veracodecli 0.1.8 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/bin/veracodecli +2 -3
- data/lib/veracodecli/api.rb +15 -5
- metadata +15 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eec8f84428099ff53046e93a8cab6a8b9edf65db
|
|
4
|
+
data.tar.gz: be86390245396faa01fec4253ef99291c03d622b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 192fb71cb272e7add94a0f61e7efa96c08faab2938fd6b39e342117f5343721ed07fb4231462d96e85127aa09984a6cc3cf5e54179a2dd617dafc034c3dec51f
|
|
7
|
+
data.tar.gz: bbb4efae63922949354a7cc32fbe4734cef749e681b6264687e98d66a090caa7a6ff641a1486cb995a3ffee42e6a3b70c06905c61051a78f75afaa8a3d727533
|
data/README.md
CHANGED
|
@@ -19,7 +19,7 @@ gem install veracodecli
|
|
|
19
19
|
## Usage
|
|
20
20
|
|
|
21
21
|
1. Set `VERACODE_USERNAME` and `VERACODE_PASSWORD` environment variables to your API credentials for the veracode API.
|
|
22
|
-
2. To run a scan use `veracodecli scan _app\_name_ _archive\_path_
|
|
22
|
+
2. To run a scan use `veracodecli scan` _app\_name_ _archive\_path_
|
|
23
23
|
|
|
24
24
|
- `veracodecli help` to see commands
|
|
25
25
|
- `veracodecli [command] -h` to see command syntax
|
data/bin/veracodecli
CHANGED
|
@@ -25,9 +25,8 @@ Commander.configure do
|
|
|
25
25
|
options.default :business_criticality => 'High'
|
|
26
26
|
options.default :business_unit => 'TELUS Digital'
|
|
27
27
|
directory = "/home/#{ENV['USER']}/veracodecli_data/sast_clone"
|
|
28
|
-
VeracodeApiBase.
|
|
29
|
-
|
|
30
|
-
# if Dir.exists?(dir) then `cd #{dir}; git pull; git archive --format=tar -o sast_upload.tar master` else fail 'Repository not found' end
|
|
28
|
+
VeracodeApiBase.load_config
|
|
29
|
+
VeracodeApiBase.get_repo_archive args[1], directory
|
|
31
30
|
VeracodeApiMacros.submit_scan_macro args[0], options.business_criticality, options.business_unit, options.team, "#{directory}/sast_upload.tar"
|
|
32
31
|
`cd #{directory}; rm -r sast_upload.tar`
|
|
33
32
|
end
|
data/lib/veracodecli/api.rb
CHANGED
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
require 'json'
|
|
2
2
|
require 'active_support/core_ext/hash'
|
|
3
3
|
require 'rest-client'
|
|
4
|
+
require 'yaml'
|
|
4
5
|
|
|
5
6
|
module VeracodeApiBase
|
|
6
7
|
def check_environment_login_variables
|
|
7
|
-
fail 'EnvironmentError: VERACODE_USERNAME or VERACODE_PASSWORD not set.' unless !ENV['VERACODE_USERNAME'].nil? || !ENV['VERACODE_PASSWORD'].nil?
|
|
8
|
+
fail 'EnvironmentError: VERACODE_USERNAME or VERACODE_PASSWORD not set in config.' unless !ENV['VERACODE_USERNAME'].nil? || !ENV['VERACODE_PASSWORD'].nil?
|
|
8
9
|
end
|
|
9
10
|
|
|
10
11
|
def veracode_api_request(api_call, api_version: '4.0', **params)
|
|
@@ -12,10 +13,20 @@ module VeracodeApiBase
|
|
|
12
13
|
response = RestClient.get "https://#{ENV['VERACODE_USERNAME']}:#{ENV['VERACODE_PASSWORD']}@analysiscenter.veracode.com/api/#{api_version}/#{api_call}", { params: params }
|
|
13
14
|
end
|
|
14
15
|
|
|
15
|
-
def get_repo_archive(directory)
|
|
16
|
-
if !Dir.exists?(directory) then `git clone #{
|
|
16
|
+
def get_repo_archive(url, directory)
|
|
17
|
+
if !Dir.exists?(directory) then `git clone #{url} #{directory}` end
|
|
17
18
|
if Dir.exists?(directory) then `cd #{directory}; git pull; git archive --format=tar -o sast_upload.tar master` else fail 'Repository not found' end
|
|
18
19
|
end
|
|
20
|
+
|
|
21
|
+
def load_config
|
|
22
|
+
dir = "/home/#{ENV['USER']}/veracodecli_data"
|
|
23
|
+
`mkdir #{dir}` unless Dir.exists? dir
|
|
24
|
+
fail 'ConfigError: Config File not setup. Please create config.yaml at /home/$USER/veracodecli' unless File.exist?("#{dir}/config.yaml")
|
|
25
|
+
config = YAML.load_file "#{dir}/config.yaml"
|
|
26
|
+
config.each_key do |key|
|
|
27
|
+
ENV[key] = config[key]
|
|
28
|
+
end
|
|
29
|
+
end
|
|
19
30
|
end
|
|
20
31
|
|
|
21
32
|
module VeracodeApiScan
|
|
@@ -101,9 +112,8 @@ module VeracodeApiMacros
|
|
|
101
112
|
app_id = get_app_id app_name
|
|
102
113
|
build_id = get_most_recent_build_id app_id
|
|
103
114
|
report = get_scan_report_pdf build_id
|
|
104
|
-
file = File.open "/
|
|
115
|
+
file = File.open "/etc/veracodecli_data/#{build_id}_report.pdf", 'w+'
|
|
105
116
|
file.write report
|
|
106
117
|
file.close
|
|
107
118
|
end
|
|
108
|
-
|
|
109
119
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veracodecli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- isaiah thiessen
|
|
@@ -178,6 +178,20 @@ dependencies:
|
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
180
|
version: 2.1.0
|
|
181
|
+
- !ruby/object:Gem::Dependency
|
|
182
|
+
name: psych
|
|
183
|
+
requirement: !ruby/object:Gem::Requirement
|
|
184
|
+
requirements:
|
|
185
|
+
- - "~>"
|
|
186
|
+
- !ruby/object:Gem::Version
|
|
187
|
+
version: 2.1.0
|
|
188
|
+
type: :development
|
|
189
|
+
prerelease: false
|
|
190
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
191
|
+
requirements:
|
|
192
|
+
- - "~>"
|
|
193
|
+
- !ruby/object:Gem::Version
|
|
194
|
+
version: 2.1.0
|
|
181
195
|
description: Ruby based CLI for accessing veracode's api
|
|
182
196
|
email: isaiah.thiessen@telus.com
|
|
183
197
|
executables:
|