diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index fd30acae59..cee9ad5048 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -28134,6 +28134,249 @@ components: type: string x-enum-varnames: - CUSTOMER_ORG_DISABLE + CycloneDXBom: + description: A CycloneDX 1.5 Bill of Materials (BOM) document containing vulnerability data. + properties: + bomFormat: + description: The BOM format identifier. Must be `CycloneDX`. + example: CycloneDX + type: string + components: + description: The list of scanned software components. Cannot be empty. + items: + $ref: "#/components/schemas/CycloneDXComponent" + type: array + metadata: + $ref: "#/components/schemas/CycloneDXMetadata" + specVersion: + description: The CycloneDX specification version. Must be `1.5`. + example: "1.5" + type: string + version: + description: The version number of the BOM document. + example: 1 + format: int64 + type: integer + vulnerabilities: + description: The list of detected vulnerabilities. Cannot be empty. + items: + $ref: "#/components/schemas/CycloneDXVulnerability" + type: array + required: + - bomFormat + - specVersion + - metadata + - components + - vulnerabilities + type: object + CycloneDXComponent: + description: A software component identified during scanning. + properties: + bom-ref: + description: A unique reference identifier used to link vulnerabilities to this component. + example: a3390fca-c315-41ae-ae05-af5e7859cdee + type: string + name: + description: The name of the component. + example: lodash + type: string + purl: + description: The Package URL (PURL) of the component. Required when `type` is `library`. + example: "pkg:npm/lodash@4.17.21" + type: string + type: + $ref: "#/components/schemas/CycloneDXComponentType" + version: + description: The version of the component. + example: 4.17.21 + type: string + required: + - bom-ref + - type + - name + - version + type: object + CycloneDXComponentType: + description: The type of the scanned component. + enum: + - library + - application + - operating-system + example: library + type: string + x-enum-varnames: + - LIBRARY + - APPLICATION + - OPERATING_SYSTEM + CycloneDXMetadata: + description: Metadata about the BOM, including the scanned asset and the scanner tool. + properties: + component: + $ref: "#/components/schemas/CycloneDXMetadataComponent" + tools: + $ref: "#/components/schemas/CycloneDXMetadataTools" + required: + - component + - tools + type: object + CycloneDXMetadataComponent: + description: The asset that was scanned (for example, a host or container image). + properties: + bom-ref: + description: >- + A unique reference identifier for this metadata component. If set, must match a `bom-ref` in `components`. + example: host-ref-abc123 + type: string + name: + description: The name or identifier of the scanned asset (for example, an instance ID or hostname). + example: i-12345 + type: string + type: + description: The type of the scanned asset. + example: operating-system + type: string + required: + - name + type: object + CycloneDXMetadataTools: + description: Information about the scanner tool that produced this BOM. + properties: + components: + description: The scanner tool components. Must contain exactly one element. + items: + $ref: "#/components/schemas/CycloneDXToolComponent" + type: array + required: + - components + type: object + CycloneDXToolComponent: + description: A scanner tool component. + properties: + name: + description: The name of the scanner tool. + example: my-scanner + type: string + type: + description: The type of the tool component. + example: application + type: string + required: + - name + type: object + CycloneDXVulnerability: + description: A security vulnerability affecting one or more components. + properties: + advisories: + description: External advisory references for the vulnerability. + items: + $ref: "#/components/schemas/CycloneDXVulnerabilityAdvisory" + type: array + affects: + description: >- + The components affected by this vulnerability. Must be non-empty. Each `ref` must match a `bom-ref` in `components`. + items: + $ref: "#/components/schemas/CycloneDXVulnerabilityAffects" + type: array + analysis: + $ref: "#/components/schemas/CycloneDXVulnerabilityAnalysis" + cwes: + description: CWE identifiers associated with the vulnerability. + example: [123, 345] + items: + format: int64 + type: integer + type: array + description: + description: A short description of the vulnerability. + example: "Sample vulnerability detected in the application." + type: string + detail: + description: Detailed information about the vulnerability. + example: "Details about the vulnerability." + type: string + id: + description: The vulnerability identifier (for example, a CVE ID). + example: CVE-2021-1234 + type: string + ratings: + description: The severity ratings for the vulnerability. Must contain exactly one element. + items: + $ref: "#/components/schemas/CycloneDXVulnerabilityRating" + type: array + references: + description: External reference identifiers for the vulnerability. + items: + $ref: "#/components/schemas/CycloneDXVulnerabilityReference" + type: array + required: + - id + - ratings + - affects + type: object + CycloneDXVulnerabilityAdvisory: + description: An external advisory reference for a vulnerability. + properties: + url: + description: The URL of the advisory. + example: "https://example.com/advisory/CVE-2021-1234" + type: string + type: object + CycloneDXVulnerabilityAffects: + description: A reference to a component affected by a vulnerability. + properties: + ref: + description: The `bom-ref` of the affected component. + example: a3390fca-c315-41ae-ae05-af5e7859cdee + type: string + required: + - ref + type: object + CycloneDXVulnerabilityAnalysis: + description: |- + The exploitability analysis for the vulnerability. When `state` is set to `resolved` + or `resolved_with_pedigree`, the vulnerability is closed in Datadog. + Other state values are accepted but have no effect on the vulnerability status. + properties: + state: + description: The vulnerability analysis state. + example: resolved + type: string + type: object + CycloneDXVulnerabilityRating: + description: A severity rating for a vulnerability. + properties: + score: + description: The CVSS score. + example: 9.0 + format: double + type: number + severity: + description: The severity level. + example: high + type: string + vector: + description: The CVSS vector string. + example: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" + type: string + type: object + CycloneDXVulnerabilityReference: + description: An external reference identifier for a vulnerability. + properties: + id: + description: The identifier of the external reference (for example, a GHSA ID). + example: GHSA-35m5-8cvj-8783 + type: string + source: + $ref: "#/components/schemas/CycloneDXVulnerabilityReferenceSource" + type: object + CycloneDXVulnerabilityReferenceSource: + description: The source of an external vulnerability reference. + properties: + url: + description: The URL of the reference source. + example: "https://example.com" + type: string + type: object DORACustomTags: description: A list of user-defined tags. The tags must follow the `key:value` pattern. Up to 100 may be added per event. example: @@ -174464,6 +174707,91 @@ paths: x-sunset: "2027-01-01" x-unstable: |- **Note**: This endpoint is deprecated. See the [List Security Findings endpoint](https://docs.datadoghq.com/api/latest/security-monitoring/#list-security-findings). + post: + description: |- + Import security vulnerabilities from an external scanner in CycloneDX 1.5 format. + + The payload is validated against the CycloneDX 1.5 JSON schema and the following + additional constraints: + + - `metadata`, `metadata.component`, and `metadata.component.name` are required. + - `metadata.tools.components` must contain exactly one element with a `name` field. + - `components` cannot be empty. Each component requires `bom-ref`, `type`, `name`, and `version`. + - When `type` is `library`, `purl` is required and must be a valid PURL. + - When `type` is `operating-system`, `name` must be one of the supported OS values: + `alma`, `alpine`, `amazon`, `azurelinux`, `bottlerocket`, `cbl-mariner`, `chainguard`, + `centos`, `debian`, `fedora`, `opensuse`, `opensuse-leap`, `opensuse-tumbleweed`, + `oracle`, `photon`, `redhat`, `rocky`, `slem`, `sles`, `ubuntu`, `wolfi`, `windows`, `macos`. + - `vulnerabilities` cannot be empty. Each vulnerability requires `id`, exactly one `ratings` entry, + and at least one `affects` entry. + - Each `affects[].ref` must match a `bom-ref` value in `components`. + operationId: ImportSecurityVulnerabilities + requestBody: + content: + application/json: + examples: + default: + value: + bomFormat: CycloneDX + components: + - bom-ref: a3390fca-c315-41ae-ae05-af5e7859cdee + name: lodash + purl: "pkg:npm/lodash@4.17.21" + type: library + version: 4.17.21 + metadata: + component: + name: i-12345 + type: operating-system + tools: + components: + - name: my-scanner + type: application + specVersion: "1.5" + version: 1 + vulnerabilities: + - affects: + - ref: a3390fca-c315-41ae-ae05-af5e7859cdee + description: "Sample vulnerability detected in the application." + id: CVE-2021-1234 + ratings: + - score: 9.0 + severity: high + vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" + schema: + $ref: "#/components/schemas/CycloneDXBom" + required: true + responses: + "200": + description: Vulnerabilities accepted successfully. + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/ForbiddenResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + "500": + content: + application/json: + schema: + $ref: "#/components/schemas/APIErrorResponse" + description: Internal Server Error + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_findings_write + summary: Import security vulnerabilities + tags: + - Security Monitoring + x-codegen-request-body-name: body + "x-permission": + operator: OR + permissions: + - security_monitoring_findings_write + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/security/vulnerabilities/notification_rules: get: description: Returns the list of notification rules for security vulnerabilities. diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index