Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def scan_container_image_with_dockerfile(imagespec, dockerfile, base_image, omit_base_layers):
hub = HubInstance()
scanner = ContainerImageScanner(hub, imagespec, dockerfile=dockerfile, base_image=base_image, omit_base_layers=omit_base_layers)
base_layers = scanner.get_base_layers()
print (json.dumps(base_layers, indent=2))
# sys.exit()
scanner.prepare_container_image()
scanner.process_container_image()
scanner.generate_project_structures(base_layers)
scanner.submit_layer_scans()
import logging
import sys
from blackduck.HubRestApi import HubInstance
parser = argparse.ArgumentParser("Retreive a list of un-matched files for the given project and version")
parser.add_argument("project_name")
parser.add_argument("version")
args = parser.parse_args()
logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
logging.getLogger("requests").setLevel(logging.WARNING)
logging.getLogger("urllib3").setLevel(logging.WARNING)
hub = HubInstance()
version = hub.get_project_version_by_name(args.project_name, args.version)
matched_files_url = version['_meta']['href'] + "/matched-files?limit=99999&filter=bomMatchType:unmatched"
unmatched_files = hub.execute_get(matched_files_url).json().get('items', [])
print(json.dumps(unmatched_files))
def scan_container_image(imagespec):
hub = HubInstance()
scanner = container_image_scanner(hub, imagespec)
scanner.prepare_container_image()
scanner.process_container_image()
scanner.generate_project_structures()
scanner.submit_layer_scans()
import sys
from blackduck.HubRestApi import HubInstance
parser = argparse.ArgumentParser("Delete a custom field or all of them")
parser.add_argument("object", choices=["BOM Component", "Component", "Component Version", "Project", "Project Version"], help="The object that the custom field should be attached to")
parser.add_argument("field_id", help="Use a value of 'all' to delete all the custom fields for the given object")
args = parser.parse_args()
logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
logging.getLogger("requests").setLevel(logging.DEBUG)
logging.getLogger("urllib3").setLevel(logging.WARNING)
hub = HubInstance()
if args.field_id == "all":
# delete all custom fields for the specified object type
custom_fields = hub.get_custom_fields(args.object).get('items', [])
for custom_field in custom_fields:
logging.debug("Deleting custom field")
custom_field_url = custom_field['_meta']['href']
response = hub.execute_delete(custom_field_url)
logging.debug("status code for deleting {} is {}".format(custom_field_url, response.status_code))
else:
response = hub.delete_cf(args.object, args.field_id)
logging.debug("status code: {}".format(response.status_code))
#!/usr/bin/env python
'''
Created on Oct 14, 2018
@author: gsnyder
Create a policy that prevents use of any rejected component
'''
from blackduck.HubRestApi import HubInstance
import json
from pprint import pprint
from sys import argv
hub = HubInstance()
policy_json = json.dumps(
{"enabled":"true",
"overridable": "true",
"name":"cannot-use-rejected-component",
"description":"You cannot use components we have rejected.",
"severity":"BLOCKER",
"policyType":"BOM_COMPONENT_DISALLOW",
"expression":{
"operator":"AND","expressions":[
{"name":"COMPONENT_APPROVAL_STATUS","operation":"EQ","parameters":{"values":["REJECTED"]}}
]
}
})
policy_url = hub.create_policy(policy_json)
@author: kumykov
Removes scanlocation wthat are not mapped to any project
'''
from blackduck.HubRestApi import HubInstance
from sys import argv
#
# main
#
# TODO: Delete older scans? X oldest?
hub = HubInstance()
print(hub.delete_unmapped_codelocations())
#!/usr/bin/env python
'''
Created on Oct 14, 2018
@author: gsnyder
Updates the approval status for a component given it's component ID
'''
from blackduck.HubRestApi import HubInstance
from pprint import pprint
from sys import argv
hub = HubInstance()
component_id = argv[1]
component_info = hub.get_component_by_id(component_id)
if "approvalStatus" in component_info:
print("Component data before update:")
pprint(component_info)
update_body = component_info
update_body["approvalStatus"] = "APPROVED"
try:
hub.update_component_by_id(component_id, update_body)
except:
print("Failed to update approval status for component ({})".format(component_id))
print("\n\nComponent data after update:")
pprint(hub.get_component_by_id(component_id))
parser.add_argument("object", choices=["BOM Component", "Component", "Component Version", "Project", "Project Version"], help="The object that the custom field should be attached to")
parser.add_argument("field_type", choices=["BOOLEAN", "DATE", "DROPDOWN", "MULTISELECT", "RADIO", "TEXT", "TEXTAREA"])
parser.add_argument("description")
parser.add_argument("label")
parser.add_argument("-i", "--initial_options", action='append', nargs=2, metavar=('label', 'position'), help="Set the initial options by repeatedly using the -i option, supply a label and position for each possible selection. Used for DROPDOWN, MULTISELECT, and RADIO field types.")
parser.add_argument("-a", "--active", action='store_true', default=False, help="Use the --active option to make the created field active (dafault: Inactive")
parser.add_argument("-p", "--position", default=0, type=int, help="Use the --position option to specify what numeric position the custom field should be displayed in")
args = parser.parse_args()
logging.basicConfig(format='%(asctime)s:%(levelname)s:%(message)s', stream=sys.stderr, level=logging.DEBUG)
logging.getLogger("requests").setLevel(logging.DEBUG)
logging.getLogger("urllib3").setLevel(logging.WARNING)
hub = HubInstance()
logging.debug("Creating custom field using arguments: {}".format(args))
initial_options = [{"label": io[0], "position": io[1]} for io in args.initial_options]
response = hub.create_cf(
args.object,
args.field_type,
args.description,
args.label,
position=args.position,
active=args.active,
initial_options=initial_options)
logging.debug("status code: {}".format(response.status_code))