Skip to content

Instantly share code, notes, and snippets.

@boriphuth
Last active November 3, 2020 13:57
Show Gist options
  • Save boriphuth/b57fe11049c47b2e2c60227deb02e0fd to your computer and use it in GitHub Desktop.
Save boriphuth/b57fe11049c47b2e2c60227deb02e0fd to your computer and use it in GitHub Desktop.
import argparse
from datetime import datetime
import json
import os
import requests
import logging
def UploadScan(host, apiKey, engegementID, PathFile, minimum_severity, scan_type, active, verified):
url = "http://" + host + "/api/v2/import-scan/"
payload = {
'scan_date': ('', datetime.now().strftime("%Y-%m-%d")),
'minimum_severity': ('', minimum_severity),
'active': ('', active),
'verified': ('', verified),
'scan_type': ('', scan_type),
'test_type': ('', scan_type),
'engagement': ('', engegementID),
'close_old_findings': 'false',
'push_to_jira': 'false'
}
scan_date = datetime.now().strftime("%Y-%m-%d")
files = [('file', open(PathFile,'rb'))]
headers = {'Authorization': 'Token ' + api_key}
response = requests.request("POST", url, headers=headers, data = payload, files = files)
print(response.text.encode('utf8'))
if response.status_code == 201 :
print ("Successfully uploaded the results to Defect Dojo")
else:
print ("Something went wrong, please debug " + str(response))
# set verify to False if ssl cert is self-signed
def upload_results(host, user, api_key, minimum_severity, scanner, result_file, engagement_id, active, verified):
UploadScan(host, api_key, engagement_id, result_file, minimum_severity, scanner, active, verified)
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description='CI/CD integration for DefectDojo')
parser.add_argument('--host', help="DefectDojo Hostname", required=True)
parser.add_argument('--api_key', help="API Key", required=True)
parser.add_argument(
'--username', help="Username of Defect dojo user", required=True)
parser.add_argument(
'--minimum_severity', help="Username of Defect dojo user", required=False)
parser.add_argument('--engagement_id',
help="Engagement ID (optional)", required=True)
parser.add_argument('--result_file', help="Scanner file", required=True)
parser.add_argument('--scanner', help="Type of scanner", required=True)
parser.add_argument(
'--product_id', help="DefectDojo Product ID", required=False)
parser.add_argument(
'--build_id', help="Reference to external build id", required=False)
parser.add_argument(
'--active', help="Reference to external active", required=False)
parser.add_argument(
'--verified', help="Reference to external verified", required=False)
# Parse out arguments
args = vars(parser.parse_args())
host = args["host"]
api_key = args["api_key"]
user = args["username"]
minimum_severity = args["minimum_severity"]
product_id = args["product_id"]
result_file = args["result_file"]
scanner = args["scanner"]
engagement_id = args["engagement_id"]
build_id = args["build_id"]
active = args["active"]
verified = args["verified"]
upload_results(host, user, api_key, minimum_severity, scanner, result_file, engagement_id, active, verified)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment