From 95b343243b44dfb6a4c1aa8f4070b991eea6a5b0 Mon Sep 17 00:00:00 2001 From: Ricardo Pereira - Veracode <20283870+cadonuno@users.noreply.github.com> Date: Tue, 31 Dec 2024 11:46:46 +0000 Subject: [PATCH 1/4] Update applications.py --- veracode_api_py/applications.py | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py index f35d821..0aed2a6 100644 --- a/veracode_api_py/applications.py +++ b/veracode_api_py/applications.py @@ -33,18 +33,18 @@ def get_by_name (self,appname: str): params = {"name": parse.quote(appname)} return APIHelper()._rest_paged_request(uri="appsec/v1/applications",method="GET",element="applications",params=params) - def create(self,app_name:str ,business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, - custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None, custom_kms_alias: str=None): + def create(self,app_name:str ,business_criticality, description: str, business_unit: UUID=None, teams=[], policy_guid:UUID=None, + custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None): return self._create_or_update("CREATE",app_name=app_name,business_criticality=business_criticality, - business_unit=business_unit,teams=teams, policy_guid=policy_guid, + description=description,business_unit=business_unit,teams=teams, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name, - bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, custom_kms_alias=custom_kms_alias) + bus_owner_email=bus_owner_email, git_repo_url=git_repo_url) - def update(self,guid: UUID,app_name:str ,business_criticality, business_unit: UUID=None, + def update(self,guid: UUID,app_name:str, description: str, business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, custom_fields=[], bus_owner_name=None,bus_owner_email=None, git_repo_url=None): return self._create_or_update("UPDATE",app_name=app_name,business_criticality=business_criticality, - business_unit=business_unit,teams=teams,guid=guid, + description=description,business_unit=business_unit,teams=teams,guid=guid, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name,bus_owner_email=bus_owner_email, git_repo_url=git_repo_url) @@ -53,9 +53,9 @@ def delete(self,guid: UUID): uri = 'appsec/v1/applications/{}'.format(guid) return APIHelper()._rest_request(uri,'DELETE') - def _create_or_update(self,method,app_name: str,business_criticality, business_unit: UUID=None, + def _create_or_update(self,method,app_name: str,description: str,business_criticality, business_unit: UUID=None, teams=[],guid=None,policy_guid:UUID=None, custom_fields=[], - bus_owner_name=None,bus_owner_email=None,git_repo_url=None,custom_kms_alias:str=None): + bus_owner_name=None,bus_owner_email=None,git_repo_url=None): if method == 'CREATE': uri = 'appsec/v1/applications' httpmethod = 'POST' @@ -70,6 +70,10 @@ def _create_or_update(self,method,app_name: str,business_criticality, business_u app_def = {'name':app_name, 'business_criticality':business_criticality} + if (description != None): + desc = { 'description': description} + app_def.update(desc) + if policy_guid: app_def.update({"policies": [{'guid': policy_guid}]}) @@ -95,10 +99,6 @@ def _create_or_update(self,method,app_name: str,business_criticality, business_u gru = { 'git_repo_url': git_repo_url} app_def.update(gru) - if (custom_kms_alias != None) & (method=='CREATE'): - # custom_kms_alias currently only supported at creation - app_def.update({"custom_kms_alias": custom_kms_alias}) - payload = json.dumps({"profile": app_def}) return APIHelper()._rest_request(uri,httpmethod,body=payload) From 21baadaf52ef5883e29a104ba4bab5faaeddb0b7 Mon Sep 17 00:00:00 2001 From: Ricardo Pereira - Veracode <20283870+cadonuno@users.noreply.github.com> Date: Tue, 31 Dec 2024 11:48:06 +0000 Subject: [PATCH 2/4] Update applications.py --- veracode_api_py/applications.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py index 0aed2a6..e44df5a 100644 --- a/veracode_api_py/applications.py +++ b/veracode_api_py/applications.py @@ -99,6 +99,10 @@ def _create_or_update(self,method,app_name: str,description: str,business_critic gru = { 'git_repo_url': git_repo_url} app_def.update(gru) + if (custom_kms_alias != None) & (method=='CREATE'): + # custom_kms_alias currently only supported at creation + app_def.update({"custom_kms_alias": custom_kms_alias}) + payload = json.dumps({"profile": app_def}) return APIHelper()._rest_request(uri,httpmethod,body=payload) From a99fb555b8f1274059caa121b8b6f22a764a3df8 Mon Sep 17 00:00:00 2001 From: Ricardo Pereira - Veracode <20283870+cadonuno@users.noreply.github.com> Date: Tue, 31 Dec 2024 11:49:44 +0000 Subject: [PATCH 3/4] Update applications.py --- veracode_api_py/applications.