Mend Ignore Alerts
Project description
Ignore Future Alerts
ws_ignore_alerts.py is a utility for automated ignoring alerts in the newly created WS project, which is a version of the same customer's product, according to the previously ignored alerts in the baseline WS project. Once a new UA scan has finished, and a new project has been created, the utility can be launched as part of the pipeline for automated ignoring alerts. There are three options for use:
- using a baseline project token and destination project name defined by the user - baselineProjectToken and destProjectName (optional: destProjectVersion). Might work with different products.
- using a baseline project token and destination project token defined by the user - baselineProjectToken and destProjectToken. Might work with different products.
- using the default behavior, without providing baseline and destination projects' data. In this case, the destination project is a latest project of the certain product and baseline project is one before the latest project of the same product. Only works within a certain product. The ignored alerts will be pulled from the baseline project, and the same alerts will be ignored in the destination project.
Supported Operating Systems
- Linux (Bash): CentOS, Debian, Ubuntu, RedHat
- Windows (PowerShell): 10, 2012, 2016
Prerequisites
- Python 3.7 or above (additional prerequisites might be required when using Microsoft Windows)
Installation and Execution from PyPi:
- Install by executing:
pip install ws-ignore-alerts
- Configure the appropriate parameters either by using the command line or in
params.config
. - Execute the tool (
ws_ignore_alerts ...
).
Installation and Execution from GitHub:
- Download and unzip ws-ignore-alerts.zip
- Install requirements:
pip install -r requirements.txt
- Configure the appropriate parameters either by using the command line or
params.config
. - Execute:
python ignore_alerts.py
Execution Examples
From the command line:
python ws_ignore_alerts.py -u $wsUrl -k $userKey -o $orgToken -p $productToken -b $baselineProjectToken -n $destProjectName -v $destProjectVersion -t $destProjectToken -d $destProductToken -w whitelist.txt
orpython ws_ignore_alerts.py -u $wsUrl -k $userKey -o $orgToken -p $productToken -b $baselineProjectToken -n $destProjectName -v $destProjectVersion -t $destProjectToken -d $destProductToken -w CVE-xxxx-yyyy,CVE-zzzz-tttt
Using a config file:
python ws_ignore_alerts.py
Note: If more than one version of Python installed on the target machine, use the appropriate executables
for the installation and the execution (pip3
and python3
respectively)
Configuration Parameters
===============================================================================================================
| Group | Parameter | Description |
===============================================================================================================
| DEFAULT | wsUrl | WhiteSource server URL. Can be found under the 'Integrate' tab in |
| | | your WhiteSource organization. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | userKey | WhiteSource User Key. Can be found under the 'Profile' section in |
| | | your WhiteSource organization. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | orgToken | WhiteSource API Key. Can be found under the 'Integrate' tab in your |
| | | your WhiteSource organization. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | productToken | WhiteSource Product Token. Can be found under the 'Integrate' tab |
| | | in your WhiteSource organization. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | baselineProjectToken | Token of the WhiteSource project the ignored alerts are pulled from. |
| | | Can be found under the settings icon within a particular project. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | destProjectName | Name of the WhiteSource project where the alerts will be ignored. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | destProjectVersion | Version of the WhiteSource project where the alerts will be ignored. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | destProjectToken | Token of the WhiteSource project where the alerts will be ignored. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | destProductToken | Token of the WhiteSource product where the alerts will be ignored. |
---------------------------------------------------------------------------------------------------------------
| DEFAULT | whitelist | File with list of CVEs or list of CVEs divided by comma. * |
===============================================================================================================
'* The file should contain the list of CVEs like this:
CVE-xxxx-yyyy
CVE-zzzz-mmmm
CVE-uuuu-nnnn
Author
WhiteSource Software ©
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for ws_ignore_alerts-23.9.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 28edfc768dc256034f239e6ce1e482df916246c6933acaee2ca22cf2a4c28781 |
|
MD5 | 46be46c80c582723e22e5ae39323cdce |
|
BLAKE2b-256 | 382f5f0fd86ba6f9aada374b91753acc8bfc45c1da00dfac6da0240025616b0f |