def email_alert(filename, sha2, base_url, message): """Create an email alert.""" smtp_config = {} smtp_server = os.getenv('SMTP_SERVER', settings.SMTP_SERVER) from_email = os.getenv('NJS_FROM_EMAIL', settings.NJS_FROM_EMAIL) to_email = os.getenv('NJS_TO_EMAIL', settings.NJS_TO_EMAIL) if not (smtp_server and from_email and to_email): return text = f'Report Generated by nodejsscan v{settings.VERSION}' severity, total_issues = filters.get_metrics(message) context = { 'version': settings.VERSION, 'scan_file': filename, 'total_issues': total_issues, 'total_files': len(message['files']), 'url': f'{base_url}scan/{sha2}', 'error': severity['error'], 'warning': severity['warning'], 'info': severity['info'], 'nodejs': message['nodejs'], 'templates': message['templates'], } html = render_template('email.html', **context) smtp_config['server'] = smtp_server smtp_config['from'] = from_email smtp_config['to'] = to_email smtp_config['port'] = os.getenv('SMTP_PORT', settings.SMTP_PORT) smtp_config['user'] = os.getenv('SMTP_USER', settings.SMTP_USER) smtp_config['pass'] = os.getenv('SMTP_PASS', settings.SMTP_PASS) smtp_config['starttls'] = os.getenv('SMTP_STARTTLS', settings.SMTP_STARTTLS) process = Thread(target=send_mail, args=(smtp_config, html, text)) process.start() process.join()
def scan_result(sha2): """Get Scan result.""" res = get_results(sha2) if not res: return jsonify({'status': 'failed', 'message': 'Scan hash not found'}) triage = filters.get_triaged(res) filters.filter_files(res, 'nodejs') filters.filter_files(res, 'templates') new_dict = copy.deepcopy(res) filters.filter_rules(res, new_dict, 'nodejs') filters.filter_rules(res, new_dict, 'templates') new_dict['version'] = settings.VERSION new_dict['year'] = utils.year() sev, isus = filters.get_metrics(new_dict) new_dict['severity'] = sev new_dict['security_issues'] = isus new_dict['triaged'] = triage return render_template('scan_result.html', **new_dict)
def slack_alert(filename, sha2, base_url, message): """Send slack alert.""" url = os.environ.get('SLACK_WEBHOOK_URL', settings.SLACK_WEBHOOK_URL) if not url: return severity, total_issues = filters.get_metrics(message) total_files = len(message['files']) scan_file = filename error = severity['error'] warning = severity['warning'] info = severity['info'] slack_json = { 'blocks': [ { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': f'*nodejsscan v{settings.VERSION}*', }, }, { 'type': 'context', 'elements': [ { 'text': ('Scan Completed ' f'on: *{utils.get_timestamp()}*'), 'type': 'mrkdwn', }, ], }, { 'type': 'divider', }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': (f'Found *{total_issues}* issues' f' in *{total_files}* files :zap:'), }, }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': f'nodejsscan finished analyzing *{ scan_file }*', }, 'accessory': { 'type': 'button', 'text': { 'type': 'plain_text', 'text': 'See Scan Results', }, 'url': f'{base_url}scan/{sha2}', 'style': 'primary', }, }, { 'type': 'divider', }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': '*Severity Distribution*', }, }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': f':octagonal_sign: ERROR: *{error}*', }, }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': f':warning: WARNING: *{warning}*', }, }, { 'type': 'section', 'text': { 'type': 'mrkdwn', 'text': f':information_source: INFO: *{info}*', }, }, { 'type': 'divider', }, ], } process = Thread(target=slack_post, args=(url, slack_json)) process.start() process.join()