if os.environ.get('DRA_IS_PRESENT') == "1":
        upload_results_to_dra()

    return all_jobs_complete, high_issue_count, med_issue_count


# begin main execution sequence

try:
    parsed_args = parse_args()
    if parsed_args['help']:
        print_help()
        sys.exit(0)

    python_utils.LOGGER = python_utils.setup_logging()
    # send slack notification 
    if os.path.isfile("%s/utilities/sendMessage.sh" % python_utils.EXT_DIR):
        command='{path}/utilities/sendMessage.sh -l info -m \"Starting static security scan\"'.format(path=python_utils.EXT_DIR)
        if python_utils.DEBUG:
            print "running command " + command 
        proc = Popen([command], shell=True, stdout=PIPE, stderr=PIPE)
        out, err = proc.communicate();
        python_utils.LOGGER.debug(out)
    else:
        if python_utils.DEBUG:
            print "sendMessage.sh not found, notifications not attempted"
    
    python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first = True)
    python_utils.LOGGER.info("Getting credentials for Static Analysis service")
    creds = python_utils.get_credentials_for_non_binding_service(service=APP_SECURITY_SERVICE)
Exemplo n.º 2
0
    if os.environ.get('DRA_IS_PRESENT') == "1":
        upload_results_to_dra()

    return all_jobs_complete, high_issue_count, med_issue_count


# begin main execution sequence

try:
    parsed_args = parse_args()
    if parsed_args['help']:
        print_help()
        sys.exit(0)

    python_utils.LOGGER = python_utils.setup_logging()
    # send slack notification
    if os.path.isfile("%s/utilities/sendMessage.sh" % python_utils.EXT_DIR):
        command = '{path}/utilities/sendMessage.sh -l info -m \"Starting static security scan\"'.format(
            path=python_utils.EXT_DIR)
        if python_utils.DEBUG:
            print "running command " + command
        proc = Popen([command], shell=True, stdout=PIPE, stderr=PIPE)
        out, err = proc.communicate()
        python_utils.LOGGER.debug(out)
    else:
        if python_utils.DEBUG:
            print "sendMessage.sh not found, notifications not attempted"

    python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first=True)
    python_utils.LOGGER.info("Getting credentials for Static Analysis service")
def parse_args ():
    global VULN_BASE_URL, COMP_BASE_URL, API_SERVER, CRAWLER_SERVER, CALL_VIA_API
    global BEARER_TOKEN, SPACE_GUID
    global CF_API_SERVER, API_SERVER
    parsed_args = {}
    parsed_args['nocompcheck'] = False
    parsed_args['novulncheck'] = False
    parsed_args['calldirect'] = False
    parsed_args['hidepass'] = False
    parsed_args['images'] = []
    parsed_args['debug'] = False
    parsed_args['help'] = False
    # check command line args
    for idx, arg in enumerate(sys.argv):
        if idx == 0:
            # don't worry about the calling parm at this time
            continue
        if arg == "--nocompcheck":
            # only check vulnerabilities
            parsed_args['nocompcheck'] = True
        if arg == "--novulncheck":
            # only check compliance
            parsed_args['novulncheck'] = True
        if arg == "--calldirect":
            # call direct mode - bypass the api server and go straight to the crawler server
            parsed_args['calldirect'] = True
            CALL_VIA_API = False
        if arg == "--hidepass":
            # don't print checks that passed
            parsed_args['hidepass'] = True
        if arg == "--debug":
            # enable debug mode, can also be done with python_utils.DEBUG env var
            parsed_args['debug'] = True
            python_utils.DEBUG = "1"
        if arg == "--help":
            # just print help and return
            parsed_args['help'] = True
        if not arg.startswith("--"):
            # add this as an image to be checked
            parsed_args['images'].append(arg)

    # check for env var args that we may need as well
    image_name = os.environ.get('IMAGE_NAME')
    if image_name:
        parsed_args['images'].append(image_name)
    call_direct_env = os.environ.get('CC_CALLDIRECT')
    if call_direct_env:
        # call direct mode - bypass the api server and go straight to the crawler server
        parsed_args['calldirect'] = True
        CALL_VIA_API = False

    python_utils.LOGGER = python_utils.setup_logging()

    # set up the server urls
    if CALL_VIA_API:
        CF_API_SERVER, API_SERVER = python_utils.find_api_servers()
        if not API_SERVER:
            msg = "Cannot determine correct api server, unable to place queries"
            python_utils.LOGGER.error( msg )
            raise Exception( msg )
    else:
        CRAWLER_SERVER = os.environ.get('CRAWLER_SERVER')
        if not CRAWLER_SERVER:
            msg = "CRAWLER_SERVER is not set, unable to place queries"
            python_utils.LOGGER.error( msg )
            raise Exception( msg )
        VULN_BASE_URL=VULN_BASE_TEMPLATE % CRAWLER_SERVER
        COMP_BASE_URL=COMP_BASE_TEMPLATE % CRAWLER_SERVER

    # load creds
    BEARER_TOKEN, SPACE_GUID = python_utils.load_cf_auth_info()

    # see how much time we have left after completing init
    python_utils.WAIT_TIME = python_utils.get_remaining_wait_time(first = True)

    return parsed_args