Skip to content

Instantly share code, notes, and snippets.

@boriphuth
Last active May 17, 2023 20:43
Show Gist options
  • Save boriphuth/a6f57db781ce160fa9330472e740b4d7 to your computer and use it in GitHub Desktop.
Save boriphuth/a6f57db781ce160fa9330472e740b4d7 to your computer and use it in GitHub Desktop.
import argparse
from datetime import datetime
import json
import os
import requests
def upload_results(host, user, api_key, scanner, result_file, engagement_id, verify=False): # set verify to False if ssl cert is self-signed
API_URL = "http://"+host+"/api/v1"
IMPORT_SCAN_URL = API_URL+ "/importscan/"
AUTH_TOKEN = "ApiKey " + user + ":" + api_key
headers = dict()
json = dict()
files = dict()
headers['Authorization'] = AUTH_TOKEN
print (headers)
# payload = {'scan_date': '2020-11-03',
# 'minimum_severity': 'Low',
# 'active': 'false',
# 'verified': 'false',
# 'tags': '',
# 'engagement': '/api/v1/engagements/2/',
# 'lead': '/api/v1/users/1/',
# 'test_type': 'Bandit Scan',
# 'scan_type': 'Bandit Scan'}
json['scan_date'] = datetime.now().strftime("%Y-%m-%d")
json['minimum_severity'] = "Low"
json['active'] = False
json['verified'] = False
json['tags'] = ""
json['engagement'] = "/api/v1/engagements/"+ engagement_id + "/"
json['lead'] ="/api/v1/users/"+ "1" + "/"
json['test_type'] = scanner
json['scan_type'] = scanner
print (json)
# Prepare file data to send to API
files['file'] = open(result_file, 'rb')
# Make a request to API
response = requests.post(IMPORT_SCAN_URL, headers=headers, files=files, data=json, verify=verify)
return response.status_code
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='CI/CD integration for DefectDojo')
parser.add_argument('--host', help="DefectDojo Hostname", required=True)
parser.add_argument('--api_key', help="API Key", required=True)
parser.add_argument('--username', help="Username of Defect dojo user", required=True)
parser.add_argument('--engagement_id', help="Engagement ID (optional)", required=True)
parser.add_argument('--result_file', help="Scanner file", required=True)
parser.add_argument('--scanner', help="Type of scanner", required=True)
parser.add_argument('--product_id', help="DefectDojo Product ID", required=False)
parser.add_argument('--build_id', help="Reference to external build id", required=False)
# Parse out arguments
args = vars(parser.parse_args())
host = args["host"]
api_key = args["api_key"]
user = args["username"]
product_id = args["product_id"]
result_file = args["result_file"]
scanner = args["scanner"]
engagement_id = args["engagement_id"]
build_id = args["build_id"]
# upload_results(self, host, user, api_key, scanner, result_file, engagement_id, verify=False): # set verify to False if ssl cert is self-signed
result = upload_results(host, user, api_key, scanner, result_file, engagement_id)
if result == 201 :
print ("Successfully uploaded the results to Defect Dojo")
else:
print ("Something went wrong, please debug " + str(result))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment