Skip to content

Add phylum exception subcommand #1557

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cd-work merged 11 commits into from
Dec 19, 2024
Merged

Add phylum exception subcommand #1557

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
1d88157
Fix firewall clap args
cd-work Dec 13, 2024
da76b21
Add `phylum exception` subcommand
cd-work Dec 17, 2024
b20070a
Regenerate documentation
cd-work Dec 17, 2024
6a87dca
Remove last TODO
cd-work Dec 17, 2024
797e4f6
Fix CLI arguments
cd-work Dec 18, 2024
14640b0
Fix minor style issues
cd-work Dec 18, 2024
a1804a8
Fix incorrect ecosystem usage
cd-work Dec 18, 2024
082ac40
Regenerate documentation
cd-work Dec 18, 2024
e65c660
Add dynamic namespace resolution
cd-work Dec 19, 2024
4f634c9
Simplify filter logic
cd-work Dec 19, 2024
61ecc3e
Fix clippy lints
cd-work Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

## Unreleased

### Added

- `phylum exception` subcommand for managing suppressions

## 7.2.0 - 2024-12-10

### Added
Expand Down
6 changes: 4 additions & 2 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions cli/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ version = "7.2.0"
authors = ["Phylum, Inc. <engineering@phylum.io>"]
license = "GPL-3.0-or-later"
edition = "2021"
rust-version = "1.80.0"
rust-version = "1.82.0"
autotests = false

[[test]]
Expand Down Expand Up @@ -38,6 +38,7 @@ git2 = { version = "0.19.0", default-features = false }
git-version = "0.3.5"
home = "0.5.3"
ignore = { version = "0.4.20", optional = true }
indexmap = "2.7.0"
lazy_static = "1.4.0"
libc = "0.2.135"
log = "0.4.6"
Expand All @@ -48,7 +49,7 @@ phylum_lockfile = { path = "../lockfile", features = ["generator"] }
phylum_project = { path = "../phylum_project" }
phylum_types = { git = "https://github.com/phylum-dev/phylum-types", branch = "development" }
prettytable-rs = "0.10.0"
purl = "0.1.1"
purl = { version = "0.1.5", features = ["serde"] }
rand = "0.8.4"
regex = "1.5.5"
reqwest = { version = "0.12.7", features = ["blocking", "json", "rustls-tls", "rustls-tls-native-roots", "rustls-tls-webpki-roots"], default-features = false }
Expand Down
113 changes: 113 additions & 0 deletions cli/src/api/endpoints.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,119 @@ pub fn firewall_log(api_uri: &str) -> Result<Url, BaseUriError> {
Ok(get_firewall_path(api_uri)?.join("activity")?)
}

/// GET /organizations/<orgName>/groups/<groupName>/preferences.
pub fn org_group_preferences(
api_uri: &str,
org_name: &str,
group_name: &str,
) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"organizations",
org_name,
"groups",
group_name,
"preferences",
]);
Ok(url)
}

/// GET /preferences/group/<groupName>
pub fn group_preferences(api_uri: &str, group_name: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend(["preferences", "group", group_name]);
Ok(url)
}

/// GET /preferences/project/<projectId>
pub fn project_preferences(api_uri: &str, project_id: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend(["preferences", "project", project_id]);
Ok(url)
}

/// POST /organizations/<orgName>/groups/<groupName>/suppress.
pub fn org_group_suppress(
api_uri: &str,
org_name: &str,
group_name: &str,
) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"organizations",
org_name,
"groups",
group_name,
"suppress",
]);
Ok(url)
}

/// POST /preferences/group/<groupName>/suppress.
pub fn group_suppress(api_uri: &str, group_name: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"preferences",
"group",
group_name,
"suppress",
]);
Ok(url)
}

/// POST /preferences/project/<projectId>/suppress.
pub fn project_suppress(api_uri: &str, project_id: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"preferences",
"project",
project_id,
"suppress",
]);
Ok(url)
}

/// POST /organizations/<orgName>/groups/<groupName>/unsuppress.
pub fn org_group_unsuppress(
api_uri: &str,
org_name: &str,
group_name: &str,
) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"organizations",
org_name,
"groups",
group_name,
"unsuppress",
]);
Ok(url)
}

/// POST /preferences/group/<groupName>/unsuppress.
pub fn group_unsuppress(api_uri: &str, group_name: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"preferences",
"group",
group_name,
"unsuppress",
]);
Ok(url)
}

