veracodecli 0.1.8 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/bin/veracodecli +2 -3
- data/lib/veracodecli/api.rb +15 -5
- metadata +15 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eec8f84428099ff53046e93a8cab6a8b9edf65db
|
|
4
|
+
data.tar.gz: be86390245396faa01fec4253ef99291c03d622b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 192fb71cb272e7add94a0f61e7efa96c08faab2938fd6b39e342117f5343721ed07fb4231462d96e85127aa09984a6cc3cf5e54179a2dd617dafc034c3dec51f
|
|
7
|
+
data.tar.gz: bbb4efae63922949354a7cc32fbe4734cef749e681b6264687e98d66a090caa7a6ff641a1486cb995a3ffee42e6a3b70c06905c61051a78f75afaa8a3d727533
|
data/README.md
CHANGED
|
@@ -19,7 +19,7 @@ gem install veracodecli
|
|
|
19
19
|
## Usage
|
|
20
20
|
|
|
21
21
|
1. Set `VERACODE_USERNAME` and `VERACODE_PASSWORD` environment variables to your API credentials for the veracode API.
|
|
22
|
-
2. To run a scan use `veracodecli scan _app\_name_ _archive\_path_
|
|
22
|
+
2. To run a scan use `veracodecli scan` _app\_name_ _archive\_path_
|
|
23
23
|
|
|
24
24
|
- `veracodecli help` to see commands
|
|
25
25
|
- `veracodecli [command] -h` to see command syntax
|
data/bin/veracodecli
CHANGED
|
@@ -25,9 +25,8 @@ Commander.configure do
|
|
|
25
25
|
options.default :business_criticality => 'High'
|
|
26
26
|
options.default :business_unit => 'TELUS Digital'
|
|
27
27
|
directory = "/home/#{ENV['USER']}/veracodecli_data/sast_clone"
|
|
28
|
-
VeracodeApiBase.
|
|
29
|
-
|
|
30
|
-
# if Dir.exists?(dir) then `cd #{dir}; git pull; git archive --format=tar -o sast_upload.tar master` else fail 'Repository not found' end
|
|
28
|
+
VeracodeApiBase.load_config
|
|
29
|
+
VeracodeApiBase.get_repo_archive args[1], directory
|
|
31
30
|
VeracodeApiMacros.submit_scan_macro args[0], options.business_criticality, options.business_unit, options.team, "#{directory}/sast_upload.tar"
|
|
32
31
|
`cd #{directory}; rm -r sast_upload.tar`
|
|
33
32
|
end
|
data/lib/veracodecli/api.rb
CHANGED
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
require 'json'
|
|
2
2
|
require 'active_support/core_ext/hash'
|
|
3
3
|
require 'rest-client'
|
|
4
|
+
require 'yaml'
|
|
4
5
|
|
|
5
6
|
module VeracodeApiBase
|
|
6
7
|
def check_environment_login_variables
|
|
7
|
-
fail 'EnvironmentError: VERACODE_USERNAME or VERACODE_PASSWORD not set.' unless !ENV['VERACODE_USERNAME'].nil? || !ENV['VERACODE_PASSWORD'].nil?
|
|
8
|
+
fail 'EnvironmentError: VERACODE_USERNAME or VERACODE_PASSWORD not set in config.' unless !ENV['VERACODE_USERNAME'].nil? || !ENV['VERACODE_PASSWORD'].nil?
|
|
8
9
|
end
|
|
9
10
|
|
|
10
11
|
def veracode_api_request(api_call, api_version: '4.0', **params)
|
|
@@ -12,10 +13,20 @@ module VeracodeApiBase
|
|
|
12
13
|
response = RestClient.get "https://#{ENV['VERACODE_USERNAME']}:#{ENV['VERACODE_PASSWORD']}@analysiscenter.veracode.com/api/#{api_version}/#{api_call}", { params: params }
|
|
13
14
|
end
|
|
14
15
|
|
|
15
|
-
def get_repo_archive(directory)
|
|
16
|
-
if !Dir.exists?(directory) then `git clone #{
|
|
16
|
+
def get_repo_archive(url, directory)
|
|
17
|
+
if !Dir.exists?(directory) then `git clone #{url} #{directory}` end
|
|
17
18
|
if Dir.exists?(directory) then `cd #{directory}; git pull; git archive --format=tar -o sast_upload.tar master` else fail 'Repository not found' end
|
|
18
19
|
end
|
|
20
|
+
|
|
21
|
+
def load_config
|
|
22
|
+
dir = "/home/#{ENV['USER']}/veracodecli_data"
|
|
23
|
+
`mkdir #{dir}` unless Dir.exists? dir
|
|
24
|
+
fail 'ConfigError: Config File not setup. Please create config.yaml at /home/$USER/veracodecli' unless File.exist?("#{dir}/config.yaml")
|
|
25
|
+
config = YAML.load_file "#{dir}/config.yaml"
|
|
26
|
+
config.each_key do |key|
|
|
27
|
+
ENV[key] = config[key]
|
|
28
|
+
end
|
|
29
|
+
end
|
|
19
30
|
end
|
|
20
31
|
|
|
21
32
|
module VeracodeApiScan
|
|
@@ -101,9 +112,8 @@ module VeracodeApiMacros
|
|
|
101
112
|
app_id = get_app_id app_name
|
|
102
113
|
build_id = get_most_recent_build_id app_id
|
|
103
114
|
report = get_scan_report_pdf build_id
|
|
104
|
-
file = File.open "/
|
|
115
|
+
file = File.open "/etc/veracodecli_data/#{build_id}_report.pdf", 'w+'
|
|
105
116
|
file.write report
|
|
106
117
|
file.close
|
|
107
118
|
end
|
|
108
|
-
|
|
109
119
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veracodecli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- isaiah thiessen
|
|
@@ -178,6 +178,20 @@ dependencies:
|
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
180
|
version: 2.1.0
|
|
181
|
+
- !ruby/object:Gem::Dependency
|
|
182
|
+
name: psych
|
|
183
|
+
requirement: !ruby/object:Gem::Requirement
|
|
184
|
+
requirements:
|
|
185
|
+
- - "~>"
|
|
186
|
+
- !ruby/object:Gem::Version
|
|
187
|
+
version: 2.1.0
|
|
188
|
+
type: :development
|
|
189
|
+
prerelease: false
|
|
190
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
191
|
+
requirements:
|
|
192
|
+
- - "~>"
|
|
193
|
+
- !ruby/object:Gem::Version
|
|
194
|
+
version: 2.1.0
|
|
181
195
|
description: Ruby based CLI for accessing veracode's api
|
|
182
196
|
email: isaiah.thiessen@telus.com
|
|
183
197
|
executables:
|