示例#1
0
def fortify_scan(config, fortify_user, fortify_password, application, version,
                 build_id):
    fortify_config = FortifyConfig()
    if application:
        fortify_config.application_name = application

    if not fortify_user or not fortify_password:
        Logger.console.info(
            "No Fortify username or password provided. Checking fortify.ini for secret"
        )
        if fortify_config.has_auth_creds():
            Logger.console.info("Fortify credentials found in fortify.ini")
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                scan_name=version,
                fortify_username=fortify_config.username,
                fortify_password=fortify_config.password)
        else:
            Logger.console.info("Fortify credentials not found in fortify.ini")
            fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify credentials stored")

        pv_url = fortify_client.build_pv_url()

        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")

    else:
        fortify_client = FortifyClient(
            fortify_url=fortify_config.ssc_url,
            project_template=fortify_config.project_template,
            application_name=fortify_config.application_name,
            fortify_username=fortify_user,
            fortify_password=fortify_password,
            scan_name=version)
        fortify_config.write_username(fortify_user)
        fortify_config.write_password(fortify_password)
        Logger.console.info("Fortify credentials stored")
        pv_url = fortify_client.build_pv_url()
        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")
示例#2
0
def upload(config, fortify_user, fortify_password, application, version,
           scan_name):
    fortify_config = FortifyConfig()
    # Fortify only accepts fpr scan files
    x = 'fpr'
    if application:
        fortify_config.application_name = application
    if not scan_name:
        scan_name = version
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for secret"
            )
            if fortify_config.secret:
                Logger.console.info("Fortify secret found in fortify.ini")
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    token=fortify_config.secret,
                    scan_name=version,
                    extension=x)
            else:
                Logger.console.info("Fortify secret not found in fortify.ini")
                fortify_user = click.prompt('Fortify user')
                fortify_password = click.prompt('Fortify password',
                                                hide_input=True)
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password,
                    scan_name=version,
                    extension=x)
                fortify_config.write_secret(fortify_client.token)
                Logger.console.info("Fortify secret written to fortify.ini")
        else:
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_secret(fortify_client.token)
            Logger.console.info("Fortify secret written to fortify.ini")

        reauth = fortify_client.upload_scan(file_name=scan_name)

        if reauth == -2:
            # The given application doesn't exist
            Logger.console.critical(
                "Fortify Application {} does not exist. Unable to upload scan."
                .format(application))

        if reauth == -1 and fortify_config.secret:
            Logger.console.info("Fortify secret invalid...reauthorizing")
            fortify_user = click.prompt('Fortify user')
            fortify_password = click.prompt('Fortify password',
                                            hide_input=True)
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_secret(fortify_client.token)

            Logger.console.info("Fortify secret written to fortify.ini")
            Logger.console.info("Attempting to re-run 'fortify upload'")
            app_error = fortify_client.upload_scan(file_name=scan_name)

            if app_error == -2:
                # The given application doesn't exist
                Logger.console.critical(
                    "Fortify Application {} does not exist. Unable to upload scan."
                    .format(application))
    except:
        Logger.console.critical("Unable to complete command 'fortify upload'")
示例#3
0
def fortify_scan(config, fortify_user, fortify_password, application, version,
                 build_id):
    fortify_config = FortifyConfig()
    if application:
        fortify_config.application_name = application

    if not fortify_user or not fortify_password:
        Logger.console.info(
            "No Fortify username or password provided. Checking fortify.ini for secret"
        )
        if fortify_config.token or fortify_config.has_auth_creds():
            Logger.console.info("Fortify secret found in fortify.ini")
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                token=fortify_config.token,
                scan_name=version,
                fortify_username=fortify_config.username,
                fortify_password=fortify_config.password)
            fortify_config.write_token(fortify_client.token)
        else:
            Logger.console.info("Fortify secret not found in fortify.ini")
            fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_token(fortify_client.token)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify secret written to fortify.ini")

        pv_url = fortify_client.build_pv_url()

        if pv_url == -1:
            Logger.console.info("Fortify secret invalid...reauthorizing")
            if fortify_config.has_auth_creds():
                fortify_user = fortify_config.username
                fortify_password = fortify_config.password
            else:
                fortify_user, fortify_password = fortify_prompt()
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            fortify_config.write_token(fortify_client.token)
            Logger.console.info("Fortify secret written to fortify.ini")
            Logger.console.info("Attempting to rerun 'fortify scan'")
            pv_url = fortify_client.build_pv_url()

        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")

    else:
        fortify_client = FortifyClient(
            fortify_url=fortify_config.ssc_url,
            project_template=fortify_config.project_template,
            application_name=fortify_config.application_name,
            fortify_username=fortify_user,
            fortify_password=fortify_password,
            scan_name=version)
        fortify_config.write_token(fortify_client.token)
        fortify_config.write_username(fortify_user)
        fortify_config.write_password(fortify_password)
        Logger.console.info("Fortify secret written to fortify.ini")
        pv_url = fortify_client.build_pv_url()
        if pv_url and pv_url != -1:
            write_agent_info('fortify_pv_url', pv_url)
            write_agent_info('fortify_build_id', build_id)
        else:
            Logger.console.critical(
                "Unable to complete command 'fortify scan'")
示例#4
0
def upload(config, fortify_user, fortify_password, application, version,
           scan_name):
    fortify_config = FortifyConfig()
    # Fortify only accepts fpr scan files
    x = 'fpr'
    if application:
        fortify_config.application_name = application
    if not scan_name:
        scan_name = version
    try:
        if not fortify_user or not fortify_password:
            Logger.console.info(
                "No Fortify username or password provided. Checking fortify.ini for secret"
            )
            if fortify_config.has_auth_creds():
                Logger.console.info("Fortify credentials found in fortify.ini")
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    scan_name=version,
                    extension=x,
                    fortify_username=fortify_config.username,
                    fortify_password=fortify_config.password)
            else:
                Logger.console.info(
                    "Fortify credentials not found in fortify.ini")
                fortify_user, fortify_password = fortify_prompt()
                fortify_client = FortifyClient(
                    fortify_url=fortify_config.ssc_url,
                    project_template=fortify_config.project_template,
                    application_name=fortify_config.application_name,
                    fortify_username=fortify_user,
                    fortify_password=fortify_password,
                    scan_name=version,
                    extension=x)
                fortify_config.write_username(fortify_user)
                fortify_config.write_password(fortify_password)
                Logger.console.info("Fortify credentials stored")
        else:
            fortify_client = FortifyClient(
                fortify_url=fortify_config.ssc_url,
                project_template=fortify_config.project_template,
                application_name=fortify_config.application_name,
                fortify_username=fortify_user,
                fortify_password=fortify_password,
                scan_name=version,
                extension=x)
            fortify_config.write_username(fortify_user)
            fortify_config.write_password(fortify_password)
            Logger.console.info("Fortify credentials stored")

        reauth = fortify_client.upload_scan(file_name=scan_name)

        if reauth == -2:
            # The given application doesn't exist
            Logger.console.critical(
                "Fortify Application {} does not exist. Unable to upload scan."
                .format(application))

    except:
        Logger.console.critical("Unable to complete command 'fortify upload'")