Fixes #95 - customer managed encryption key support

Author: tjarrettveracode

docs/api.md

@@ -85,7 +85,7 @@ As an alternative to importing individual objects into your library, you can acc
 - `get_apps(policy_check_after(opt))` : get a list of Veracode applications (JSON format). If provided, returns only applications that have a policy check date on or after `policy_check_after` (format is `yyyy-mm-dd`).
 - `get_app(guid(opt),legacy_id(opt))`: get information for a single Veracode application using either the `guid` or the `legacy_id` (integer).
 - `get_app_by_name(name)`: get list of applications whose names contain the search string `name`.
-- `create_app(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: create an application profile.
+- `create_app(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt),custom_kms_alias(opt))`: create an application profile.
   - `business_criticality`: one of "VERY HIGH", "HIGH", "MEDIUM", "LOW", "VERY LOW"
   - `business_unit`: the GUID of the business unit to which the application should be assigned
   - `teams`: a list of the GUIDs of the teams to which the application should be assigned
@@ -94,6 +94,7 @@ As an alternative to importing individual objects into your library, you can acc
   - `bus_owner_name`: the name of the business owner of the application
   - `bus_owner_email`: the email address of the business owner of the application
   - `git_repo_url`: the URL to the git repository containing the code for the application
+  - `custom_kms_alias`: the alias for the Customer Managed Encryption Key (CMK), which will be used to encrypt/decrypt customer provided data. Note: The Customer Managed Encrytion Key feature must be activated and configured for your organization before attempting to set this value.
 - `update_app(guid, app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: update an application profile. Note that partial updates are NOT supported, so you need to provide all values including those that aren't changing.
 - `delete_app(guid)`: delete the application identified by `guid`. This is not a reversible action.
 - `get_custom_fields()`: get a list of app profile custom fields available for your organization.

docs/applications.md

@@ -7,7 +7,7 @@ The following methods call Veracode REST APIs and return JSON.
 - `Applications().get_all(policy_check_after(opt))` : get a list of Veracode applications (JSON format). If provided, returns only applications that have a policy check date on or after `policy_check_after` (format is `yyyy-mm-dd`).
 - `Applications().get(guid(opt),legacy_id(opt))`: get information for a single Veracode application using either the `guid` or the `legacy_id` (integer).
 - `Applications().get_by_name(name)`: get list of applications whose names contain the search string `name`.
-- `Applications().create(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: create an application profile.
+- `Applications().create(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt),custom_kms_alias(opt))`: create an application profile.
   - `business_criticality`: one of "VERY HIGH", "HIGH", "MEDIUM", "LOW", "VERY LOW"
   - `business_unit`: the GUID of the business unit to which the application should be assigned
   - `teams`: a list of the GUIDs of the teams to which the application should be assigned
@@ -16,6 +16,7 @@ The following methods call Veracode REST APIs and return JSON.
   - `bus_owner_name`: the name of the business owner of the application
   - `bus_owner_email`: the email address of the business owner of the application
   - `git_repo_url`: the URL to the git repository containing the code for the application
+  - `custom_kms_alias`: the alias for the Customer Managed Encryption Key (CMK), which will be used to encrypt/decrypt customer provided data. Note: The Customer Managed Encrytion Key feature must be activated and configured for your organization before attempting to set this value.
 - `Applications().update(guid, app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: update an application profile. Note that partial updates are NOT supported, so you need to provide all values including those that aren't changing.
 - `Applications().delete(guid)`: delete the application identified by `guid`. This is not a reversible action.
 

