From 00b98b28039a8c7fbd0c964d7b7deda0283309fa Mon Sep 17 00:00:00 2001 From: Tim Jarrett Date: Mon, 2 Dec 2024 16:59:41 -0500 Subject: [PATCH] Fixes #95 - customer managed encryption key support --- docs/api.md | 3 ++- docs/applications.md | 3 ++- pyproject.toml | 4 ++-- setup.py | 4 ++-- veracode_api_py/api.py | 5 +++-- veracode_api_py/applications.py | 10 +++++++--- 6 files changed, 18 insertions(+), 11 deletions(-) diff --git a/docs/api.md b/docs/api.md index 3a4b5b7..cd89ac6 100644 --- a/docs/api.md +++ b/docs/api.md @@ -85,7 +85,7 @@ As an alternative to importing individual objects into your library, you can acc - `get_apps(policy_check_after(opt))` : get a list of Veracode applications (JSON format). If provided, returns only applications that have a policy check date on or after `policy_check_after` (format is `yyyy-mm-dd`). - `get_app(guid(opt),legacy_id(opt))`: get information for a single Veracode application using either the `guid` or the `legacy_id` (integer). - `get_app_by_name(name)`: get list of applications whose names contain the search string `name`. -- `create_app(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: create an application profile. +- `create_app(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt),custom_kms_alias(opt))`: create an application profile. - `business_criticality`: one of "VERY HIGH", "HIGH", "MEDIUM", "LOW", "VERY LOW" - `business_unit`: the GUID of the business unit to which the application should be assigned - `teams`: a list of the GUIDs of the teams to which the application should be assigned @@ -94,6 +94,7 @@ As an alternative to importing individual objects into your library, you can acc - `bus_owner_name`: the name of the business owner of the application - `bus_owner_email`: the email address of the business owner of the application - `git_repo_url`: the URL to the git repository containing the code for the application + - `custom_kms_alias`: the alias for the Customer Managed Encryption Key (CMK), which will be used to encrypt/decrypt customer provided data. Note: The Customer Managed Encrytion Key feature must be activated and configured for your organization before attempting to set this value. - `update_app(guid, app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: update an application profile. Note that partial updates are NOT supported, so you need to provide all values including those that aren't changing. - `delete_app(guid)`: delete the application identified by `guid`. This is not a reversible action. - `get_custom_fields()`: get a list of app profile custom fields available for your organization. diff --git a/docs/applications.md b/docs/applications.md index f188c3d..7a9d3f8 100644 --- a/docs/applications.md +++ b/docs/applications.md @@ -7,7 +7,7 @@ The following methods call Veracode REST APIs and return JSON. - `Applications().get_all(policy_check_after(opt))` : get a list of Veracode applications (JSON format). If provided, returns only applications that have a policy check date on or after `policy_check_after` (format is `yyyy-mm-dd`). - `Applications().get(guid(opt),legacy_id(opt))`: get information for a single Veracode application using either the `guid` or the `legacy_id` (integer). - `Applications().get_by_name(name)`: get list of applications whose names contain the search string `name`. -- `Applications().create(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: create an application profile. +- `Applications().create(app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt),custom_kms_alias(opt))`: create an application profile. - `business_criticality`: one of "VERY HIGH", "HIGH", "MEDIUM", "LOW", "VERY LOW" - `business_unit`: the GUID of the business unit to which the application should be assigned - `teams`: a list of the GUIDs of the teams to which the application should be assigned @@ -16,6 +16,7 @@ The following methods call Veracode REST APIs and return JSON. - `bus_owner_name`: the name of the business owner of the application - `bus_owner_email`: the email address of the business owner of the application - `git_repo_url`: the URL to the git repository containing the code for the application + - `custom_kms_alias`: the alias for the Customer Managed Encryption Key (CMK), which will be used to encrypt/decrypt customer provided data. Note: The Customer Managed Encrytion Key feature must be activated and configured for your organization before attempting to set this value. - `Applications().update(guid, app_name, business_criticality, business_unit(opt), teams(opt), policy_guid(opt), custom_fields(opt array), bus_owner_name(opt), bus_owner_email(opt),git_repo_url(opt))`: update