InsightVM - 17939 - Trigger: New Exception Request - Added retry mech…

…anism (#2917)

plugins/rapid7_insightvm/.CHECKSUM

@@ -1,7 +1,7 @@
 {
-	"spec": "d18e8844f8a6f34300f9fbfc8e5443a5",
-	"manifest": "41d23a0b015987ea269fdafae0a4041a",
-	"setup": "7ca07c68a6cf358ba56b66787e6e8d05",
+	"spec": "6916cc2077c1551734f9ee315a2ff3bd",
+	"manifest": "25aab986ca8d5bc501e96bde2023115e",
+	"setup": "ec8e6afe4e0de95e44de346908c74ae6",
 	"schemas": [
 		{
 			"identifier": "add_scan_engine_pool_engine/schema.py",

plugins/rapid7_insightvm/Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.1.0
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.1.4
 
 LABEL organization=rapid7
 LABEL sdk=python

plugins/rapid7_insightvm/bin/komand_rapid7_insightvm

@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "Rapid7 InsightVM Console"
 Vendor = "rapid7"
-Version = "8.0.5"
+Version = "8.0.6"
 Description = "InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans"
 
 

plugins/rapid7_insightvm/help.md

@@ -4012,6 +4012,7 @@ Example output:
 
 # Version History
 
+* 8.0.6 - Trigger `New Exception Request`: Updated the trigger with retry mechanism
 * 8.0.5 - Initial updates for fedramp compliance | `New Exception Request`: Fixed an issue where it would not trigger in certain scenarios | Updated SDK to the latest version
 * 8.0.4 - Updated SDK to the latest version | Update dependencies
 * 8.0.3 - Updated `Dockerfile` permissions from `nobody` to `root`

plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/new_exception_request/trigger.py

@@ -1,11 +1,16 @@
-import insightconnect_plugin_runtime
 import time
-from .schema import NewExceptionRequestInput, NewExceptionRequestOutput, Input, Output, Component
+from typing import Any, Dict, List
+
+import insightconnect_plugin_runtime
 
 # Custom imports below
 from komand_rapid7_insightvm.util.endpoints import VulnerabilityException
 from komand_rapid7_insightvm.util.resource_requests import ResourceRequests
-from typing import List
+from komand_rapid7_insightvm.util.util import retry_request
+
+from .schema import Component, Input, NewExceptionRequestInput, NewExceptionRequestOutput, Output
+
+MAXIMUM_TRIES = 30
 
 
 class NewExceptionRequest(insightconnect_plugin_runtime.Trigger):
@@ -38,27 +43,16 @@ def run(self, params={}):
             if new_ids:
                 self.logger.info(f"Found new {len(new_ids)} exceptions. Returning results...")
                 for id_ in new_ids:
-                    try:
-                        self.send(
-                            {
-                                Output.EXCEPTION: resource_helper.resource_request(
-                                    endpoint=VulnerabilityException.vulnerability_exception(
-                                        self.connection.console_url, id_
-                                    )
-                                )
-                            }
-                        )
-                    except Exception as error:
-                        self.logger.error(
-                            f"Unexpected exception during trigger execution occurs. The error is: '{error}'"
-                        )
+                    self.send({Output.EXCEPTION: self._get_exception(id_, resource_helper)})
                 previous_ids = current_ids
             else:
-                self.logger.info(f"No new exceptions found. Sleeping for {frequency} minutes...")
+                self.logger.info("No new exceptions found.")
 
             # Sleep for configured frequency in minutes
+            self.logger.info(f"Sleeping for {frequency} minutes...\n")
             time.sleep(frequency * 60)
 
+    @retry_request(maximum_tries=MAXIMUM_TRIES)
     def _get_ids(self, status_filters: List[str], resource_helper: ResourceRequests) -> List[int]:
         """
         Get IDs. This method allows to get a list of vulnerability exception IDs from the API where the
@@ -83,3 +77,22 @@ def _get_ids(self, status_filters: List[str], resource_helper: ResourceRequests)
             for element in response
             if element.get("state", "").lower() in map(str.lower, status_filters)
         ]
+
+    @retry_request(maximum_tries=MAXIMUM_TRIES)
+    def _get_exception(self, identifier: str, resource_helper: ResourceRequests) -> Dict[str, Any]:
+        """
+        Get Exception. This method allows you to get details about a vulnerability exception with its given identifier.
+
+        :param identifier: The identifier of the vulnerability exception.
+        :type identifier: str
+
+        :param resource_helper: The resource helper object to send requests.
+        :type resource_helper: ResourceRequests
+
+        :return: Dictionary that contains vulnerability exception data.
+        :rtype: Dict[str, Any]
+        """
+
+        return resource_helper.resource_request(
+            endpoint=VulnerabilityException.vulnerability_exception(self.connection.console_url, identifier)
+        )

