deceptive assets and perform forensic analysis directly from the platform.

Highlights

• New Integration: Added the Illusive Networks integration, including core manager, parser, and data models.
• New Actions: Implemented several actions: AddDeceptiveServer, AddDeceptiveUser, EnrichEntities, ListDeceptiveItems, Ping, RemoveDeceptiveServer, RemoveDeceptiveUser, and RunForensicScan.
• New Connector: Added the IncidentsConnector to pull incidents and forensic timelines from Illusive Networks.
• Configuration and Metadata: Added necessary configuration files, release notes, and AI descriptions for the new actions.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

illusive_networks

Validation Name	Details
⚠️ Integration Version Bump	New integration project.toml and release_note.yaml version must be initialize to 1.0
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true
⚠️ JSON Result Example Validation	Actions with JSON results missing example files in resources/: RunForensicScan, ListDeceptiveItems, EnrichEntities

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

illusive_networks

Validation Name	Details
⚠️ Integration Version Bump	New integration project.toml and release_note.yaml version must be initialize to 1.0
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true
⚠️ JSON Result Example Validation	Actions with JSON results missing example files in resources/: RunForensicScan, ListDeceptiveItems, EnrichEntities

[gemini-code-assist]

Code Review

This pull request introduces the 'Illusive Networks' integration, adding several actions such as adding/removing deceptive servers and users, enriching entities, running forensic scans, and a connectivity ping action. It also includes an incidents connector and necessary configuration files. I have reviewed the changes and provided feedback on Python version constraints, type annotations, SSL verification defaults, and error handling practices. Please address the identified issues to ensure compliance with the repository style guide.

[gemini-code-assist]

The requires-python field should specify a range that includes the minor version to ensure compatibility and strictly adhere to the repository style guide.

Suggested change

	requires-python = ">=3.11"
	requires-python = ">=3.11,<3.12"

References

1. requires-python should be ">=3.11,<3.12". ^(link)

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

illusive_networks

Validation Name	Details
⚠️ Uv Lock	Error happened while executing a command: uv lock --check: Using CPython 3.11.15 interpreter at: /opt/hostedtoolcache/Python/3.11.15/x64/bin/python Resolved 31 packages in 445ms The lockfile at uv.lock needs to be updated, but --check was provided. To update the lockfile, run uv lock.
⚠️ Integration Version Bump	New integration project.toml and release_note.yaml version must be initialize to 1.0
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true
⚠️ JSON Result Example Validation	Actions with JSON results missing example files in resources/: RunForensicScan, ListDeceptiveItems, EnrichEntities

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

illusive_networks

Validation Name	Details
⚠️ Uv Lock	Error happened while executing a command: uv lock --check: Using CPython 3.11.15 interpreter at: /opt/hostedtoolcache/Python/3.11.15/x64/bin/python Resolved 31 packages in 184ms The lockfile at uv.lock needs to be updated, but --check was provided. To update the lockfile, run uv lock.
⚠️ Integration Version Bump	New integration project.toml and release_note.yaml version must be initialize to 1.0
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true
⚠️ JSON Result Example Validation	Actions with JSON results missing example files in resources/: RunForensicScan, ListDeceptiveItems, EnrichEntities

[github-actions]

❌ Marketplace Validation Failed

Click to view the full report

---

Validation Report

🧩 Integrations

Pre-Build Stage

illusive_networks

Validation Name	Details
⚠️ Uv Lock	Error happened while executing a command: uv lock --check: Using CPython 3.11.15 interpreter at: /opt/hostedtoolcache/Python/3.11.15/x64/bin/python Resolved 31 packages in 150ms The lockfile at uv.lock needs to be updated, but --check was provided. To update the lockfile, run uv lock.
⚠️ Integration Version Bump	New integration project.toml and release_note.yaml version must be initialize to 1.0
⚠️ Mapping Rules Validation	'illusive_networks' has connectors but doesn't have default mapping rules
⚠️ SSL Integration Validation	The default value of the 'Verify SSL' param in Illusive Networks must be a boolean true
⚠️ SSL Connectors Validation	- The default value of the 'Verify SSL' param in Illusive Networks - Incidents Connector must be a boolean true
⚠️ JSON Result Example Validation	Actions with JSON results missing example files in resources/: RunForensicScan, ListDeceptiveItems, EnrichEntities