Validating your app

The SDK includes a validate command that can test the content of the files that are associated with the app, including checking the code and that the files are written and configured correctly.

After you package your app, you can test the content of the files by using the following command.
resilient-sdk validate -p <name_of_package>
The command runs the following programs.
  • pylint. A source-code, bug, and quality checker for the Python language.
  • bandit. A tool to find common security issues in code.
  • tox. A tool that runs all of the unit tests for your package.
  • selftest. A Resilient® Circuits tool that checks the following connections and parameters. Requires that Resilient Circuits is installed.
    • REST connection with the SOAR platform. It tests that the API key ID and secret that are specified in app.config can authenticate with SOAR platform and log in to the organization specified in app.config.
    • STOMP connection with the SOAR platform. It starts a subprocess of resilient-circuits run to verify that it starts correctly. It then verifies that the specified API key is authorized to read from the app’s message destination and that the message destination exists for the app.
    • If you implemented the selftest_function method in the util/selftest.py file, it checks connections to third-party systems and that any customer parameters in app.config are valid.

You can use the validate command options to run the tools separately. Use the -h option to show all the available arguments.

For more information, see the Resilient SDK documents at https://ibm.biz/soar-python-docs.

Publishing your app

In addition to deploying your app to another SOAR Platform in your environment, you can share your app with the IBM Security® community by publishing to the IBM Security X-Force® App Exchange. You can update the app as needed. For more information, see the Publishing apps page.

Also, you can use the extract command to extract the components from your app and publish it as a res file. You can then import that file into a SOAR Platform.

IBM Security recommends that you use the tag, apphost, for searches to easily find App Host enabled publications.

Converting an extension into an app

You can convert an existing extension into an app format by using the SOAR SDK.

In extension's directory, run the following command to generate the Dockerfile, apikey_permissions.txt, and entrypoint.sh files.
resilient-sdk codegen --reload -p <app_name>

Use the procedure in Packaging your app to edit the files and package the app.