def fortify_list(config, fortify_user, fortify_password, application):
fortify_config = FortifyConfig()
try:
if not fortify_user or not fortify_password:
Logger.console.info("No Fortify username or password provided. Checking fortify.ini for secret")
if fortify_config.secret:
Logger.console.info("Fortify secret found in fortify.ini")
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, token=fortify_config.secret)
else:
Logger.console.info("Fortify secret not found in fortify.ini")
fortify_user = click.prompt('Fortify user')
fortify_password = click.prompt('Fortify password', hide_input=True)
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
if application:
reauth = fortify_client.list_application_versions(application)
if reauth == -1 and fortify_config.secret:
Logger.console.info("Fortify secret invalid...reauthorizing")
fortify_user = click.prompt('Fortify user')
fortify_password = click.prompt('Fortify password', hide_input=True)
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
Logger.console.info("Attempting to rerun 'fortify list --application'")
fortify_client.list_application_versions(application)
else:
reauth = fortify_client.list_versions()
if reauth == -1 and fortify_config.secret:
Logger.console.info("Fortify secret invalid...reauthorizing")
fortify_user = click.prompt('Fortify user')
fortify_password = click.prompt('Fortify password', hide_input=True)
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
Logger.console.info("Attempting to rerun 'fortify list'")
fortify_client.list_versions()
else:
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url, fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
if application:
fortify_client.list_application_versions(application)
else:
fortify_client.list_versions()
except:
Logger.console.critical("Unable to complete command 'fortify list'")
def __init__(self, agent_json):
self.pid = os.getpid()
self.fqdn = socket.getfqdn()
data = self.__read_json__(agent_json)
try:
self.payload = self.__formatted_elk_payload__(scan=data['fortify_build_id'], host=self.fqdn,
version=__version__,
notifiers=data['git_emails'], git_url=data['git_url'],
fortify_url=data['fortify_pv_url'])
self.payload['start'] = datetime.now().isoformat()
self.fortify_config = FortifyConfig()
self.check_count = 0
self.timeout = 15
except (KeyError, AttributeError, UnboundLocalError) as e:
self.log("Agent was either misconfigured or unable to initialize {0}\n".format(e))
def upload(config, fortify_user, fortify_password, application, version,
scan_name):
fortify_config = FortifyConfig()
# Fortify only accepts fpr scan files
x = 'fpr'
if application:
fortify_config.application_name = application
if not scan_name:
scan_name = version
try:
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for secret"
)
if fortify_config.secret:
Logger.console.info("Fortify secret found in fortify.ini")
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
token=fortify_config.secret,
scan_name=version,
extension=x)
else:
Logger.console.info("Fortify secret not found in fortify.ini")
fortify_user = click.prompt('Fortify user')
fortify_password = click.prompt('Fortify password',
hide_input=True)
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version,
extension=x)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
else:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version,
extension=x)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
reauth = fortify_client.upload_scan(file_name=scan_name)
if reauth == -2:
# The given application doesn't exist
Logger.console.critical(
"Fortify Application {} does not exist. Unable to upload scan."
.format(application))
if reauth == -1 and fortify_config.secret:
Logger.console.info("Fortify secret invalid...reauthorizing")
fortify_user = click.prompt('Fortify user')
fortify_password = click.prompt('Fortify password',
hide_input=True)
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version,
extension=x)
fortify_config.write_secret(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
Logger.console.info("Attempting to re-run 'fortify upload'")
app_error = fortify_client.upload_scan(file_name=scan_name)
if app_error == -2:
# The given application doesn't exist
Logger.console.critical(
"Fortify Application {} does not exist. Unable to upload scan."
.format(application))
except:
Logger.console.critical("Unable to complete command 'fortify upload'")
def fortify_scan(config, fortify_user, fortify_password, application, version,
build_id):
fortify_config = FortifyConfig()
if application:
fortify_config.application_name = application
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for secret"
)
if fortify_config.token or fortify_config.has_auth_creds():
Logger.console.info("Fortify secret found in fortify.ini")
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
token=fortify_config.token,
scan_name=version,
fortify_username=fortify_config.username,
fortify_password=fortify_config.password)
fortify_config.write_token(fortify_client.token)
else:
Logger.console.info("Fortify secret not found in fortify.ini")
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version)
fortify_config.write_token(fortify_client.token)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify secret written to fortify.ini")
pv_url = fortify_client.build_pv_url()
if pv_url == -1:
Logger.console.info("Fortify secret invalid...reauthorizing")
if fortify_config.has_auth_creds():
fortify_user = fortify_config.username
fortify_password = fortify_config.password
else:
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
fortify_config.write_token(fortify_client.token)
Logger.console.info("Fortify secret written to fortify.ini")
Logger.console.info("Attempting to rerun 'fortify scan'")
pv_url = fortify_client.build_pv_url()
if pv_url and pv_url != -1:
write_agent_info('fortify_pv_url', pv_url)
write_agent_info('fortify_build_id', build_id)
else:
Logger.console.critical(
"Unable to complete command 'fortify scan'")
else:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version)
fortify_config.write_token(fortify_client.token)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify secret written to fortify.ini")
pv_url = fortify_client.build_pv_url()
if pv_url and pv_url != -1:
write_agent_info('fortify_pv_url', pv_url)
write_agent_info('fortify_build_id', build_id)
else:
Logger.console.critical(
"Unable to complete command 'fortify scan'")
def fortify_list(config, fortify_user, fortify_password, application):
fortify_config = FortifyConfig()
try:
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for secret"
)
if fortify_config.token or fortify_config.has_auth_creds():
Logger.console.info("Fortify secret found in fortify.ini")
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
token=fortify_config.token,
fortify_username=fortify_config.username,
fortify_password=fortify_config.password)