plugins/rapid7_insightvm/komand_rapid7_insightvm/util/util.py

@@ -1,10 +1,13 @@
-from komand_rapid7_insightvm.util import endpoints
-from komand_rapid7_insightvm.util.resource_requests import ResourceRequests
-import insightconnect_plugin_runtime
-from insightconnect_plugin_runtime.exceptions import PluginException
 import time
+from functools import wraps
+from typing import Any, Callable, Dict
+
+import insightconnect_plugin_runtime
 from dateutil.parser import parse
-from typing import Dict, Any
+from insightconnect_plugin_runtime.exceptions import PluginException
+
+from komand_rapid7_insightvm.util import endpoints
+from komand_rapid7_insightvm.util.resource_requests import ResourceRequests
 
 
 def convert_date_to_iso8601(date: str) -> str:
@@ -105,3 +108,24 @@ def check_not_null(account: Dict[str, Any], var_name: str) -> str:
         raise PluginException(cause=f"{var_name} has not been entered.", assistance=f"Enter valid {var_name}")
     else:
         return value
+
+
+def retry_request(maximum_tries: int, delay: int = 5) -> Callable:
+    def _decorator(function_: Callable) -> Callable:
+        @wraps(function_)
+        def wrapper(self, *args, **kwargs):
+            error_, counter = None, 0
+            while counter < maximum_tries:
+                try:
+                    return function_(self, *args, **kwargs)
+                except PluginException as error:
+                    self.logger.info(
+                        f"{error} Retrying the API call in {delay} seconds... ({counter + 1}/{maximum_tries})"
+                    )
+                    counter, error_ = counter + 1, error
+                    time.sleep(delay)
+            raise error_
+
+        return wrapper
+
+    return _decorator

plugins/rapid7_insightvm/plugin.spec.yaml

@@ -4,24 +4,25 @@ products: [insightconnect]
 name: rapid7_insightvm
 title: Rapid7 InsightVM Console
 description: InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans
-version: 8.0.5
+version: 8.0.6
 connection_version: 8
 supported_versions: ["Rapid7 InsightVM API v3 2022-05-25"]
 fedramp_ready: true
 vendor: rapid7
 support: rapid7
 status: []
 key_features:
-  - Get top remediations
-  - Start scans
-  - Get scan results
+  - "Get top remediations"
+  - "Start scans"
+  - "Get scan results"
 requirements:
-  - Username and password for a user with the necessary permissions
+  - "Username and password for a user with the necessary permissions"
 links:
   - "[InsightVM](https://www.rapid7.com/products/insightvm/)"
 references:
   - "[InsightVM API 3](https://help.rapid7.com/insightvm/en-us/api/index.html)"
 version_history:
+  - "8.0.6 - Trigger `New Exception Request`: Updated the trigger with retry mechanism"
   - "8.0.5 - Initial updates for fedramp compliance | `New Exception Request`: Fixed an issue where it would not trigger in certain scenarios | Updated SDK to the latest version"
   - "8.0.4 - Updated SDK to the latest version | Update dependencies"
   - "8.0.3 - Updated `Dockerfile` permissions from `nobody` to `root`"
@@ -77,7 +78,7 @@ version_history:
   - "1.0.0 - Initial plugin release"
 sdk:
   type: full
-  version: 6.1.0
+  version: 6.1.4
   user: root
 resources:
   source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/plugins/rapid7_insightvm

plugins/rapid7_insightvm/requirements.txt

@@ -1,11 +1,11 @@
 # List third-party dependencies here, separated by newlines.
 # All dependencies must be version-pinned, eg. requests==1.2.0
 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files
-setuptools==74.0.0
-aiohttp==3.10.5
+setuptools==75.3.0
+aiohttp==3.10.10
 defusedxml==0.7.1
 datetime==5.5
 python-dateutil==2.9.0
 parameterized==0.8.1
-pytest==8.3.2
+pytest==8.3.3
 freezegun==1.5.1

plugins/rapid7_insightvm/setup.py

@@ -3,7 +3,7 @@
 
 
 setup(name="rapid7_insightvm-rapid7-plugin",
-      version="8.0.5",
+      version="8.0.6",
       description="InsightVM is a powerful vulnerability management tool which finds, prioritizes, and remediates vulnerabilities. This plugin uses an orchestrator to get top remediations, scan results and start scans",
       author="rapid7",
       author_email="",