Checkmarx Python SDK
Project description
Checkmarx Python SDK
This is wrapper using Python for CxSAST and CxOSA REST API, Portal SOAP API, CxSAST ODATA API, CxSCA REST API.
By using this SDK, Checkmarx users will be able to do automatic scanning with CxSAST, CxOSA, and CxSCA.
Checkmarx API Official Documents
For more information about Checkmarx API, please refer to Checkmarx knowledge Center:
Notice
Please use Python3
Quick Start
Install the library
The easiest way to begin using the SDK is to install it using the pip command.
$ pip install CheckmarxPythonSDK
Alternatively, either download and unzip this repository, or clone it to your local drive, and install using the setup.py
script.
$ git clone https://github.com/checkmarx-ts/checkmarx-python-sdk.git
$ python setup.py install
Even if you install the SDK using pip, you might still want to download or clone this repository for the sample scripts.
Set up configuration
Option 1, using config.ini file:
[checkmarx]
base_url = http://localhost:80
username = ******
password = ******
grant_type = password
scope = sast_rest_api
client_id = resource_owner_client
client_secret = 014DF517-39D1-4453-B7B3-9930C563627C
url = %(base_url)s/cxrestapi
scan_preset = Checkmarx Default
configuration = Default Configuration
team_full_name = /CxServer
max_try = 3
[CxSCA]
access_control_url = https://platform.checkmarx.net
server = https://api-sca.checkmarx.net
account = ***
username = ***
password = ***
[CxAST]
access_control_url = https://iam.checkmarx.net
server = https://ast.checkmarx.net
tenant_name = ***
grant_type = ***
username = ***
password = ***
client_id = ***
refresh_token = ***
configuration file path:
By default, Checkmarx Python SDK looks for config.ini
file in a .Checkmarx
folder in your home directory.
- For windows, it should be like
C:\\Users\\<UserName>\\.Checkmarx\\config.ini
- For linux and MacOS, it should be like
/home/<UserName>/.Checkmarx/config.ini
You can also use checkmarx_config_path
as environment variable or command line argument to set up configuration file path.
Option 2, using environment variables or command line arguments
For CxSAST:
- cxsast_base_url
- cxsast_username
- cxsast_password
- cxsast_grant_type
- cxsast_scope
- cxsast_client_id
- cxsast_client_secret
For CxSCA:
- cxsca_access_control_url
- cxsca_server
- cxsca_account
- cxsca_username
- cxsca_password
For CxAST:
- cxast_access_control_url
- cxast_server
- cxast_tenant_name
- cxast_grant_type
- cxast_username
- cxast_password
- cxast_client_id
- cxast_refresh_token
Examples
Please find example scripts from here.
The CxSAST and CxOSA REST API list
- For REST API, use Bearer Token for authentication
- auth_headers (This is a global variable that stored token)
- TeamAPI
- create_team
- get_all_teams
- get_team_id_by_team_full_name (provided by SDK)
- get_team_full_name_by_team_id (provided by SDK)
- ProjectsAPI
- get_all_project_details
- create_project_with_default_configuration
- get_project_id_by_project_name_and_team_full_name (provided by SDK)
- get_project_details_by_id
- update_project_by_id
- update_project_name_team_id
- delete_project_by_id
- create_project_if_not_exists_by_project_name_and_team_full_name (provided by SDK)
- delete_project_if_exists_by_project_name_and_team_full_name (provided by SDK)
- create_branched_project
- get_all_issue_tracking_systems
- get_issue_tracking_system_id_by_name
- get_issue_tracking_system_details_by_id
- get_project_exclude_settings_by_project_id
- set_project_exclude_settings_by_project_id
- get_remote_source_settings_for_git_by_project_id
- set_remote_source_setting_to_git
- get_remote_source_settings_for_svn_by_project_id
- set_remote_source_settings_to_svn
- get_remote_source_settings_for_tfs_by_project_id
- set_remote_source_settings_to_tfs
- get_remote_source_settings_for_custom_by_project_id
- set_remote_source_setting_for_custom_by_project_id
- get_remote_source_settings_for_shared_by_project_id
- set_remote_source_settings_to_shared
- get_remote_source_settings_for_perforce_by_project_id
- set_remote_source_settings_to_perforce
- set_remote_source_setting_to_git_using_ssh
- set_remote_source_setting_to_svn_using_ssh