fortify_config.write_token(fortify_client.token)
else:
Logger.console.info("Fortify secret not found in fortify.ini")
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_token(fortify_client.token)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify secret written to fortify.ini")
if application:
reauth = fortify_client.list_application_versions(application)
if reauth == -1 and fortify_config.token:
Logger.console.info(
"Fortify secret invalid...reauthorizing")
if fortify_config.has_auth_creds():
fortify_user = fortify_config.username
fortify_password = fortify_config.password
else:
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
fortify_config.write_token(fortify_client.token)
Logger.console.info(
"Fortify secret written to fortify.ini")
Logger.console.info(
"Attempting to rerun 'fortify list --application'")
fortify_client.list_application_versions(application)
else:
reauth = fortify_client.list_versions()
if reauth == -1 and fortify_config.token:
Logger.console.info(
"Fortify secret invalid...reauthorizing")
if fortify_config.has_auth_creds():
fortify_user = fortify_config.username
fortify_password = fortify_config.password
else:
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
fortify_config.write_token(fortify_client.token)
Logger.console.info(
"Fortify secret written to fortify.ini")
Logger.console.info("Attempting to rerun 'fortify list'")
fortify_client.list_versions()
else:
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_token(fortify_client.token)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify secret written to fortify.ini")
if application:
fortify_client.list_application_versions(application)
else:
fortify_client.list_versions()
except (AttributeError, UnboundLocalError) as e:
Logger.console.critical("Unable to complete command 'fortify list'")
def credentials(config, fortify, webinspect, clear, username, password):
if fortify:
fortify_config = FortifyConfig()
if clear:
fortify_config.clear_credentials()
else:
if username and password:
try:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=username,
fortify_password=password)
fortify_config.write_username(username)
fortify_config.write_password(password)
sys.stdout.write(str("Credentials stored successfully\n"))
except ValueError as e:
sys.stdout.write(
str("Unable to validate Fortify credentials. Credentials were not stored\n"
))
else:
username, password = fortify_prompt()
try:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=username,
fortify_password=password)
fortify_config.write_username(username)
fortify_config.write_password(password)
sys.stdout.write(str("Credentials stored successfully\n"))
except ValueError as e:
sys.stdout.write(
str("Unable to validate Fortify credentials. Credentials were not stored\n"
))
elif webinspect:
if clear:
sys.stdout.write(
str("There are currently no stored credentials for WebInspect\n"
))
else:
sys.stdout.write(
str("There are currently no stored credentials for WebInspect\n"
))
else:
sys.stdout.write(
str("Please specify either the --fortify or --webinspect flag\n"))
def fortify_scan(config, fortify_user, fortify_password, application, version,
build_id):
fortify_config = FortifyConfig()
if application:
fortify_config.application_name = application
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for secret"
)
if fortify_config.has_auth_creds():
Logger.console.info("Fortify credentials found in fortify.ini")
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
scan_name=version,
fortify_username=fortify_config.username,
fortify_password=fortify_config.password)
else:
Logger.console.info("Fortify credentials not found in fortify.ini")
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
pv_url = fortify_client.build_pv_url()
if pv_url and pv_url != -1:
write_agent_info('fortify_pv_url', pv_url)
write_agent_info('fortify_build_id', build_id)
else:
Logger.console.critical(
"Unable to complete command 'fortify scan'")
else:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
pv_url = fortify_client.build_pv_url()
if pv_url and pv_url != -1:
write_agent_info('fortify_pv_url', pv_url)
write_agent_info('fortify_build_id', build_id)
else:
Logger.console.critical(
"Unable to complete command 'fortify scan'")
def upload(config, fortify_user, fortify_password, application, version,
scan_name):
fortify_config = FortifyConfig()
# Fortify only accepts fpr scan files
x = 'fpr'
if application:
fortify_config.application_name = application
if not scan_name:
scan_name = version
try:
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for secret"
)
if fortify_config.has_auth_creds():
Logger.console.info("Fortify credentials found in fortify.ini")
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
scan_name=version,
extension=x,
fortify_username=fortify_config.username,
fortify_password=fortify_config.password)
else:
Logger.console.info(
"Fortify credentials not found in fortify.ini")
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version,
extension=x)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
else:
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
project_template=fortify_config.project_template,
application_name=fortify_config.application_name,
fortify_username=fortify_user,
fortify_password=fortify_password,
scan_name=version,
extension=x)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
reauth = fortify_client.upload_scan(file_name=scan_name)
if reauth == -2:
# The given application doesn't exist
Logger.console.critical(
"Fortify Application {} does not exist. Unable to upload scan."
.format(application))
except:
Logger.console.critical("Unable to complete command 'fortify upload'")
def fortify_list(config, fortify_user, fortify_password, application):
fortify_config = FortifyConfig()
try:
if not fortify_user or not fortify_password:
Logger.console.info(
"No Fortify username or password provided. Checking fortify.ini for credentials"
)
if fortify_config.has_auth_creds():
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=fortify_config.username,
fortify_password=fortify_config.password)
else:
Logger.console.info("Fortify credentials not found")
fortify_user, fortify_password = fortify_prompt()
fortify_client = FortifyClient(
fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
if application:
fortify_client.list_application_versions(application)
else:
fortify_client.list_versions()
else:
fortify_client = FortifyClient(fortify_url=fortify_config.ssc_url,
fortify_username=fortify_user,
fortify_password=fortify_password)
fortify_config.write_username(fortify_user)
fortify_config.write_password(fortify_password)
Logger.console.info("Fortify credentials stored")
if application:
fortify_client.list_application_versions(application)
else:
fortify_client.list_versions()
except (AttributeError, UnboundLocalError) as e:
Logger.console.critical("Unable to complete command 'fortify list'")