|
| 1 | +#!/usr/bin/env python |
| 2 | + |
| 3 | +import argparse |
| 4 | +import json |
| 5 | +import logging |
| 6 | +import sys |
| 7 | + |
| 8 | +from blackduck.HubRestApi import HubInstance, object_id |
| 9 | + |
| 10 | +parser = argparse.ArgumentParser("Program description") |
| 11 | +parser.add_argument("project") |
| 12 | +parser.add_argument("-v", "--version", help="The version within the project to apply the override (or undo) to. If not supplied, the override (or undo) will be applied to all versions in the project") |
| 13 | +parser.add_argument("component", help="The name of the BOM component") |
| 14 | +parser.add_argument("component_version", help="The BOM component version") |
| 15 | +parser.add_argument("comment") |
| 16 | +parser.add_argument("-u", "--undo_override", action='store_true', help="Undo the override") |
| 17 | +args = parser.parse_args() |
| 18 | + |
| 19 | + |
| 20 | +logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG) |
| 21 | +logging.getLogger("requests").setLevel(logging.WARNING) |
| 22 | +logging.getLogger("urllib3").setLevel(logging.WARNING) |
| 23 | +logging.getLogger("blackduck").setLevel(logging.WARNING) |
| 24 | + |
| 25 | +hub = HubInstance() |
| 26 | + |
| 27 | +if args.version: |
| 28 | + project_versions = [hub.get_project_version_by_name(args.project, args.version)] |
| 29 | +else: |
| 30 | + project = hub.get_project_by_name(args.project) |
| 31 | + project_versions = hub.get_project_versions(project).get('items') |
| 32 | + |
| 33 | +for pv in project_versions: |
| 34 | + components_url = hub.get_link(pv, "components") |
| 35 | + components_url = f"{components_url}?q=componentOrVersionName:{args.component}" |
| 36 | + components = hub.execute_get(components_url).json().get('items', []) |
| 37 | + |
| 38 | + if components: |
| 39 | + # find the version we want (note: the query parm above will do an OR, not an AND) |
| 40 | + # if there is more than one term supplied so doing this in two steps to make sure |
| 41 | + # we don't get a different, wrong component that shares the same version |
| 42 | + components = list(filter(lambda c: c['componentVersionName'] == args.component_version, components)) |
| 43 | + |
| 44 | + assert len(components) in [0,1], f"Should find 0 or 1 BOM components but instead we found {len(components)}, hmmm, wasn't expecting that" |
| 45 | + |
| 46 | + component = components[0] if components else None |
| 47 | + if component: |
| 48 | + policy_status_url = hub.get_link(component, "policy-status") |
| 49 | + policy_status = hub.execute_get(policy_status_url).json() |
| 50 | + override = policy_status and policy_status['approvalStatus'] == 'IN_VIOLATION' and not args.undo_override |
| 51 | + undo = policy_status and policy_status['approvalStatus'] == 'IN_VIOLATION_OVERRIDDEN' and args.undo_override |
| 52 | + overridden = undone = False |
| 53 | + if override: |
| 54 | + #override |
| 55 | + data = { |
| 56 | + 'approvalStatus': 'IN_VIOLATION_OVERRIDDEN', |
| 57 | + 'comment': args.comment} |
| 58 | + response = hub.execute_put(policy_status_url, data=data) |
| 59 | + if response.status_code == 202: |
| 60 | + logging.info(f"Policy violations for {args.component}:{args.component_version} have been overridden in project {args.project}, version {pv['versionName']}") |
| 61 | + overridden = True |
| 62 | + else: |
| 63 | + logging.error(f"Failed to override policy violations for {args.component}:{args.component_version}, status_code {response.status_code}") |
| 64 | + elif undo: |
| 65 | + #undo override |
| 66 | + data = { |
| 67 | + 'approvalStatus': 'IN_VIOLATION', |
| 68 | + 'comment': args.comment} |
| 69 | + response = hub.execute_put(policy_status_url, data=data) |
| 70 | + if response.status_code == 202: |
| 71 | + logging.info(f"Undid override for {args.component}:{args.component_version} have been overridden") |
| 72 | + undone = True |
| 73 | + else: |
| 74 | + logging.error(f"Failed to override policy violations for {args.component}:{args.component_version}, status_code {response.status_code}") |
| 75 | + |
| 76 | + policy_status = hub.execute_get(policy_status_url).json() |
| 77 | + if overridden or undone: |
| 78 | + logging.debug(f"After updating policy status is {policy_status['approvalStatus']}") |
| 79 | + else: |
| 80 | + logging.debug(f"No update applied, policy status is {policy_status['approvalStatus']}") |
| 81 | + else: |
| 82 | + logging.info(f"Did not find BOM component {args.component}:{args.component_version} in project {args.project}, version {pv['versionName']}") |
| 83 | + else: |
| 84 | + logging.info(f"Did not find BOM component {args.component}:{args.component_version} in project {args.project}, version {pv['versionName']}") |
| 85 | + |
| 86 | + |
| 87 | + |
| 88 | + |
| 89 | + |
0 commit comments