- upload_source_code_zip_file
- set_data_retention_settings_by_project_id
- set_issue_tracking_system_as_jira_by_id
- get_all_preset_details
- get_preset_id_by_name
- get_preset_details_by_preset_id
- set_project_queue_setting
- update_project_queue_setting
- CustomTasksAPI
- get_all_custom_tasks
- get_custom_task_id_by_name
- get_custom_task_by_id
- get_custom_task_by_name
- CustomFieldsAPI
- get_all_custom_fields
- get_custom_field_id_by_name
- ScansAPI
- get_all_scans_for_project
- get_last_scan_id_of_a_project
- create_new_scan
- get_sast_scan_details_by_scan_id
- add_or_update_a_comment_by_scan_id
- delete_scan_by_scan_id
- get_statistics_results_by_scan_id
- get_scan_queue_details_by_scan_id
- update_queued_scan_status_by_scan_id
- get_all_scan_details_in_queue
- get_scan_settings_by_project_id
- define_sast_scan_settings
- update_sast_scan_settings
- define_sast_scan_scheduling_settings
- assign_ticket_to_scan_results
- publish_last_scan_results_to_management_and_orchestration_by_project_id
- get_the_publish_last_scan_results_to_management_and_orchestration_status
- get_short_vulnerability_description_for_a_scan_result
- register_scan_report
- get_report_status_by_id
- get_report_by_id
- is_scanning_finished (provided by SDK)
- is_report_generation_finished (provided by SDK)
- get_scan_results_of_a_specific_query
- get_scan_results_for_a_specific_query_group_by_best_fix_location
- update_scan_result_labels_fields
- create_new_scan_with_settings
- get_scan_result_labels_fields
- get_scan_logs
- get_basic_metrics_of_a_scan
- get_parsed_files_metrics_of_a_scan
- get_failed_queries_metrics_of_a_scan
- get_failed_general_queries_metrics_of_a_scan
- get_succeeded_general_queries_metrics_of_a_scan
- DataRetentionAPI
- stop_data_retention
- define_data_retention_date_range
- define_data_retention_by_number_of_scans
- get_data_retention_request_status
- define_data_retention_by_rolling_date
- define_data_retention_by_rolling_months
- EnginesAPI
- get_all_engine_server_details
- get_engine_id_by_name
- register_engine
- unregister_engine_by_engine_id
- get_engine_details
- update_engine_server
- get_all_engine_configurations
- get_engine_configuration_id_by_name
- get_engine_configuration_by_id
- OsaAPI
- get_all_osa_scan_details_for_project
- get_last_osa_scan_id_of_a_project
- get_osa_scan_by_scan_id
- create_an_osa_scan_request
- get_all_osa_file_extensions
- get_osa_licenses_by_id
- get_osa_scan_libraries
- get_osa_scan_vulnerabilities_by_id
- get_first_vulnerability_id
- get_osa_scan_vulnerability_comments_by_id
- get_osa_scan_summary_report
- possible Exceptions
- BadRequestError (provided by SDK)
- NotFoundError (provided by SDK)
- CxError (provided by SDK)
- AccessControlAPI
- get_all_assignable_users
- get_all_authentication_providers
- submit_first_admin_user
- get_admin_user_exists_confirmation
- get_all_ldap_role_mapping
- update_ldap_role_mapping
- delete_ldap_role_mapping
- test_ldap_server_connection
- get_user_entries_by_search_criteria
- get_group_entries_by_search_criteria
- get_all_ldap_servers
- create_new_ldap_server
- get_ldap_server_by_id
- update_ldap_server
- delete_ldap_server
- get_ldap_team_mapping
- update_ldap_team_mapping
- delete_ldap_team_mapping
- get_my_profile
- update_my_profile
- get_all_oidc_clients
- create_new_oidc_client
- get_oidc_client_by_id
- update_an_oidc_client
- delete_an_oidc_client
- get_all_permissions
- get_permission_by_id
- get_all_roles
- get_role_id_by_name
- create_new_role
- get_role_by_id
- update_a_role
- delete_a_role
- get_all_saml_identity_providers
- create_new_saml_identity_provider
- get_saml_identity_provider_by_id
- update_new_saml_identity_provider
- delete_a_saml_identity_provider
- get_details_of_saml_role_mappings
- set_saml_group_and_role_mapping_details
- get_saml_service_provider_metadata
- get_saml_service_provider
- update_a_saml_service_provider
- get_details_of_saml_team_mappings
- set_saml_group_and_team_mapping_details
- get_all_service_providers
- get_service_provider_by_id
- get_all_smtp_settings
- create_smtp_settings
- get_smtp_settings_by_id
- update_smtp_settings
