-
Notifications
You must be signed in to change notification settings - Fork 3
/
ado-da-example.yaml
116 lines (102 loc) · 4.29 KB
/
ado-da-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
trigger:
- master
pool:
vmImage: 'windows-latest'
variables:
solution: '**/*.sln'
buildPlatform: 'Any CPU'
buildConfiguration: 'Release'
steps:
#Submit DAST Scan to Veracode
- task: CmdLine@2
displayName: VC - Install Veracode Auth
inputs:
script: |
pip install veracode-api-signing
- task: CmdLine@2
displayName: VC - Apply Creds
inputs:
script: |
echo [default] >> credentials.txt
echo veracode_api_key_id = $(VERACODE_API_KEY_ID) >> credentials.txt
echo veracode_api_key_secret = $(VERACODE_API_KEY_SECRET) >> credentials.txt
mkdir c:\Users\VssAdministrator\.veracode
cp credentials.txt c:\Users\VssAdministrator\.veracode\credentials
- task: CmdLine@2
displayName: VC - Create DA json
inputs:
script: |
echo { >> da_scan.json
echo "name": "UID | $(build.buildNumber)", >> da_scan.json
echo "scans": [ >> da_scan.json
echo { >> da_scan.json
echo "scan_config_request": { >> da_scan.json
echo "target_url": { >> da_scan.json
echo "url": "https://WWW.EXAMPLE-DOMAIN.COM", >> da_scan.json
echo "http_and_https": true, >> da_scan.json
echo "directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY" >> da_scan.json
echo }, >> da_scan.json
echo "auth_configuration": { >> da_scan.json
echo "authentications": { >> da_scan.json
echo "FORM": { >> da_scan.json
echo "login_script_name": "login-script.side", >> da_scan.json
echo "login_script_data": { >> da_scan.json
echo "script_body": " ESCAPED SELENIUM SCRIPT GOES HERE ", >> da_scan.json
echo "script_type": "SELENIUM" >> da_scan.json
echo }, >> da_scan.json
echo "authtype": "FORM" >> da_scan.json
echo } >> da_scan.json
echo } >> da_scan.json
echo }, >> da_scan.json
echo "scan_setting": { >> da_scan.json
echo "advanced_mode": true, >> da_scan.json
echo "browser_version": "CHROME_DEFAULT" >> da_scan.json
echo }, >> da_scan.json
echo "crawl_configuration": { >> da_scan.json
echo "scripts": [], >> da_scan.json
echo "disabled": false >> da_scan.json
echo } >> da_scan.json
echo }, >> da_scan.json
echo "internal_scan_configuration": { >> da_scan.json
echo "enabled": true, >> da_scan.json
echo "gateway_id": "0be0990a-4838-4a33-a49d-70c72f3xxxxx", >> da_scan.json
echo "endpoint_id": "563f8321-6641-4706-a7ac-afc7b4fxxxxx" >> da_scan.json
echo } >> da_scan.json
echo } >> da_scan.json
echo ], >> da_scan.json
echo "schedule": { >> da_scan.json
echo "now": true, >> da_scan.json
echo "duration": { >> da_scan.json
echo "length": 1, >> da_scan.json
echo "unit": "DAY" >> da_scan.json
echo }, >> da_scan.json
echo "end_date": "", >> da_scan.json
echo "schedule_status": "ACTIVE" >> da_scan.json
echo } >> da_scan.json
echo } >> da_scan.json
- task: PythonScript@0
displayName: VC - kick off DAST scan
inputs:
scriptSource: 'inline'
script: |
import sys
import json
import requests
from veracode_api_signing.plugin_requests import RequestsAuthPluginVeracodeHMAC
api_base = "https://api.veracode.com/was/configservice/v1"
headers = {"User-Agent": "Start DA Scan Example", 'Content-type': 'application/json'}
if __name__ == "__main__":
try:
contents = open('da_scan.json', 'rb').read()
print(contents)
response = requests.post(api_base + "/analyses", auth=RequestsAuthPluginVeracodeHMAC(), data=contents, headers=headers)
except requests.RequestException as e:
print("Failed...")
print(e)
sys.exit(1)
if response.ok:
print(response.status_code)
print(response.content)
else:
print(response.status_code)
print(response.content)