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py index e44df5a..634f1af 100644 --- a/veracode_api_py/applications.py +++ b/veracode_api_py/applications.py @@ -34,11 +34,11 @@ def get_by_name (self,appname: str): return APIHelper()._rest_paged_request(uri="appsec/v1/applications",method="GET",element="applications",params=params) def create(self,app_name:str ,business_criticality, description: str, business_unit: UUID=None, teams=[], policy_guid:UUID=None, - custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None): + custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None, custom_kms_alias: str=None): return self._create_or_update("CREATE",app_name=app_name,business_criticality=business_criticality, description=description,business_unit=business_unit,teams=teams, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name, - bus_owner_email=bus_owner_email, git_repo_url=git_repo_url) + bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, custom_kms_alias=custom_kms_alias) def update(self,guid: UUID,app_name:str, description: str, business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, custom_fields=[], @@ -55,7 +55,7 @@ def delete(self,guid: UUID): def _create_or_update(self,method,app_name: str,description: str,business_criticality, business_unit: UUID=None, teams=[],guid=None,policy_guid:UUID=None, custom_fields=[], - bus_owner_name=None,bus_owner_email=None,git_repo_url=None): + bus_owner_name=None,bus_owner_email=None,git_repo_url=None,custom_kms_alias:str=None): if method == 'CREATE': uri = 'appsec/v1/applications' httpmethod = 'POST' From a9d1fb4d93a8298da7a5856ddef8e2fa9aca006f Mon Sep 17 00:00:00 2001 From: Ricardo Pereira - Veracode <20283870+cadonuno@users.noreply.github.com> Date: Tue, 31 Dec 2024 14:45:09 +0000 Subject: [PATCH 4/4] Update applications.py --- veracode_api_py/applications.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py index 634f1af..9f74cb6 100644 --- a/veracode_api_py/applications.py +++ b/veracode_api_py/applications.py @@ -33,14 +33,14 @@ def get_by_name (self,appname: str): params = {"name": parse.quote(appname)} return APIHelper()._rest_paged_request(uri="appsec/v1/applications",method="GET",element="applications",params=params) - def create(self,app_name:str ,business_criticality, description: str, business_unit: UUID=None, teams=[], policy_guid:UUID=None, + def create(self,app_name:str ,business_criticality, description: str=None, business_unit: UUID=None, teams=[], policy_guid:UUID=None, custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None, custom_kms_alias: str=None): return self._create_or_update("CREATE",app_name=app_name,business_criticality=business_criticality, description=description,business_unit=business_unit,teams=teams, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name, bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, custom_kms_alias=custom_kms_alias) - def update(self,guid: UUID,app_name:str, description: str, business_criticality, business_unit: UUID=None, + def update(self,guid: UUID,app_name:str, description: str=None, business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, custom_fields=[], bus_owner_name=None,bus_owner_email=None, git_repo_url=None): return self._create_or_update("UPDATE",app_name=app_name,business_criticality=business_criticality, @@ -53,7 +53,7 @@ def delete(self,guid: UUID): uri = 'appsec/v1/applications/{}'.format(guid) return APIHelper()._rest_request(uri,'DELETE') - def _create_or_update(self,method,app_name: str,description: str,business_criticality, business_unit: UUID=None, + def _create_or_update(self,method,app_name: str,description: str=None,business_criticality, business_unit: UUID=None, teams=[],guid=None,policy_guid:UUID=None, custom_fields=[], bus_owner_name=None,bus_owner_email=None,git_repo_url=None,custom_kms_alias:str=None): if method == 'CREATE':