def test_add_or_update_a_comment_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) result = scan_api.add_or_update_a_comment_by_scan_id(scan_id, "updated scan") assert result is True
def test_get_sast_scan_details_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id) scan = scan_api.get_sast_scan_details_by_scan_id(scan_id) assert scan is not None
def test_get_scan_results_for_a_specific_query_group_by_best_fix_location(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) query_version_code = 56110529 response = scan_api.get_scan_results_for_a_specific_query_group_by_best_fix_location(scan_id, query_version_code) pass
def test_get_scan_results_of_a_specific_query(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) query_version_code = 56089346 response = scan_api.get_scan_results_of_a_specific_query(scan_id, query_version_code) pass
def test_assign_ticket_to_scan_results(): scan_api = ScansAPI() results_id = "1000004-5" ticket_id = "10060" is_successful = scan_api.assign_ticket_to_scan_results(results_id, ticket_id) assert is_successful is True
def test_get_parsed_files_metrics_of_a_scan(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) parsed_files = scan_api.get_parsed_files_metrics_of_a_scan(scan_id=scan_id) assert parsed_files is not None
def test_get_basic_metrics_of_a_scan(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) statistics = scan_api.get_basic_metrics_of_a_scan(scan_id=scan_id) assert statistics is not None
def test_create_new_scan(): project_id = get_project_id() scan_api = ScansAPI() scan = scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, comment="scan from REST API") time.sleep(300) assert scan is not None
def test_update_queued_scan_status_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan = scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, comment="scan from REST API") time.sleep(5) result = scan_api.update_queued_scan_status_by_scan_id(scan_id=scan.id) assert result is True
def test_get_succeeded_general_queries_metrics_of_a_scan(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) succeeded_general_queries = scan_api.get_succeeded_general_queries_metrics_of_a_scan( scan_id=scan_id) assert succeeded_general_queries is not None
def test_define_sast_scan_scheduling_settings(): project_id = get_project_id() scan_api = ScansAPI() schedule_type = "weekly" schedule_days = ["Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday"] schedule_time = "23:59" result = scan_api.define_sast_scan_scheduling_settings(project_id, schedule_type, schedule_days, schedule_time) assert result is True
def test_get_all_scan_details_in_queue(): project_id = get_project_id() scan_api = ScansAPI() scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, comment="scan from REST API") time.sleep(4) all_scan_details_in_queue = scan_api.get_all_scan_details_in_queue() assert all_scan_details_in_queue is not None
def test_get_scan_logs(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) logs = scan_api.get_scan_logs(scan_id=scan_id) assert logs is not None
def test_get_scan_result_labels_fields(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) fields = scan_api.get_scan_result_labels_fields(scan_id=scan_id, result_id=1) assert fields is not None
def test_get_short_vulnerability_description_for_a_scan_result(): """ This test may raise error: NotFoundError(http_code=404, msg="Result path Id 1 does not exist for scan with Id 1000020") """ path_id = 1 project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) short_description = scan_api.get_short_vulnerability_description_for_a_scan_result(scan_id=scan_id, path_id=path_id) assert short_description is not None
def test_update_scan_result_labels_fields(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) is_successful = scan_api.update_scan_result_labels_fields(scan_id=scan_id, result_id=1, state=1, severity=None, user_assignment=None, comment=None) assert is_successful is True
def test_create_new_scan_with_settings(): project_id = get_project_id() projects_api = ProjectsAPI() scan_api = ScansAPI() preset_id = projects_api.get_preset_id_by_name("All") scan = scan_api.create_new_scan_with_settings( project_id=project_id, preset_id=preset_id, zipped_source_file_path="JavaVulnerableLab-master.zip", custom_fields={"some1": "baby2"}, api_version="1.2") assert scan is not None
