def main():
project_name = os.environ["cxProject"]
team_name = os.environ["cxTeam"]
platform_tag = os.environ["cxPlatformTag"]
project_api = ProjectsAPI()
project_id = project_api.get_project_id_by_project_name_and_team_full_name(
project_name, team_name
)
if not project_id:
sys.exit(
f"Your project {project_name} with team name {team_name} does not exist in checkmarx"
)
if not check_valid_platform_tag(platform_tag):
sys.exit(f"You're platform tag {platform_tag} doesn't exist in cloudgov")
# Get all the project details to update the project along with the new custom field
project_details = project_api.get_project_details_by_id(project_id)
# Get a custom field object to update project with.
# In the object we set the custom_field_id to 1 to let it know we are referring to platform_tag
# And we set the name to the platform_tag name we want to give it
custom_fields = [CxCustomField.CxCustomField(custom_field_id=1, name=platform_tag)]
# Update the project with the project attributes and platform tag custom_field
project_api.update_project_by_id(
project_id=project_details.project_id,
project_name=project_details.name,
team_id=project_details.team_id,
custom_fields=custom_fields[0],
)
def test_get_project_details_by_id():
projects_api = ProjectsAPI()
project_name = "test1"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
project = projects_api.get_project_details_by_id(project_id)
assert project.project_id is not None
def get_project_id():
# project_name = "BookStore %2B OSA"
project_name = "jvl_git"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name, "/CxServer")
return project_id
def test_get_remote_source_settings_for_custom_by_project_id():
project_name = "JVL-source-pulling"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
custom_source_setting = projects_api.get_remote_source_settings_for_custom_by_project_id(
project_id)
assert custom_source_setting is not None
def test_get_remote_source_settings_for_svn_by_project_id():
projects_api = ProjectsAPI()
project_name = "happy-svn"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
svn_settings = projects_api.get_remote_source_settings_for_svn_by_project_id(
project_id)
assert svn_settings is not None
def test_get_remote_source_settings_for_git_by_project_id():
projects_api = ProjectsAPI()
project_name = "jvl_git"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
git_settings = projects_api.get_remote_source_settings_for_git_by_project_id(
project_id)
assert git_settings is not None
def test_get_project_exclude_settings_by_project_id():
projects_api = ProjectsAPI()
project_name = "test1"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
exclude_settings = projects_api.get_project_exclude_settings_by_project_id(
project_id)
assert exclude_settings is not None
def test_set_data_retention_settings_by_project_id():
project_name = "JVL_local_zip"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
result = projects_api.set_data_retention_settings_by_project_id(
project_id, 20)
assert result is True
def test_get_remote_source_settings_for_shared_by_project_id():
project_name = "jvl-shared"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
shared_source_setting = projects_api.get_remote_source_settings_for_shared_by_project_id(
project_id)
assert shared_source_setting is not None
def test_update_project_name_team_id():
projects_api = ProjectsAPI()
team_id = TeamAPI().get_team_id_by_team_full_name()
project_name = "test_update"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
result = projects_api.update_project_name_team_id(project_id,
project_name="test1",
team_id=team_id)
assert result is True
def test_set_project_exclude_settings_by_project_id():
projects_api = ProjectsAPI()
project_name = "test1"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
exclude_folders_pattern = "docs,tests,example"
exclude_files_pattern = "*.txt,*.doc, *.csv"
result = projects_api.set_project_exclude_settings_by_project_id(
project_id, exclude_folders_pattern, exclude_files_pattern)
assert result is True
def test_update_project_queue_setting():
project_name = "jvl_git"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name, team_full_name)
is_successful = projects_api.update_project_queue_setting(
project_id=project_id,
queue_keep_mode="KeepAll",
scans_type="OnlyFull",
include_scans_in_process=False,
identical_code_only=False)
assert is_successful is True
def test_update_project_by_id():
projects_api = ProjectsAPI()
project_name = "test1"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
branched_project_name = "test_update"
projects_api.delete_project_if_exists_by_project_name_and_team_full_name(
branched_project_name)
team_id = TeamAPI().get_team_id_by_team_full_name()
result = projects_api.update_project_by_id(
project_id, project_name=branched_project_name, team_id=team_id)
assert result is True
def test_set_issue_tracking_system_as_jira_by_id():
project_name = "JVL_local_zip"
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name)
issue_tracking_system_id = 1
jira_project_id = None
issue_type_id = None
jira_fields = None
is_successful = projects_api.set_issue_tracking_system_as_jira_by_id(
project_id, issue_tracking_system_id, jira_project_id, issue_type_id,
jira_fields)
assert is_successful is True
def get_last_scan_id_of_a_project(team_full_name, project_name):
"""
Args:
team_full_name (str):
project_name (str):
Returns:
scan_id (int)
"""
projects_api = ProjectsAPI()
scan_api = ScansAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name=project_name, team_full_name=team_full_name)
return scan_api.get_last_scan_id_of_a_project(project_id=project_id,
only_finished_scans=True)
get_all_projects_with_their_last_scan_and_the_high_vulnerabilities,
get_projects_that_have_high_vulnerabilities_in_the_last_scan,
get_the_number_of_issues_vulnerabilities_within_a_predefined_time_range_for_all_projects_in_a_team,
get_count_of_the_projects_in_the_system,
get_all_projects_with_a_custom_field_that_has_a_specific_value,
get_all_projects_with_a_custom_field_as_well_as_the_custom_field_information,
get_presets_associated_with_each_project,
get_all_projects_that_are_set_up_with_a_non_standard_configuration,
get_all_projects_id_name,
get_all_projects_id_name_and_team_id_name,
)
project_name = "jvl_git"
scans_api = ScansAPI()
projects_api = ProjectsAPI()
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name=project_name)
def test_get_top_n_projects_by_risk_score():
number_of_projects = 10
r = get_top_n_projects_by_risk_score(number_of_projects=number_of_projects)
assert r is not None
def test_get_top_n_projects_by_last_scan_duration():
number_of_projects = 10
r = get_top_n_projects_by_last_scan_duration(
number_of_projects=number_of_projects)
assert r is not None
def scan_from_local(team_full_name,
project_name,
report_type,
zip_file_path,
report_folder=None):
"""
Args:
team_full_name (str):
project_name (str):
report_type (str):
zip_file_path (str)
report_folder (str):
Returns:
"""
if not report_folder or not exists(report_folder):
report_folder = dirname(__file__)
if not exists(zip_file_path):
print("zip file not found. \n abort scan.")
return
print(
("team_full_name: {}, \n"
"project_name: {}, \n"
"report_type: {}, \n"
"zip_file_path: {}, \n"
"report_folder: {}").format(team_full_name, project_name, report_type,
zip_file_path, report_folder))
team_api = TeamAPI()
projects_api = ProjectsAPI()
scan_api = ScansAPI()
# 2. get team id
print("2. get team id")
team_id = team_api.get_team_id_by_team_full_name(team_full_name)
if not team_id:
print("team: {} not exist".format(team_full_name))
return
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name=project_name, team_full_name=team_full_name)
# 3. create project with default configuration, will get project id
print("3. create project with default configuration, will get project id")
if not project_id:
project = projects_api.create_project_with_default_configuration(
project_name=project_name, team_id=team_id)
project_id = project.id
print("project_id: {}".format(project_id))
# 4. upload source code zip file
print("4. upload source code zip file")
projects_api.upload_source_code_zip_file(project_id, str(zip_file_path))
# 6. set data retention settings by project id
print("6. set data retention settings by project id")
projects_api.set_data_retention_settings_by_project_id(
project_id=project_id, scans_to_keep=3)
# 7. define SAST scan settings
print("7. define SAST scan settings")
preset_id = projects_api.get_preset_id_by_name()
print("preset id: {}".format(preset_id))
scan_api.define_sast_scan_settings(project_id=project_id,
preset_id=preset_id)
projects_api.set_project_exclude_settings_by_project_id(
project_id, exclude_folders_pattern="", exclude_files_pattern="")
# 8. create new scan, will get a scan id
print("8. create new scan, will get a scan id")
scan = scan_api.create_new_scan(project_id=project_id)
scan_id = scan.id
print("scan_id : {}".format(scan_id))
# 9. get scan details by scan id
print("9. get scan details by scan id")
while True:
scan_detail = scan_api.get_sast_scan_details_by_scan_id(
scan_id=scan_id)
scan_status = scan_detail.status.name
print("scan_status: {}".format(scan_status))
if scan_status == "Finished":
break
elif scan_status == "Failed":
return
time.sleep(10)
# 11[optional]. get statistics results by scan id
print("11[optional]. get statistics results by scan id")
statistics = scan_api.get_statistics_results_by_scan_id(scan_id=scan_id)
if statistics:
print(statistics)
# 12. register scan report
print("12. register scan report")
report = scan_api.register_scan_report(scan_id=scan_id,
report_type=report_type)
report_id = report.report_id
print("report_id : {}".format(report_id))
# 13. get report status by id
print("13. get report status by id")
while not scan_api.is_report_generation_finished(report_id):
time.sleep(10)
# 14. get report by id
print("14. get report by id")
report_content = scan_api.get_report_by_id(report_id)
time_stamp = datetime.now().strftime('_%Y_%m_%d_%H_%M_%S')
file_name = normpath(
join(report_folder, project_name + time_stamp + "." + report_type))
with open(str(file_name), "wb") as f_out:
f_out.write(report_content)
def test_get_project_id_by_name():
projects_api = ProjectsAPI()
project_name = "test1"
project_id = projects_api.get_project_id_by_project_name_and_team_full_name(
project_name, team_full_name)
assert project_id is not None
