Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add issues api #2

Merged
merged 1 commit into from
Feb 20, 2023
Merged

add issues api #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,3 +94,45 @@ summary = xray_rest_client.summary
response = summary.get_artifact_summary(paths=["/Artifactory/pnnl/goss/goss-core-client/0.1.7/goss-core-client-0.1.7-sources.jar"])
print(response.json())
```

## Issues
### Create Issue Event
```python
from xray.common import PackageType
issues = xray_rest_client.issues
response = issues.create_issue_event(
issue_id='test-2023-0221',
summary='test-2023-0221',
description='test-2023-0221',
package_type=PackageType.MAVEN,
component_id='com.test:test',
vulnerable_versions=["[1.0.10.2,)"],
)
print(response.json())
```

### Update Issue Event
```python
from xray.common import PackageType
issues = xray_rest_client.issues
response = issues.update_issue_event(
issue_id='test-2023-0221',
summary='test-2023-0221',
description='test-2023-0221 update',
package_type=PackageType.MAVEN,
component_id='com.test:test',
vulnerable_versions=["[1.0.10.2,)"],
)
print(response.content)
```
### Get Issue Event
```python
issues = xray_rest_client.issues
# get issue event v1
# Note: This API is deprecated in Xray version 3.51.0
response = issues.get_issue_event_v1("test-2023-0221")
# get issue event v2
# Since: Xray 3.51.0
response = issues.get_issue_event_v2("test-2023-0221")
print(response.json())
```
5 changes: 5 additions & 0 deletions xray/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from xray.system import XraySystem
from xray.components import XrayComponents
from xray.summary import XraySummary
from xray.issues import XrayIssues


class XrayRestClient(object):
Expand All @@ -23,3 +24,7 @@ def components(self):
@property
def summary(self):
return XraySummary(base_url=self.base_url, session=self._session)

@property
def issues(self):
return XrayIssues(base_url=self.base_url, session=self._session)
24 changes: 24 additions & 0 deletions xray/common.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
class PackageType:
ALPINE = "alpine"
BOWER = "bower"
CHEF = "chef"
COCOAPODS = "cocoapods"
COMPOSER = "composer"
CONAN = "conan"
CRAN = "cran"
DEBIAN = "debian"
DOCKER = "docker"
GEMS = "gems"
GENERIC = "generic"
GO = "go"
GRADLE = "gradle"
HELM = "helm"
IVY = "ivy"
MAVEN = "maven"
NPM = "npm"
NUGET = "nuget"
PUPPET = "puppet"
PYPI = "pypi"
RPM = "rpm"
SBT = "sbt"
YUM = "yum"
155 changes: 155 additions & 0 deletions xray/issues.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
from xray.utils.http import RestApiAccessor


class XrayIssueType:
SECURITY = 'Security'
VERSIONS = 'Versions'
PERFORMANCE = 'Performance'
OTHER = 'Other'


class XrayIssueSeverity:
INFORMATION = 'Information'
LOW = 'Low'
MEDIUM = 'Medium'
HIGH = 'High'
CRITICAL = 'Critical'


class XrayIssues(RestApiAccessor):
"""
Xray REST API: ISSUES
See: https://www.jfrog.com/confluence/display/JFROG/Xray+REST+API#XrayRESTAPI-ISSUES
"""

def create_issue_event(self,
*,
issue_id,
package_type: str,
summary: str,
description: str,
component_id: str,
vulnerable_versions: list,
provider="Custom",
issue_type=XrayIssueType.SECURITY,
severity=XrayIssueSeverity.LOW,
cve_list=[]
):
"""
Allows adding a custom issue
:param issue_id:
:param summary:
:param description:
:param package_type:
:param component_id:
:param vulnerable_versions:
:param provider:
:param issue_type:
:param severity:
:param cve_list:
:return:
"""
url = self.base_url + "/api/v1/events"
json_data = {
"id": issue_id,
"type": issue_type,
"provider": provider,
"package_type": package_type,
"severity": severity,
"components": [
{
"id": component_id,
"vulnerable_versions": vulnerable_versions
}
],
"cves": cve_list,
"summary": summary,
"description": description
}
response = self.rest_post(
url,
json_data=json_data
)
return response

def update_issue_event(self,
*,
issue_id,
package_type: str,
summary: str,
description: str,
component_id: str,
vulnerable_versions: list,
provider="Custom",
issue_type=XrayIssueType.SECURITY,
severity=XrayIssueSeverity.LOW,
cve_list=[],
source_list=[],
):
"""
Allows an issue vendor to update an issue event
:param issue_id:
:param package_type:
:param summary:
:param description:
:param component_id:
:param vulnerable_versions:
:param provider:
:param issue_type:
:param severity:
:param cve_list:
:param source_list:
:return:
"""
assert len(issue_id) > 0
url = self.base_url + "/api/v1/events/" + issue_id
json_data = {
"id": issue_id,
"package_type": package_type,
"type": issue_type,
"provider": provider,
"summary": summary,
"description": description,
"severity": severity,
"components": [
{
"id": component_id,
"vulnerable_versions": vulnerable_versions
}
],
"cves": cve_list,
"sources": source_list,
}
response = self.rest_put(
url,
json_data=json_data
)
return response

def get_issue_event_v1(self, issue_id: str):
"""
Gets an issue created by a vendor
Note: This API is deprecated in Xray version 3.51.0
:param issue_id:
:return:
"""
assert len(issue_id) > 0
url = self.base_url + "/api/v1/events/" + issue_id
response = self.rest_get(
url
)
return response

def get_issue_event_v2(self, issue_id: str):
"""
Gets an issue created by a vendor
Since: Xray 3.51.0
:param issue_id:
:return:
"""
assert len(issue_id) > 0
url = self.base_url + "/api/v2/events/" + issue_id
response = self.rest_get(
url
)
return response
39 changes: 39 additions & 0 deletions xray/utils/http.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,14 @@ def rest_post(self,
):
"""
Perform a POST request to url
:param url:
:param params:
:param headers:
:param verify:
:param cert:
:param timeout:
:param json_data:
:return: response object
"""
response = self._session.post(
url,
Expand All @@ -59,3 +67,34 @@ def rest_post(self,
)
response.raise_for_status()
return response

def rest_put(self,
url,
params=None,
headers=None,
verify=True,
cert=None,
timeout=None,
json_data=None,
):
"""
Perform a PUT request to url
:param url:
:param params:
:param headers:
:param verify:
:param cert:
:param timeout:
:param json_data:
:return: response object
"""
response = self._session.put(
url,
json=json_data,
params=params,
headers=headers,
verify=verify,
cert=cert,
timeout=timeout,
)
return response