def email_alert(filename, sha2, base_url, message):
"""Create an email alert."""
smtp_config = {}
smtp_server = os.getenv('SMTP_SERVER', settings.SMTP_SERVER)
from_email = os.getenv('NJS_FROM_EMAIL', settings.NJS_FROM_EMAIL)
to_email = os.getenv('NJS_TO_EMAIL', settings.NJS_TO_EMAIL)
if not (smtp_server and from_email and to_email):
return
text = f'Report Generated by nodejsscan v{settings.VERSION}'
severity, total_issues = filters.get_metrics(message)
context = {
'version': settings.VERSION,
'scan_file': filename,
'total_issues': total_issues,
'total_files': len(message['files']),
'url': f'{base_url}scan/{sha2}',
'error': severity['error'],
'warning': severity['warning'],
'info': severity['info'],
'nodejs': message['nodejs'],
'templates': message['templates'],
}
html = render_template('email.html', **context)
smtp_config['server'] = smtp_server
smtp_config['from'] = from_email
smtp_config['to'] = to_email
smtp_config['port'] = os.getenv('SMTP_PORT', settings.SMTP_PORT)
smtp_config['user'] = os.getenv('SMTP_USER', settings.SMTP_USER)
smtp_config['pass'] = os.getenv('SMTP_PASS', settings.SMTP_PASS)
smtp_config['starttls'] = os.getenv('SMTP_STARTTLS',
settings.SMTP_STARTTLS)
process = Thread(target=send_mail, args=(smtp_config, html, text))
process.start()
process.join()
def scan_result(sha2):
"""Get Scan result."""
res = get_results(sha2)
if not res:
return jsonify({'status': 'failed', 'message': 'Scan hash not found'})
triage = filters.get_triaged(res)
filters.filter_files(res, 'nodejs')
filters.filter_files(res, 'templates')
new_dict = copy.deepcopy(res)
filters.filter_rules(res, new_dict, 'nodejs')
filters.filter_rules(res, new_dict, 'templates')
new_dict['version'] = settings.VERSION
new_dict['year'] = utils.year()
sev, isus = filters.get_metrics(new_dict)
new_dict['severity'] = sev
new_dict['security_issues'] = isus
new_dict['triaged'] = triage
return render_template('scan_result.html', **new_dict)
def slack_alert(filename, sha2, base_url, message):
"""Send slack alert."""
url = os.environ.get('SLACK_WEBHOOK_URL', settings.SLACK_WEBHOOK_URL)
if not url:
return
severity, total_issues = filters.get_metrics(message)
total_files = len(message['files'])
scan_file = filename
error = severity['error']
warning = severity['warning']
info = severity['info']
slack_json = {
'blocks': [
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': f'*nodejsscan v{settings.VERSION}*',
},
},
{
'type':
'context',
'elements': [
{
'text': ('Scan Completed '
f'on: *{utils.get_timestamp()}*'),
'type':
'mrkdwn',
},
],
},
{
'type': 'divider',
},
{
'type': 'section',
'text': {
'type':
'mrkdwn',
'text': (f'Found *{total_issues}* issues'
f' in *{total_files}* files :zap:'),
},
},
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': f'nodejsscan finished analyzing *{ scan_file }*',
},
'accessory': {
'type': 'button',
'text': {
'type': 'plain_text',
'text': 'See Scan Results',
},
'url': f'{base_url}scan/{sha2}',
'style': 'primary',
},
},
{
'type': 'divider',
},
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': '*Severity Distribution*',
},
},
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': f':octagonal_sign: ERROR: *{error}*',
},
},
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': f':warning: WARNING: *{warning}*',
},
},
{
'type': 'section',
'text': {
'type': 'mrkdwn',
'text': f':information_source: INFO: *{info}*',
},
},
{
'type': 'divider',
},
],
}
process = Thread(target=slack_post, args=(url, slack_json))
process.start()
process.join()