chore: testing fix

Author: grokas-splunk

src/app.py

@@ -594,6 +594,8 @@ class GetEmailParams(Params):
 class GetEmailOutput(ActionOutput):
     # Make all fields optional since not all emails have all headers
     # Using Pydantic Field with default=None for optional fields
+    message: str | None = None
+    container_id: int | None = None
     ARC_Authentication_Results: str | None = PydanticField(
         None, alias="ARC-Authentication-Results"
     )
@@ -713,13 +715,36 @@ def get_email(params: GetEmailParams, soar: SOARClient, asset: Asset) -> GetEmai
     if params.id:
         helper._connect_to_server()
         email_data, _data_time_info = helper._get_email_data(
-            params.id, params.folder if params.folder else asset.folder
+            params.id, params.folder if params.folder else asset.folder, is_diff=True
         )
         mail = email.message_from_string(email_data)
 
+        # Handle ingestion if requested
+        container_id = None
+        if params.ingest_email:
+            # Parse and create container/artifacts
+            for obj in helper._parse_and_create_artifacts(
+                params.id, email_data, _data_time_info, asset
+            ):
+                if isinstance(obj, Container):
+                    # Save the container and get its ID
+                    result = soar.save_container(obj)
+                    container_id = result.get("id")
+                elif isinstance(obj, Artifact):
+                    # Save the artifact
+                    if container_id:
+                        obj.container_id = container_id
+                        soar.save_artifact(obj)
+
+            message = f"Email ingested with container ID: {container_id}"
+        else:
+            message = "Email not ingested."
+
         # Get mail headers
         headers = mail.__dict__.get("_headers", [])
-        ret_val = {}
+        ret_val = {"message": message}
+        if container_id:
+            ret_val["container_id"] = container_id
         for header in headers:
             try:
                 ret_val[header[0]] = str(make_header(decode_header(header[1])))
@@ -731,8 +756,28 @@ def get_email(params: GetEmailParams, soar: SOARClient, asset: Asset) -> GetEmai
 
         return GetEmailOutput(**ret_val)
 
-    # Container ID handling would go here
-    raise NotImplementedError("Container ID handling not yet implemented")
+    # Handle container_id parameter - fetch email from existing container
+    if params.container_id:
+        # Get container data from SOAR
+        container = soar.get_container(params.container_id)
+        if not container:
+            raise ValueError(f"Container with ID {params.container_id} not found")
+
+        # Get artifacts from the container
+        soar.get_container_artifacts(params.container_id)
+
+        # Extract email headers from artifacts/container data
+        ret_val = {"message": "Email retrieved from container."}
+
+        # Get container data which should have email info
+        if container.get("data"):
+            email_data = container["data"]
+            if isinstance(email_data, dict):
+                ret_val.update(email_data)
+
+        return GetEmailOutput(**ret_val)
+
+    raise ValueError("Please specify either id or container_id to get the email")
 
 
 if __name__ == "__main__":