def change_card(account_id, token, endpoint, note):
try:
findingsAPI = FindingsApiV1(
authenticator=BearerTokenAuthenticator(token))
findingsAPI.set_service_url(endpoint)
response = findingsAPI.update_note(account_id=account_id,
note_id=note['id']**note)
if response.get_status_code() == 200:
logger.info("card updated: %s" % note['id'])
else:
logger.error("card not updated: %s" % note['id'])
except:
logger.exception(
"an unexpected error was encountered while updating note")
def __init__(self, results, controls, push_error=False):
"""
Construct and initialize the Findings notifier object.
:param results: dictionary generated by
:py:class:`compliance.runners.CheckMode` at the end of the execution.
:param controls: the control descriptor that manages accreditations.
"""
super(FindingsNotifier, self).__init__(results, controls, push_error)
self._config = get_config().get('notify.findings')
self._creds = get_config().creds
api_key = self._creds['findings'].api_key
authenticator = IAMAuthenticator(apikey=api_key)
self.findings_api = FindingsApiV1(authenticator=authenticator)
def loadAndInit():
# load .env if available
load_dotenv()
# Account ID is needed for most API functions
global Account_ID
Account_ID=os.getenv("SAT_ACCOUNT_ID")
# SDK instance
global Findings_API
# initialize IAM authentication based on API key
authenticator=IAMAuthenticator(os.getenv("SAT_APIKEY"))
# initialize API / SDK
Findings_API=FindingsApiV1(authenticator=authenticator)
Findings_API.set_service_url(os.getenv("SAT_ENDPOINT"))
def createOccurences(account_id, token, endpoint, occurrencesJson):
try:
findingsAPI = FindingsApiV1(
authenticator=BearerTokenAuthenticator(token))
findingsAPI.set_service_url(endpoint)
for occurrence in occurrencesJson:
response = findingsAPI.create_occurrence(account_id=account_id,
**occurrence)
if response.get_status_code() == 200:
logger.info("created occurrence: %s" % occurrence['id'])
else:
logger.error("unable to create occurrence: %s" %
occurrence['id'])
except requests.exceptions.HTTPError as err:
logger.exception(
"an unexpected error was encountered while creating occurrence: " +
str(err))
def create_note(account_id, token, endpoint):
try:
findingsAPI = FindingsApiV1(
authenticator=BearerTokenAuthenticator(token))
findingsAPI.set_service_url(endpoint)
for note in vulnerablity_notes_definition["notes"]:
response = findingsAPI.create_note(account_id=account_id, **note)
if response.get_status_code() == 200:
logger.info("created note: %s" % note['id'])
elif response.get_status_code() == 409 and note['kind'] == "CARD":
logger.info("card already present... attempting to update")
change_card(account_id, token, endpoint, note)
else:
logger.error("unable to create note: %s" % note['id'])
except:
logger.exception(
"an unexpected error was encountered while creating note")
def delete_notes(account_id, token, endpoint, notes):
try:
findingsAPI = FindingsApiV1(
authenticator=BearerTokenAuthenticator(token))
findingsAPI.set_service_url(endpoint)
for note in notes:
response = findingsAPI.delete_note(account_id=account_id,
note_id=note['id'],
**note)
if response.get_status_code() == 200:
logger.info("deleted note: %s" % note['id'])
else:
logger.error("unable to delete note: %s" % note['id'])
except:
logger.exception(
"an unexpected error was encountered while deleting the note: " +
str(err))
time.sleep(1)
def get_notes(account_id, token, endpoint, url):
notes = []
try:
findingsAPI = FindingsApiV1(
authenticator=BearerTokenAuthenticator(token))
findingsAPI.set_service_url(endpoint)
for provider in providers:
response = findingsAPI.list_notes(account_id=account_id,
provider_id=provider)
if response.get_status_code() == 200:
logger.info("got notes by provider: %s" % provider)
for note in response.get_result()['notes']:
notes.append(note)
else:
logger.error("unable to get notes by provider: %s" % provider)
return notes
except requests.exceptions.HTTPError as err:
logger.exception(
"an unexpected error was encountered while getting the note: " +
str(err))
return False