an application profile. Note that partial updates are NOT supported, so you need to provide all values including those that aren't changing. - `Applications().delete(guid)`: delete the application identified by `guid`. This is not a reversible action. diff --git a/pyproject.toml b/pyproject.toml index 88ce021..5e856c8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = 'veracode_api_py' -version = '0.9.53' +version = '0.9.57' authors = [ {name = "Tim Jarrett", email="tjarrett@veracode.com"} ] description = 'Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.' readme = 'README.md' @@ -22,4 +22,4 @@ dependencies = {file = ["requirements.txt"]} [project.urls] "Homepage" = "https://github.com/veracode/veracode-api-py" "Bug Tracker" = "https://github.com/veracode/veracode-api-py/issues" -"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0953.tar.gz" +"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0957.tar.gz" diff --git a/setup.py b/setup.py index 0a4674d..d4fc5a3 100644 --- a/setup.py +++ b/setup.py @@ -7,7 +7,7 @@ setup( name = 'veracode_api_py', packages = ['veracode_api_py'], - version = '0.9.53', + version = '0.9.57', license='MIT', description = 'Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.', long_description = long_description, @@ -15,7 +15,7 @@ author = 'Tim Jarrett', author_email = 'tjarrett@veracode.com', url = 'https://github.com/tjarrettveracode', - download_url = 'https://github.com/veracode/veracode-api-py/archive/v_0953.tar.gz', + download_url = 'https://github.com/veracode/veracode-api-py/archive/v_0957.tar.gz', keywords = ['veracode', 'veracode-api'], install_requires=[ 'veracode-api-signing' diff --git a/veracode_api_py/api.py b/veracode_api_py/api.py index 18ec836..e90d2ce 100644 --- a/veracode_api_py/api.py +++ b/veracode_api_py/api.py @@ -113,11 +113,12 @@ def get_app_by_name(self, appname): def create_app(self, app_name, business_criticality, business_unit: UUID = None, teams=[], policy_guid = None, custom_fields=[],bus_owner_name = None, bus_owner_email = None, - git_repo_url = None): + git_repo_url = None, custom_kms_alias = None): return Applications().create(app_name=app_name, business_criticality=business_criticality, business_unit=business_unit, teams=teams, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name, - bus_owner_email=bus_owner_email, git_repo_url=git_repo_url) + bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, + custom_kms_alias=custom_kms_alias) def update_app(self, guid: UUID, app_name, business_criticality, business_unit: UUID = None, teams=[], policy_guid = None, custom_fields=[], bus_owner_name=None, bus_owner_email=None, diff --git a/veracode_api_py/applications.py b/veracode_api_py/applications.py index 19f9db7..f35d821 100644 --- a/veracode_api_py/applications.py +++ b/veracode_api_py/applications.py @@ -34,11 +34,11 @@ def get_by_name (self,appname: str): return APIHelper()._rest_paged_request(uri="appsec/v1/applications",method="GET",element="applications",params=params) def create(self,app_name:str ,business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, - custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None): + custom_fields=[], bus_owner_name=None, bus_owner_email=None, git_repo_url=None, custom_kms_alias: str=None): return self._create_or_update("CREATE",app_name=app_name,business_criticality=business_criticality, business_unit=business_unit,teams=teams, policy_guid=policy_guid, custom_fields=custom_fields, bus_owner_name=bus_owner_name, - bus_owner_email=bus_owner_email, git_repo_url=git_repo_url) + bus_owner_email=bus_owner_email, git_repo_url=git_repo_url, custom_kms_alias=custom_kms_alias) def update(self,guid: UUID,app_name:str ,business_criticality, business_unit: UUID=None, teams=[], policy_guid:UUID=None, custom_fields=[], @@ -55,7 +55,7 @@ def delete(self,guid: UUID): def _create_or_update(self,method,app_name: str,business_criticality, business_unit: UUID=None, teams=[],guid=None,policy_guid:UUID=None, custom_fields=[], - bus_owner_name=None,bus_owner_email=None,git_repo_url=None): + bus_owner_name=None,bus_owner_email=None,git_repo_url=None,custom_kms_alias:str=None): if method == 'CREATE': uri = 'appsec/v1/applications' httpmethod = 'POST' @@ -95,6 +95,10 @@ def _create_or_update(self,method,app_name: str,business_criticality, business_u gru = { 'git_repo_url': git_repo_url} app_def.update(gru) + if (custom_kms_alias != None) & (method=='CREATE'): + # custom_kms_alias currently only supported at creation + app_def.update({"custom_kms_alias": custom_kms_alias}) + payload = json.dumps({"profile": app_def}) return APIHelper()._rest_request(uri,httpmethod,body=payload)