Orgs full scans (#5)

obarrera · Orlando Barrera II · dacoburn · web-flow · commit 1f46b2680b7d · 2024-06-20T13:16:21.000-05:00
* Added the Purl API endpoint

* Updated Readme

* Added the Fullscans API functions GET, POST

* Updated FullScans class name to Camel Case for linting. Changes the nested if clause to a for loop for easier readability and future proofing new params

* Updated the Fullscans def

* Updated the Fullscans class

* Updated FullScans and Readme

---------

Co-authored-by: Orlando Barrera II &lt;orlando@socket.dev&gt;
Co-authored-by: Douglas Coburn &lt;douglas@dactbc.com&gt;
diff --git a/.gitignore b/.gitignore
@@ -6,3 +6,4 @@ venv
 *.zip
 *.pyc
 test.py
+.venv
diff --git a/README.rst b/README.rst
@@ -6,6 +6,7 @@ Purpose
 -------
 
 The Socket.dev Python SDK provides a wrapper around the Socket.dev REST API to simplify making calls to the API from Python.
+Socket API v0 - https://docs.socket.dev/reference/introduction-to-socket-api
 
 Initializing the module
 -----------------------
@@ -256,4 +257,117 @@ Retrieve the package information for a purl post
 **PARAMETERS:**
 
 - **license (str)** - The license parameter if enabled will show alerts and license information. If disabled will only show the basic package metadata and scores. Default is true
-- **components (array{dict})** - The components list of packages urls
+- **components (array{dict})** - The components list of packages urls
+
+fullscans.get(org_slug)
+""""""""""""""""""""""
+Retrieve the Fullscans information for around Organization
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    print(socket.fullscans.get("org_slug"))
+
+**PARAMETERS:**
+
+- **org_slug (str)** - The organization name 
+
+fullscans.post(files, params)
+""""""""""""""""""""""
+Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts.
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    files = [
+        "/path/to/manifest/package.json"
+    ]
+    params = {
+    "org_slug": "org_name", 
+    "repo": "TestRepo",
+    "branch": "main",
+    "commit_message": "Test Commit Message",
+    "commit_hash": "",
+    "pull_request": "",
+    "committers": "commiter",
+    "make_default_branch": False,
+    "set_as_pending_head": False,
+    "tmp": ""
+    }
+
+    print(socket.fullscans.post(files, params))
+
+**PARAMETERS:**
+
+- **files (list)** - List of file paths of manifest files
+- **params (dict)** - List of parameters to create a fullscan 
+
+| Parameter             | Required | Description                                                                                                                                                |
+|:----------------------|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------|
+| --org_slug            | True     | The string name in a git approved name for organization.                                                                                                   |
+| --repo                | True     | The string name in a git approved name for repositories.                                                                                                   |
+| --branch              | False    | The string name in a git approved name for branches.                                                                                                       |
+| --committers          | False    | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer                         |
+| --pull_request        | False    | The integer for the PR or MR number                                                                                                                        |
+| --commit_message      | False    | The string for a commit message if there is one                                                                                                            |
+| --make_default_branch | False    | If the flag is specified this will signal that this is the default branch.                                                                                 |
+| --commit_hash         | False    | Optional git commit hash                                                                                                                                   |
+| --set_as_pending_head | False    |                                                                                                                                                            |                                                                                                                                   
+| --tmp                 | False    |                                                                                                                                                            |
+
+fullscans.delete(org_slug, full_scan_id)
+""""""""""""""""""""""
+Delete an existing full scan.
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    print(socket.fullscans.delete(org_slug, full_scan_id))
+
+**PARAMETERS:**
+
+- **org_slug (str)** - The organization name 
+- **full_scan_id (str)** - The ID of the full scan
+
+fullscans.stream(org_slug, full_scan_id)
+""""""""""""""""""""""
+Stream all SBOM artifacts for a full scan.
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    print(socket.fullscans.stream(org_slug, full_scan_id))
+
+**PARAMETERS:**
+
+- **org_slug (str)** - The organization name 
+- **full_scan_id (str)** - The ID of the full scan
+
+fullscans.metadata(org_slug, full_scan_id)
+""""""""""""""""""""""
+Get metadata for a single full scan
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    print(socket.fullscans.metadata(org_slug, full_scan_id))
+
+**PARAMETERS:**
+
+- **org_slug (str)** - The organization name 
+- **full_scan_id (str)** - The ID of the full scan
diff --git a/socketdev/__init__.py b/socketdev/__init__.py
@@ -10,6 +10,7 @@
 from socketdev.report import Report
 from socketdev.sbom import Sbom
 from socketdev.purl import Purl
+from socketdev.fullscans import FullScans
 from socketdev.repositories import Repositories
 from socketdev.settings import Settings
 from socketdev.socket_classes import Dependency, Org, Response
@@ -91,5 +92,6 @@ def __init__(self, token: str):
         self.report = Report()
         self.sbom = Sbom()
         self.purl = Purl()
+        self.fullscans = FullScans()
         self.repositories = Repositories()
         self.settings = Settings()
diff --git a/socketdev/fullscans/__init__.py b/socketdev/fullscans/__init__.py
@@ -0,0 +1,137 @@
+import socketdev
+from socketdev.tools import load_files
+import json
+
+class FullScans:
+
+    @staticmethod
+    def create_params_string(
+                            params: dict
+                            ) -> str:
+        
+        param_str = ""
+
+        for name in params:
+            value = params[name]
+            if value:
+                param_str += f"&{name}={value}"
+
+        param_str = "?" + param_str.lstrip("&")
+
+        return param_str
+    
+    @staticmethod
+    def get(
+            org_slug: str, 
+            params: dict) -> dict:
+        
+        params_arg = FullScans.create_params_string(params)
+
+        path = "orgs/" + org_slug + "/full-scans" + str(params_arg)
+        headers = None
+        payload = None
+
+        response = socketdev.do_request(
+            path=path,
+            headers=headers,
+            payload=payload
+        )
+
+        if response.status_code == 200:
+            result = response.json()
+        else:
+            result = {}
+            
+        return result
+
+    @staticmethod
+    def post(
+            files: list, 
+            params: dict
+            ) -> dict:
+        
+        loaded_files = []
+        loaded_files = load_files(files, loaded_files)
+
+        params_arg = FullScans.create_params_string(params)
+
+        path = "orgs/" + str(params["org_slug"]) + "/full-scans" + str(params_arg)
+
+        response = socketdev.do_request(
+            path=path,
+            method="POST",
+            files=loaded_files
+        )
+
+        if response.status_code == 201:
+            result = response.json()
+        else:
+            print(f"Error posting {files} to the Fullscans API")
+            print(response.text)
+            result = response.text
+
+        return result
+    
+    @staticmethod
+    def delete(org_slug: str, 
+               full_scan_id: str) -> dict:
+        
+        path = "orgs/" + org_slug + "/full-scans/" + full_scan_id
+
+        response = socketdev.do_request(
+            path=path,
+            method="DELETE"
+        )
+
+        if response.status_code == 200:
+            result = response.json()
+        else:
+            result = {}
+            
+        return result
+
+    @staticmethod
+    def stream(org_slug: str, 
+               full_scan_id: str) -> dict:
+        
+        path = "orgs/" + org_slug + "/full-scans/" + full_scan_id
+
+        response = socketdev.do_request(
+            path=path,
+            method="GET"
+        )
+
+        if response.status_code == 200:
+            stream_str = []
+            stream_dict = {}
+            result = response.text
+            result.strip('"')
+            result.strip()
+            for line in result.split("\n"):
+                if line != '"' and line != "" and line is not None:
+                    item = json.loads(line)
+                    stream_str.append(item)
+            for val in stream_str:
+                stream_dict[val['id']] = val
+        else:
+            stream_dict = {}
+
+        return stream_dict
+    
+    @staticmethod
+    def metadata(org_slug: str, 
+                 full_scan_id: str) -> dict:
+        
+        path = "orgs/" + org_slug + "/full-scans/" + full_scan_id + "/metadata"
+
+        response = socketdev.do_request(
+            path=path,
+            method="GET"
+        )
+
+        if response.status_code == 200:
+            result = response.json()
+        else:
+            result = {}
+
+        return result

-Original file line number
+Diff line change
 *.zip
 *.pyc
 test.py
 +.venv