SAP custom signature export/import

Author: Murat Kumykov

blackduck/HubRestApi.py

@@ -803,6 +803,14 @@ def get_version_components(self, projectversion, limit=1000):
         response = requests.get(url, headers=headers, verify = not self.config['insecure'])
         jsondata = response.json()
         return jsondata
+    
+    def update_project_settings(self, project, new_settings={}):
+        url = project['_meta']['href']
+        headers = self.get_headers()
+        headers['Accept'] = 'application/vnd.blackducksoftware.project-detail-4+json'
+        headers['Content-Type'] = 'application/vnd.blackducksoftware.project-detail-4+json'
+        response = self.execute_put(url, new_settings, headers)
+        return response
 
     def update_project_version_settings(self, project_name, version_name, new_settings={}):
         # Apply any new settings to the given project version

examples/custom_signatures_export.py

@@ -0,0 +1,174 @@
+#!/usr/local/bin/python2.7
+# encoding: utf-8
+'''
+examples.custom_signatures_export -- Exports project scan data for projects that have custom signatures enabled
+
+examples.custom_signatures_export 
+
+Exports scans for all projects that have custom signature enabled
+All scans will be placed in the output directory.
+A metadata file will be written to specify project names and versions.
+Metadata will be used to identify projects that will require custom signature flag enabled
+
+@author:     kumykov
+
+@copyright:  2020 Synopsys Inc. All rights reserved.
+
+@license:    Apache License 2.0
+
+@contact:    [email protected]
+@deffield    updated: Updated
+'''
+
+import sys
+import os
+
+from argparse import ArgumentParser
+from argparse import RawDescriptionHelpFormatter
+from blackduck.HubRestApi import HubInstance
+import json
+
+__all__ = []
+__version__ = 0.1
+__date__ = '2020-05-05'
+__updated__ = '2020-05-05'
+
+DEBUG = 0
+TESTRUN = 0
+PROFILE = 0
+
+class CLIError(Exception):
+    '''Generic exception to raise and log different fatal errors.'''
+    def __init__(self, msg):
+        super(CLIError).__init__(type(self))
+        self.msg = "E: %s" % msg
+    def __str__(self):
+        return self.msg
+    def __unicode__(self):
+        return self.msg
+    
+'''
+'''
+    
+def get_custom_signatures(hub):
+    projects=hub.get_projects()
+    custom_signatures=list()
+    for project in projects['items']:
+        if project["customSignatureEnabled"]:
+            custom_signatures.append(project)
+    return custom_signatures
+    
+def download_project_scans(project):
+    pass
+
+def main(argv=None): # IGNORE:C0111
+    '''Command line options.'''
+
+    if argv is None:
+        argv = sys.argv
+    else:
+        sys.argv.extend(argv)
+
+    program_name = os.path.basename(sys.argv[0])
+    program_version = "v%s" % __version__
+    program_build_date = str(__updated__)
+    program_version_message = '%%(prog)s %s (%s)' % (program_version, program_build_date)
+    program_shortdesc = __import__('__main__').__doc__.split("\n")[1]
+    program_license = '''%s
+
+  Created by user_name on %s.
+  Copyright 2020 organization_name. All rights reserved.
+
+  Licensed under the Apache License 2.0
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Distributed on an "AS IS" basis without warranties
+  or conditions of any kind, either express or implied.
+
+USAGE
+''' % (program_shortdesc, str(__date__))
+
+    try:
+        # Setup argument parser
+        parser = ArgumentParser(description=program_license, formatter_class=RawDescriptionHelpFormatter)
+        parser.add_argument(dest="output_path", help="path to folder to store exported data")
+
+        # Process arguments
+        args = parser.parse_args()
+
+        output_path = args.output_path
+
+        ## Do shit
+        # print (output_path)
+        # print (args)
+        
+        workdir = os.path.abspath(output_path)
+        
+        print(workdir)
+        
+        hub=HubInstance()
+                
+        projects = get_custom_signatures(hub)
+        
+        metadata = {"magic": "CSMD001", "content": {}}
+        metadata_path = os.path.join(workdir, "metadata.json")
+        
+        for project in projects:
+            project_name = project['name']
+            versions = hub.get_project_versions(project)
+            version_metadata = []
+            metadata['content'][project_name] = version_metadata
+            for version in versions['items']:
+                version_name = version['versionName']
+                version_metadata.append(version_name)
+                codelocations = hub.get_version_codelocations(version)
+                for codelocation in codelocations['items']:
+                    #print(json.dumps(codelocation,indent=2))
+                    scanurl=codelocation['_meta']['href'].replace('codelocations','scan/data') + ".bdio"
+                    print (scanurl)
+                    filename = scanurl.split('/')[6]
+                    if not os.path.exists(workdir):
+                        os.mkdir(workdir)
+                    pathname = os.path.join(workdir, filename)
+                    responce = hub.execute_get(scanurl, custom_headers=hub.get_headers())
+                    with open(pathname, "wb") as f:
+                        for data in responce.iter_content():
+                            f.write(data)
+                    print("File {} written".format(pathname))
+                
+        # print(json.dumps(get_custom_signatures(hub),indent=2))
+        
+        print("Writing metadata file")
+        with open(metadata_path, 'w') as outfile:
+            json.dump(metadata, outfile)
+        print("Done.")
+        
+        ### handle keyboard interrupt ###
+        return 0
+    except Exception as e:
+        if DEBUG or TESTRUN:
+            raise(e)
+        indent = len(program_name) * " "
+        sys.stderr.write(program_name + ": " + repr(e) + "\n")
+        sys.stderr.write(indent + "  for help use --help")
+        return 2
+
+if __name__ == "__main__":
+    if DEBUG:
+        sys.argv.append("-h")
+        sys.argv.append("-v")
+    if TESTRUN:
+        import doctest
+        doctest.testmod()
+    if PROFILE:
+        import cProfile
+        import pstats
+        profile_filename = 'examples.custom_signatures_export_profile.txt'
+        cProfile.run('main()', profile_filename)
+        statsfile = open("profile_stats.txt", "wb")
+        p = pstats.Stats(profile_filename, stream=statsfile)
+        stats = p.strip_dirs().sort_stats('cumulative')
+        stats.print_stats()
+        statsfile.close()
+        sys.exit(0)
+    sys.exit(main())