def test_update_sast_scan_settings(): project_id = get_project_id() scan_api = ScansAPI() project_api = ProjectsAPI() preset_id = project_api.get_preset_id_by_name("Checkmarx Default") engine_configuration_id = 1 post_scan_action_id = None failed_scan_emails = ["*****@*****.**"] before_scan_emails = ["*****@*****.**"] after_scan_emails = ["*****@*****.**"] scan_settings = scan_api.update_sast_scan_settings(project_id, preset_id, engine_configuration_id, post_scan_action_id, failed_scan_emails, before_scan_emails, after_scan_emails) assert scan_settings is not None
def generate_report(project_name, scan_id, result_state_list, report_type, reports_folder): """ Args: project_name (str): scan_id (int): result_state_list (list of str): ["To Verify", "Not Exploitable", "Confirmed", "Urgent", "Proposed Not Exploitable"] report_type (str): ('XML', 'PDF') reports_folder (str): Returns: """ scan_api = ScansAPI() if not exists(normpath(reports_folder)): print("The folder to store the Checkmarx scan reports does not exist") return if not scan_id: print( "No scan found for this project, team full name: {}, project name: {}" .format(team, project)) return # register scan report report = create_scan_report( scan_id=scan_id, report_type=report_type, results_per_vulnerability_maximum=500, results_state_all=False, results_state_ids=get_result_state_id_list(result_state_list)) report_id = report["ID"] # get report status by id while not scan_api.is_report_generation_finished(report_id): time.sleep(10) # get report by id report_content = scan_api.get_report_by_id(report_id) # write report content into a file time_stamp = datetime.now().strftime('_%Y_%m_%d_%H_%M_%S') name = project_name + time_stamp + "." + report_type file_name = normpath(join(reports_folder, name)) with open(str(file_name), "wb") as f_out: f_out.write(report_content)
def test_sample(): team_api = TeamAPI() projects_api = ProjectsAPI() scan_api = ScansAPI() team_id = team_api.get_team_id_by_team_full_name() projects = projects_api.get_all_project_details(project_name="jvl_git", team_id=team_id) for project in projects: scans = scan_api.get_all_scans_for_project( project_id=project.project_id, scan_status='Finished') for scan in scans: print(str(scan.id))
def get_last_scan_id_of_a_project(team_full_name, project_name): """ Args: team_full_name (str): project_name (str): Returns: scan_id (int) """ projects_api = ProjectsAPI() scan_api = ScansAPI() project_id = projects_api.get_project_id_by_project_name_and_team_full_name( project_name=project_name, team_full_name=team_full_name) return scan_api.get_last_scan_id_of_a_project(project_id=project_id, only_finished_scans=True)
def test_create_new_scan(): project_id = get_project_id() scan_api = ScansAPI() # scan = scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, # comment="scan from REST API") # time.sleep(30) scan = scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, custom_fields={ "key1": "value1", "key2": "value2" }, comment="scan from Python SDK", api_version="1.2") assert scan is not None
def test_get_scan_queue_details_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan_api.create_new_scan(project_id, is_incremental=False, is_public=True, force_scan=True, comment="scan from REST API") time.sleep(5) scan_id = scan_api.get_last_scan_id_of_a_project(project_id) scan_queue_details = scan_api.get_scan_queue_details_by_scan_id(scan_id) assert scan_queue_details is not None
def test_register_scan_report(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) report_type = "XML" scan_report = scan_api.register_scan_report(scan_id, report_type) assert scan_report is not None report_id = scan_report.report_id report_status = scan_api.get_report_status_by_id(report_id) assert report_status is not None time.sleep(30) report_content = scan_api.get_report_by_id(report_id) assert report_content is not None
def scan_from_local(): team_full_name = "/CxServer" project_name = "jvl_local" directory = os.path.dirname(__file__) # the absolute path of the file config.ini zip_file_path = normpath(join(directory, "JavaVulnerableLab-master.zip")) if not exists(zip_file_path): print( "JavaVulnerableLab-master.zip not found under current directory.") report_name = "local_report.xml" filter_xml = True team_api = TeamAPI() projects_api = ProjectsAPI() scan_api = ScansAPI() projects_api.delete_project_if_exists_by_project_name_and_team_full_name( project_name, team_full_name) # 2. get team id print("2. get team id") team_id = team_api.get_team_id_by_team_full_name(team_full_name) # 3. create project with default configuration, will get project id print("3. create project with default configuration, will get