Merge pull request #64 from blackducksoftware/gsnyder/matched-files-and-snippets

Gsnyder/matched files and snippets

Author: Glenn Snyder

blackduck/HubRestApi.py

@@ -597,17 +597,6 @@ def _check_version_compatibility(self):
         if int(self.bd_major_version) < 2018:
             raise UnsupportedBDVersion("The BD major version {} is less than the minimum required major version {}".format(self.bd_major_version, 2018))        
 
-    def get_file_bom_entries(self, hub_release_id, limit=100):
-        self._check_version_compatibility()
-        paramstring = self.get_limit_paramstring(limit)
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url =  "{}/v1/releases/{}/file-bom-entries{}".format(self.get_apibase(), hub_release_id)
-        url += paramstring
-        logging.debug("GET {}".format(url))
-        response = self.execute_get(url)
-        jsondata = response.json()
-        return jsondata
-
     def get_file_matches_for_bom_component(self, bom_component, limit=1000):
         self._check_version_compatibility()
         url = self.get_link(bom_component, "matched-files")
@@ -617,116 +606,6 @@ def get_file_matches_for_bom_component(self, bom_component, limit=1000):
         jsondata = response.json()
         return jsondata
 
-    def get_snippet_bom_entries(self, project_id, version_id, reviewed=False, included=False, limit=100, offset=0):
-        self._check_version_compatibility()
-        paramstring = "?limit=" + str(limit) + "&offset=" + \
-            str(offset) + "&filter=bomReviewStatus:" + str(reviewed).lower() + "&filter=bomInclusion:" + str(included).lower()
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        path =  "{}/internal/projects/{}/versions/{}/snippet-bom-entries".format(self.get_apibase(), project_id, version_id)
-        url = path + paramstring
-        response = self.execute_get(url)
-        jsondata = response.json()
-        return jsondata
-
-    def ignore_snippet_bom_entry(self, hub_version_id, snippet_bom_entry):
-        self._check_version_compatibility()
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url = "{}/v1/releases/{}/snippet-bom-entries".format(self.get_apibase(), hub_version_id)
-        body = self.get_ignore_snippet_json(snippet_bom_entry)
-        response = self.execute_put(url, body)
-        jsondata = response.json()
-        return jsondata
-
-    def get_ignore_snippet_json(self, snippet_bom_entry):
-        self._check_version_compatibility()
-        for cur_fileSnippetBomComponents in snippet_bom_entry['fileSnippetBomComponents']:
-            cur_fileSnippetBomComponents['ignored'] = True
-        return [snippet_bom_entry]
-    
-    def confirm_snippet_bom_entry(self, hub_version_id, snippet_bom_entry):
-        self._check_version_compatibility()
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url = "{}/v1/releases/{}/snippet-bom-entries".format(self.get_apibase(), hub_version_id)
-        body = self.get_confirm_snippet_json(snippet_bom_entry)
-        response = self.execute_put(url, body)
-        jsondata = response.json()
-        return jsondata
-
-    def get_confirm_snippet_json(self, snippet_bom_entry):
-        self._check_version_compatibility()
-        for cur_fileSnippetBomComponents in snippet_bom_entry['fileSnippetBomComponents']:
-            cur_fileSnippetBomComponents['reviewStatus'] = 'REVIEWED'
-            cur_fileSnippetBomComponents['ignored'] = False
-        return [snippet_bom_entry]
-    
-    def edit_snippet_bom_entry(self, hub_version_id, snippet_bom_entry, new_kb_component):
-        self._check_version_compatibility()
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url = "{}/v1/releases/{}/snippet-bom-entries".format(self.get_apibase(), hub_version_id)
-        body = self.get_edit_snippet_json(snippet_bom_entry, new_kb_component)
-        response = self.execute_put(url, body)
-        jsondata = response.json()
-        return jsondata
-
-    def get_edit_snippet_json(self, snippet_bom_entry, new_kb_component):
-        self._check_version_compatibility()
-        assert 'fileSnippetBomComponents' in snippet_bom_entry
-        assert len(snippet_bom_entry['fileSnippetBomComponents']) == 1, "We can only edit the component info for one snippet match at a time"
-
-        # TODO: Handle case where either the component from snippet_bom_entry OR new_kb_component does not have a version?
-        snippet_component_info = snippet_bom_entry['fileSnippetBomComponents'][0]
-        snippet_component_info['project']['id'] = new_kb_component['component'].split("/")[-1]
-        snippet_component_info['release']['id'] = new_kb_component['componentVersion'].split("/")[-1]
-        return [snippet_bom_entry]
-    
-    def get_alternate_matches_for_snippet(self, project_id, version_id, snippet_object):
-        self._check_version_compatibility()
-        version_bom_entry_id = snippet_object['fileSnippetBomComponents'][0]['versionBomEntryId']
-
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url =  "{}/internal/projects/{}/versions/{}/alternate-snippet-matches/{}".format(
-            self.get_apibase(), project_id, version_id, version_bom_entry_id)
-        response = self.execute_get(url)
-        jsondata = response.json()
-        alternate_matches = list()
-        for snippet_bom_components_d in jsondata['snippetMatches']:
-            for snippet_bom_component in snippet_bom_components_d['snippetBomComponents']:
-                alternate_matches.append(snippet_bom_component)
-        return alternate_matches
-
-    def find_matching_alternative_snippet_match(self, project_id, version_id, snippet_object, kb_component):
-        # Given a KB component, find the matching alternative snippet match for a given snippet BOM entry
-        # Returns None if no match was found
-        kb_component_id = kb_component['component'].split("/")[-1]
-        # TODO: handle cases where there is no version supplied?
-        kb_component_version_id = kb_component['componentVersion'].split("/")[-1]
-        for alternative_match in self.get_alternate_matches_for_snippet(project_id, version_id, snippet_object):
-            alternative_match_component_id = alternative_match['project']['id']
-            alternative_match_component_version_id = alternative_match['release']['id']
-            if kb_component_id == alternative_match_component_id and kb_component_version_id == alternative_match_component_version_id:
-                return alternative_match
-
-    def _generate_new_match_selection(self, original_snippet_match, new_component_match):
-        # Merge the values from new_component_match into the origingal_snippet_match
-        # Note: Must do the merge to preserver other key/value pairs in the original_snippet_match (e.g. ignored, reviewStatus, versionBomComponentId)
-        # TODO: Can there ever be more than one item in fileSnippetBomComponents?
-        for k in original_snippet_match['fileSnippetBomComponents'][0].keys():
-            if k in new_component_match:
-                original_snippet_match['fileSnippetBomComponents'][0][k] = new_component_match[k]
-        return [original_snippet_match]
-
-    def update_snippet_match(self, version_id, current_snippet_match, new_snippet_match_component):
-        # Update the (snippet) component selection for a given snippet match
-        # Assumption: new_snippet_match_component is from one of the alternate matches listed for the file snippet match
-        self._check_version_compatibility()
-        headers = self.get_headers()
-        headers['ContentType'] = "application/json"
-        # Using internal API - see https://jira.dc1.lan/browse/HUB-18270: Make snippet API calls for ignoring, confirming snippet matches public
-        url = "{}/v1/releases/{}/snippet-bom-entries".format(self.get_apibase(), version_id)
-        body = self._generate_new_match_selection(current_snippet_match, new_snippet_match_component)
-        response = self.execute_put(url, body)
-        jsondata = response.json()
-        return jsondata
 