examples/custom_signatures_import.py

@@ -0,0 +1,158 @@
+#!/usr/local/bin/python2.7
+# encoding: utf-8
+'''
+examples.custom_signatures_import -- imports scan data for custom signatures
+
+examples.custom_signatures_import 
+
+Used output of custom_signature_export 
+It will create project structure according to the metadata.json file
+and enable custom signature flags for each project created
+
+Then it will upload all scan files to Blackduck instnce.
+Once scan files are processed, custom signatures will be ready to use.
+
+@author:     kumykov
+
+@copyright:  2020 Synopsys Inc. All rights reserved.
+
+@license:    Apache License 2.0
+
+@contact:    [email protected]
+@deffield    updated: Updated
+'''
+
+import sys
+import os
+
+from argparse import ArgumentParser
+from argparse import RawDescriptionHelpFormatter
+from blackduck.HubRestApi import HubInstance
+import json
+
+__all__ = []
+__version__ = 0.1
+__date__ = '2020-05-05'
+__updated__ = '2020-05-05'
+
+DEBUG = 0
+TESTRUN = 0
+PROFILE = 0
+
+class CLIError(Exception):
+    '''Generic exception to raise and log different fatal errors.'''
+    def __init__(self, msg):
+        super(CLIError).__init__(type(self))
+        self.msg = "E: %s" % msg
+    def __str__(self):
+        return self.msg
+    def __unicode__(self):
+        return self.msg
+    
+def read_metadata_file(metadata_path):
+    with open(metadata_path) as json_file:
+        data = json.load(json_file)
+    if data['magic'] == "CSMD001":
+        return data
+    else:
+        raise Exception ("Bad metadata.")
+    
+def create_projects(hub, metadata):
+    for project_name in metadata['content']:
+        for version_name in metadata['content'][project_name]:
+            version = hub.get_or_create_project_version(project_name, version_name)
+        project = hub.get_project_by_name(project_name)
+        if not project['customSignatureEnabled']:
+            print ("Enabling custom signature for {}".format(project['name']))
+            project['customSignatureEnabled'] = True
+            response = hub.update_project_settings(project, new_settings=project)
+            print (response)
+        else:
+            print ("Custom signature for {} already enabled".format(project_name))
+
+def upload_scan_data(hub, workdir):
+    with (os.scandir(workdir)) as entries:
+        for entry in entries:
+            pathname = entry.path
+            if pathname.endswith('.bdio'):
+                print("Uploading {}".format(pathname), end = ". ")
+                response = hub.upload_scan(pathname)
+                print ("Response {}".format(response))
+
+def main(argv=None): # IGNORE:C0111
+    '''Command line options.'''
+
+    if argv is None:
+        argv = sys.argv
+    else:
+        sys.argv.extend(argv)
+
+    program_name = os.path.basename(sys.argv[0])
+    program_version = "v%s" % __version__
+    program_build_date = str(__updated__)
+    program_version_message = '%%(prog)s %s (%s)' % (program_version, program_build_date)
+    program_shortdesc = __import__('__main__').__doc__.split("\n")[1]
+    program_license = '''%s
+
+  Created by user_name on %s.
+  Copyright 2020 organization_name. All rights reserved.
+
+  Licensed under the Apache License 2.0
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Distributed on an "AS IS" basis without warranties
+  or conditions of any kind, either express or implied.
+
+USAGE
+''' % (program_shortdesc, str(__date__))
+
+    try:
+        # Setup argument parser
+        parser = ArgumentParser(description=program_license, formatter_class=RawDescriptionHelpFormatter)
+        parser.add_argument(dest="input_path", help="path to folder to store exported data")
+
+        # Process arguments
+        args = parser.parse_args()
+
+        input_path = args.input_path
+
+        workdir = os.path.abspath(input_path)
+        metadata_path = os.path.join(workdir, "metadata.json")
+        print("Reading metadata from {} ".format(metadata_path))
+        metadata = read_metadata_file(metadata_path)
+        
+        hub=HubInstance()
+        
+        create_projects(hub, metadata)
+        
+        upload_scan_data(hub, workdir)
+                
+
+        return 0
+    except Exception as e:
+        if DEBUG or TESTRUN:
+            raise(e)
+        indent = len(program_name) * " "
+        sys.stderr.write(program_name + ": " + repr(e) + "\n")
+        sys.stderr.write(indent + "  for help use --help")
+        return 2
+
+if __name__ == "__main__":
+    if DEBUG:
+        sys.argv.append("-v")
+        sys.argv.append("-h")
+    if TESTRUN:
+        import doctest
+        doctest.testmod()
+    if PROFILE:
+        import cProfile
+        import pstats
+        profile_filename = 'examples.custom_signatures_import_profile.txt'
+        cProfile.run('main()', profile_filename)
+        statsfile = open("profile_stats.txt", "wb")
+        p = pstats.Stats(profile_filename, stream=statsfile)
+        stats = p.strip_dirs().sort_stats('cumulative')
+        stats.print_stats()
+        statsfile.close()
+        sys.exit(0)
+    sys.exit(main())