add methods for SCA app linking

veracode · Dec 15, 2023 · b9e06ca · b9e06ca
1 parent 5110802
commit b9e06ca
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 7 deletions.
diff --git a/docs/sca.md b/docs/sca.md
@@ -14,7 +14,7 @@ _Note_: You can also access these methods from the `Workspaces` class.
 - `add_workspace_team(workspace_guid,team_id)`: add the team identified by `team_id` (int) to the workspace identified by `workspace_guid`.
 - `get_workspace_teams(workspace_guid(opt))`: get a list of teams. If no `workspace_guid` is provided, return all available teams.
 - `delete_workspace(workspace_guid)`: delete the workspace identified by `workspace_guid`.
-- `get_projects(workspace_guid)`: get a list of projects for the workspace identified by `workspace_guid`.
+- `get_projects(workspace_guid,project_name(opt))`: get a list of projects for the workspace identified by `workspace_guid`.
 - `get_agents(workspace_guid)`: get a list of agents for the workspace identified by `workspace_guid`.
 - `get_agent(workspace_guid,agent_guid)`: get the agent identified by `agent_guid` in the workspace identified by `workspace_guid`.
 - `create_agent(workspace_guid,name,agent_type(opt))`: create an agent in the workspace identified by `workspace_guid`. Default for `agent_type` is `CLI`.
@@ -54,7 +54,9 @@ _Note_: You can also access these methods from the `SBOM` class.
 
 _Note_: You can also access these methods from the `SCAApplications` class.
 
-- `get_app_projects(app_guid)`: get the list of linked SCA projects for an application. (This API call is also available on the SCAApplications object as `SCAApplications().get_projects()`).
+- `get_app_projects(app_guid)`: get the list of linked SCA projects for an application. (This API call is also available on the SCAApplications object as `SCAApplications().get_projects()`.)
+- `link_app_projects(app_guid, project_guid)`: link the application to the project. (This API call is also available on the SCAApplications object as `SCAApplications().link_project()`.)
+- `unlink_app_projects(app_guid, project_guid)`: unlink the application from the project. (This API call is also available on the SCAApplications object as `SCAApplications().unlink_project()`.)
 - `get_sca_annotations(app_guid, annotation_type, annotation_reason(opt), annotation_status(opt),cve_name(opt), cwe_id(opt), severities(opt array), license_name(opt), license_risk(opt))`: get the list of annotations (mitigations and comments) for an application. (This API call is also available on the SCAApplications object as `SCAApplications().get_annotations()`.)
 - `add_sca_annotation(app_guid, action, comment, annotation_type, component_id, cve_name (required for VULNERABILITY type), license_id (required for LICENSE type))`: add an annotation (mitigation or comment) to an SCA vulnerability or license finding. Note that ability to APPROVE or REJECT requires the mitigation approver role. (This API call is also available on the SCAApplications object as `SCAApplications().add_annotation()`.)
 

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = 'veracode_api_py'
-version = '0.9.45'
+version = '0.9.46'
 authors = [ {name = "Tim Jarrett", email="tjarrett@veracode.com"} ]
 description = 'Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.'
 readme = 'README.md'
@@ -22,4 +22,4 @@ dependencies = {file = ["requirements.txt"]}
 [project.urls]
 "Homepage" = "https://github.com/veracode/veracode-api-py"
 "Bug Tracker" = "https://github.com/veracode/veracode-api-py/issues"
-"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0945.tar.gz"
+"Download" = "https://github.com/veracode/veracode-api-py/archive/v_0946.tar.gz"
diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,4 @@
-requests>=2.24.0
+requests>=2.31.0
 veracode-api-signing>=22.3.0
 urllib3>= 1.26.6
 Pygments>= 2.9.0
diff --git a/veracode_api_py/api.py b/veracode_api_py/api.py
@@ -391,6 +391,12 @@ def get_sbom_project(self, project_guid: UUID, format='cyclonedx', vulnerability
     def get_app_projects(self, app_guid: UUID):
         return SCAApplications().get_projects(app_guid=app_guid)
 
+    def link_project(self, app_guid: UUID, project_guid: UUID):
+        return SCAApplications().link_project(app_guid=app_guid, project_guid=project_guid)
+
+    def unlink_project(self, app_guid: UUID, project_guid: UUID):
+        return SCAApplications().unlink_project(app_guid=app_guid, project_guid=project_guid)
+
     def get_sca_annotations(self, app_guid: UUID, annotation_type: str, annotation_reason: str=None,
                          annotation_status: str=None, cve_name: str=None, cwe_id: str=None, severities=None,
                          license_name: str=None, license_risk: str=None):

diff --git a/veracode_api_py/sca.py b/veracode_api_py/sca.py
@@ -44,8 +44,12 @@ def get_teams(self, workspace_guid: UUID=None):
           else:
                return APIHelper()._rest_paged_request("srcclr/v3/teams","GET","teams",{})
 
-     def get_projects(self,workspace_guid: UUID):
-          return APIHelper()._rest_paged_request(self.sca_base_url + '/{}/projects'.format(workspace_guid),"GET","projects",{})
+     def get_projects(self,workspace_guid: UUID,project_name=""):
+          if project_name != "":
+               params = { 'search': project_name }
+          else:
+               params = {}
+          return APIHelper()._rest_paged_request(self.sca_base_url + '/{}/projects'.format(workspace_guid),"GET","projects",params)
 
      def get_project(self,workspace_guid: UUID,project_guid:UUID ):
           uri = self.sca_base_url + '/{}/projects/{}'.format(workspace_guid,project_guid)
@@ -184,6 +188,12 @@ class SCAApplications():
      def get_projects(self, app_guid: UUID):
           return APIHelper()._rest_request(self.entity_base_uri+"/{}/projects".format(app_guid),"GET")
 
+     def link_project(self, app_guid: UUID, project_guid: UUID):
+          return APIHelper()._rest_request(self.entity_base_uri+"/{}/projects/{}".format(app_guid,project_guid),"PUT")
+
+     def unlink_project(self, app_guid: UUID, project_guid: UUID):
+          return APIHelper()._rest_request(self.entity_base_uri+"/{}/projects/{}".format(app_guid,project_guid),"DELETE")
+
      def get_annotations(self, app_guid: UUID, annotation_type: str, annotation_reason: str=None,
                          annotation_status: str=None, cve_name: str=None, cwe_id: str=None, severities=None,
                          license_name: str=None, license_risk: str=None):