Refactor: Modernize legacy v1.0 tools to v2.0 architecture#57
Merged
Conversation
Implements comprehensive Sonar Query API wrapper and modernizes legacy Sonar query creation tool to use v2.0 architecture patterns. Changes: - Create src/rapid7/constants.py with API endpoints and status codes - Implement src/rapid7/api/sonar_queries.py with full CRUD operations - Add sonar_queries client to InsightVMClient - Create modern src/rapid7/tools/create_sonar_queries.py CLI tool - Uses InsightVMClient instead of direct HTTPBasicAuth - Improved error handling and user feedback - Better CSV processing with pandas - Command-line argument parsing with argparse - Progress tracking and result saving The new tool provides: - Clean, type-hinted code following v2.0 patterns - Helper methods for common operations (domain/IP queries) - Comprehensive docstrings and examples - Better separation of concerns Relates to #56
6 tasks
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR modernizes legacy v1.0 tools by implementing the v2.0 architecture with centralized constants, a new SonarQueryAPI, and a modernized CLI tool for creating Sonar queries. The refactoring replaces direct HTTP authentication with the unified InsightVMClient pattern.
- Centralizes API constants and HTTP status codes in a dedicated constants module
- Implements comprehensive CRUD operations for Sonar queries following v2.0 patterns
- Creates a modern CLI tool with better error handling, progress tracking, and argument parsing
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/rapid7/constants.py | Centralizes API endpoints, HTTP status codes, and configuration constants |
| src/rapid7/api/sonar_queries.py | Implements full CRUD operations for Sonar queries with helper methods |
| src/rapid7/client.py | Adds sonar_queries attribute to maintain consistency with existing API clients |
| src/rapid7/tools/create_sonar_queries.py | Modern CLI tool replacing legacy script with improved UX and error handling |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| ) | ||
|
|
||
| # Clean whitespace | ||
| df = df.applymap(lambda x: x.strip() if isinstance(x, str) else x) |
There was a problem hiding this comment.
The applymap method is deprecated in pandas. Use df.map() instead for element-wise operations.
Suggested change
| df = df.applymap(lambda x: x.strip() if isinstance(x, str) else x) | |
| df = df.apply(lambda col: col.map(lambda x: x.strip() if isinstance(x, str) else x)) |
| Returns: | ||
| True if valid domain, False otherwise | ||
| """ | ||
| pattern = r'^[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,}$' |
There was a problem hiding this comment.
The regex pattern has an unnecessary character class [\-\.] for just two characters. Use [-.] or [.-] instead. Also, the {1} quantifier is redundant.
Suggested change
| pattern = r'^[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,}$' | |
| pattern = r'^[a-z0-9]+(([-.][a-z0-9]+))*\.[a-z]{2,}$' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This PR refactors remaining v1.0 legacy tools to use the modern v2.0 architecture with
InsightVMClientand standardized patterns.Changes Made
1. Created
src/rapid7/constants.pyapi_r7_endpoints.py)2. Implemented
src/rapid7/api/sonar_queries.pyBaseAPIfollowing v2.0 patternscreate_domain_query()- Quick domain-based query creationcreate_ip_range_query()- Quick IP range-based query creation3. Updated
src/rapid7/client.pysonar_queriesattribute toInsightVMClientassetsandasset_groupsclients4. Created Modern Tool:
src/rapid7/tools/create_sonar_queries.pyReplaces legacy
src/rapid7/api_r7_isvm_sonar_add.pywith:InsightVMClientinstead of directHTTPBasicAuthargparseBenefits
Code Quality
Maintainability
User Experience
Testing
Legacy Files
The following legacy files can be removed once this PR is merged:
src/rapid7/api_r7_endpoints.py(replaced byconstants.py)src/rapid7/api_r7_isvm_sonar_add.py(replaced bytools/create_sonar_queries.py)src/rapid7/api_r7_status_codes.py(functionality integrated into new tool)Documentation
Related Issues
Fixes #56
Checklist
InsightVMClientMigration Notes
For users of the old
api_r7_isvm_sonar_add.pytool:Old usage:
New usage:
The new tool provides: