Validating your app

The SDK includes a validate command that can test the content of the files that are associated with the app, including checking the code and that the files are written and configured correctly.

After you package your app, you can test the content of the files by using the following command.

resilient-sdk validate -p <name_of_package>

The command runs the following programs.

pylint. A source-code, bug, and quality checker for the Python language.
bandit. A tool to find common security issues in code.
tox. A tool that runs all of the unit tests for your package.
selftest. A Resilient® Circuits tool that checks the following connections and parameters. Requires that Resilient Circuits is installed.
- REST connection with the SOAR platform. It tests that the API key ID and secret that are specified in app.config can authenticate with SOAR platform and log in to the organization specified in app.config.
- STOMP connection with the SOAR platform. It starts a subprocess of resilient-circuits run to verify that it starts correctly. It then verifies that the specified API key is authorized to read from the app’s message destination and that the message destination exists for the app.
- If you implemented the selftest_function method in the util/selftest.py file, it checks connections to third-party systems and that any customer parameters in app.config are valid.

You can use the validate command options to run the tools separately. Use the -h option to show all the available arguments.

For more information, see the Resilient SDK documents at https://ibm.biz/soar-python-docs.