conviso-cli 2.2.11rc0__tar.gz → 2.2.12.dev0__tar.gz

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: conviso-cli
-Version: 2.2.11rc0
+Version: 2.2.12.dev0
 Summary: UNKNOWN
 Maintainer: Conviso
 Maintainer-email: development@convisoappsec.com

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/conviso_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: conviso-cli
-Version: 2.2.11rc0
+Version: 2.2.12.dev0
 Summary: UNKNOWN
 Maintainer: Conviso
 Maintainer-email: development@convisoappsec.com

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/convisoappsec/flow/graphql_api/v1/resources_api.py

@@ -268,6 +268,57 @@ class DeploysApi(object):
 
         return deploys
 
+    def create_deploy(self, asset_id, previous_commit, current_commit, branch_name, diff_content, api_key):
+        """create a deployment"""
+
+        url = self._conviso_graphql_client.url
+
+        operations = {
+            "query": mutations.CREATE_DEPLOY,
+            "variables": {
+                "assetId": asset_id,
+                "previousCommit": previous_commit,
+                "currentCommit": current_commit,
+                "branchName": branch_name,
+                "diffContent": None
+            }
+        }
+
+        file_map = {
+            "0": ["variables.diffContent"]
+        }
+
+        with open(diff_content, 'rb') as diff_content_data:
+            files = {
+                'operations': (None, json.dumps(operations), 'application/json'),
+                'map': (None, json.dumps(file_map), 'application/json'),
+                '0': (diff_content, diff_content_data, 'application/octet-stream')
+            }
+
+            headers = {
+                'x-api-key': f'{api_key}',
+                "User-Agent": "AST:{version}".format(version=__version__)
+            }
+
+            response = requests.post(url, files=files, headers=headers)
+
+            response.raise_for_status()
+            json_response = response.json()
+
+            self._handle_graphql_errors(json_response)
+
+            return json_response.get('data')
+
+    # TODO: extract
+    @staticmethod
+    def _handle_graphql_errors(json_response):
+        """ Handle GraphQL errors """
+        if 'errors' in json_response:
+            errors = json_response['errors']
+            for error in errors:
+                print(f"GraphQL Error: {error.get('message')}")
+            raise Exception("GraphQL request failed with errors.")
+
 
 class SbomApi(object):
     """ Class for sbom file resources """

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/convisoappsec/flow/graphql_api/v1/schemas/mutations/__init__.py

@@ -128,4 +128,28 @@ mutation (
     success
   }
 }
-"""
+"""
+
+CREATE_DEPLOY = """
+mutation (
+  $assetId: ID!,
+  $previousCommit: String!,
+  $currentCommit: String!,
+  $branchName: String,
+  $diffContent: Upload!
+) {
+  createDeploy(
+    input: {
+      assetId: $assetId,
+      previousCommit: $previousCommit,
+      currentCommit: $currentCommit,
+      branchName: $branchName,
+      diffContent: $diffContent
+    }
+  ) {
+    deploy {
+      id
+    }
+  }
+}
+"""

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/convisoappsec/flow/version_control_system_adapter.py

@@ -66,7 +66,12 @@ class GitAdapter(object):
                     arcname = os.path.relpath(file_path, self._repo.working_dir)
                     zipf.write(file_path, arcname)
 
-        print(f"Zipped .git folder to {output_folder}")
+        return output_folder
+
+    def get_branch_name(self):
+        """retrieves the branch name"""
+        return self._repo.active_branch.name
+
 
     def get_commit_history(self):
         """

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/convisoappsec/flowcli/ast/entrypoint.py

@@ -11,6 +11,8 @@ from convisoappsec.flowcli.iac import iac
 from convisoappsec.flowcli.vulnerability import vulnerability
 from convisoappsec.logger import LOGGER
 from copy import deepcopy as clone
+from convisoappsec.flow import GitAdapter
+from convisoappsec.flowcli.context import pass_flow_context
 
 
 def get_default_params_values(cmd_params):
@@ -120,6 +122,7 @@ def perform_vulnerabilities_service(context) -> None:
         "deploy_id": context.obj.deploy['id'],
         "start_commit": context.obj.deploy['previous_commit'],
         "end_commit": context.obj.deploy['current_commit'],
+        "company_id": context.params['company_id']
     }
     context.params.update(specific_params)
     context.params = parse_params(context.params, auto_close_run.params)
@@ -131,11 +134,12 @@ def perform_vulnerabilities_service(context) -> None:
         raise click.ClickException(str(err)) from err
 
 
-def perform_deploy(context):
+def perform_deploy(context, flow_context, prepared_context):
     """Setup and runs the "deploy create with values" command.
 
     Args:
         context (<class 'click.core.Context'>): clonned context
+        flow_context:
 
     Returns:
         dict: deploy
@@ -154,6 +158,28 @@ def perform_deploy(context):
     try:
         LOGGER.info("Creating new deploy...")
         created_deploy = values.invoke(context)
+        try:
+
+            conviso_api = flow_context.create_conviso_graphql_client()
+            api_key = flow_context.key
+            git_adapter = GitAdapter(context.params['repository_dir'])
+            zipped_file = git_adapter.zip_git_folder()
+            branch_name = git_adapter.get_branch_name()
+
+            response = conviso_api.deploys.create_deploy(
+                asset_id=prepared_context.params['asset_id'],
+                previous_commit=created_deploy['previous_commit'],
+                current_commit=created_deploy['current_commit'],
+                branch_name=branch_name,
+                diff_content=zipped_file,
+                api_key=api_key
+            )
+
+            response_deploy_id = response['createDeploy']['deploy']['id']
+            deploy_id = { "deploy_id": response_deploy_id }
+            created_deploy.update(deploy_id)
+        except:
+            pass
 
         if created_deploy:
             return created_deploy
@@ -232,16 +258,18 @@ def perform_deploy(context):
     help="Enable auto fixing vulnerabilities on cp.",
 )
 @help_option
+@pass_flow_context
 @pass_create_context
 @click.pass_context
-def run(context, create_context, **kwargs):
+def run(context, create_context, flow_context, **kwargs):
     """ AST - Application Security Testing. Unifies deploy issue, SAST and SCA analyses.  """
     try:
         prepared_context = RequirementsVerifier.prepare_context(clone(context), from_ast=True)
         try:
-            prepared_context.obj.deploy = perform_deploy(clone(prepared_context))
+            prepared_context.obj.deploy = perform_deploy(clone(prepared_context), flow_context, prepared_context)
         except:
             return
+
         perform_sast(clone(prepared_context))
         perform_sca(clone(prepared_context))
         perform_iac(clone(prepared_context))

{conviso-cli-2.2.11rc0 → conviso-cli-2.2.12.dev0}/convisoappsec/flowcli/vulnerability/run.py

@@ -142,8 +142,8 @@ def run(context, flow_context, project_code, asset_id, company_id, end_commit, s
 
     context.params['company_id'] = context.params.get('company_id') or company_id
 
-    if not context.params['company_id']:
-        log_func("Invalid company_id: {company_id}. Exiting.".format(company_id=company_id))
+    if context.params['company_id'] is None:
+        log_func(f"Invalid company_id: {company_id}. Exiting.")
         return
 
     if not from_ast:

conviso-cli-2.2.12.dev0/convisoappsec/version.py

@@ -0,0 +1 @@
+__version__ = '2.2.12-dev.0'

conviso-cli-2.2.11rc0/convisoappsec/version.py

@@ -1 +0,0 @@
-__version__ = '2.2.11-rc.0'