Приложение 6. Примеры запуска скриптов AppSec.Hub CLI
Сканирование кодовой базы scan_codebase
python3 -m src.scan_codebase \
--url http://hub.your.company.com/ \
--token ***** \
--appcode 0902202-1_cli \
--codebase "http://gitlab.service.your.company.com/test/java-web-project.git;master;;/;java-web-project" "http://gitlab.service.your.company.com/test/web-project.git;master;;/web-project;web-project" \
--branch-filter "develop"
Сканирование артефакта по URL scan_artifact
Файловое хранилище (Login/Password)
python3 -m src.scan_artifact \
--url http://hub.your.company.com/ \
--token ****** \
--appcode 19042021_test_create_org \
--artifact "https://docker.your.company.com/nginx/apk/auth/app-prod-debug-1.0.apk"
--artifact "https://docker.your.company.com/nginx/apk/auth/app-prod-debug-2.0.apk"
Файловое хранилище (Anonymous)
python3 -m src.scan_artifact \
--url http://hub.your.company.com/ \
--token ****** \
--appcode 19042021_test_create_org \
--artifact "https://docker.your.company.com/nginx/apk/app-prod-debug-1.0.apk"
--artifact "https://docker.your.company.com/nginx/apk/app-prod-debug-2.0.apk"
type: maven (с classifier)
python3 -m src.scan_artifact \
--url http://hub.your.company.com \
--token ****** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com/repository/maven-releases/com/appsecco/456776543/1.09/456776543-1.09-classifer.war"
--artifact "https://nexus.your.company.com/repository/maven-releases/com/appsecco/456776543/1.10/456776543-1.10-classifer.war"
type: yum
python3 -m src.scan_artifact --url http://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com/repository/yum/user-history.assembly-4.5.0-SNAPSHOT20200619055220.noarch.rpm"
--artifact "https://nexus.your.company.com/repository/yum/user-history.assembly-4.5.1-SNAPSHOT20200619055220.noarch.rpm"
type: docker
Cпособ 1
python3 -m src.scan_artifact \
--url http://hub.your.company.com/ \
--token ***** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com:8083/java-web-project:9.17"
--artifact "https://nexus.your.company.com:8083/java-web-project-2:9.17"
Cпособ 2
python3 -m src.scan_artifact \
--url http://hub.your.company.com/ \
--token ***** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com:8086/hub-core:1.4.5.7"
--artifact "https://nexus.your.company.com:8086/hub-core:1.4.5.8"
type: npm
python3 -m src.scan_artifact \
--url http://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com/repository/npm-group/ngclipboard/-/ngclipboard-2.0.0.tgz"
--artifact "https://nexus.your.company.com/repository/npm-group/ngclipboard/-/ngclipboard-2.1.0.tgz"
Сканирование экземпляра приложения scan_instance
python3 -m src.scan_instance --url http://hub.your.company.com/ \
--token ***** \
--appcode 0902202-1_cli \
--instance-url http://hub.your.company.com \
--instance-name inst1 \
--stage ST
Импорт результатов import_results
Импорт результатов из Checkmarx
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--codebase "http://gitlab.service.your.company.com/test/java-web-project.git;master;;/;java-web-project" "http://gitlab.service.your.company.com/test/web-project.git;master;;/web-project;web-project" \
--cx-tool-url https://cx.your.company.com \
--cx-project-name kg_19082021_2_-master_1 \
--cx-team /CxServer/asdfsadfASDFASDF/kg_19082021_2 \
--quality-gate no-critical-issues
Импорт результатов из Dependency track
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--codebase "http://gitlab.service.your.company.com/test/java-web-project.git;master;;/;java-web-project" "http://gitlab.service.your.company.com/test/web-project.git;master;;/web-project;web-project" \
--dt-tool-url http://dep-track.your.company.com \
--dt-project-name Dependency_Track_java-web-project-master \
--dt-project-uuid 619821d4-368d-4f5e-a52f-18d73d97ecb9 \
--quality-gate no-critical-issues
Импорт результатов из PT Application inspector
python3 -m src.import_results \
--url hub_host \
--token ***token*** \
--appcode your_application_name \
--codebase "https://gitlab.your.domain.com/dev/your_project_name.git;master;;/;" \
--ptai-tool-url https://ptai.your.domain.com \
--ptai-project-name your_project_name \
--ptai-project-language Java \
--ptai-scan-results-id c40b439e-0312-4a38-9bb8-8cea931b3bd9
Импорт результатов из AppSec.Track
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode app_track_cli \
--artifact "https://your.company.com/java-web-project:5.1" \
--appsec-track-tool-url https://track.your.company.com \
--appsec-track-team your_team_name \
--appsec-track-application your_app_name \
--appsec-track-scan-guid 6c4ee61b-58df-9x99-z13v-954c1a45rtev
Импорт результатов из Стингрей
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode app_mdast_cli1 \
--artifact "https://docker.your.company.com/nginx/apk/auth/app-prod-debug-2.0.apk;TestApk1" \
--mdast-tool-url https://stingray.your.company.ru \
--mdast-scan-id=707 \
--quality-gate no-critical-issues
Импорт результатов из Nexus (артефакты)
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--artifact "https://nexus.your.company.com/repository/maven-releases/com/example/hub-core-f05f76e5ed7a/1.0.5454-test-task/hub-core-f05f76e5ed7a-1.0.5454-test-task.tar;Artifact-1" \
--artifact "https://nexus.your.company.com/repository/maven-releases/com/example/hub-core/1.0.5452-test-task/hub-core-1.0.5452-test-task.tar;Artifact-2" \
--artifact "https://nexus.your.company.com/repository/maven-releases/com/example/hub-ui/1.0.5452-test-task/hub-ui-1.0.5452-test-task.tar;Artifact-3" \
--nxiq-tool-url https://nxiq.your.company.com \
--nxiq-app 12072021_nxiq_java-web-projectdocker \
--nxiq-org "Dev Company" \
--nxiq-app multi-docker \
--nxiq-report 5bbfc21a24864254a58c905d475a0ea4 \
--nxiq-stage build
Импорт результатов из Aqua Security
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode Aqua_demo \
--artifact "https://nexus.your.company.com:8083/java-web-project:1.17" \
--aqua-tool-url https://aqua.your.company.com \
--aqua-registry aqua-demo_java-web-project-docker
Импорт результатов из CodeScoring
python3 -m src.import_results \
--url https://hub.your.company.com \
--token ***** \
--appcode 09022021_cli \
--codebase "http://gitlab.service.your.company.com/test/java-web-project.git;master;;/;java-web-project" "http://gitlab.service.your.company.com/test/web-project.git;master;;/web-project;web-project" \
--codescoring-tool-url https://your-codescoring-url.com \
--codescoring-project-name your-repo/your-project \
--quality-gate no-critical-issues
Импорт информации о проблемах безопасности import_report
python3 -m src.import_report \
--url https://hub.your.company.com \
--token **token** \
--appcode appcode \
--application-name appname \
--external-id ae8f09fe-987f-11eb-a8b3-0242ac130003 \
--quality-gate-code no-critical-issues \
--unit-code 000001 \
--unit-name front \
--report-file c:\dev\report.json