threadfix-cli 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGE_LOG.md +6 -0
- data/Gemfile.lock +4 -4
- data/README.md +15 -4
- data/lib/threadfix/cli.rb +9 -0
- data/lib/threadfix/cli/applications.rb +30 -0
- data/lib/threadfix/cli/scan.rb +2 -2
- data/lib/threadfix/cli/version.rb +1 -1
- data/lib/threadfix/client.rb +2 -1
- data/lib/threadfix/client/applications.rb +17 -0
- data/lib/threadfix/client/applications/lookup.rb +46 -0
- data/lib/threadfix/client/scans/upload.rb +7 -2
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b742e971c8a8526553a028f6977d58f412ea8366279ddb691ec1359b924fb371
|
4
|
+
data.tar.gz: c08fabb6f96447287c261d5bd102cf6f76141842f3614e6fc0058af3b9067dc6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7263c301222945d2b3faed28fca1df0100a0b5310b66213b7557d3761dfd735ef3effcca67b7879e4a7b6bef99f93cb7b3b31b3a04facac4568633beefd725ee
|
7
|
+
data.tar.gz: 44ecd4264b54fc75276fd4ada4e9d2013b0a59faf0baa3c20e08b6bf0248d45c65f7a9688753a9bc0bfa292d5130b6b11e744684b1c697f0783e7f215cf38e2c
|
data/CHANGE_LOG.md
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
threadfix (0.1.0)
|
5
|
-
rest-client
|
6
|
-
thor
|
4
|
+
threadfix-cli (0.1.0)
|
5
|
+
rest-client (= 2.0.2)
|
6
|
+
thor (= 0.20.3)
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
@@ -53,7 +53,7 @@ DEPENDENCIES
|
|
53
53
|
pry
|
54
54
|
rake (~> 10.0)
|
55
55
|
rspec (~> 3.0)
|
56
|
-
threadfix!
|
56
|
+
threadfix-cli!
|
57
57
|
|
58
58
|
BUNDLED WITH
|
59
59
|
2.0.1
|
data/README.md
CHANGED
@@ -1,18 +1,29 @@
|
|
1
1
|
# Threadfix
|
2
|
-
Command line tool
|
2
|
+
Command line tool that wraps the ThreadFix API
|
3
3
|
|
4
4
|
## Installation
|
5
5
|
|
6
|
-
Install
|
6
|
+
Install with:
|
7
7
|
|
8
8
|
```ruby
|
9
|
-
|
9
|
+
$ gem install threadfix-cli
|
10
10
|
```
|
11
11
|
|
12
12
|
## Usage
|
13
13
|
|
14
14
|
```ruby
|
15
|
-
|
15
|
+
$ export THREADFIX_TOKEN=<API key>
|
16
|
+
|
17
|
+
$ threadfix applications lookup \
|
18
|
+
--app-name <Application Name> \
|
19
|
+
--team-name <Team Name> \
|
20
|
+
#=> <Application ID>
|
21
|
+
|
22
|
+
$ threadfix scan upload \
|
23
|
+
--app-id <Application ID> \
|
24
|
+
--host <Host Name> \
|
25
|
+
--file ./repo/results.json
|
26
|
+
#=> <Upload Status>
|
16
27
|
```
|
17
28
|
|
18
29
|
## Development
|
data/lib/threadfix/cli.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'thor'
|
2
2
|
require "threadfix/cli/version"
|
3
3
|
require "threadfix/cli/scan"
|
4
|
+
require "threadfix/cli/applications"
|
4
5
|
require "threadfix/client"
|
5
6
|
|
6
7
|
module Threadfix
|
@@ -8,7 +9,15 @@ module Threadfix
|
|
8
9
|
|
9
10
|
class Error < StandardError; end
|
10
11
|
|
12
|
+
desc "version", "print version"
|
13
|
+
def version
|
14
|
+
puts Cli::VERSION
|
15
|
+
end
|
16
|
+
|
11
17
|
desc "scan <command>", "manage scans"
|
12
18
|
subcommand "scan", Cli::Scan
|
19
|
+
|
20
|
+
desc "applications <command>", "manage applications"
|
21
|
+
subcommand "applications", Cli::Applications
|
13
22
|
end
|
14
23
|
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require "threadfix/client"
|
2
|
+
module Threadfix
|
3
|
+
module Cli
|
4
|
+
class Applications < Thor
|
5
|
+
desc "lookup", "lookup an application ID"
|
6
|
+
option :host
|
7
|
+
option :key, desc: "Authorisation key"
|
8
|
+
option :app_name, required: true
|
9
|
+
option :team_name, required: true
|
10
|
+
def lookup
|
11
|
+
Client.configure do |config|
|
12
|
+
config.host = options[:host] if options[:host]
|
13
|
+
config.key = options[:key] if options[:key]
|
14
|
+
end
|
15
|
+
|
16
|
+
begin
|
17
|
+
response = Client::Applications.lookup(team_name: options[:team_name], app_name: options[:app_name] )
|
18
|
+
if response['message'] == ''
|
19
|
+
puts "ID: #{response['object']['id']}"
|
20
|
+
else
|
21
|
+
puts response['message']
|
22
|
+
end
|
23
|
+
rescue SocketError => e
|
24
|
+
puts "Error: Unable open connection to '#{Client.config.host}'"
|
25
|
+
exit 1
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
data/lib/threadfix/cli/scan.rb
CHANGED
@@ -4,7 +4,7 @@ module Threadfix
|
|
4
4
|
class Scan < Thor
|
5
5
|
desc "upload", "Uploads a scan to ThreadFix"
|
6
6
|
option :host
|
7
|
-
option
|
7
|
+
option :app_id, required: true, type: :numeric
|
8
8
|
option :file, required: true, aliases: '-f', desc: "Report to upload"
|
9
9
|
option :key, desc: "Authorisation key"
|
10
10
|
def upload
|
@@ -14,7 +14,7 @@ module Threadfix
|
|
14
14
|
end
|
15
15
|
|
16
16
|
begin
|
17
|
-
response = Client::Scans.upload(file_path: options[:file], app_id: options[
|
17
|
+
response = Client::Scans.upload(file_path: options[:file], app_id: options[:app_id] )
|
18
18
|
puts response['message']
|
19
19
|
rescue Errno::ENOENT => e
|
20
20
|
puts "Error: File or directory '#{options[:file]}' doesn't exist."
|
data/lib/threadfix/client.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require "threadfix/client/scans"
|
2
|
+
require "threadfix/client/applications"
|
2
3
|
|
3
4
|
module Threadfix
|
4
5
|
module Client
|
@@ -15,7 +16,7 @@ module Threadfix
|
|
15
16
|
attr_accessor :host, :key
|
16
17
|
|
17
18
|
def initialize
|
18
|
-
@host = ENV['
|
19
|
+
@host = ENV['THREADFIX_HOST']
|
19
20
|
@key = ENV['THREADFIX_TOKEN']
|
20
21
|
end
|
21
22
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "threadfix/client/applications/lookup"
|
2
|
+
|
3
|
+
module Threadfix
|
4
|
+
module Client
|
5
|
+
module Applications
|
6
|
+
class <<self
|
7
|
+
|
8
|
+
# @param file_path
|
9
|
+
# @return Hash
|
10
|
+
def lookup(options={})
|
11
|
+
action = Lookup.new(options)
|
12
|
+
action.perform!
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
module Threadfix
|
2
|
+
module Client
|
3
|
+
module Applications
|
4
|
+
class Lookup
|
5
|
+
API_VERSION='2.5.0.2'
|
6
|
+
|
7
|
+
attr_reader :team_name, :app_name
|
8
|
+
|
9
|
+
def initialize(options={})
|
10
|
+
@team_name = options[:team_name]
|
11
|
+
@app_name = options[:app_name]
|
12
|
+
end
|
13
|
+
|
14
|
+
def perform!
|
15
|
+
begin
|
16
|
+
r = RestClient.get(
|
17
|
+
endpoint.to_s,
|
18
|
+
{ :accept => "application/json", :Authorization => "APIKEY #{apiKey}" }
|
19
|
+
)
|
20
|
+
JSON.parse(r.body)
|
21
|
+
rescue RestClient::NotFound => e
|
22
|
+
puts "Endpoint not found (using API version: #{API_VERSION})"
|
23
|
+
raise e
|
24
|
+
rescue RestClient::ExceptionWithResponse => e
|
25
|
+
raise e
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
private
|
30
|
+
|
31
|
+
def endpoint
|
32
|
+
URI("#{host}/rest/#{API_VERSION}/applications/#{team_name}/lookup?name=#{app_name}")
|
33
|
+
end
|
34
|
+
|
35
|
+
def host
|
36
|
+
Client.config.host
|
37
|
+
end
|
38
|
+
|
39
|
+
def apiKey
|
40
|
+
Client.config.key
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -1,12 +1,13 @@
|
|
1
1
|
require 'rest-client'
|
2
2
|
require 'json'
|
3
|
+
require 'uri'
|
3
4
|
|
4
5
|
module Threadfix
|
5
6
|
module Client
|
6
7
|
module Scans
|
7
8
|
class Upload
|
8
9
|
API_VERSION='2.5'
|
9
|
-
|
10
|
+
attr_reader :file_path, :app_id
|
10
11
|
|
11
12
|
def initialize(options={})
|
12
13
|
@file_path = options[:file_path]
|
@@ -16,7 +17,7 @@ module Threadfix
|
|
16
17
|
def perform!
|
17
18
|
begin
|
18
19
|
r = RestClient.post(
|
19
|
-
|
20
|
+
endpoint.to_s,
|
20
21
|
{ file: file },
|
21
22
|
{ :accept => "application/json", :Authorization => "APIKEY #{apiKey}" }
|
22
23
|
)
|
@@ -31,6 +32,10 @@ module Threadfix
|
|
31
32
|
|
32
33
|
private
|
33
34
|
|
35
|
+
def endpoint
|
36
|
+
URI("#{host}/rest/#{API_VERSION}/applications/#{app_id}/upload")
|
37
|
+
end
|
38
|
+
|
34
39
|
def file
|
35
40
|
File.new(file_path, 'rb')
|
36
41
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: threadfix-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dave Elliott
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-04-
|
11
|
+
date: 2019-04-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -100,9 +100,12 @@ files:
|
|
100
100
|
- bin/setup
|
101
101
|
- bin/threadfix
|
102
102
|
- lib/threadfix/cli.rb
|
103
|
+
- lib/threadfix/cli/applications.rb
|
103
104
|
- lib/threadfix/cli/scan.rb
|
104
105
|
- lib/threadfix/cli/version.rb
|
105
106
|
- lib/threadfix/client.rb
|
107
|
+
- lib/threadfix/client/applications.rb
|
108
|
+
- lib/threadfix/client/applications/lookup.rb
|
106
109
|
- lib/threadfix/client/scans.rb
|
107
110
|
- lib/threadfix/client/scans/upload.rb
|
108
111
|
- threadfix-cli.gemspec
|