Merge branch 'master' into docker-build

.github/workflows/codeql-analysis.yml

@@ -35,7 +35,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/deploy-docs-test.yml

@@ -12,8 +12,8 @@ jobs:
     name: Test deployment
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: 18
           cache: npm

.github/workflows/deploy-docs.yml

@@ -16,8 +16,8 @@ jobs:
     name: Deploy to GitHub Pages
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: 18
           cache: npm
@@ -30,7 +30,7 @@ jobs:
       # Popular action to deploy to GitHub Pages:
       # Docs: https://github.com/peaceiris/actions-gh-pages#%EF%B8%8F-docusaurus
       - name: Deploy to GitHub Pages
-        uses: peaceiris/actions-gh-pages@v3
+        uses: peaceiris/actions-gh-pages@v4
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           # Build output to publish to the `gh-pages` branch:

.github/workflows/javascript.yml

@@ -8,9 +8,9 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup Node.js environment
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 16
       - name: Install dev deps

.github/workflows/playwright.yml

@@ -29,15 +29,15 @@ jobs:
         options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Set up Python 3.11
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
           python-version: 3.11
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: ~/.cache/pip
           key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -59,7 +59,7 @@ jobs:
         run: dispatch database restore --dump-file data/dispatch-sample-data.dump && dispatch database upgrade
       - name: Run tests
         run: npx playwright test --project=chromium
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
           name: playwright-report

.github/workflows/publish-image.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Push to GitHub Packages
         uses: docker/build-push-action@v1
         with:

.github/workflows/python.yml

@@ -23,12 +23,12 @@ jobs:
         options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Set up Python 3.11
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
           python-version: 3.11.2
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ~/.cache/pip
           key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}

.github/workflows/stale.yml

@@ -7,7 +7,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/stale@v3
+    - uses: actions/stale@v9
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
         stale-issue-message: 'This issue is stale, because it has been open for 30 days with no activity. Remove the stale label or comment, or this will be closed in 5 days.'

docs/docs/administration/settings/plugins/configuring-slack.mdx

@@ -190,6 +190,7 @@ You can override their values if you wish to do so. Included below are their des
 | `/dispatch-update-incident`                                                         | Opens a modal to update the incident.                                                                                       |
 | `/dispatch-notifications-group`                                                     | Opens a modal to edit the notifications group.                                                                              |
 | `/dispatch-update-participant`                                                      | Opens a modal to update participant metadata.                                                                               |
+| `/dispatch-create-task`                                                             | Opens a modal to create an incident task.                                                                                   |
 
 ### Contact Information Resolver Plugin
 

docs/docs/user-guide/incidents/commander.mdx

@@ -27,7 +27,7 @@ All Slack commands are listed below, or you may view _groups_ of commands relati
 - [`/dispatch-update-incident`](#%2Fdispatch-update-incident)
 - [`/dispatch-update-participant`](#%2Fdispatch-update-participant)
 - [`/dispatch-run-workflow`](#%2Fdispatch-list-workflow)
-
+- [`/dispatch-create-task`](#%2Fdispatch-create-task)
 ## People
 
 These commands help manage the people helping resolve the incident.
@@ -205,3 +205,13 @@ This command will run a pre-configured workflow and associate its artifacts with
 ![](/img/slack-conversation-run-workflow.png)
 
 </div>
+
+### /dispatch-create-task
+
+This command will create a task for the current incident.
+<div style={{textAlign: 'center'}}>
+
+{/* TODO(averyl): replace this image */}
+![](/img/slack-conversation-create-task.png)
+
+</div>

requirements-base.txt

@@ -4,7 +4,7 @@
 #
 #    pip-compile requirements-base.in
 #
-aiocache==0.12.2
+aiocache==0.12.3
     # via -r requirements-base.in
 aiofiles==24.1.0
     # via -r requirements-base.in
@@ -126,7 +126,7 @@ frozenlist==1.4.1
     #   aiosignal
 google-api-core==2.15.0
     # via google-api-python-client
-google-api-python-client==2.146.0
+google-api-python-client==2.147.0
     # via -r requirements-base.in
 google-auth==2.26.1
     # via
@@ -330,7 +330,7 @@ python-dateutil==2.9.0.post0
     #   pandas
 python-jose==3.3.0
     # via -r requirements-base.in
-python-multipart==0.0.10
+python-multipart==0.0.12
     # via -r requirements-base.in
 python-slugify==8.0.4
     # via -r requirements-base.in
@@ -483,7 +483,7 @@ urllib3==2.0.7
     #   pdpyras
     #   requests
     #   sentry-sdk
-uvicorn==0.30.6
+uvicorn==0.31.0
     # via -r requirements-base.in
 uvloop==0.20.0
     # via -r requirements-base.in