project id") project = projects_api.create_project_with_default_configuration( project_name=project_name, team_id=team_id) project_id = project.id # 4. upload source code zip file print("4. upload source code zip file") projects_api.upload_source_code_zip_file(project_id, str(zip_file_path)) # 6. set data retention settings by project id print("6. set data retention settings by project id") projects_api.set_data_retention_settings_by_project_id( project_id=project_id, scans_to_keep=3) # 7. define SAST scan settings print("7. define SAST scan settings") preset_id = projects_api.get_preset_id_by_name() scan_api.define_sast_scan_settings(project_id=project_id, preset_id=preset_id) # 8. create new scan, will get a scan id print("8. create new scan, will get a scan id") scan = scan_api.create_new_scan(project_id=project_id) scan_id = scan.id print("scan_id: {}".format(scan_id)) # 9. get scan details by scan id print("9. get scan details by scan id") while True: scan_detail = scan_api.get_sast_scan_details_by_scan_id( scan_id=scan_id) scan_status = scan_detail.status.name if scan_status == "Finished": break elif scan_status == "Failed": return time.sleep(1) # 11[optional]. get statistics results by scan id print("11[optional]. get statistics results by scan id") statistics = scan_api.get_statistics_results_by_scan_id(scan_id=scan_id) if statistics: print(statistics) # 12. register scan report print("12. register scan report") report = scan_api.register_scan_report(scan_id=scan_id, report_type="XML") report_id = report.report_id print("report_id: {}".format(report_id)) # 13. get report status by id print("13. get report status by id") while not scan_api.is_report_generation_finished(report_id): time.sleep(1) # 14. get report by id print("14. get report by id") report_content = scan_api.get_report_by_id(report_id) # # optional, filter XML report data # file_name = Path(__file__).parent.absolute() / "filter_by_severity.xml" # if "xml" in report_name and filter_xml: # f = io.BytesIO(report_content) # xml_report = CxScanReportXmlContent(f) # xml_report.filter_by_severity(high=True, medium=True) # xml_report.write_new_xml(str(file_name)) report_path = normpath(join(directory, report_name)) with open(str(report_path), "wb") as f: f.write(report_content)
def scan_from_git(): team_full_name = "/CxServer" project_name = "jvl_git" report_name = "report.pdf" file_name = normpath(join(dirname(__file__), report_name)) print(file_name) url = "https://github.com/CSPF-Founder/JavaVulnerableLab.git" branch = "refs/heads/master" projects_api = ProjectsAPI() team_api = TeamAPI() scan_api = ScansAPI() projects_api.delete_project_if_exists_by_project_name_and_team_full_name( project_name, team_full_name) # 2. get team id print("2. get team id") team_id = team_api.get_team_id_by_team_full_name(team_full_name) # 3. create project with default configuration, will get project id print("3. create project with default configuration, will get project id") project = projects_api.create_project_with_default_configuration( project_name=project_name, team_id=team_id) project_id = project.id # 4. set remote source setting to git print("4. set remote source setting to git") projects_api.set_remote_source_setting_to_git(project_id=project_id, url=url, branch=branch) # 6. set data retention settings by project id print("6. set data retention settings by project id") projects_api.set_data_retention_settings_by_project_id( project_id=project_id, scans_to_keep=3) # 7. define SAST scan settings print("7. define SAST scan settings") preset_id = projects_api.get_preset_id_by_name() scan_api.define_sast_scan_settings(project_id=project_id, preset_id=preset_id) projects_api.set_project_exclude_settings_by_project_id( project_id, exclude_folders_pattern="", exclude_files_pattern="") # 8. create new scan, will get a scan id print("8. create new scan, will get a scan id") scan = scan_api.create_new_scan(project_id=project_id) scan_id = scan.id print("scan_id : {}".format(scan_id)) # 9. get scan details by scan id print("9. get scan details by scan id") while True: scan_detail = scan_api.get_sast_scan_details_by_scan_id( scan_id=scan_id) scan_status = scan_detail.status.name if scan_status == "Finished": break elif scan_status == "Failed": return time.sleep(10) # 11[optional]. get statistics results by scan id print("11[optional]. get statistics results by scan id") statistics = scan_api.get_statistics_results_by_scan_id(scan_id=scan_id) if statistics: print(statistics) # 12. register scan report print("12. register scan report") report = scan_api.register_scan_report(scan_id=scan_id, report_type="PDF") report_id = report.report_id print("report_id : {}".format(report_id)) # 13. get report status by id print("13. get report status by id") while not scan_api.is_report_generation_finished(report_id): time.sleep(10) # 14. get report by id print("14. get report by id") report_content = scan_api.get_report_by_id(report_id) with open(str(file_name), "wb") as f_out: f_out.write(report_content)
