Merge branch 'master' into custom_signatures

Author: mkumykov

blackduck/HubRestApi.py

@@ -1275,11 +1275,17 @@ def remove_version_as_component(self, main_project_release, sub_project_release)
 
     def upload_scan(self, filename):
         url = self.get_apibase() + "/scan/data/?mode=replace"
-        files = {'file':open(filename,'rb')}
         headers = self.get_headers()
-        headers['Content-Type'] = 'application/vnd.blackducksoftware.bdio+zip'
-        with open(filename,"rb") as f:
-            response = requests.post(url, headers=headers, data=f, verify=False)
+        if filename.endswith('.json') or filename.endswith('.jsonld'):
+            headers['Content-Type'] = 'application/ld+json'
+            with open(filename,"r") as f:
+                response = requests.post(url, headers=headers, data=f, verify=False)
+        elif filename.endswith('.bdio'):
+            headers['Content-Type'] = 'application/vnd.blackducksoftware.bdio+zip'
+            with open(filename,"rb") as f:
+                response = requests.post(url, headers=headers, data=f, verify=False)
+        else:
+            raise Exception("Unkown file type")
         return response
 
     def download_project_scans(self, project_name,version_name, output_folder=None):
@@ -1676,4 +1682,9 @@ def execute_post(self, url, data, custom_headers={}):
         response = requests.post(url, headers=headers, data=json_data, verify = not self.config['insecure'])
         return response
 
-
+	def get_matched_components(self, version_obj, limit=9999):
+		url = "{}/matched-files".format(version_obj['_meta']['href'])
+		param_string = self._get_parameter_string({'limit': limit})
+		url = "{}{}".format(url, param_string)
+		response = self.execute_get(url)
+		return response.json()

blackduck/__version__.py

@@ -1,3 +1,3 @@
-VERSION = (0, 0, 45)
+VERSION = (0, 0, 46)
 
 __version__ = '.'.join(map(str, VERSION))

examples/custom_signatures_export.py

@@ -1,4 +1,4 @@
-#!/usr/local/bin/python2.7
+#!/usr/local/bin/python3
 # encoding: utf-8
 '''
 examples.custom_signatures_export -- Exports project scan data for projects that have custom signatures enabled

examples/custom_signatures_import.py

@@ -1,4 +1,4 @@
-#!/usr/local/bin/python2.7
+#!/usr/local/bin/python3
 # encoding: utf-8
 '''
 examples.custom_signatures_import -- imports scan data for custom signatures

examples/generate_confidence_score.py

@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+
+import argparse
+import json
+import logging
+import sys
+
+from blackduck.HubRestApi import HubInstance
+
+parser = argparse.ArgumentParser("Generate Confidence Score Report")
+parser.add_argument("project_name")
+parser.add_argument("version")
+
+args = parser.parse_args()
+
+
+hub = HubInstance()
+
+project = hub.get_project_by_name(args.project_name)
+version = hub.get_version_by_name(project, args.version)
+
+result = hub.get_matched_components(version)
+print(json.dumps(result))
+
+

examples/get_bom_component_origin_info_Updated.py

@@ -0,0 +1,72 @@
+#!/usr/bin/env python
+
+import argparse
+import json
+import csv
+import logging
+import sys
+
+from blackduck.HubRestApi import HubInstance
+
+
+parser = argparse.ArgumentParser("Retreive BOM component license information for the given project and version")
+parser.add_argument("project_name")
+parser.add_argument("version")
+
+args = parser.parse_args()
+
+
+hub = HubInstance()
+
+project = hub.get_project_by_name(args.project_name)
+version = hub.get_version_by_name(project, args.version)
+
+bom_components = hub.get_version_components(version)
+
+all_origins = dict()
+
+logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
+logging.getLogger("requests").setLevel(logging.WARNING)
+logging.getLogger("urllib3").setLevel(logging.WARNING)
+
+all_origin_info = {}
+components_info = [["Component Name", "Component Version" ,"Homepage", "Approval Status", "Component ID", "Component Version ID", "License"]]
+
+for bom_component in bom_components['items']:
+	component_url = bom_component['component']
+	response = hub.execute_get(component_url)
+
+	# Component details include the home page url and additional home pages
+	logging.debug("Retrieving component home page info for {}:{}".format(
+		bom_component.get("componentName"), bom_component.get("componentVersionName")))
+	component_details = None
+	if response.status_code == 200:
+		component_details = response.json()
+
+	for origin in bom_component.get('origins', []):
+		logging.debug("Retrieving origin details for origin {}".format(origin['name']))
+		origin_url = hub.get_link(origin, 'origin')
+		response = hub.execute_get(origin_url)
+		origin_details = None
+		if response.status_code == 200:
+			origin_details = response.json()
+
+		all_origin_info.update({
+				"{}:{}".format(bom_component['componentName'], bom_component['componentVersionName']): {
+					"component_details": component_details,
+					"component_home_page": component_details.get("url"),
+					"additional_home_pages": component_details.get("additionalHomepages"),
+					"origin_details": origin_details,
+				}
+			})
+		#component_info = [bom_component['componentName'], bom_component['componentVersionName'], component_details.get("url"), component_details['approvalStatus'], bom_component['component'], bom_component['componentVersion'], origin_details['license']['licenseDisplay']]
+		component_info = [bom_component.get("componentName"), bom_component.get("componentVersionName"), component_details.get("url"), bom_component.get("approvalStatus"), bom_component.get("component"), bom_component.get("componentVersion"), origin_details.get('license').get("licenseDisplay")]
+		components_info.append(component_info)
+
+mycsv = csv.writer(open(r'Report.csv', 'w'), lineterminator='\n')
+for row in components_info:
+    if any(row):
+        mycsv.writerow(row)
+print("Report.csv is successfully generated")
+#print(json.dumps(all_origin_info))
+

