Merge pull request #712 from cisagov/AL-add-asm-SQS

Add ASM Sync to the SQS process
cisagov · Nov 7, 2024 · 62c99ef · 62c99ef
2 parents 896d658 + 02f95b4
commit 62c99ef
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 3 deletions.
diff --git a/backend/Dockerfile.pe b/backend/Dockerfile.pe
@@ -28,7 +28,7 @@ RUN ./aws/install
 # Sync the latest from cf-staging branch
 RUN git clone -b crossfeed-SQS https://github.com/cisagov/ATC-Framework.git && \
     cd ATC-Framework && \
-    git checkout 6b5a8753ad5bcdb4426b5ba24ceffd77f901c228 && \
+    git checkout 22c3de519337e577775f2580ba09c7ba51c08904 && \
     pip install .
 
 RUN python -m spacy download en_core_web_lg

diff --git a/backend/serverless.yml b/backend/serverless.yml
@@ -147,6 +147,13 @@ resources:
         VisibilityTimeout: 18000  # 5 hours
         MaximumMessageSize: 262144  # 256 KB
         MessageRetentionPeriod: 604800  # 7 days
+    ASMQueue:
+      Type: AWS::SQS::Queue
+      Properties:
+        QueueName: ${self:provider.stage}-asm-queue
+        VisibilityTimeout: 18000  # 5 hours
+        MaximumMessageSize: 262144  # 256 KB
+        MessageRetentionPeriod: 604800  # 7 days
 
 functions:
   - ${file(./src/tasks/functions.yml)}

diff --git a/backend/src/tasks/scanExecution.ts b/backend/src/tasks/scanExecution.ts
@@ -5,7 +5,14 @@ import { integer } from 'aws-sdk/clients/cloudfront';
 const ecs = new AWS.ECS();
 let docker: any;
 const QUEUE_URL = process.env.QUEUE_URL!;
-const SCAN_LIST = ['dnstwist', 'intelx', 'cybersixgill', 'shodan', 'xpanse'];
+const SCAN_LIST = [
+  'dnstwist',
+  'intelx',
+  'cybersixgill',
+  'shodan',
+  'xpanse',
+  'asmSync'
+];
 
 if (process.env.IS_LOCAL) {
   const Docker = require('dockerode');
@@ -215,7 +222,7 @@ export const handler: Handler = async (event) => {
       await startDesiredTasks(scanType, desiredCount);
     } else {
       console.log(
-        'Shodan, DNSTwist, IntelX, Xpanse, and Cybersixgill are the only script types available right now. Must be all lowercase.'
+        'Shodan, ASMSync, DNSTwist, IntelX, Xpanse, and Cybersixgill are the only script types available right now. Must be all lowercase.'
       );
     }
   } catch (error) {

diff --git a/backend/worker/pe-worker-entry.sh b/backend/worker/pe-worker-entry.sh
@@ -62,6 +62,8 @@ while true; do
     COMMAND="pe-source cybersixgill --org=$ORG --soc_med_included"
   elif [[ "$SERVICE_TYPE" = *"xpanse"* ]]; then
     COMMAND="pe-source xpanse --org='$ORG'"
+  elif [[ "$SERVICE_TYPE" = *"asmSync"* ]]; then
+    COMMAND="pe-asm-sync asm-sqs --org='$ORG'"
   else
     echo "Unsupported SERVICE_TYPE: $SERVICE_TYPE"
     break