defectdojo_api
defectdojo_api copied to clipboard
DefectDojo
When using upload_scan in response result 'id' is not present in self.data
When creating a new Engagement and uploading Scan results 'id' is not present in self.data.
Changed to check if 'id' exists, else it will return Engagement ID.
Error:
Traceback (most recent call last):
File "d.py", line 280, in
Which call are you executing against the api? I don't think this change should be necessary. The POST on the engagements endpoint returns an id field. If you're using import_scan we should change the serverside code to return an id maybe.
Based on the dojo_ci.py code present in the repo:
def create_findings(dd, engagement_id, scanner, file, build=None):
# Upload the scanner export
if int(engagement_id) > 0:
print("Uploading scanner data.")
date = datetime.now()
# upload_scan(self, engagement_id, scan_type, file, active, verified, close_old_findings, skip_duplicates, scan_date,
upload_scan = dd.upload_scan(engagement_id, SCANNERS[scanner], file, True, False, True, True, date.strftime("%Y-%m-%d"),
tags="CI/CD", build=None, minimum_severity="Low")
if upload_scan.success:
test_id = upload_scan.id()
else:
print(upload_scan.message)
quit()
upload_scan in the api wrapper calls import_scan on the server. I think import_scan on the server should return an id, same a reimport probably. Can you create a github issue in the main repo?
The id() method is used for responses that contain a model. The import and reimport don't contain a model. There is a field test in the response that contains the id of the test that was created. The d.py above that is calling the id function is not part of this repo.
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}