- delete_smtp_settings
- test_smtp_connection
- get_all_system_locales
- get_members_by_team_id
- update_members_by_team_id
- add_a_user_to_a_team
- delete_a_member_from_a_team
- get_all_teams
- get_team_id_by_full_name
- create_new_team
- get_team_by_id
- update_a_team
- delete_a_team
- generate_a_new_token_signing_certificate
- upload_a_new_token_signing_certificate
- get_all_users
- get_user_id_by_name
- create_new_user
- get_user_by_id
- update_a_user
- delete_a_user
- migrate_existing_user
- get_all_windows_domains
- get_windows_domain_id_by_name
- create_a_new_windows_domain
- get_windows_domain_by_id
- update_a_windows_domain
- delete_a_windows_domain
- get_windows_domain_user_entries_by_search_criteria
- Configuration API
- get_cx_component_configuration_settings
- update_cx_component_configuration_settings 13 . Queries API
- get_the_full_description_of_the_query
The CxSAST Portal SOAP API list
- cx portal web service
- add_license_expiration_notification
- create_new_preset
- create_scan_report
- delete_preset
- delete_project
- delete_projects
- export_preset
- export_queries
- get_compare_scan_results
- get_import_queries_status
- get_path_comments_history
- get_queries_categories
- get_query_collection
- get_query_id_by_language_group_and_query_name
- get_name_of_user_who_marked_false_positive_from_comments_history
- get_preset_list
- get_result_path
- get_results_for_scan
- get_server_license_data
- get_server_license_summary
- get_user_profile_data
- get_version_number
- get_version_number_as_int
- import_preset
- import_queries
- lock_scan
- unlock_scan
- cx Audit web service
- get_files_extensions
- get_source_code_for_scan
- upload_queries
The CxSAST OData API List
-
Projects
- get_top_n_projects_by_risk_score
- get_top_n_projects_by_last_scan_duration
- get_all_projects_with_their_last_scan_and_the_high_vulnerabilities
- get_projects_that_have_high_vulnerabilities_in_the_last_scan
- get_the_number_of_issues_vulnerabilities_within_a_predefined_time_range_for_all_projects_in_a_team
- get_count_of_the_projects_in_the_system
- get_all_projects_with_a_custom_field_that_has_a_specific_value
- get_all_projects_with_a_custom_field_as_well_as_the_custom_field_information
- get_presets_associated_with_each_project
- get_all_projects_that_are_set_up_with_a_non_standard_configuration
- get_all_projects_id_name
-
Results
- get_results_for_a_specific_scan_id
- get_the_query_that_was_run_for_a_particular_unique_scan_result
- get_results_for_a_specific_scan_id_with_query_language_state
- get_results_group_by_query_id_and_add_count_json_format
- get_results_for_a_specific_scan_id_with_similarity_ids
-
Scans
- get_all_data_for_a_specific_scan_id
- get_number_of_loc_scanned_for_a_specific_scan
- get_number_of_loc_scanned_for_all_scan
- get_last_scan_id_of_a_project
- get_last_scan_of_a_project
- get_last_full_scan_id_of_a_project
- get_last_full_scan_of_a_project
- get_all_scans_within_a_predefined_time_range_and_their_h_m_l_values_for_a_project
- get_the_state_of_each_scan_result_since_a_specific_date_for_a_project
- get_all_scan_id_of_a_project
The CxSCA REST API List
-
Projects
- get_all_projects
- create_a_new_project
- get_project_id_by_name
- get_project_by_id
- update_project
- delete_project
-
Scans
- get_all_scans_associated_with_a_project
- get_latest_scan_id_of_a_project
- get_scan_by_id
- get_scan_status
- get_scan_settings
-
Risk Reports
- get_risk_report_summary
- get_packages_of_a_scan
- get_vulnerabilities_of_a_scan
- get_licenses_of_a_scan
- ignore_a_vulnerability_for_a_specific_package_and_project
- undo_the_ignore_state_of_an_ignored_vulnerability
-
Settings
- get_settings_for_a_specific_project
- update_settings_for_a_specific_project
-
Scan Upload
- generate_upload_link_for_scanning
- upload_zip_content_for_scanning
- scan_previously_uploaded_zip
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for CheckmarxPythonSDK-0.4.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7f3d5cf4465ebfa7717e22494959885719350bca7c0c87c5bdae14e7d15df779 |
|
MD5 | f380d8751952d8675a3ed4968a7a2029 |
|
BLAKE2b-256 | 33292514899875189197aa0fcdf00b23422a6eab27a0382ea554f9dd00ac0e2c |