src/dispatch/database/revisions/tenant/versions/2024-09-23_32652e0360dd.py

@@ -0,0 +1,105 @@
+"""Adds dispatch-create-task slug to slack conversation plugin config.
+
+Revision ID: 32652e0360dd
+Revises: 1f4dc687945d
+Create Date: 2024-09-23 16:02:50.742796
+
+"""
+
+from alembic import op
+from pydantic import SecretStr, ValidationError
+from pydantic.json import pydantic_encoder
+
+from sqlalchemy import Column, Integer, ForeignKey, String
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import relationship, Session
+from sqlalchemy.ext.hybrid import hybrid_property
+from sqlalchemy_utils import StringEncryptedType
+from sqlalchemy_utils.types.encrypted.encrypted_type import AesEngine
+from dispatch.config import config, DISPATCH_ENCRYPTION_KEY
+
+
+# revision identifiers, used by Alembic.
+revision = "32652e0360dd"
+down_revision = "1f4dc687945d"
+branch_labels = None
+depends_on = None
+
+Base = declarative_base()
+
+
+def show_secrets_encoder(obj):
+    if isinstance(obj, SecretStr):
+        return obj.get_secret_value()
+    else:
+        return pydantic_encoder(obj)
+
+
+def migrate_config(instances, slug, config):
+    for instance in instances:
+        if slug == instance.plugin.slug:
+            instance.configuration = config
+
+
+class Plugin(Base):
+    __tablename__ = "plugin"
+    __table_args__ = {"schema": "dispatch_core"}
+    id = Column(Integer, primary_key=True)
+    slug = Column(String, unique=True)
+
+
+class PluginInstance(Base):
+    __tablename__ = "plugin_instance"
+    id = Column(Integer, primary_key=True)
+    _configuration = Column(
+        StringEncryptedType(key=str(DISPATCH_ENCRYPTION_KEY), engine=AesEngine, padding="pkcs5")
+    )
+    plugin_id = Column(Integer, ForeignKey(Plugin.id))
+    plugin = relationship(Plugin, backref="instances")
+
+    @hybrid_property
+    def configuration(self):
+        """Property that correctly returns a plugins configuration object."""
+        pass
+
+    @configuration.setter
+    def configuration(self, configuration):
+        """Property that correctly sets a plugins configuration object."""
+        if configuration:
+            self._configuration = configuration.json(encoder=show_secrets_encoder)
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    from dispatch.plugins.dispatch_slack.config import SlackConversationConfiguration
+
+    bind = op.get_bind()
+    session = Session(bind=bind)
+
+    instances = session.query(PluginInstance).all()
+
+    # Slash commands
+    SLACK_COMMAND_CREATE_TASK_SLUG = config(
+        "SLACK_COMMAND_CREATE_TASK_SLUG", default="/dispatch-create-task"
+    )
+
+    try:
+        slack_conversation_config = SlackConversationConfiguration(
+            slack_command_create_task=SLACK_COMMAND_CREATE_TASK_SLUG,
+        )
+
+        migrate_config(instances, "slack-conversation", slack_conversation_config)
+
+    except ValidationError:
+        print(
+            "Skipping automatic migration of slack plugin credentials, if you are using the slack plugin manually migrate credentials."
+        )
+
+    session.commit()
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    pass
+    # ### end Alembic commands ###

src/dispatch/incident/scheduled.py

@@ -229,7 +229,7 @@ def incident_close_reminder(db_session: Session, project: Project):
             send_incident_close_reminder(incident, db_session)
 
 
-@scheduler.add(every().monday.at("18:00"), name="incident-report-weekly")
+@scheduler.add(every(1).day.at("18:00"), name="incident-report-weekly")
 @timer
 @scheduled_project_task
 def incident_report_weekly(db_session: Session, project: Project):
@@ -269,10 +269,17 @@ def incident_report_weekly(db_session: Session, project: Project):
         )
         return
 
+    items_grouped = []
+    items_grouped_template = INCIDENT_SUMMARY_TEMPLATE
+
     # we create and send an incidents weekly report
     for incident in incidents:
-        items_grouped = []
-        items_grouped_template = INCIDENT_SUMMARY_TEMPLATE
+        # Skip if no incident review document
+        if (
+            not incident.incident_review_document
+            or not incident.incident_review_document.resource_id
+        ):
+            continue
 
         # Skip restricted incidents
         if incident.visibility == Visibility.restricted:
@@ -282,20 +289,20 @@ def incident_report_weekly(db_session: Session, project: Project):
                 file_id=incident.incident_review_document.resource_id,
                 mime_type="text/plain",
             )
-            messages = {
-                "role": "user",
-                "content": """Given the text of the security post-incident review document below,
-                provide answers to the following questions:
+            prompt = f"""
+                Given the text of the security post-incident review document below,
+                provide answers to the following questions in a paragraph format.
+                Do not include the questions in your response.
                 1. What is the summary of what happened?
                 2. What were the overall risk(s)?
                 3. How were the risk(s) mitigated?
                 4. How was the incident resolved?
                 5. What are the follow-up tasks?
-                """
-                + pir_doc,
-            }
 
-            response = ai_plugin.instance.chat_completion(messages)
+                {pir_doc}
+            """
+
+            response = ai_plugin.instance.chat_completion(prompt=prompt)
             summary = response["choices"][0]["message"]["content"]
 
             item = {

src/dispatch/plugins/dispatch_slack/config.py

@@ -151,3 +151,8 @@ class SlackConversationConfiguration(SlackConfiguration):
         title="List Workflows Command String",
         description="Defines the string used to list all available workflows. Must match what is defined in Slack",
     )
+    slack_command_create_task: str = Field(
+        "/dispatch-create-task",
+        title="Create Task Command String",
+        description="Defines the string used to create a task. Must match what is defined in Slack.",
+    )

src/dispatch/plugins/dispatch_slack/incident/enums.py

@@ -76,6 +76,15 @@ class ReportExecutiveBlockIds(DispatchEnum):
     next_steps = "report-executive-next-steps"
 
 
+class CreateTaskBlockIds(DispatchEnum):
+    assignee_select = "create-task-assignee-select"
+    description = "create-task-description"
+
+
+class CreateTaskActionIds(DispatchEnum):
+    submit = "create-task-submit"
+
+
 class IncidentUpdateActions(DispatchEnum):
     submit = "incident-update-submit"
     project_select = "incident-update-project-select"