     ##
     #

blackduck/__version__.py

@@ -1,3 +1,3 @@
-VERSION = (0, 0, 35)
+VERSION = (0, 0, 36)
 
 __version__ = '.'.join(map(str, VERSION))

examples/assign_role_to_user_group.py

@@ -24,10 +24,12 @@
 
 args = parser.parse_args()
 
-user_groups = hub.get_user_groups(parameters={'q':args.group_name})
+user_groups = hub.get_user_groups(parameters={'q':'name:{}'.format(args.group_name)})
 
 if user_groups['totalCount'] == 1:
 	user_group = user_groups['items'][0]
+else:
+	user_group = None
 
 if user_group:
 	if args.role == 'All':
@@ -42,3 +44,5 @@
 			print("Failed to assign role {} to group {} due to status code 412. Has the role already been assigned?".format(role_to_assign, args.group_name))
 		else:
 			print("Failed to assign role {} to group {}. status code: {}".format(role_to_assign, args.group_name, response.status_code))
+else:
+	print("Didn't find user group {}".format(args.group_name))

examples/create_custom_field.py

@@ -30,8 +30,6 @@
 
 initial_options = [{"label": io[0], "position": io[1]} for io in args.initial_options]
 
-import pdb; pdb.set_trace()
-
 response = hub.create_cf(
     args.object, 
     args.field_type, 

examples/get_bom_component_vulnerability_info.py

@@ -1,5 +1,8 @@
 #!/usr/bin/env python
 
+import http.client
+http.client._MAXHEADERS = 1000
+
 import argparse
 import copy
 from datetime import datetime
@@ -68,11 +71,12 @@
 response = hub.execute_get(vulnerable_components_url, custom_headers=custom_headers)
 vulnerable_bom_components = response.json().get('items', [])
 
-for vuln in vulnerable_bom_components:
+for i, vuln in enumerate(vulnerable_bom_components):
     source = vuln['vulnerabilityWithRemediation']['source']
     vuln_name = vuln['vulnerabilityWithRemediation']['vulnerabilityName']
 
     # Retrieve additional details about the vulnerability
+    logging.debug("Retrieving additional details regarding vuln {}, i={}".format(vuln_name, i))
     vuln_url = hub.get_apibase() + "/vulnerabilities/{}".format(vuln_name)
     vuln_details_response = hub.execute_get(vuln_url, custom_headers={'Accept': 'application/json'})
     vuln_details = vuln_details_response.json()