def scan_from_local(team_full_name, project_name, report_type, zip_file_path, report_folder=None): """ Args: team_full_name (str): project_name (str): report_type (str): zip_file_path (str) report_folder (str): Returns: """ if not report_folder or not exists(report_folder): report_folder = dirname(__file__) if not exists(zip_file_path): print("zip file not found. \n abort scan.") return print( ("team_full_name: {}, \n" "project_name: {}, \n" "report_type: {}, \n" "zip_file_path: {}, \n" "report_folder: {}").format(team_full_name, project_name, report_type, zip_file_path, report_folder)) team_api = TeamAPI() projects_api = ProjectsAPI() scan_api = ScansAPI() # 2. get team id print("2. get team id") team_id = team_api.get_team_id_by_team_full_name(team_full_name) if not team_id: print("team: {} not exist".format(team_full_name)) return project_id = projects_api.get_project_id_by_project_name_and_team_full_name( project_name=project_name, team_full_name=team_full_name) # 3. create project with default configuration, will get project id print("3. create project with default configuration, will get project id") if not project_id: project = projects_api.create_project_with_default_configuration( project_name=project_name, team_id=team_id) project_id = project.id print("project_id: {}".format(project_id)) # 4. upload source code zip file print("4. upload source code zip file") projects_api.upload_source_code_zip_file(project_id, str(zip_file_path)) # 6. set data retention settings by project id print("6. set data retention settings by project id") projects_api.set_data_retention_settings_by_project_id( project_id=project_id, scans_to_keep=3) # 7. define SAST scan settings print("7. define SAST scan settings") preset_id = projects_api.get_preset_id_by_name() print("preset id: {}".format(preset_id)) scan_api.define_sast_scan_settings(project_id=project_id, preset_id=preset_id) projects_api.set_project_exclude_settings_by_project_id( project_id, exclude_folders_pattern="", exclude_files_pattern="") # 8. create new scan, will get a scan id print("8. create new scan, will get a scan id") scan = scan_api.create_new_scan(project_id=project_id) scan_id = scan.id print("scan_id : {}".format(scan_id)) # 9. get scan details by scan id print("9. get scan details by scan id") while True: scan_detail = scan_api.get_sast_scan_details_by_scan_id( scan_id=scan_id) scan_status = scan_detail.status.name print("scan_status: {}".format(scan_status)) if scan_status == "Finished": break elif scan_status == "Failed": return time.sleep(10) # 11[optional]. get statistics results by scan id print("11[optional]. get statistics results by scan id") statistics = scan_api.get_statistics_results_by_scan_id(scan_id=scan_id) if statistics: print(statistics) # 12. register scan report print("12. register scan report") report = scan_api.register_scan_report(scan_id=scan_id, report_type=report_type) report_id = report.report_id print("report_id : {}".format(report_id)) # 13. get report status by id print("13. get report status by id") while not scan_api.is_report_generation_finished(report_id): time.sleep(10) # 14. get report by id print("14. get report by id") report_content = scan_api.get_report_by_id(report_id) time_stamp = datetime.now().strftime('_%Y_%m_%d_%H_%M_%S') file_name = normpath( join(report_folder, project_name + time_stamp + "." + report_type)) with open(str(file_name), "wb") as f_out: f_out.write(report_content)
def test_get_statistics_results_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) statistics = scan_api.get_statistics_results_by_scan_id(scan_id) assert statistics is not None
def test_delete_scan_by_scan_id(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id, only_finished_scans=True) result = scan_api.delete_scan_by_scan_id(scan_id) assert result is True
def test_get_last_scan_id_of_a_project(): project_id = get_project_id() scan_api = ScansAPI() scan_id = scan_api.get_last_scan_id_of_a_project(project_id) assert scan_id is not None