Fix python command line

b7c6cf57 · qweqweasdasd · 19d82d9b · b7c6cf57 · b7c6cf57
Commit b7c6cf57 authored 2 years ago by qweqweasdasd
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -70,21 +70,33 @@
  - name:  Run scan
    command: python3 /home/gmp/script.py "{{ endpoints_to_scan }}" "{{ paas_ci_workdir + '/dep.json'}}" "{{ paas_ci_workdir }}" 
    register: scan_output
-    
+  
+  - name: Find reports files in workspace forlder"
+    find:
+      paths: "{{ paas_ci_workdir }}"
+      patterns: "*report.txt"
+      file_type: "file"
+    register: report_files
+
  - name: display all reports
    ansible.builtin.debug: var=item
    with_file:
-    - "{{ paas_ci_workdir + '/report.txt'}}"
+    - "{{ report_files }}"

-  - name: display all severities
+  - name: get Severity file content
    ansible.builtin.debug: var=item
    with_file:
    - "{{ paas_ci_workdir + '/severity.txt'}}"
-    
+    register: severity 
+  
+  - name: save the Json data to a Variable as a Fact
+    set_fact:
+      severity_json: "{{ severity | from_json }}"
+
  - name: Get scan outputs (if successful)
    assert:
      that:
-        - deployment.status == 'CREATE_COMPLETE'
+        - deployment.global == 'CREATE_COMPLETE'
      fail_msg: "TEST FAILED -  deployment uuid: {{ deployment.uuid }}, status: {{ deployment.status }}"
      success_msg: "TEST PASSED - deployment uuid: {{ deployment.uuid }}, status: {{ deployment.status }}, outputs: {{ deployment.outputs }}"
  

--- a/utils/script.py
+++ b/utils/script.py
@@ -158,7 +158,7 @@ def create_task(name, config_id, target_id, scanner_id):
        else:
            msg = f"ERROR during Task creation. Status code: {status}, msg: {status_text}"
            raise Exception(msg)
-        
+
 def get_tasks(filter_str):
    res = []
    with Gmp(connection, transform=transform) as gmp:
@@ -308,6 +308,23 @@ def save_severity_report(task, severity_filename):
        with open(severity_filename, "w") as f:
            f.write(severity)

+def get_severity(task):
+    dict_severity = {"Log": 0, "Low": 1, "Medium": 2, "High": 3}
+    with Gmp(connection, transform=transform) as gmp:
+        gmp.authenticate(auth_name, auth_passwd)
+        res = gmp.get_report(task['report_id'],
+                            report_format_id="5057e5cc-b825-11e4-9d0e-28d24461215b", 
+                            ignore_pagination=True,
+                            details="1")
+        severities = res.xpath('report/report/ports/port/threat/text()')
+        old_num_severity = 0
+        severity = "Log"
+        for sev in severities:
+            if dict_severity[sev] > old_num_severity:
+                old_num_severity = dict_severity[sev]
+                severity = sev
+        return severity
+            
 def get_reports(filter_str="rows=-1"):
    lo = []
    with Gmp(connection, transform=transform) as gmp:
@@ -323,6 +340,18 @@ def get_reports(filter_str="rows=-1"):
 def print_pretty_json(j):
    print(json.dumps(j,sort_keys=True,indent=4))

+def process_global_severity(severities):
+    dict_severity = {"Log": 0, "Low": 1, "Medium": 2, "High": 3}    
+    global_sev = "Log"
+    old_num_severity = 0
+    for _,sev in severities.items():
+        if dict_severity[sev] > old_num_severity:
+            old_num_severity = dict_severity[sev]
+            global_sev = sev
+    severities['global'] = global_sev
+    return severities
+    
+    
 ################ MAIN #######################################

 auth_name = "jenkins"
@@ -369,25 +398,32 @@ for key in data['outputs'].keys():

 print(json.dumps(endpoints,sort_keys=True,indent=4))      

+severities = dict()
+
 for host,ports in endpoints.items():
    print(host,ports)
-    
-target_name = f"{auth_name}_target_{host}"
-task_name = f"{auth_name}_task_{host}"
-port_list_name = f"{auth_name}_pl_{host}"
-report_filename = f"{output_dir}/report.txt"
-severity_filename = f"{output_dir}/severity.txt"
-
-pl = get_or_create_port_list(port_list_name,ports)
-target = get_or_create_target(target_name,host,pl,ovs_ssh_credential_id)
-task = get_or_create_task(task_name, config_id, target['id'],scanner_id)
-if task['status'] == 'New':
-    task = start_task(task)
-if wait_for_task_completition(task,wait_timeout):
-    print("Saving report and severity...")
-    save_report(task,txt_report_format_id, report_filename)
-    save_severity_report(task,severity_filename)
-    print("Done")
-delete_task(task)
-delete_target(target)
-delete_port_list(pl)
\ No newline at end of file
+  
+    target_name = f"{auth_name}_target_{host}"
+    task_name = f"{auth_name}_task_{host}"
+    port_list_name = f"{auth_name}_pl_{host}"
+    report_filename = f"{output_dir}/report.txt"
+    severity_filename = f"{output_dir}/severity.txt"
+
+    pl = get_or_create_port_list(port_list_name,ports)
+    print_pretty_json(pl)
+    target = get_or_create_target(target_name,host,pl,ovs_ssh_credential_id)
+    print_pretty_json(target)
+    task = get_or_create_task(task_name, config_id, target['id'],scanner_id)
+    print_pretty_json(task)
+    if task['status'] == 'New':
+        task = start_task(task)
+    if wait_for_task_completition(task,wait_timeout):
+        save_report(task,txt_report_format_id, report_filename)
+        severities[host] = get_severity(task)
+    #delete_task(task)
+    #delete_target(target)
+    #delete_port_list(pl)
+
+severities = process_global_severity(severities)
+with open(severity_filename, "w") as f:
+    f.write(json.dumps(severities))