-
Notifications
You must be signed in to change notification settings - Fork 0
/
azure-pipelines.yml
75 lines (68 loc) · 2.58 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
trigger:
- master
pool:
vmImage: 'windows-latest'
variables:
solution: '**/*.sln'
buildPlatform: 'Any CPU'
buildConfiguration: 'Release'
steps:
- task: CmdLine@2
displayName: VC - Install Veracode Auth
inputs:
script: |
pip install veracode-api-signing
- task: CmdLine@2
displayName: VC - Apply Creds
inputs:
script: |
echo [default] >> credentials.txt
echo veracode_api_key_id = $(VERACODE_API_KEY_ID) >> credentials.txt
echo veracode_api_key_secret = $(VERACODE_API_KEY_SECRET) >> credentials.txt
mkdir c:\Users\VssAdministrator\.veracode
cp credentials.txt c:\Users\VssAdministrator\.veracode\credentials
#Submit DAST Scan to Veracode
- task: PythonScript@0
displayName: VC - kick off DAST scan
inputs:
scriptSource: 'inline'
script: |
import sys
import json
import requests
from veracode_api_signing.plugin_requests import RequestsAuthPluginVeracodeHMAC
api_base = "https://api.veracode.com/was/configservice/v1"
headers = {"User-Agent": "Start DA Scan Example", 'Content-type': 'application/json'}
#Payload for updating schedule of existing DA job to start now
data = {
"schedule":
{
"now": True,
"duration":
{
"length": 1,
"unit": "DAY"
}
}
}
if __name__ == "__main__":
print("Looking for Dynamic Analysis Job: " + "$(SCAN_NAME)" )
#lookup_query = "name=" + "$(SCAN_NAME)"
res = requests.get(api_base + "/analyses", auth=RequestsAuthPluginVeracodeHMAC(), params={ "name": "$(SCAN_NAME)" }, headers=headers)
response = res.json()
try:
job_id = response['_embedded']['analyses'][0]['analysis_id']
print("found job_id: " + job_id)
except:
print("Could not find Dynamic Analysis")
sys.exit(1)
try:
res = requests.put(api_base + "/analyses/" + job_id + '?method=PATCH', auth=RequestsAuthPluginVeracodeHMAC(), json=data, headers=headers)
if res.status_code == 204:
print("Scan Submitted Successfully: " + str(res.status_code) )
else:
response = res.json()
print("Error encountered: " + response['_embedded']['errors'][0]['detail'])
except:
print("Error executing API Call")
sys.exit(1)