Merge branch 'master' of github.com:blackducksoftware/hub-rest-api-python

Author: snps-kumykov

README.md

@@ -8,6 +8,10 @@ In v2022.2 of Black Duck the REST API introduced a max page size to protect syst
 
 **The old HubInstance interface and many of the examples using it do not perform paging and will break as a result of the changes in v2022.2**.
 
+Any issues related to the HubInstance Interface will be closed as *Won't Fix*
+
+Any PRs with new or modified example scripts/utilities **must** use the client interface.
+
 # New in 1.0.0
 
 Introducing the new Client class.
@@ -61,7 +65,18 @@ for project in bd.get_resource(name='projects'):
 
 Example code showing how to work with the new Client can be found in the *examples/client* folder.
 
+**Examples which use the old HubInstance interface -which is not maintained- are not guaranteed to work. Use at your own risk.**
+
+# Version History
+
+Including a version history on a go-forward basis. 
+
+## v1.1.0
+
+Retries will be attempted for all HTTP verbs, not just GET.
+
 # Test #
+
 Using [pytest](https://pytest.readthedocs.io/en/latest/contents.html)
 
 ```bash

blackduck/Client.py

@@ -42,7 +42,6 @@ def __init__(self, base_url, timeout, retries, verify):
             total=int(retries),
             backoff_factor=2,  # exponential retry 1, 2, 4, 8, 16 sec ...
             status_forcelist=[429, 500, 502, 503, 504],
-            allowed_methods=['GET']
         )
 
         adapter = HTTPAdapter(max_retries=retry_strategy)

blackduck/__version__.py

@@ -1,3 +1,3 @@
-VERSION = (1, 0, 7)
+VERSION = (1, 1, 0)
 
 __version__ = '.'.join(map(str, VERSION))

examples/client/deactivate_users.py

@@ -0,0 +1,147 @@
+'''
+Purpose: Deactivates Black Duck users who are not actively using the system, will warn for users that have never logged in.
+
+Usage:
+deactivate_users.py [--dry-run] [--since-days DAYS] [--interactive] [--base-url https://your.blackduck.url] [--token-file token.txt]
+
+required arguments:
+  --base-url BASE_URL      Hub server URL e.g. https://your.blackduck.url
+  --token-file TOKEN_FILE  containing access token
+
+optional arguments:
+    --dry-run       Show actions that would be executed on a normal run
+    --since-days    Number of days since last login for a user to be inactive. Default: 90
+    --interactive   Run in interactive mode to choose which users to deactivate
+
+Examples:
+
+authentication required for all examples below
+--base-url https://your.blackduck.url --token-file token.txt
+
+print help message
+python deactivate_users.py -h
+
+deactivate all users who haven't logged in for more than 90 days
+python deactivate_users.py
+
+log users that would be deactivated who haven't logged in for more than 90 days
+python deactivate_users.py --dry-run
+
+deactivate all users who haven't logged in for more than 30 days
+python deactivate_users.py --since-days 30
+
+interactively deactivate users who haven't logged in for more than 120 days
+python deactivate_users.py --since-days 120 --interactive
+'''
+
+from blackduck import Client
+import logging
+import argparse
+
+def query_yes_no(question, default="yes"):
+    """Ask a yes/no question via input() and return their answer.
+
+    "question" is a string that is presented to the user.
+    "default" is the presumed answer if the user just hits <Enter>.
+            It must be "yes" (the default), "no" or None (meaning
+            an answer is required of the user).
+
+    The "answer" return value is True for "yes" or False for "no".
+    """
+    valid = {"yes": True, "y": True, "ye": True, "no": False, "n": False}
+    if default is None:
+        prompt = " [y/n] "
+    elif default == "yes":
+        prompt = " [Y/n] "
+    elif default == "no":
+        prompt = " [y/N] "
+    else:
+        raise ValueError("invalid default answer: '%s'" % default)
+
+    while True:
+        print(question + prompt)
+        choice = input().lower()
+        if default is not None and choice == "":
+            return valid[default]
+        elif choice in valid:
+            return valid[choice]
+        else:
+            print("Please respond with 'yes' or 'no' " "(or 'y' or 'n').\n")
+
+logging.basicConfig(
+    level=logging.INFO,
+    format="[%(asctime)s] {%(module)s:%(lineno)d} %(levelname)s - %(message)s"
+)
+
+# Use -h to print help message
+parser = argparse.ArgumentParser("Deactivates users in the system")
+parser.add_argument("--base-url", required=True, help="Hub server URL e.g. https://your.blackduck.url")
+parser.add_argument("--token-file", dest='token_file', required=True, help="containing access token")
+parser.add_argument("--no-verify", dest='verify', action='store_false', help="disable TLS certificate verification")
+parser.add_argument("-d", "--dry-run", action='store_true', help=f"Run in dry-run mode to determine users it will update")
+parser.add_argument("-s", "--since-days", default=90, type=int, help=f"Number of days since last login for a user to be inactive. Default: 90")
+parser.add_argument("-i", "--interactive", action='store_true', help=f"Run in interactive mode to manually choose which users to deactivate, has no effect when run with dry-run mode")
+
+args = parser.parse_args()
+
+with open(args.token_file, 'r') as tf:
+    access_token = tf.readline().strip()
+
+bd = Client(
+    base_url=args.base_url,
+    token=access_token,
+    verify=args.verify
+)
+
+system_users = ['sysadmin', 'anonymous', 'blackduck_system', 'default-authenticated-user']
+
+dormant_params = {
+   "sinceDays": args.since_days
+}
+
+headers = {
+    'accept': "application/vnd.blackducksoftware.user-4+json"
+}
+
+for user in bd.get_items("api/dormant-users", params=dormant_params, headers=headers):
+    if user['username'] not in system_users:
+        # If the user has logged in before
+        if 'lastLogin' in user:
+            if args.dry_run:
+                logging.info(f"Will mark user '{user['username']}' as inactive, their last login date was {user['lastLogin']}")
+            else:
+
+                user_url = user['_meta']['href'].replace("/last-login", "")
+
+                # Get the user data to keep all data the same except for the active parameter
+                user_data = bd.get_json(user_url)
+                # Skip already inactive users
+                if user_data['active'] == False:
+                    continue
+
+                # If interactive mode is running, prompt the user before disabling
+                if args.interactive:
+                    proceed = query_yes_no(f"User '{user['username']}' last login date was {user['lastLogin']}, do you want to mark them as inactive?")
+                    if not proceed:
+                        logging.info(f"Skipping user '{user['username']}' due to interactive input")
+                        continue
+                logging.info(f"Marking user '{user['username']}' as inactive")
+                deactivate_params = {"userName": user_data['userName'],
+                                     "externalUserName": user_data['externalUserName'] if 'externalUserName' in user_data else None,
+                                     "firstName": user_data['firstName'],
+                                     "lastName": user_data['lastName'],
+                                     "email": user_data['email'],
+                                     "type": user_data['type'],
+                                     "active": False}
+                # Deactivate the user
+                response = bd.session.put(user_url, json=deactivate_params)
+                if response.status_code == 200:
+                    logging.info(f"User '{user['username']}' updated successfully")
+                elif response.status_code == 404:
+                    logging.info(f"User '{user['username']}' 404 Not found")
+                else:
+                    logging.error(f"Unexpected error updating user '{user['username']}'")
+                    bd.http_error_handler(response)
+        #Else the user has never logged in
+        else:
+            logging.warning(f"User '{user['username']}' has never logged in")

examples/client/delete_oldest_version_at_version_limit.py

@@ -0,0 +1,64 @@
+'''
+Created on January 23, 2023
+@author: christopher-mackle
+Delete the oldest project version (last created or last updated) when you've hit your max version limit
+'''
+
+from datetime import datetime
+from blackduck.Client import Client
+import argparse
+
+parser = argparse.ArgumentParser("Get a specific component and list its vulnerabilities")
+parser.add_argument("--url", dest='url', required=True, help="Hub server URL e.g. https://your.blackduck.url")
+parser.add_argument("--token", dest='token', required=True, help="Hub server access token")
+parser.add_argument("--project", dest='project_name', required=True, help="Name of project")
+parser.add_argument("--mode", dest='mode', required=False, default='createdAt', help="Use createdAt or updatedAt")
+parser.add_argument("--count", dest='count_total', required=False, default=9, help="Max versions - 1")
+args = parser.parse_args()
+
+TOKEN = args.token
+BASE_URL = args.url
+PROJECT_NAME = args.project_name
+
+try:
+    bd = Client(
+        token=TOKEN,
+        base_url=BASE_URL,
+        verify=False  # TLS certificate verification
+    )
+except:
+    print("Could not authenticate to your Black Duck server with the given URL and token.")
+
+def deleteVersion(mode):
+    count = 0
+    time_format = '%Y-%m-%dT%H:%M:%S.%fZ'
+    for version in bd.get_resource('versions', project):
+        count = count + 1
+        if count == 1:
+            oldest_version = version
+        else:
+            oldestVersionDate = datetime.strptime(oldest_version[mode], time_format)
+            currentVersionDate = datetime.strptime(version[mode], time_format)
+            if currentVersionDate < oldestVersionDate:
+                oldest_version = version
+    if count > int(args.count_total):
+        print('Too many project versions. Deleting oldest project version before scanning.')
+        projectVersionToDelete = oldest_version['_meta']['href']
+        r = bd.session.delete(projectVersionToDelete)
+        r.raise_for_status()
+        print("Project version " + oldest_version['versionName'] + ' has been deleted.')
+
+if __name__ == '__main__':
+    found = False
+    for project in bd.get_resource('projects'):
+        if project['name'] == PROJECT_NAME:
+            found = True
+            if args.mode == 'createdAt':
+                deleteVersion(args.mode)
+            elif args.mode == 'updatedAt':
+                deleteVersion('settingUpdatedAt')
+            else:
+                print("Invalid mode: " + args.mode)
+                print("Valid modes: createdAt, updatedAt")
+    if not found:
+        print("Project " + PROJECT_NAME + " not found.")