if os.environ.get('DRA_IS_PRESENT') == "1":
upload_results_to_dra()
return all_jobs_complete, high_issue_count, med_issue_count
# begin main execution sequence
try:
parsed_args = parse_args()
if parsed_args['help']:
print_help()
sys.exit(0)
python_utils.LOGGER = python_utils.setup_logging()
# send slack notification
if os.path.isfile("%s/utilities/sendMessage.sh" % python_utils.EXT_DIR):
command='{path}/utilities/sendMessage.sh -l info -m \"Starting static security scan\"'.format(path=python_utils.EXT_DIR)
if python_utils.DEBUG:
print "running command " + command
proc = Popen([command], shell=True, stdout=PIPE, stderr=PIPE)
out, err = proc.communicate();
python_utils.LOGGER.debug(out)
else:
if python_utils.DEBUG:
print "sendMessage.sh not found, notifications not attempted"
python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first = True)
python_utils.LOGGER.info("Getting credentials for Static Analysis service")
creds = python_utils.get_credentials_for_non_binding_service(service=APP_SECURITY_SERVICE)
if os.environ.get('DRA_IS_PRESENT') == "1":
upload_results_to_dra()
return all_jobs_complete, high_issue_count, med_issue_count
# begin main execution sequence
try:
parsed_args = parse_args()
if parsed_args['help']:
print_help()
sys.exit(0)
python_utils.LOGGER = python_utils.setup_logging()
# send slack notification
if os.path.isfile("%s/utilities/sendMessage.sh" % python_utils.EXT_DIR):
command = '{path}/utilities/sendMessage.sh -l info -m \"Starting static security scan\"'.format(
path=python_utils.EXT_DIR)
if python_utils.DEBUG:
print "running command " + command
proc = Popen([command], shell=True, stdout=PIPE, stderr=PIPE)
out, err = proc.communicate()
python_utils.LOGGER.debug(out)
else:
if python_utils.DEBUG:
print "sendMessage.sh not found, notifications not attempted"
python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first=True)
python_utils.LOGGER.info("Getting credentials for Static Analysis service")
def parse_args ():
global VULN_BASE_URL, COMP_BASE_URL, API_SERVER, CRAWLER_SERVER, CALL_VIA_API
global BEARER_TOKEN, SPACE_GUID
global CF_API_SERVER, API_SERVER
parsed_args = {}
parsed_args['nocompcheck'] = False
parsed_args['novulncheck'] = False
parsed_args['calldirect'] = False
parsed_args['hidepass'] = False
parsed_args['images'] = []
parsed_args['debug'] = False
parsed_args['help'] = False
# check command line args
for idx, arg in enumerate(sys.argv):
if idx == 0:
# don't worry about the calling parm at this time
continue
if arg == "--nocompcheck":
# only check vulnerabilities
parsed_args['nocompcheck'] = True
if arg == "--novulncheck":
# only check compliance
parsed_args['novulncheck'] = True
if arg == "--calldirect":
# call direct mode - bypass the api server and go straight to the crawler server
parsed_args['calldirect'] = True
CALL_VIA_API = False
if arg == "--hidepass":
# don't print checks that passed
parsed_args['hidepass'] = True
if arg == "--debug":
# enable debug mode, can also be done with python_utils.DEBUG env var
parsed_args['debug'] = True
python_utils.DEBUG = "1"
if arg == "--help":
# just print help and return
parsed_args['help'] = True
if not arg.startswith("--"):
# add this as an image to be checked
parsed_args['images'].append(arg)
# check for env var args that we may need as well
image_name = os.environ.get('IMAGE_NAME')
if image_name:
parsed_args['images'].append(image_name)
call_direct_env = os.environ.get('CC_CALLDIRECT')
if call_direct_env:
# call direct mode - bypass the api server and go straight to the crawler server
parsed_args['calldirect'] = True
CALL_VIA_API = False
python_utils.LOGGER = python_utils.setup_logging()
# set up the server urls
if CALL_VIA_API:
CF_API_SERVER, API_SERVER = python_utils.find_api_servers()
if not API_SERVER:
msg = "Cannot determine correct api server, unable to place queries"
python_utils.LOGGER.error( msg )
raise Exception( msg )
else:
CRAWLER_SERVER = os.environ.get('CRAWLER_SERVER')
if not CRAWLER_SERVER:
msg = "CRAWLER_SERVER is not set, unable to place queries"
python_utils.LOGGER.error( msg )
raise Exception( msg )
VULN_BASE_URL=VULN_BASE_TEMPLATE % CRAWLER_SERVER
COMP_BASE_URL=COMP_BASE_TEMPLATE % CRAWLER_SERVER
# load creds
BEARER_TOKEN, SPACE_GUID = python_utils.load_cf_auth_info()
# see how much time we have left after completing init
python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first = True)
return parsed_args