Configure a Remote Repository on a Development Machine - Administrator Guide - 6.6 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.6
Creation date
2022-09-29
Last date published
2024-03-21
End_of_Life
EoL
Category
Administrator Guide
Abstract

Configure a remote repository on a development machine. Add content repository in Cortex XSOAR.

To work with the remote repositories, you must have at least two machines, one for development and one for your production environment.

Prerequisites

Before configuring the remote repository, review the following list of prerequisites:

  • Ensure that you have network connectivity from the Cortex XSOAR server to your repository. All communication goes through the Cortex XSOAR server so it must have access to the remote repository.

    Note

    You cannot configure a Cortex XSOAR engine to manage communication to the remote repository.

  • The repository must be a bare Git repository, not a fork of the demisto/content repository. Use git init --bare demisto.git or another method to create a bare Git repository. When creating a repository in your remote Git platform, verify that the repository contains branches. Defining the repository in Cortex XSOAR does not create the branches.

  • Before toggling the remote repository feature on or off, or changing your repository configuration, ensure to back up your existing content to your local computer by navigating to Settings → About → Troubleshooting → Custom Content and clicking Export.

  • You need to install Cortex XSOAR on your development environment, as described in Single Server Deployment.

  1. Configure the environment.

    1. On the machine that is designated to be the development environment, navigate to Settings → About → Troubleshooting → Custom Content and click Import.

    2. Verify that the content in both the development and production environments is synchronized before you proceed. If you do not synchronize the content, you might lose content in one of the environments.

  2. Add the Content Repository tab to Cortex XSOAR.

    1. Select Settings → ABOUT → Troubleshooting → Add Server Configuration.

    2. Add the following key and value.

      Key

      Value

      ui.version.control.show.remote

      true

    3. Click Save.

  3. Define the repository.

    1. Go to Settings → Advanced → Content Repository.

    2. Click the On/Off slider to enable the remote repositories.

    3. Set the current machine as the development environment.

    4. Enter the URL, and SSH private key and key passphrase. Only SSH connections are supported.

      Note

      If you are using a passphrase, only RSA private keys are supported.

      If your SSH connection uses a port other than port 22 (the default SSH port), you must include the ssh string and port number in the URL. In the following example, we use port 20017:

      ssh://git@content.demisto.com:20017/~/my-project.git

    5. Select the active branch on which you will be working.

      Note

      When switching between branches, the list of installed packs is determined by the pack meta-data that appears in the selected branch. The pack meta-data is a JSON file that defines the content pack properties (version, dependencies, release notes, etc.)

    6. Click Save.

    7. In the Migrate server changes screen, determine whether or not you want to keep the content that is currently on the development server, or discard the changes and synchronize completely with the remote repository.

      Selected content: the current content on your server will be maintained and presented in the Local Changes window.

      Cleared content: the current content on the server will be overwritten by the content in the remote repository, if it exists.

      remote-rep.png
    8. Click Continue.

    Content from the remote repository is installed.

    This can take several minutes depending on the amount of content in the remote repository and your hardware configuration. Your custom content is automatically backed up to the Cortex XSOAR server any time you change one of the remote repository settings. The backup is located under /var/lib/demisto/backups/content-backup-*.tar.gz..

  4. Push Content to the Remote Repository.

    When you initially set up your remote repository, all local changes should be pushed from development to the remote repository before any further work is done on the development machine.

    1. Go to Settings → Local Changes. The content that you can push is shown in the tabs:

      • Items: Content that is not related specifically to a content pack. For example, customized automations or playbooks.

        If you have already pushed a content pack and later edit one of its content items, the edited items will appear in the Items tab, not the Packs tab.

      • Packs: All of the content packs that you have installed from Marketplace.

        Note: If you want to have more granular control over the items in the content packs that you push, add the ui.version.control.push.partial.packs server configuration and set the value to true.

      • Pack Items - Content that is specific to the content packs you installed from Marketplace.

      remote-manage.png
    2. Select the changes that you want to push to the remote repository, and click Push.

      You should not manually push content to the remote repository. Use only the procedures outlined in the documentation to ensure that your content is properly updated in the production environment.

    Note

    When working with remote repositories and upgrading to v6.0 and above, you must make sure to push your classifiers and mappers on the dev environment before upgrading the production environment.

  5. In the dialog box add an optional message and click Push & Exit.

  6. Review the contents and click Push.

    Sometimes you may not want to push all content, content pack dependencies, etc. For example, when a user makes a change in a playbook, which depends on an automation and another user is adding a feature, but the change does not require the new version of the automation, you can push the playbook, without the new automation.