def _get_suppressions_from_platform(self):
headers = merge_dicts(
get_default_get_headers(self.bc_integration.bc_source,
self.bc_integration.bc_source_version),
get_auth_header(self.bc_integration.get_auth_token()))
response = requests.request('GET',
self.suppressions_url,
headers=headers)
if response.status_code != 200:
error_message = extract_error_message(response)
raise Exception(
f'Get suppressions request failed with response code {response.status_code}: {error_message}'
)
# filter out suppressions that we know just don't apply
suppressions = [
s for s in json.loads(response.content)
if self._suppression_valid_for_run(s)
]
for suppression in suppressions:
if suppression['policyId'] in self.bc_integration.bc_id_mapping:
suppression[
'checkovPolicyId'] = self.bc_integration.bc_id_mapping[
suppression['policyId']]
else:
suppression['checkovPolicyId'] = suppression[
'policyId'] # custom policy
return suppressions
def _get_fixes_for_file(self, check_type, filename, file_contents, failed_checks):
errors = list(map(lambda c: {
'resourceId': c.resource,
'policyId': self.bc_integration.ckv_to_bc_id_mapping[c.check_id],
'startLine': c.file_line_range[0],
'endLine': c.file_line_range[1]
}, failed_checks))
payload = {
'filePath': filename,
'fileContent': file_contents,
'framework': check_type,
'errors': errors
}
headers = merge_dicts(
get_default_post_headers(self.bc_integration.bc_source, self.bc_integration.bc_source_version),
{"Authorization": self.bc_integration.get_auth_token()}
)
response = requests.request('POST', self.fixes_url, headers=headers, json=payload)
if response.status_code != 200:
error_message = extract_error_message(response)
raise Exception(f'Get fixes request failed with response code {response.status_code}: {error_message}')
logging.debug(f'Response from fixes API: {response.content}')
fixes = json.loads(response.content) if response.content else None
if not fixes or type(fixes) != list:
logging.warning(f'Unexpected fixes API response for file {filename}; skipping fixes for this file')
return None
return fixes[0]
def _get_policies_from_platform(self):
headers = merge_dicts(get_default_get_headers(self.bc_integration.bc_source, self.bc_integration.bc_source_version),
get_auth_header(self.bc_integration.bc_api_key))
response = requests.request('GET', self.policies_url, headers=headers)
if response.status_code != 200:
error_message = extract_error_message(response)
raise Exception(f'Get custom policies request failed with response code {response.status_code}: {error_message}')
policies = response.json().get('data', [])
return policies
def _get_fixes_for_file(self, filename, file_contents, failed_checks):
errors = list(
map(
lambda c: {
'resourceId':
c.resource,
'policyId':
self.bc_integration.ckv_to_bc_id_mapping[c.check_id],
'startLine':
c.file_line_range[0],
'endLine':
c.file_line_range[1]
}, failed_checks))
payload = {
'filePath': filename,
'fileContent': file_contents,
'errors': errors
}
headers = merge_dicts(
get_default_post_headers(self.bc_integration.bc_source,
self.bc_integration.bc_source_version),
get_auth_header(self.bc_integration.bc_api_key))
response = requests.request('POST',
self.fixes_url,
headers=headers,
json=payload)
if response.status_code != 200:
error_message = extract_error_message(response)
raise Exception(
f'Get fixes request failed with response code {response.status_code}: {error_message}'
)
fixes = json.loads(response.content)
return fixes[0]
