gocortexio
diff --git a/‎src/.DS_Store‎ ‎.DS_Store‎src/.DS_Store renamed to .DS_Store
6 KB b/‎src/.DS_Store‎ ‎.DS_Store‎src/.DS_Store renamed to .DS_Store
6 KB
diff --git a/‎Cargo.lock‎
Lines changed: 462 additions & 269 deletions b/‎Cargo.lock‎
Lines changed: 462 additions & 269 deletions
diff --git a/‎Cargo.toml‎
Lines changed: 5 additions & 5 deletions b/‎Cargo.toml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/api.rs‎
Lines changed: 34 additions & 12 deletions b/‎src/api.rs‎
Lines changed: 34 additions & 12 deletions
diff --git a/‎src/config.rs‎
Lines changed: 11 additions & 0 deletions b/‎src/config.rs‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/content_types.rs‎
Lines changed: 2 additions & 2 deletions b/‎src/content_types.rs‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎target/CACHEDIR.TAG‎
Lines changed: 0 additions & 3 deletions b/‎target/CACHEDIR.TAG‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎target/release/.cargo-lock‎ b/‎target/release/.cargo-lock‎
@@ -1,6 +1,6 @@
 [package]
 name = "gcgit"
-version = "1.0.0"
+version = "1.0.2"
 edition = "2021"
 description = "A Rust-based CLI tool for version-controlling Cortex XSIAM configurations"
 authors = ["gcgit team"]
@@ -14,15 +14,15 @@ name = "gcgit"
 path = "src/main.rs"
 
 [dependencies]
-clap = { version = "4.0", features = ["derive"] }
+clap = { version = "4.5", features = ["derive"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 serde_yaml = "0.9"
 schemars = { version = "0.8", features = ["derive"] }
 toml = "0.8"
-reqwest = { version = "0.11", features = ["json", "rustls-tls"], default-features = false }
-git2 = { version = "0.18", default-features = false, features = ["vendored-openssl"] }
-tokio = { version = "1.0", features = ["full"] }
+reqwest = { version = "0.12", features = ["json", "rustls-tls"], default-features = false }
+git2 = { version = "0.19", default-features = false, features = ["vendored-openssl"] }
+tokio = { version = "1.47", features = ["full"] }
 anyhow = "1.0"
 uuid = { version = "1.0", features = ["v4"] }
 chrono = { version = "0.4", features = ["serde"] }
@@ -2,6 +2,7 @@
 
 Go Cortex Git is a Rust-based command-line interface (CLI) tool designed to serve as a lightweight abstraction layer between local Git operations and the Cortex XSIAM REST API. Its purpose is to enable security teams to version-control and deploy Cortex XSIAM configuration objects—such as Correlation Searches, Dashboards, BIOCs, and Scripts—without requiring a full-scale CI/CD pipeline or remote Git hosting. By wrapping standard Git workflows and translating file changes into corresponding API actions, gcgit streamlines content management within XSIAM while keeping everything local and traceable via Git.
 
+
 ## Quick Start
 
 ### 1. Install gcgit
 
@@ -42,17 +42,26 @@ impl XsiamClient {
         let endpoint = self.get_delete_endpoint(&object.content_type);
         let url = format!("https://{}/public_api/v1/{}", self.config.fqdn, endpoint);
 
+        // Get the correct request data format based on content type
+        let registry = crate::content_types::ContentTypeRegistry::new();
+        let request_data = if let Some(config) = registry.get(&object.content_type) {
+            config.get_request_data(&object.id)
+        } else {
+            // Fallback for unknown content types
+            serde_json::json!({
+                "request_data": {
+                    "id": object.id
+                }
+            })
+        };
+
         let response = self.client
             .post(&url)
             .header("x-xdr-auth-id", &self.config.api_key_id)
             .header("Authorization", &self.config.api_key)
             .header("Content-Type", "application/json")
             .header("Accept", "application/json")
-            .json(&serde_json::json!({
-                "request_data": {
-                    "rule_id": object.id
-                }
-            }))
+            .json(&request_data)
             .send()
             .await
             .with_context(|| format!("Failed to send delete request to {}", url))?;
@@ -516,14 +525,27 @@ impl XsiamClient {
         let endpoint = self.get_delete_endpoint(content_type);
         let url = format!("https://{}/public_api/v1/{}", self.config.fqdn, endpoint);
 
-        // Delete request format: {"request_data": {"objects_count": N, "objects": [id1, id2, ...]}}
-        let id_num = id.parse::<i64>().unwrap_or(0);
-        let request_data = serde_json::json!({
-            "request_data": {
-                "objects_count": 1,
-                "objects": [id_num]
+        // Get the correct request data format based on content type
+        let registry = crate::content_types::ContentTypeRegistry::new();
+        let request_data = if let Some(config) = registry.get(content_type) {
+            config.get_request_data(id)
+        } else {
+            // Fallback for unknown content types - try both string and integer IDs
+            if let Ok(id_num) = id.parse::<i64>() {
+                serde_json::json!({
+                    "request_data": {
+                        "objects_count": 1,
+                        "objects": [id_num]
+                    }
+                })
+            } else {
+                serde_json::json!({
+                    "request_data": {
+                        "id": id
+                    }
+                })
             }
-        });
+        };
 
         let response = self.client
             .post(&url)
 
@@ -3,6 +3,7 @@ use serde::{Deserialize, Serialize};
 use std::fs;
 use std::path::Path;
 use std::env;
+use crate::git_wrapper::GitWrapper;
 
 #[derive(Debug, Deserialize, Serialize)]
 pub struct XsiamConfig {
@@ -153,6 +154,16 @@ instance_name = "{}"
         fs::write(&config_path, config_content)
             .with_context(|| format!("Failed to write config file: {}", config_path))?;
 
+        // Initialize git repository
+        let _git_repo = GitWrapper::new(instance_name)
+            .with_context(|| format!("Failed to initialize git repository in: {}", instance_name))?;
+
+        // Create .gitignore file to exclude config.toml from version control
+        let gitignore_path = format!("{}/.gitignore", instance_name);
+        let gitignore_content = "*.toml\n";
+        fs::write(&gitignore_path, gitignore_content)
+            .with_context(|| format!("Failed to create .gitignore file: {}", gitignore_path))?;
+
         Ok(())
     }
 }
 
@@ -87,8 +87,8 @@ impl ContentTypeRegistry {
             get_endpoint: "authentication-settings/get/settings",
             insert_endpoint: "authentication-settings/insert",
             delete_endpoint: "authentication-settings/delete",
-            id_field: "id",
-            request_id_key: "id",
+            id_field: "name",
+            request_id_key: "name",
         });
 
         // Example for future content types: