diff --git a/backend/Dockerfile.pe b/backend/Dockerfile.pe index b88724cb..3d90f73a 100644 --- a/backend/Dockerfile.pe +++ b/backend/Dockerfile.pe @@ -28,7 +28,7 @@ RUN ./aws/install # Sync the latest from cf-staging branch RUN git clone -b crossfeed-SQS https://github.com/cisagov/ATC-Framework.git && \ cd ATC-Framework && \ - git checkout 6b5a8753ad5bcdb4426b5ba24ceffd77f901c228 && \ + git checkout 22c3de519337e577775f2580ba09c7ba51c08904 && \ pip install . RUN python -m spacy download en_core_web_lg diff --git a/backend/serverless.yml b/backend/serverless.yml index 098e3aa4..dd7e1f41 100644 --- a/backend/serverless.yml +++ b/backend/serverless.yml @@ -147,6 +147,13 @@ resources: VisibilityTimeout: 18000 # 5 hours MaximumMessageSize: 262144 # 256 KB MessageRetentionPeriod: 604800 # 7 days + ASMQueue: + Type: AWS::SQS::Queue + Properties: + QueueName: ${self:provider.stage}-asm-queue + VisibilityTimeout: 18000 # 5 hours + MaximumMessageSize: 262144 # 256 KB + MessageRetentionPeriod: 604800 # 7 days functions: - ${file(./src/tasks/functions.yml)} diff --git a/backend/src/tasks/scanExecution.ts b/backend/src/tasks/scanExecution.ts index d6de2ce6..d1dff72d 100644 --- a/backend/src/tasks/scanExecution.ts +++ b/backend/src/tasks/scanExecution.ts @@ -5,7 +5,14 @@ import { integer } from 'aws-sdk/clients/cloudfront'; const ecs = new AWS.ECS(); let docker: any; const QUEUE_URL = process.env.QUEUE_URL!; -const SCAN_LIST = ['dnstwist', 'intelx', 'cybersixgill', 'shodan', 'xpanse']; +const SCAN_LIST = [ + 'dnstwist', + 'intelx', + 'cybersixgill', + 'shodan', + 'xpanse', + 'asmSync' +]; if (process.env.IS_LOCAL) { const Docker = require('dockerode'); @@ -215,7 +222,7 @@ export const handler: Handler = async (event) => { await startDesiredTasks(scanType, desiredCount); } else { console.log( - 'Shodan, DNSTwist, IntelX, Xpanse, and Cybersixgill are the only script types available right now. Must be all lowercase.' + 'Shodan, ASMSync, DNSTwist, IntelX, Xpanse, and Cybersixgill are the only script types available right now. Must be all lowercase.' ); } } catch (error) { diff --git a/backend/worker/pe-worker-entry.sh b/backend/worker/pe-worker-entry.sh index 45e5a3e5..e2a8377e 100755 --- a/backend/worker/pe-worker-entry.sh +++ b/backend/worker/pe-worker-entry.sh @@ -62,6 +62,8 @@ while true; do COMMAND="pe-source cybersixgill --org=$ORG --soc_med_included" elif [[ "$SERVICE_TYPE" = *"xpanse"* ]]; then COMMAND="pe-source xpanse --org='$ORG'" + elif [[ "$SERVICE_TYPE" = *"asmSync"* ]]; then + COMMAND="pe-asm-sync asm-sqs --org='$ORG'" else echo "Unsupported SERVICE_TYPE: $SERVICE_TYPE" break