examples/get_notifications.py

@@ -0,0 +1,117 @@
+#!/usr/bin/env python
+
+'''
+Created on May 19, 2020
+
+@author: gsnyder
+
+Retrieve notifications (a variant/derivative of get_vulnerability_notifications.py)
+
+Note: The user account you run this under will determine the scope (i.e. projects, versions) of 
+the notifications that can be received.
+
+'''
+
+import argparse
+from datetime import datetime
+import json
+import logging
+import pytz
+import sys
+import timestring
+
+from terminaltables import AsciiTable
+
+from blackduck.HubRestApi import HubInstance, object_id
+
+#
+# Example usage:
+#   To get help,
+#       python3 examples/get_notifications.py -h
+#
+#   To get policy rule violation notifications system-wide, since the beginning of "time"
+#       python3 examples/get_notifications.py > notifications.json
+#
+#   To get policy rule notifications system-wide, since a given date/time,
+#       python3 examples/get_notifications.py -n "May 17, 2020" > notifications.json
+#
+#   To get policy rule violations and policy override notifications, since a given date/time,
+#       python3 examples/get_notifications.py -n "May 17, 2020" -t RULE_VIOLATION POLICY_OVERRIDE > notifications.json
+
+ALL_NOTIFICATION_TYPES = [
+    'RULE_VIOLATION', 
+    'RULE_VIOLATION_CLEARED', 
+    'POLICY_OVERRIDE', 
+    'VULNERABILITY', 
+    'PROJECT_VERSION', 
+    'PROJECT'
+]
+
+parser = argparse.ArgumentParser("Retreive vulnerability notifications")
+parser.add_argument("-p", "--project", help="If supplied, filter the notifications to this project")
+parser.add_argument("-v", "--version", help="If supplied, filter the notifications to this version (requires a project)")
+parser.add_argument("-n", "--newer_than", 
+    default=None, 
+    type=str,
+    help="Set this option to see all vulnerability notifications published since the given date/time.")
+parser.add_argument("-d", "--save_dt", 
+    action='store_true', 
+    help="If set, the date/time will be saved to a file named '.last_run' in the current directory which can be used later with the -n option to see vulnerabilities published since the last run.")
+parser.add_argument("-l", "--limit", default=100000, help="To change the limit on the number of notifications to retrieve")
+parser.add_argument("-s", "--system", action='store_true', help="Pull notifications from the system as opposed to the user's account")
+parser.add_argument("-t", "--types", nargs='+', default=['RULE_VIOLATION'], help="A list of notification types you want to retrieve")
+args = parser.parse_args()
+
+if args.newer_than:
+    newer_than = timestring.Date(args.newer_than).date
+    # adjust to UTC so the comparison is normalized
+    newer_than = newer_than.astimezone(pytz.utc)
+else:
+    newer_than = None
+
+if args.save_dt:
+    with open(".last_run", "w") as f:
+        f.write(datetime.now().isoformat())
+
+logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
+logging.getLogger("requests").setLevel(logging.WARNING)
+logging.getLogger("urllib3").setLevel(logging.WARNING)
+
+hub = HubInstance()
+current_user = hub.get_current_user()
+
+if args.system:
+    notifications_url = "{}/api/notifications".format(hub.get_urlbase())
+else:
+    notifications_url = hub.get_link(current_user, "notifications")
+
+notifications_url = "{}?limit={}".format(notifications_url, args.limit)
+
+filtered_notifications = []
+
+notifications = hub.execute_get(notifications_url).json().get('items', [])
+
+logging.debug("Total of {} notifications retrieved".format(len(notifications)))
+filtered_notifications = list(filter(lambda n: n['type'] in args.types, notifications))
+logging.debug("After filtering for notification types ({}) we are left with {} notifications".format(
+    args.types, len(filtered_notifications)))
+
+if newer_than:
+    logging.debug("Filtering {} notifications to only include those after {}".format(
+        len(filtered_notifications), newer_than))
+    filtered_notifications = list(
+        filter(lambda n: timestring.Date(n['createdAt']) > newer_than, filtered_notifications))
+    logging.debug("{} notifications after filtering for those after {}".format(
+        len(filtered_notifications), newer_than))
+
+if args.project:
+    filtered_notifications = list(
+        filter(lambda n: args.project in [apv['projectName'] for apv in n['content']['affectedProjectVersions']], 
+            filtered_notifications))
+    if args.version:
+        filtered_notifications = list(
+            filter(lambda n: args.version in [apv['projectVersionName'] for apv in n['content']['affectedProjectVersions']], 
+                filtered_notifications))
+
+print(json.dumps(filtered_notifications))
+

examples/get_project_versions.py

@@ -66,7 +66,7 @@ def write_to_csv_file(filename, version_list):
 			if args.phase:
 				new_list = list()
 				for version in sorted_version_list:
-					if sorted_version_list['phase'] == phase_map[args.phase]:
+					if version['phase'] == phase_map[args.phase]:
 						new_list.append(version)
 				sorted_version_list = new_list
 			if args.limit: