Skip to content

Commit 987416d

Browse files
author
Glenn Snyder
committed
adding example showing how to search for a CPE
1 parent e20fd0d commit 987416d

File tree

1 file changed

+59
-0
lines changed

1 file changed

+59
-0
lines changed

examples/client/get_cpe.py

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
#!/usr/bin/env python
2+
3+
'''
4+
Copyright (C) 2021 Synopsys, Inc.
5+
http://www.blackducksoftware.com/
6+
7+
Licensed to the Apache Software Foundation (ASF) under one
8+
or more contributor license agreements. See the NOTICE file
9+
distributed with this work for additional information
10+
regarding copyright ownership. The ASF licenses this file
11+
to you under the Apache License, Version 2.0 (the
12+
"License"); you may not use this file except in compliance
13+
with the License. You may obtain a copy of the License at
14+
15+
http://www.apache.org/licenses/LICENSE-2.0
16+
17+
Unless required by applicable law or agreed to in writing,
18+
software distributed under the License is distributed on an
19+
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
20+
KIND, either express or implied. See the License for the
21+
specific language governing permissions and limitations
22+
under the License.
23+
24+
'''
25+
import argparse
26+
import json
27+
import logging
28+
import sys
29+
30+
from blackduck import Client
31+
32+
parser = argparse.ArgumentParser("GET CPE's from a BD server")
33+
parser.add_argument("--base-url", required=True, help="Hub server URL e.g. https://your.blackduck.url")
34+
parser.add_argument("--token-file", dest='token_file', required=True, help="containing access token")
35+
parser.add_argument("--no-verify", dest='verify', action='store_false', help="disable TLS certificate verification")
36+
parser.add_argument("cpe_id", help="Provide a CPE (2.2 or 2.3 xml format) ID - e.g. \"cpe:2.3:a:apache:log4j:2.11.1:-:*:*:*:*:*:*\" To get a complete dictionary of CPE IDs go to the NIST site, https://nvd.nist.gov/products/cpe")
37+
args = parser.parse_args()
38+
39+
40+
logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
41+
logging.getLogger("requests").setLevel(logging.WARNING)
42+
logging.getLogger("urllib3").setLevel(logging.WARNING)
43+
logging.getLogger("blackduck").setLevel(logging.WARNING)
44+
45+
with open(args.token_file, 'r') as tf:
46+
access_token = tf.readline().strip()
47+
48+
bd = Client(
49+
base_url=args.base_url,
50+
token=access_token,
51+
verify=args.verify
52+
)
53+
54+
cpes = [cpe for cpe in bd.get_items(f"/api/cpes?q={args.cpe_id}")]
55+
if cpes:
56+
for cpe in cpes:
57+
cpe['cpe-origins'] = [o for o in bd.get_resource("cpe-origins", cpe)]
58+
cpe['cpe-versions'] = [v for v in bd.get_resource("cpe-versions", cpe)]
59+
print(json.dumps(cpes))

0 commit comments

Comments
 (0)