Update live flow option

salt/sensoroni/files/analyzers/pytest.ini

@@ -0,0 +1,27 @@
+[flake8]
+exclude =
+    .venv
+    */site-packages/,
+    */source-packages/,
+    */__pycache__
+show_source = true
+max_complexity = 12
+max_line_length = 200
+statistics = true
+doctests = true
+
+[pytest]
+python_files = *_test.py
+python_classes = Test
+python_functions = test_*
+norecursedirs = site-packages
+
+[report]
+exclude_lines =
+    if __name__ == .__main__.:
+
+show_missing = True
+omit = 
+    *_test.py,
+    */site-packages/*,
+    */source-packages/*

salt/sensoroni/files/analyzers/sublime/sublime.py

@@ -14,18 +14,22 @@ def checkConfigRequirements(conf):
 def buildReq(conf, artifact_value):
     headers = {"Authorization": "Bearer " + conf['api_key']}
     base_url = conf['base_url']
-    if conf['live_flow'] is True:
+    if str(conf['live_flow']).lower() == "true":
         uri = "/v1/live-flow/raw-messages/analyze"
         data = {"create_mailbox": True, "mailbox_email_address": str(conf['mailbox_email_address']), "message_source_id": str(conf['message_source_id']), "raw_message": artifact_value}
     else:
         uri = "/v0/messages/analyze"
-        data = {"raw_message": artifact_value, "run_active_detection_rules": True}
+        data = {"raw_message": artifact_value,
+                "run_active_detection_rules": True}
     url = base_url + uri
     return url, headers, data
 
 
 def sendReq(url, headers, data):
-    response = requests.request('POST', url=url, headers=headers, data=json.dumps(data)).json()
+    response = requests.request('POST',
+                                url=url,
+                                headers=headers,
+                                data=json.dumps(data)).json()
     return response
 
 
@@ -66,7 +70,7 @@ def analyze(conf, input):
 
 def main():
     dir = os.path.dirname(os.path.realpath(__file__))
-    parser = argparse.ArgumentParser(description="Submit an email to Sublime Platform's EML Analyzer for analysis")
+    parser = argparse.ArgumentParser(description="Submit an email to Sublime Platform's EML Analyzer")
     parser.add_argument('artifact', help='the artifact represented in JSON format')
     parser.add_argument('-c', '--config', metavar="CONFIG_FILE", default=dir + "/sublime.yaml", help='optional config file to use instead of the default config file')
     args = parser.parse_args()

salt/sensoroni/files/analyzers/sublime/sublime.yaml

@@ -1,5 +1,5 @@
 base_url: "{{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:base_url', 'https://api.platform.sublimesecurity.com') }}"
 api_key: "{{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:api_key', '') }}"
-live_flow: {{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:live_flow', 'False') }}
+live_flow: "{{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:live_flow', 'False') }}"
 mailbox_email_address: "{{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:mailbox_email_address', '') }}"
 message_source_id: "{{ salt['pillar.get']('sensoroni:analyzers:sublime_platform:message_source_id', '') }}"

salt/sensoroni/files/analyzers/sublime/sublime_test.py

@@ -13,7 +13,7 @@ class TestSublimePlatformMethods(unittest.TestCase):
             with patch('sys.stderr', new=StringIO()) as mock_stderr:
                 sys.argv = ["cmd"]
                 sublime.main()
-                self.assertEqual(mock_stderr.getvalue(), "usage: cmd [-h] [-c CONFIG_FILE] artifact\ncmd: error: the following arguments are required: artifact\n")
+                self.assertEqual(mock_stderr.getvalue(), '''usage: cmd [-h] [-c CONFIG_FILE] artifact\ncmd: error: the following arguments are required: artifact\n''')
                 sysmock.assert_called_once_with(2)
 
     def test_main_success(self):