#!/usr/bin/env ruby require 'commander' require 'veracodecli' require_relative '../lib/veracodecli/settings' require_relative '../lib/veracodecli/slack' include VeracodeApiResults include VeracodeApiScan include VeracodeApiBase include VeracodeApiMacros include Slack Commander.configure do program :name, 'veracodecli' program :version, '1.0.14' program :description, 'CLI for automating veracode api requests' program :help, 'Author', 'Isaiah Thiessen ' command :scan do |c| c.syntax = 'veracodecli scan --app_name [app_name] --repo [repo] --option [option]' c.description = 'Submits a scan to Veracode.' c.option '--business_unit STRING', String, 'Business Unit Name' c.option '--team STRING', String, 'Team Name' c.option '--business_criticality STRING', String, 'Application business criticality' c.option '--app_name STRING', String, 'Name of the app to scan' c.option '--repo STRING', String, 'The URL of application repo' c.action do |_,options| abort 'Missing parameter --repo' unless options.repo abort 'Missing parameter --app_name' unless options.app_name abort 'Missing parameter --business_unit' unless options.business_unit || defined? Settings.business_unit abort 'Missing parameter --team' unless options.team || defined? Settings.team abort 'Missing parameter --business_criticality' unless options.business_criticality || defined? Settings.business_criticality options.app_name.gsub! /[-_]/, '' business_criticality = options.business_criticality || Settings.business_criticality business_unit = options.business_unit || Settings.business_unit team = options.team || Settings.team VeracodeApiBase.get_repo_archive options.repo VeracodeApiMacros.submit_scan_macro options.app_name, business_criticality, business_unit, team end end command :get_prescan_results do |c| c.syntax = 'veracodecli get-prescan-results --app_id [app_id]' c.description = 'Downloads the prescan results from Veracode.' c.option '--app_id STRING', String, 'Application id' c.action do |args,options| fail 'Specify app_id.' unless options.app_id VeracodeApiResults.get_prescan_results args.first end end command :get_status do |c| c.syntax = 'veracodecli get-status --app_id [app_id]' c.description = 'Gets scan state from Veracode.' c.option '--app_id STRING', String, 'Application id' c.action do |args,options| fail 'Specify app_id.' unless option.app_id VeracodeApiResults.get_build_status options.app_id end end command :get_report do |c| c.syntax = 'veracodecli get_report --app_name [app_name]' c.description = 'Downloads the final scan report from Veracode.' c.option '--app_name STRING', String, 'Application name' c.action do |args,options| fail 'Specify app_name.' unless options.app_name options.app_name.gsub! /[-_]/, '' VeracodeApiMacros.get_report_macro options.app_name end end command :get_pdf_report do |c| c.syntax = 'veracodecli get_pdf_report --app_name [app_name] --option [option]' c.option '--slack_upload STRING', String, 'Upload report to slack?' c.option '--app_name STRING', String, 'Application Name' c.description = 'Downloads the final scan report in pdf format.' c.action do |args, options| abort 'Missing parameter --app_name' unless options.app_name abort 'Please specify slack token in config.yml' if ((!defined? Settings.slack_token) && (options.slack_upload.eql? 'yes')) abort 'Please specify slack channel in config.yml' if ((!defined? Settings.slack_channel) && (options.slack_upload.eql? 'yes')) options.app_name.gsub! /[-_]/, '' file = VeracodeApiMacros.get_pdf_macro options.app_name Slack.send_to_slack file if (options.slack_upload.eql? 'yes') end end end