def upload_large_file(*, upload_api: UploadAPI, artifact: Path) -> bool:
"""
https://help.veracode.com/reader/LMv_dtSHyb7iIxAQznC~9w/lzZ1eON0Bkr8iYjNVD9tqw
This API call will create a new SAST build for an existing app if one does
not already exist. However, it prefers to manage the build versions so it
can be mapped to code across separate systems
"""
filename = artifact.name
endpoint = "uploadlargefile.do"
params = {"app_id": upload_api.app_id, "filename": filename}
headers = {"Content-Type": "binary/octet-stream"}
# If a sandbox_id is specified, add it to the params
if isinstance(upload_api.sandbox_id, str):
params["sandbox_id"] = upload_api.sandbox_id
try:
with open(artifact, "rb") as f:
data = f.read()
upload_api.http_post(
endpoint=endpoint,
data=data,
params=params,
headers=headers,
)
return True
except:
LOG.error(
"Error encountered when attempting to upload %s to the Veracode Upload API",
filename,
)
raise
def begin_prescan(*, upload_api: UploadAPI) -> bool:
"""
https://help.veracode.com/reader/LMv_dtSHyb7iIxAQznC~9w/PX5ReM5acqjM~IOVEg2~rA
"""
endpoint = "beginprescan.do"
params = {
"app_id": upload_api.app_id,
"scan_all_nonfatal_top_level_modules":
upload_api.scan_all_nonfatal_top_level_modules,
"auto_scan": upload_api.auto_scan,
}
# If a sandbox_id is specified, add it to the params
if isinstance(upload_api.sandbox_id, str):
params["sandbox_id"] = upload_api.sandbox_id
try:
response = upload_api.http_post(endpoint=endpoint, params=params)
if element_contains_error(parsed_xml=response):
LOG.error("Veracode returned an error when attempting to call %s",
endpoint)
return False
return True
except (
HTTPError,
ConnectionError,
Timeout,
TooManyRedirects,
RequestException,
):
LOG.error("Exception encountered when calling the Veracode API")
return False
def create_build(*, upload_api: UploadAPI) -> bool:
"""
https://help.veracode.com/reader/LMv_dtSHyb7iIxAQznC~9w/vhuQ5lMdxRNQWUK1br1mDg
"""
try:
endpoint = "createbuild.do"
params = {"app_id": upload_api.app_id, "version": upload_api.build_id}
# If a sandbox_id is specified, add it to the params
if isinstance(upload_api.sandbox_id, str):
params["sandbox_id"] = upload_api.sandbox_id
# Create the build
response = upload_api.http_post(endpoint=endpoint, params=params)
if element_contains_error(parsed_xml=response):
LOG.error("Veracode returned an error when attempting to call %s",
endpoint)
return False
return True
except (
HTTPError,
ConnectionError,
Timeout,
TooManyRedirects,
RequestException,
):
LOG.error("Exception encountered when calling the Veracode API")
return False
def test_upload_api_http_post(self, mock_http_request):
"""
Test the UploadAPI http_post method
"""
with patch("veracode.api.get_app_id",
return_value=constants.VALID_UPLOAD_API["app_id"]):
upload_api = UploadAPI(
app_name=constants.VALID_UPLOAD_API["app_name"])
# Fail when attempting to call the http_post method with invalid
# arguments
self.assertRaises(KeyError,
upload_api.http_post,
endpoint="createuser.do")
# Succeed when calling the http_post method with valid arguments
mock_http_request.return_value = (
constants.VALID_UPLOAD_API_UPLOADLARGEFILE_RESPONSE_XML["Element"])
self.assertIsInstance(
upload_api.http_post(endpoint="uploadlargefile.do"),
InsecureElementTree.Element,
)
# Fail when attempting to delete the http_post method, because the
# deleter is intentionally missing
self.assertRaises(AttributeError, delattr, upload_api, "http_post")