forked from DefectDojo/django-DefectDojo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
github.py
152 lines (115 loc) · 4.94 KB
/
github.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
# python
import logging
import sys
from django.template.loader import render_to_string
# External libs
from github import Github
# Dojo related imports
from dojo.models import Engagement, GITHUB_Issue, GITHUB_PKey, Product
# Create global
logger = logging.getLogger(__name__)
def reopen_external_issue_github(find, note, prod, eng):
from dojo.utils import get_system_setting
if not get_system_setting('enable_github'):
return
# Check if we have github info related to the product
if GITHUB_PKey.objects.filter(product=prod).count() == 0:
return
github_product = GITHUB_PKey.objects.get(product=prod)
if github_product is None:
logger.error("Unable to get project key")
return
github_conf = github_product.git_conf
g_issue = GITHUB_Issue.objects.get(finding=find)
try:
g_ctx = Github(github_conf.api_key)
repo = g_ctx.get_repo(github_product.git_project)
issue = repo.get_issue(int(g_issue.issue_id))
except:
e = sys.exc_info()[0]
logger.error('cannot update finding in github: ' + e)
logger.info('Will close github issue ' + g_issue.issue_id)
issue.edit(state='open')
issue.create_comment(note)
def close_external_issue_github(find, note, prod, eng):
from dojo.utils import get_system_setting
if not get_system_setting('enable_github'):
return
# Check if we have github info related to the product
if GITHUB_PKey.objects.filter(product=prod).count() == 0:
return
github_product = GITHUB_PKey.objects.get(product=prod)
if github_product is None:
logger.error("Unable to get project key")
return
github_conf = github_product.git_conf
g_issue = GITHUB_Issue.objects.get(finding=find)
try:
g_ctx = Github(github_conf.api_key)
repo = g_ctx.get_repo(github_product.git_project)
issue = repo.get_issue(int(g_issue.issue_id))
except:
e = sys.exc_info()[0]
logger.error('cannot update finding in github: ' + e)
logger.info('Will close github issue ' + g_issue.issue_id)
issue.edit(state='closed')
issue.create_comment(note)
def update_external_issue_github(find, prod, eng):
from dojo.utils import get_system_setting
if not get_system_setting('enable_github'):
return
# Check if we have github info related to the product
if GITHUB_PKey.objects.filter(product=prod).count() == 0:
return
github_product = GITHUB_PKey.objects.get(product=prod)
if github_product is None:
logger.error("Unable to get project key")
return
github_conf = github_product.git_conf
g_issue = GITHUB_Issue.objects.get(finding=find)
try:
g_ctx = Github(github_conf.api_key)
repo = g_ctx.get_repo(github_product.git_project)
issue = repo.get_issue(int(g_issue.issue_id))
issue.edit(title=find.title, body=github_body(find), labels=["defectdojo", "security / " + find.severity])
except:
e = sys.exc_info()[0]
logger.error('cannot update finding in github: ' + e)
def add_external_issue_github(find, prod, eng):
from dojo.utils import get_system_setting
if not get_system_setting('enable_github'):
return
# Check if we have github info related to the product
if GITHUB_PKey.objects.filter(product=prod).count() == 0:
logger.debug('cannot find github conf for this product')
return
github_pkey = GITHUB_PKey.objects.get(product=prod)
if github_pkey is None:
logger.error("Unable to get product conf")
return
github_conf = github_pkey.git_conf
# We push only active and verified issues
if 'Active' in find.status() and 'Verified' in find.status():
eng = Engagement.objects.get(test=find.test)
prod = Product.objects.get(engagement=eng)
github_product_key = GITHUB_PKey.objects.get(product=prod)
logger.info('Create issue with github profile: ' + str(github_conf) + ' on product: ' + str(github_product_key))
try:
g = Github(github_conf.api_key)
user = g.get_user()
logger.debug('logged in with github user: ' + user.login)
logger.debug('Look for project: ' + github_product_key.git_project)
repo = g.get_repo(github_product_key.git_project)
logger.debug('Found repo: ' + str(repo.url))
issue = repo.create_issue(title=find.title, body=github_body(find), labels=["defectdojo", "security / " + find.severity])
logger.debug('created issue: ' + str(issue.html_url))
g_issue = GITHUB_Issue(issue_id=issue.number, issue_url=issue.html_url, finding=find)
g_issue.save()
except:
e = sys.exc_info()[0]
logger.error('cannot create finding in github: ' + e)
def github_body(find):
template = 'issue-trackers/jira_full/jira-description.tpl'
kwargs = {}
kwargs['finding'] = find
return render_to_string(template, kwargs)