Skip to content

Commit 66d8129

Browse files
patrickhargettpatrickhargett
authored
Added scanning endpoints
Adding scanning v1 and v2 endpoints when the Secure API is provided.
1 parent 541c7cb commit 66d8129

File tree

1 file changed

+43
-0
lines changed

1 file changed

+43
-0
lines changed

support_bundle/get_support_bundle.sh

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -182,6 +182,49 @@ main() {
182182
curl -ks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/admin/auth/settings" >> ${LOG_DIR}/sso_settings.json
183183
curl -ks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/alerts" >> ${LOG_DIR}/alerts.json
184184

185+
# If Secure API key is supplied, collect settings
186+
if [[ ! -z ${SECURE_API_KEY} ]]; then
187+
BACKEND_VERSION=$(kubectl ${CONTEXT_OPTS} ${KUBE_OPTS} get deployment sysdigcloud-api -ojsonpath='{.spec.template.spec.containers[0].image}' | awk 'match($0, /[0-9]\.[0-9]\.[0-9](\.[0-9]+)?/) {print substr($0, RSTART, RLENGTH)}') || true
188+
if [[ "$BACKEND_VERSION" =~ ^(6) ]]; then
189+
API_URL=$(kubectl ${KUBE_OPTS} get cm sysdigcloud-collector-config -ojsonpath='{.data.collector-config\.conf}' | awk 'p&&$0~/"/{gsub("\"","");print} /{/{p=0} /sso/{p=1}' | grep serverName | awk '{print $3}')
190+
# Check that the SECURE_API_KEY for the Super User is valid and exit
191+
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${SECURE_API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
192+
if [[ ${error} -eq 1 ]]; then
193+
echo "The SECURE_API_KEY supplied is Unauthorized. Please check and try again. Return Code: ${RETVAL}"
194+
exit 1
195+
fi
196+
elif [[ "$BACKEND_VERSION" =~ ^(5) ]] || [[ "$BACKEND_VERSION" =~ ^(4) ]] || [[ "$BACKEND_VERSION" =~ ^(3) ]]; then
197+
API_URL=$(kubectl ${KUBE_OPTS} get cm sysdigcloud-config -o yaml | grep -i api.url: | head -1 | awk '{print $2}')
198+
# Check that the API_KEY for the Super User is valid and exit
199+
CURL_OUT=$(curl -fks -H "Authorization: Bearer ${API_KEY}" -H "Content-Type: application/json" "${API_URL}/api/license" >/dev/null 2>&1) && RETVAL=$? && error=0 || { RETVAL=$? && error=1; }
200+
if [[ ${error} -eq 1 ]]; then
201+
echo "The API_KEY supplied is Unauthorized. Please check and try again. Return Code: ${RETVAL}"
202+
exit 1
203+
fi
204+
fi
205+
206+
# Check if ScanningV1 is enabled, and if so, do ...
207+
SCANNING_V1_ENABLED=$(curl -ks ${API_URL}/api/secure/customerSettings -H "Authorization: Bearer ${SECURE_API_KEY}" 2>&1 | grep -Eo "\"scanningV1Enabled\":true") || true
208+
if [[ ${SCANNING_V1_ENABLED} == "\"scanningV1Enabled\":true" ]]; then
209+
echo "Scanning v1 is enabled. Continuing..."
210+
# CURL COMMANDS GO HERE
211+
mkdir -p ${LOG_DIR}/scanning
212+
curl -ks ${API_URL}/api/scanning/v1/resultsDirect?limit=1 -H "Authorization: Bearer ${SECURE_API_KEY}" >> ${LOG_DIR}/scanning/scanningv1.txt
213+
else
214+
echo "Scanning V1 not detected. Continuing..."
215+
fi
216+
217+
# Check if ScanningV2 is enabled, and if so, do ...
218+
SCANNING_V2_ENABLED=$(curl -ks ${API_URL}/api/secure/customerSettings -H "Authorization: Bearer ${SECURE_API_KEY}" 2>&1 | grep -Eo "\"scanningV2Enabled\":true") || true
219+
if [[ ${SCANNING_V2_ENABLED} == "\"scanningV2Enabled\":true" ]]; then
220+
echo "Scanning v2 is enabled. Continuing..."
221+
curl -ks ${API_URL}/api/scanning/scanresults/v2/results -H "Authorization: Bearer ${SECURE_API_KEY}" >> ${LOG_DIR}/scanning/scanningv2.txt
222+
# CURL COMMANDS GO HERE
223+
else
224+
echo "Scanning V2 not detected. Continuing..."
225+
fi
226+
fi
227+
185228
if [[ $OSTYPE == 'darwin'* ]]; then
186229
TO_EPOCH_TIME=$(date -jf "%H:%M:%S" $(date +%H):00:00 +%s)
187230
else

0 commit comments

Comments
 (0)