1#!/usr/bin/env python3 

2""" 

3Constants for easy_sast 

4""" 

5# Supported Sets 

6SUPPORTED_APIS = {"results", "upload", "sandbox"} 

7SUPPORTED_API_CLASSES = {"ResultsAPI", "UploadAPI", "SandboxAPI"} 

8SUPPORTED_WORKFLOWS = {"submit_artifacts", "check_compliance"} 

9SUPPORTED_VERBS = {"get", "post"} 

10 

11API_BASE_URL = "https://analysiscenter.veracode.com/api/" 

12 

13## API Attributes 

14API_ATTRIBUTES = { 

15 "upload": { 

16 "base_url", 

17 "version", 

18 "app_name", 

19 "build_dir", 

20 "build_id", 

21 "sandbox_id", 

22 "scan_all_nonfatal_top_level_modules", 

23 "auto_scan", 

24 }, 

25 "results": { 

26 "base_url", 

27 "version", 

28 "app_name", 

29 "ignore_compliance_status", 

30 "ignore_compliance_status", 

31 }, 

32 "sandbox": { 

33 "base_url", 

34 "version", 

35 "app_name", 

36 "build_id", 

37 "sandbox_id", 

38 "sandbox_name", 

39 }, 

40} 

41COMMON_API_ATTRIBUTES = API_ATTRIBUTES["upload"].intersection( 

42 API_ATTRIBUTES["results"], API_ATTRIBUTES["sandbox"] 

43) 

44ONLY_UPLOAD_ATTRIBUTES = API_ATTRIBUTES["upload"].difference( 

45 API_ATTRIBUTES["results"], API_ATTRIBUTES["sandbox"] 

46) 

47ONLY_RESULTS_ATTRIBUTES = API_ATTRIBUTES["results"].difference( 

48 API_ATTRIBUTES["upload"], API_ATTRIBUTES["sandbox"] 

49) 

50ONLY_SANDBOX_ATTRIBUTES = API_ATTRIBUTES["sandbox"].difference( 

51 API_ATTRIBUTES["results"], API_ATTRIBUTES["upload"] 

52) 

53 

54# Upload API 

55UPLOAD_API_VERSIONS = { 

56 "beginprescan.do": "5.0", 

57 "beginscan.do": "5.0", 

58 "createapp.do": "5.0", 

59 "createbuild.do": "5.0", 

60 "deleteapp.do": "5.0", 

61 "deletebuild.do": "5.0", 

62 "getappinfo.do": "5.0", 

63 "getapplist.do": "5.0", 

64 "getbuildinfo.do": "5.0", 

65 "getbuildlist.do": "5.0", 

66 "getfilelist.do": "5.0", 

67 "getpolicylist.do": "5.0", 

68 "getprescanresults.do": "5.0", 

69 "getvendorlist.do": "5.0", 

70 "removefile.do": "5.0", 

71 "updateapp.do": "5.0", 

72 "updatebuild.do": "5.0", 

73 "uploadfile.do": "5.0", 

74 "uploadlargefile.do": "5.0", 

75} 

76 

77# Results API 

78RESULTS_API_VERSIONS = { 

79 "detailedreport.do": "5.0", 

80 "detailedreportpdf.do": "4.0", 

81 "getaccountcustomfieldlist.do": "5.0", 

82 "getappbuilds.do": "4.0", 

83 "getcallstacks.do": "5.0", 

84 "summaryreport.do": "4.0", 

85 "summaryreportpdf.do": "4.0", 

86 "thirdpartyreportpdf.do": "4.0", 

87} 

88 

89# Sandbox API 

90SANDBOX_API_VERSIONS = { 

91 "createsandbox.do": "5.0", 

92 "getsandboxlist.do": "5.0", 

93 "promotesandbox.do": "5.0", 

94 "updatesandbox.do": "5.0", 

95 "deletesandbox.do": "5.0", 

96} 

97 

98## Config Options 

99REQUIRED_CONFIG_ATTRIBUTES_API = {"app_name"} 

100REQUIRED_CONFIG_ATTRIBUTES_TOP = {"loglevel", "workflow", "config_file"} 

101# Explicitly does not have api_key_id and api_key_secret to deter storing 

102# secrets in config files 

103LIMITED_OPTIONS_SET = {"loglevel", "workflow", "config_file"} 

104ALL_OPTIONS_SET = LIMITED_OPTIONS_SET | {"api_key_id", "api_key_secret"} 

105# https://docs.python.org/3/library/logging.html#logging-levels 

106ALLOWED_LOG_LEVELS = { 

107 "DEBUG", 

108 "INFO", 

109 "WARNING", 

110 "ERROR", 

111 "CRITICAL", 

112} 

113 

114# Workflow Items 

115DEFAULT_WORKFLOW = ["submit_artifacts", "check_compliance"] 

116WORKFLOW_TO_API_MAP = { 

117 "submit_artifacts": {"upload", "sandbox"}, 

118 "check_compliance": {"results"}, 

119} 

120 

121# submit_artifacts 

122WHITELIST_FILE_SUFFIX_SET = { 

123 ".exe", 

124 ".pdb", 

125 ".dll", 

126 ".jar", 

127 ".zip", 

128 ".tar", 

129 ".tgz", 

130 ".war", 

131 ".ear", 

132 ".jar", 

133 ".apk", 

134 ".ipa", 

135} 

136WHITELIST_FILE_SUFFIXES_LIST = [".tar", ".gz"]