Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding check for project-version-violations and report back #55

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Conversation

jmvanryn
Copy link

No description provided.

blackduck/HubRestApi.py Outdated Show resolved Hide resolved
blackduck/HubRestApi.py Outdated Show resolved Hide resolved
blackduck/HubRestApi.py Outdated Show resolved Hide resolved
@@ -1240,6 +1241,32 @@ def get_project_info(self, project_name, link_name):
else:
return {} # nada

def get_project_violation_status(self, project_name, version):

project = self.get_project_by_name(project_name)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did you consider using self.get_project_version_by_name? would replace use of get_project_by_name and the subsequent code to retrieve the version if present, e.g. this method would then become,

def get_project_violation_status(self, project_name, version):
version = self.get_project_version_by_name(project_name, version)
if version:
return version.get('policyStatus', None)
else:
return "{}:{} not found".format(project_name, version)

or something along those lines?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, well I believe I was looking at it this way because it is a more precise error. If I remember get_project_version_by_name will return a non 200 on both missing projects or versions. and I wanted to tell my users what was missing the project or the version or if the server was just miss-behaving

examples/purge.py Outdated Show resolved Hide resolved
examples/purge.py Show resolved Hide resolved
@jmvanryn
Copy link
Author

Oh wow.. Just saw this... I'll go through them now..

@adirlau
Copy link

adirlau commented Feb 8, 2021

import argparse
import logging
import sys
from urllib.parse import urlparse

from blackduck.HubRestApi import HubInstance, object_id

parser = argparse.ArgumentParser("Retrieve scans (aka code locations) from the Black Duck system")
parser.add_argument("-n", "--name", type=str, default=None, help="Filter by name")
parser.add_argument("-r", "--release", action='store_true', help="Set this for scanning the release tag")
parser.add_argument("--unmapped", action='store_true', help="Set this to see any scans (aka code locations) that are not mapped to any project-version")

args = parser.parse_args()

logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
logging.getLogger("requests").setLevel(logging.WARNING)
logging.getLogger("urllib3").setLevel(logging.WARNING)

hub = HubInstance()

if args.name:
    parameters={'q':'name:{}'.format(args.name)}
else:
    parameters={}

if args.unmapped:
    code_locations = hub.get_codelocations(limit=10000, unmapped=True, parameters=parameters)
else:
    code_locations = hub.get_codelocations(limit=10000, parameters=parameters)

code_locations = code_locations.get('items', [])

if not code_locations:
    print("NO_PROJECT - Project "+args.name+" not found")
    exit(0)

for code_location in code_locations:

    if "bom" in code_location['name']:
        # Added this because there can be a bom that has no link, so switched to scan
        logging.debug("Name contains bom - skipping")
        continue
    if args.release:
        if "master" in code_location['name']:
            continue
    else:
        if "release" in code_location['name']:
            continue

    logging.debug(code_location['name'])
    sections = urlparse(code_location['mappedProjectVersion'])
    data = sections.path.split("/")
    project = data[3]
    version = data[5]
    obj = hub.get_version_by_id("/"+project,version)
    scanVersion = obj['versionName']

    status=hub.get_project_violation_status(args.name, scanVersion)



    print(status)

try: status
except NameError: status = None

if status is None:
    print("VERSION_NOT_SCANNED - Version not found")
    exit(0)

if(status == "IN_VIOLATION"):
    exit(0)
elif(status == "NOT_IN_VIOLATION"):
    exit(0)
else:
    exit(0)

#print(json.dumps(code_locations, indent=4, sort_keys=True))


def get_project_violation_status(self, project_name, version):

        project = self.get_project_by_name(project_name)
        if (project is None):
            logging.debug("Project " + project_name + " not found")
            return ("NO_PROJECT")

        link = self.get_link(project, "versions")
        if link:
            response = self.execute_get(link)
            if response.status_code == 200:
                versions_list = json.loads(response.text)
                for version_item in versions_list['items']:
                    logging.debug("Got version in file "+version_item['versionName'])
                    if version == 'empty':
                        version = version_item['versionName']
                    if version_item['versionName'] == version:
                        logging.debug("Found " + version)
                        return version_item['policyStatus']
                else:
                    return ("VERSION_NOT_SCANNED")
            else:
                return ("SERVER_NOT_RETURNED_200")
        else:
            return {} # nada

The function was working fine until we updated the version to 56 and we are facing this error
Screenshot 2021-02-08 at 16 04 43

@gsnyder2007 can you please take a look and let us know what api we can use instead?

Copy link
Author

@jmvanryn jmvanryn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adjustments made..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants