Python wrapper for JFROG Xray REST API

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for donghui from gravatar.com donghui

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: Donghui Wang
  • Tags jfrog, xray, jfrog-xray, devsecops
  • Requires: Python >=3.7
Classifiers

Project description

Python wrapper for JFROG Xray REST API

jfrog-xray-api is a live python package for JFrog Xray REST API.

jfrog-xray-api on PyPI jfrog-xray-api license jfrog-xray-api downloads jfrog-xray-api downloads/month pylint

Tables of Contents

Install

pip install jfrog-xray-api

Usage

Authentication

# User and password OR API_KEY
from xray import XrayRestClient
xray_rest_client = XrayRestClient(
    base_url="http://localhost:8082/xray",
    username='USERNAME',
    password='PASSWORD or API_KEY'
)

SYSTEM

Create Bundle

system = xray_rest_client.system
response = system.create_bundle("bundle-2023-001")
print(response.json())

Ping Request

system = xray_rest_client.system
response = system.system.send_ping()
print(response.json())

Get Version

system = xray_rest_client.system
response = system.get_version()
print(response.json())

Metrics

system = xray_rest_client.system
response = system.get_metrics()
print(response.json())

Components

Find Component by Name

components = xray_rest_client.components
response = components.find_component_by_name("jenkinsapi")
print(response.json())

Find Components by CVEs

components = xray_rest_client.components
cve_list = ['CVE-2021-4104']
response = components.find_components_by_cves(cve_list)
print(response.json())

Find CVEs by Components

components = xray_rest_client.components
components_id_list = ['gav://commons-collections:commons-collections:3.2.1', 'gav://commons-collections:commons-collections:3.2.2']
response = components.find_cves_by_components(components_id_list)
print(response.json())

Get Component List Per Watch

# TODO

Get Artifact Dependency Graph

components = xray_rest_client.components
artifact_path = '/Artifactory/pnnl/goss/goss-core-client/0.1.7/goss-core-client-0.1.7-sources.jar'
response = components.get_artifact_dependency_graph(artifact_path)
print(response.json())

Compare Artifacts

components = xray_rest_client.components
source_artifact_path = '/Artifactory/pnnl/goss/goss-core-client/0.1.7/goss-core-client-0.1.7-sources.jar'
target_artifact_path = '/Artifactory/pnnl/goss/goss-core-client/0.1.8/goss-core-client-0.1.8-sources.jar'
response = components.compare_artifacts(source_artifact_path, target_artifact_path)
print(response.json())

Get Build Dependency Graph

components = xray_rest_client.components
artifactory_instance = "myInstance",
build_name = "someBuild",
build_number = "someNumber"
response = components.get_build_dependency_graph(artifactory_instance, build_name, build_number)
print(response.json())

Compare Builds

components = xray_rest_client.components
response = components.compare_builds(
    "my-instance", "someOriginBuild", "111",
    "my-instance", "someTargetBuild", "222",
)
print(response.json())

Export Component Details

# TODO

SUMMARY

Build Summary

summary = xray_rest_client.summary
response = summary.get_build_summary("build_name", "123")
print(response.json())

Artifact Summary

summary = xray_rest_client.summary
response = summary.get_artifact_summary(paths=["/Artifactory/pnnl/goss/goss-core-client/0.1.7/goss-core-client-0.1.7-sources.jar"])
print(response.json())

Issues

Create Issue Event

from xray.common import PackageType
issues = xray_rest_client.issues
response = issues.create_issue_event(
    issue_id='test-2023-0221',
    summary='test-2023-0221',
    description='test-2023-0221',
    package_type=PackageType.MAVEN.value,
    component_id='com.test:test',
    vulnerable_versions=["[1.0.10.2,)"],
)
print(response.json())

Update Issue Event

from xray.common import PackageType
issues = xray_rest_client.issues
response = issues.update_issue_event(
    issue_id='test-2023-0221',
    summary='test-2023-0221',
    description='test-2023-0221 update',
    package_type=PackageType.MAVEN.value,
    component_id='com.test:test',
    vulnerable_versions=["[1.0.10.2,)"],
)
print(response.content)

Get Issue Event

issues = xray_rest_client.issues
# get issue event v1
# Note: This API is deprecated in Xray version 3.51.0
response = issues.get_issue_event("test-2023-0221")
# get issue event v2
# Since: Xray  3.51.0
response = issues.get_issue_event("test-2023-0221", api_version="v2")
print(response.json())

SCANNING

Scan Artifact

scanning = xray_rest_client.scanning
response = scanning.scan_artifact("docker://image_name:image_tag")
print(response.json())

Scan Build

scanning = xray_rest_client.scanning
# scan build v1
response = scanning.scan_build("build_name", "build_number")
# scan build v2
# Starting from Xray version 3.42.3
response = scanning.scan_build("build_name", "build_number", api_version='v2')
print(response.json())

Scan Status

from xray.common import PackageType
scanning = xray_rest_client.scanning
# get scan status for artifact
response = scanning.get_scan_status_for_artifact(
    PackageType.NPM.value,
    'npm-local/static-module-3.0.4.tar.gz',
    'b0a887f6e5c16134b7d1280c2150d38811357642d56c622c6f7f6b239f668608'
)
print(response.json())
# get scan status for build
scanning = xray_rest_client.scanning
response = scanning.get_scan_status_for_build("test-build", "1")
print(response.json())
# get scan status for build with project
scanning = xray_rest_client.scanning
response = scanning.get_scan_status_for_build("test-build", "1", project="proj1")
print(response.json())

Scan Now

from xray.common import PackageType
scanning = xray_rest_client.scanning
# scan now
response = scanning.scan_now("local-maven-repo/org/jenkins-ci/main/jenkins-war/2.289.1/jenkins-war-2.289.1.war")
print(response.json())

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for donghui from gravatar.com donghui

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: Donghui Wang
  • Tags jfrog, xray, jfrog-xray, devsecops
  • Requires: Python >=3.7
Classifiers

Release history Release notifications | RSS feed

This version

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2.1

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

jfrog-xray-api-0.0.6.tar.gz (8.2 kB view details)

Uploaded Source

Built Distribution

jfrog_xray_api-0.0.6-py3-none-any.whl (11.3 kB view details)

Uploaded Python 3

File details

Details for the file jfrog-xray-api-0.0.6.tar.gz.

File metadata

  • Download URL: jfrog-xray-api-0.0.6.tar.gz
  • Upload date:
  • Size: 8.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.1 CPython/3.11.2

File hashes

Hashes for jfrog-xray-api-0.0.6.tar.gz
Algorithm Hash digest
SHA256 a531f7554872f1a6a16c692aecb8aa44aac201f44cf7c4fb833f6842e004c57d
MD5 575a81188146321bc337f1bb2809b8a1
BLAKE2b-256 e5214fe6338dec0ab93f50b43d391337542f469de1924cd09f3508094d6d3a40

See more details on using hashes here.

File details

Details for the file jfrog_xray_api-0.0.6-py3-none-any.whl.

File metadata

File hashes

Hashes for jfrog_xray_api-0.0.6-py3-none-any.whl
Algorithm Hash digest
SHA256 d5f770be0088b1347d0dfd9c3847b93e33c5d9e3cfa21e7bf9474316ef11792b
MD5 0706722e0a321a9ff8b548b0b8d4df95
BLAKE2b-256 765dc3529bf414ea30f3e7ab74dbbbb3ad40ac3c5ddc57d7795a87d22db76664

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page