Last active
November 3, 2020 13:57
-
-
Save boriphuth/b57fe11049c47b2e2c60227deb02e0fd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
from datetime import datetime | |
import json | |
import os | |
import requests | |
import logging | |
def UploadScan(host, apiKey, engegementID, PathFile, minimum_severity, scan_type, active, verified): | |
url = "http://" + host + "/api/v2/import-scan/" | |
payload = { | |
'scan_date': ('', datetime.now().strftime("%Y-%m-%d")), | |
'minimum_severity': ('', minimum_severity), | |
'active': ('', active), | |
'verified': ('', verified), | |
'scan_type': ('', scan_type), | |
'test_type': ('', scan_type), | |
'engagement': ('', engegementID), | |
'close_old_findings': 'false', | |
'push_to_jira': 'false' | |
} | |
scan_date = datetime.now().strftime("%Y-%m-%d") | |
files = [('file', open(PathFile,'rb'))] | |
headers = {'Authorization': 'Token ' + api_key} | |
response = requests.request("POST", url, headers=headers, data = payload, files = files) | |
print(response.text.encode('utf8')) | |
if response.status_code == 201 : | |
print ("Successfully uploaded the results to Defect Dojo") | |
else: | |
print ("Something went wrong, please debug " + str(response)) | |
# set verify to False if ssl cert is self-signed | |
def upload_results(host, user, api_key, minimum_severity, scanner, result_file, engagement_id, active, verified): | |
UploadScan(host, api_key, engagement_id, result_file, minimum_severity, scanner, active, verified) | |
if __name__ == "__main__": | |
parser = argparse.ArgumentParser( | |
description='CI/CD integration for DefectDojo') | |
parser.add_argument('--host', help="DefectDojo Hostname", required=True) | |
parser.add_argument('--api_key', help="API Key", required=True) | |
parser.add_argument( | |
'--username', help="Username of Defect dojo user", required=True) | |
parser.add_argument( | |
'--minimum_severity', help="Username of Defect dojo user", required=False) | |
parser.add_argument('--engagement_id', | |
help="Engagement ID (optional)", required=True) | |
parser.add_argument('--result_file', help="Scanner file", required=True) | |
parser.add_argument('--scanner', help="Type of scanner", required=True) | |
parser.add_argument( | |
'--product_id', help="DefectDojo Product ID", required=False) | |
parser.add_argument( | |
'--build_id', help="Reference to external build id", required=False) | |
parser.add_argument( | |
'--active', help="Reference to external active", required=False) | |
parser.add_argument( | |
'--verified', help="Reference to external verified", required=False) | |
# Parse out arguments | |
args = vars(parser.parse_args()) | |
host = args["host"] | |
api_key = args["api_key"] | |
user = args["username"] | |
minimum_severity = args["minimum_severity"] | |
product_id = args["product_id"] | |
result_file = args["result_file"] | |
scanner = args["scanner"] | |
engagement_id = args["engagement_id"] | |
build_id = args["build_id"] | |
active = args["active"] | |
verified = args["verified"] | |
upload_results(host, user, api_key, minimum_severity, scanner, result_file, engagement_id, active, verified) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment