-
Notifications
You must be signed in to change notification settings - Fork 112
/
api-demo-9c-bulk-ignore-vulns-by-issueIdList.py
88 lines (86 loc) · 3.34 KB
/
api-demo-9c-bulk-ignore-vulns-by-issueIdList.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import argparse
import json
import re
import sys
import requests
import urllib3
from snyk import SnykClient
from utils import get_default_token_path, get_token
def parse_command_line_args():
parser = argparse.ArgumentParser(description="Snyk API Examples")
parser.add_argument("--orgId", type=str,
help="The Snyk Organisation Id", required=True)
# Store issueId as list (--issueIdList=SNYK-JS-HANDLEBARS-173692,SNYK-JS-JSYAML-174129 as example)
parser.add_argument("--issueIdList", type=str,
help="The Snyk Issue IdList", required=True)
parser.add_argument("--reasonType", type=str,
help="Ignore Reason Type", required=True)
parser.add_argument("--expirationTime", type=str,
help="Optional. Expiration time of ignore. e.g. yyyy-mm-dd or yyyy-mm-ddThh:mm:ss.aaaZ",)
parser.add_argument("--reason", type=str,
help="Optional. Reason for ignoring e.g. \"We do not use this library.\"",)
args = parser.parse_args()
return args
snyk_token_path = get_default_token_path()
snyk_token = get_token(snyk_token_path)
args = parse_command_line_args()
org_id = args.orgId
issue_ids = args.issueIdList.split(',') # split issue list to run the loop
reason_type = args.reasonType
time = args.expirationTime
reason = args.reason
# Regex to check if the date is valid
datere = "[2-9][0-9][0-9][0-9]-[0-2][0-9]-[0-3][0-9]"
datetimere = "[2-9][0-9][0-9][0-9]-[0-2][0-9]-[0-3][0-9]T[0-2][0-4]:[0-5][0-9]:[0-6][0-9].[0-9][0-9][0-9]Z"
expires = None
# Logic to check if a reason and/or time was added
if time is None:
confirm = 0
else:
if re.match(datere, time) or re.match(datetimere, time):
print("Valid Time Arguments")
expires = time
confirm = 1
else:
print("Please use a date in yyyy-mm-ddThh or yyyy-mm-ddThh:mm:ss.aaaZ format")
sys.exit()
if reason is None:
print("No reason given")
else:
if confirm == 1:
print("Reason given!")
confirm = 2
else:
confirm = 3
client = SnykClient(token=snyk_token)
# API call to collect every project in all of a customers orgs
for proj in client.organizations.get(org_id).projects.all():
print("\nProject name: %s" % proj.name)
print(" Issues Found:")
print(" High : %s" % proj.issueCountsBySeverity.high)
print(" Medium: %s" % proj.issueCountsBySeverity.medium)
print(" Low : %s" % proj.issueCountsBySeverity.low)
url = "org/" + org_id + "/project/" + proj.id + "/issues"
print(url)
# API call to grab all of the issue
r = client.post(url, None)
# Converts JSON to a python dict
parsed_input = r.json()
print (parsed_input)
issues = parsed_input["issues"]
print("List the Vulnerbilities")
print (issues["vulnerabilities"])
for i in issues["vulnerabilities"]:
# HERE
if i["id"] in issue_ids:
values_object = {
"ignorePath": "",
"reasonType": reason_type,
"disregardIfFixable": False
}
if reason is not None:
values_object["reason"] = reason
if expires is not None:
values_object["expires"] = expires
api_url = "org/%s/project/%s/ignore/%s" % (org_id, proj.id , i["id"])
r2 = client.post(api_url, values_object)