/// POST /preferences/project/<projectId>/unsuppress.
pub fn project_unsuppress(api_uri: &str, project_id: &str) -> Result<Url, BaseUriError> {
let mut url = get_api_path(api_uri)?;
url.path_segments_mut().unwrap().pop_if_empty().extend([
"preferences",
"project",
project_id,
"unsuppress",
]);
Ok(url)
}

/// GET /.well-known/openid-configuration
pub fn oidc_discovery(api_uri: &str) -> Result<Url, BaseUriError> {
Ok(get_api_path(api_uri)?.join(".well-known/openid-configuration")?)
Expand Down
91 changes: 89 additions & 2 deletions cli/src/api/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ use crate::types::{
FirewallLogFilter, FirewallLogResponse, FirewallPaginated, GetProjectResponse, HistoryJob,
ListUserGroupsResponse, OrgGroupsResponse, OrgMembersResponse, OrgsResponse, PackageSpecifier,
PackageSubmitResponse, Paginated, PingResponse, PolicyEvaluationRequest,
PolicyEvaluationResponse, PolicyEvaluationResponseRaw, ProjectListEntry, RevokeTokenRequest,
SubmitPackageRequest, UpdateProjectRequest, UserToken,
PolicyEvaluationResponse, PolicyEvaluationResponseRaw, Preferences, ProjectListEntry,
RevokeTokenRequest, SubmitPackageRequest, Suppression, UpdateProjectRequest, UserToken,
};

pub mod endpoints;
Expand Down Expand Up @@ -596,6 +596,93 @@ impl PhylumApi {
Ok(log)
}

/// Get group preferences.
pub async fn group_preferences(
&self,
org: Option<&str>,
group: &str,
) -> Result<Preferences<'static>> {
match org {
Some(org) => {
let url =
endpoints::org_group_preferences(&self.config.connection.uri, org, group)?;
self.get(url).await
},
None => {
#[derive(Deserialize)]
struct Response<'a> {
preferences: Preferences<'a>,
}

let url = endpoints::group_preferences(&self.config.connection.uri, group)?;
Ok(self.get::<Response, _>(url).await?.preferences)
},
}
}

/// Get project preferences.
pub async fn project_preferences(&self, project_id: &str) -> Result<Preferences<'static>> {
#[derive(Deserialize)]
struct Response<'a> {
preferences: Preferences<'a>,
}

let url = endpoints::project_preferences(&self.config.connection.uri, project_id)?;
Ok(self.get::<Response, _>(url).await?.preferences)
}

/// Add group suppression.
pub async fn group_suppress(
&self,
org: Option<&str>,
group: &str,
suppressions: &[Suppression<'_>],
) -> Result<()> {
let url = match org {
Some(org) => endpoints::org_group_suppress(&self.config.connection.uri, org, group)?,
None => endpoints::group_suppress(&self.config.connection.uri, group)?,
};
self.send_request_raw(Method::POST, url, Some(suppressions)).await?;
Ok(())
}

/// Get project suppression.
pub async fn project_suppress(
&self,
project_id: &str,
suppressions: &[Suppression<'_>],
) -> Result<()> {
let url = endpoints::project_suppress(&self.config.connection.uri, project_id)?;
self.send_request_raw(Method::POST, url, Some(suppressions)).await?;
Ok(())
}

/// Remove group suppression.
pub async fn group_unsuppress(
&self,
org: Option<&str>,
group: &str,
unsuppressions: &[Suppression<'_>],
) -> Result<()> {
let url = match org {
Some(org) => endpoints::org_group_unsuppress(&self.config.connection.uri, org, group)?,
None => endpoints::group_unsuppress(&self.config.connection.uri, group)?,
};
self.send_request_raw(Method::POST, url, Some(unsuppressions)).await?;
Ok(())
}

/// Remove project suppression.
pub async fn project_unsuppress(
&self,
project_id: &str,
unsuppressions: &[Suppression<'_>],
) -> Result<()> {
let url = endpoints::project_unsuppress(&self.config.connection.uri, project_id)?;
self.send_request_raw(Method::POST, url, Some(unsuppressions)).await?;
Ok(())
}

/// Get reachable vulnerabilities.
#[cfg(feature = "vulnreach")]
pub async fn vulnerabilities(&self, job: Job) -> Result<Vec<Vulnerability>> {
Expand Down
Loading
Loading