-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge in display name backend changes (#1064)
* changes for local dev w/ npm * Cypress astra local (#1022) * Added Astra scans to e2e tests --------- Co-authored-by: ike thecoder <ikethecoder@copeconsulting.ca> Co-authored-by: Joshua Jones <joshua@general-metrics.com> Co-authored-by: Elson9 <Elson9@users.noreply.github.com> Co-authored-by: Russell Vinegar <38586679+rustyjux@users.noreply.github.com> Co-authored-by: Russell Vinegar <russell.vinegar@gov.bc.ca> * changes for local dev w/ npm * Move ns dropdown * save and load recently viewed gws * search namespaces * oops - remove local dev changes * fix UserData.userId property reference * fix ip * maintain focus, style, fix type errors * ns to gw in text * include current gw in recently viewed * add query to whitelist * remove current gw from recently viewed * edit display name - WIP, query and mutation inc * touch up ns search * style edit display name * add uma2 test and service * add displayName to mocks * show ns displayname on namespaces page * add new graphql for updating display name * add the enforcement on the list extension * integrate into frontend * upd unit tests * add graphql whitelist query * fix for no namespace on name * return displayName from currentNamespace query --------- Co-authored-by: Russell Vinegar <russell.vinegar@gov.bc.ca> Co-authored-by: nirajCITZ <94716060+nirajCITZ@users.noreply.github.com> Co-authored-by: ike thecoder <ikethecoder@copeconsulting.ca> Co-authored-by: Joshua Jones <joshua@general-metrics.com> Co-authored-by: Russell Vinegar <38586679+rustyjux@users.noreply.github.com>
- Loading branch information
1 parent
8ab4992
commit c6514c5
Showing
53 changed files
with
1,357 additions
and
416 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,127 @@ | ||
import os | ||
from datetime import datetime | ||
import json | ||
from pathlib import Path | ||
import requests | ||
from requests.auth import HTTPBasicAuth | ||
import sys | ||
|
||
ASTRA_SCAN_RESULTS = os.environ.get('ASTRA_SCAN_RESULTS') | ||
|
||
JIRA_EMAIL = os.environ.get('JIRA_EMAIL') | ||
JIRA_API_KEY = os.environ.get('JIRA_API_KEY') | ||
JIRA_API_URL = "https://dpdd.atlassian.net/rest/api/2" | ||
JIRA_AUTH = HTTPBasicAuth(JIRA_EMAIL, JIRA_API_KEY) | ||
HEADERS = { | ||
"Accept": "application/json", | ||
"Content-Type": "application/json" | ||
} | ||
|
||
IMPACT_LEVELS = ["Medium", "High"] | ||
|
||
date = datetime.now() | ||
date_str = date.strftime("%d %b %Y") | ||
scan_name = f'{date_str} - Astra Scan Results' | ||
|
||
def check_results(scan_result): | ||
""" | ||
Check if there are any significant vulnerabilities | ||
""" | ||
vulnerabilities = [vulnerability for sublist in scan_result for vulnerability in sublist] | ||
for vulnerability in vulnerabilities: | ||
if vulnerability["impact"] in IMPACT_LEVELS: | ||
print('Issues found!') | ||
return True | ||
|
||
return False | ||
|
||
def format_ticket(scan_results): | ||
""" | ||
Converts vulnerabilities into format that can be posted to Jira. | ||
""" | ||
description = 'See attached scan results for more details' | ||
for sublist in scan_results: | ||
for vulnerability in sublist: | ||
if vulnerability["impact"] in IMPACT_LEVELS: | ||
description += f'\n\n*Name: {vulnerability["name"]}*\n' | ||
description += f'Impact: {vulnerability["impact"]}\n' | ||
description += f'Description: {vulnerability["Description"]}\n' | ||
description += f'Remediation: {vulnerability["remediation"]}\n' | ||
description += f'URL: {vulnerability["url"]}\n' | ||
|
||
return {'summary': scan_name, 'description': description} | ||
|
||
def filter_vulnerabilities(scan_results): | ||
""" | ||
Filter vulnerabilities with medium and high severity to attach. | ||
""" | ||
filtered_vulnerabilities = [] | ||
|
||
for sublist in scan_results: | ||
for vulnerability in sublist: | ||
if vulnerability["impact"] in IMPACT_LEVELS: | ||
filtered_vulnerabilities.append(vulnerability) | ||
|
||
filtered_vulnerabilities_json = json.dumps(filtered_vulnerabilities, indent=4) | ||
filtered_vulnerabilities_bytes = filtered_vulnerabilities_json.encode() | ||
|
||
return filtered_vulnerabilities_bytes | ||
|
||
def post_request(ticket, scan_results_data): | ||
""" | ||
Post issue request to Jira. | ||
""" | ||
payload = json.dumps({ | ||
"fields": { | ||
"project": { | ||
"key": "APS" | ||
}, | ||
"summary": ticket['summary'], | ||
"description": ticket['description'], | ||
"issuetype": { | ||
"name": "Story" | ||
}, | ||
"customfield_10014": "APS-908", | ||
"priority": { | ||
"id": "10000" | ||
} | ||
} | ||
}) | ||
|
||
post_url = JIRA_API_URL + '/issue' | ||
|
||
response = requests.post(url=post_url, data=payload, | ||
headers=HEADERS, auth=JIRA_AUTH) | ||
|
||
print(response.text) | ||
|
||
if response.status_code != 201: | ||
print("Error occurred while creating Jira issue:", response.text) | ||
return | ||
|
||
# Attach scan results to the Jira issue | ||
issue_key = response.json().get('key') | ||
attach_url = f"{JIRA_API_URL}/issue/{issue_key}/attachments" | ||
headers = {"X-Atlassian-Token": "nocheck"} | ||
filename = scan_name + '.json' | ||
attach_response = requests.post(url=attach_url, files={'file': (filename, scan_results_data)}, headers=headers, auth=JIRA_AUTH) | ||
|
||
if attach_response.status_code == 200: | ||
print("Jira issue created and file attached successfully!") | ||
else: | ||
print("Error occurred while attaching file to Jira issue:", attach_response.text) | ||
|
||
def main(): | ||
with open(ASTRA_SCAN_RESULTS, "r") as file: | ||
scan_results = json.load(file) | ||
vulnerabilities = check_results(scan_results) | ||
|
||
if vulnerabilities: | ||
ticket_data = {} | ||
ticket_data = format_ticket(scan_results) | ||
filtered_vulnerabilities = filter_vulnerabilities(scan_results) | ||
post_request(ticket_data, filtered_vulnerabilities) | ||
sys.exit(1) | ||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
{ | ||
"items": [ | ||
] | ||
} |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.