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = 'veracode_api_py'
-version = '0.9.53'
+version = '0.9.57'
 authors = [ {name = "Tim Jarrett", email="[email protected]"} ]
 description = 'Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.'
 readme = 'README.md'
@@ -22,4 +22,4 @@ dependencies = {file = ["requirements.txt"]}
 [project.urls]
 "Homepage" = "https://github.com/veracode/veracode-api-py"
 "Bug Tracker" = "https://github.com/veracode/veracode-api-py/issues"
-"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0953.tar.gz"
+"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0957.tar.gz"

setup.py

@@ -7,15 +7,15 @@
 setup(
   name = 'veracode_api_py',         
   packages = ['veracode_api_py'],   
-  version = '0.9.53',      
+  version = '0.9.57',      
   license='MIT',        
   description = 'Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.',   
   long_description = long_description,
   long_description_content_type="text/markdown",
   author = 'Tim Jarrett',                  
   author_email = '[email protected]',      
   url = 'https://github.com/tjarrettveracode',   
-  download_url = 'https://github.com/veracode/veracode-api-py/archive/v_0953.tar.gz',    
+  download_url = 'https://github.com/veracode/veracode-api-py/archive/v_0957.tar.gz',    
   keywords = ['veracode', 'veracode-api'],   
   install_requires=[            
           'veracode-api-signing'

veracode_api_py/api.py

@@ -113,11 +113,12 @@ def get_app_by_name(self, appname):
 
     def create_app(self, app_name, business_criticality, business_unit: UUID = None, teams=[], 
                    policy_guid = None, custom_fields=[],bus_owner_name = None, bus_owner_email = None,
-                   git_repo_url = None):
+                   git_repo_url = None, custom_kms_alias = None):
         return Applications().create(app_name=app_name, business_criticality=business_criticality, 
                                      business_unit=business_unit, teams=teams, policy_guid=policy_guid,
                                      custom_fields=custom_fields, bus_owner_name=bus_owner_name, 
-                                     bus_owner_email=bus_owner_email, git_repo_url=git_repo_url)
+                                     bus_owner_email=bus_owner_email, git_repo_url=git_repo_url,
+                                     custom_kms_alias=custom_kms_alias)
 
     def update_app(self, guid: UUID, app_name, business_criticality, business_unit: UUID = None, teams=[], 
                    policy_guid = None, custom_fields=[], bus_owner_name=None, bus_owner_email=None,

veracode_api_py/applications.py

@@ -34,11 +34,11 @@ def get_by_name (self,appname: str):
         return APIHelper()._rest_paged_request(uri="appsec/v1/applications",method="GET",element="applications",params=params)
 
     def create(self,app_name:str ,business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None,
-                custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None):
+                custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None, custom_kms_alias: str=None):
         return self._create_or_update("CREATE",app_name=app_name,business_criticality=business_criticality,
                                       business_unit=business_unit,teams=teams, policy_guid=policy_guid, 
                                       custom_fields=custom_fields, bus_owner_name=bus_owner_name, 
-                                      bus_owner_email=bus_owner_email, git_repo_url=git_repo_url)
+                                      bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, custom_kms_alias=custom_kms_alias)
 
     def update(self,guid: UUID,app_name:str ,business_criticality, business_unit: UUID=None, 
                teams=[], policy_guid:UUID=None, custom_fields=[],
@@ -55,7 +55,7 @@ def delete(self,guid: UUID):
 
     def _create_or_update(self,method,app_name: str,business_criticality, business_unit: UUID=None, 
                           teams=[],guid=None,policy_guid:UUID=None, custom_fields=[], 
-                          bus_owner_name=None,bus_owner_email=None,git_repo_url=None):
+                          bus_owner_name=None,bus_owner_email=None,git_repo_url=None,custom_kms_alias:str=None):
         if method == 'CREATE':
             uri = 'appsec/v1/applications'
             httpmethod = 'POST'
@@ -95,6 +95,10 @@ def _create_or_update(self,method,app_name: str,business_criticality, business_u
             gru = { 'git_repo_url': git_repo_url}
             app_def.update(gru)
 
+        if (custom_kms_alias != None) & (method=='CREATE'):
+            # custom_kms_alias currently only supported at creation
+            app_def.update({"custom_kms_alias": custom_kms_alias})
+
         payload = json.dumps({"profile": app_def})
         return APIHelper()._rest_request(uri,httpmethod,body=payload)