fb502da668..921233a811 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -10917,6 +10917,104 @@ datadog\_api\_client.v2.model.cvss module :members: :show-inheritance: +datadog\_api\_client.v2.model.cyclone\_dx\_bom module +----------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_bom + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_component module +----------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_component + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_component\_type module +----------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_component_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_metadata module +---------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_metadata + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_metadata\_component module +--------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_metadata_component + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_metadata\_tools module +----------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_metadata_tools + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_tool\_component module +----------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_tool_component + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability module +--------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_advisory module +------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_advisory + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_affects module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_affects + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_analysis module +------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_analysis + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_rating module +----------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_rating + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_reference module +-------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_reference + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.cyclone\_dx\_vulnerability\_reference\_source module +---------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.cyclone_dx_vulnerability_reference_source + :members: + :show-inheritance: + datadog\_api\_client.v2.model.dashboard\_list\_add\_items\_request module ------------------------------------------------------------------------- diff --git a/examples/v2/security-monitoring/ImportSecurityVulnerabilities.py b/examples/v2/security-monitoring/ImportSecurityVulnerabilities.py new file mode 100644 index 0000000000..ab3c18d824 --- /dev/null +++ b/examples/v2/security-monitoring/ImportSecurityVulnerabilities.py @@ -0,0 +1,95 @@ +""" +Import security vulnerabilities returns "Vulnerabilities accepted successfully." response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.cyclone_dx_bom import CycloneDXBom +from datadog_api_client.v2.model.cyclone_dx_component import CycloneDXComponent +from datadog_api_client.v2.model.cyclone_dx_component_type import CycloneDXComponentType +from datadog_api_client.v2.model.cyclone_dx_metadata import CycloneDXMetadata +from datadog_api_client.v2.model.cyclone_dx_metadata_component import CycloneDXMetadataComponent +from datadog_api_client.v2.model.cyclone_dx_metadata_tools import CycloneDXMetadataTools +from datadog_api_client.v2.model.cyclone_dx_tool_component import CycloneDXToolComponent +from datadog_api_client.v2.model.cyclone_dx_vulnerability import CycloneDXVulnerability +from datadog_api_client.v2.model.cyclone_dx_vulnerability_advisory import CycloneDXVulnerabilityAdvisory +from datadog_api_client.v2.model.cyclone_dx_vulnerability_affects import CycloneDXVulnerabilityAffects +from datadog_api_client.v2.model.cyclone_dx_vulnerability_analysis import CycloneDXVulnerabilityAnalysis +from datadog_api_client.v2.model.cyclone_dx_vulnerability_rating import CycloneDXVulnerabilityRating +from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference import CycloneDXVulnerabilityReference +from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference_source import CycloneDXVulnerabilityReferenceSource + +body = CycloneDXBom( + bom_format="CycloneDX", + components=[ + CycloneDXComponent( + bom_ref="a3390fca-c315-41ae-ae05-af5e7859cdee", + name="lodash", + purl="pkg:npm/lodash@4.17.21", + type=CycloneDXComponentType.LIBRARY, + version="4.17.21", + ), + ], + metadata=CycloneDXMetadata( + component=CycloneDXMetadataComponent( + bom_ref="host-ref-abc123", + name="i-12345", + type="operating-system", + ), + tools=CycloneDXMetadataTools( + components=[ + CycloneDXToolComponent( + name="my-scanner", + type="application", + ), + ], + ), + ), + spec_version="1.5", + version=1, + vulnerabilities=[ + CycloneDXVulnerability( + advisories=[ + CycloneDXVulnerabilityAdvisory( + url="https://example.com/advisory/CVE-2021-1234", + ), + ], + affects=[ + CycloneDXVulnerabilityAffects( + ref="a3390fca-c315-41ae-ae05-af5e7859cdee", + ), + ], + analysis=CycloneDXVulnerabilityAnalysis( + state="resolved", + ), + cwes=[ + 123, + 345, + ], + description="Sample vulnerability detected in the application.", + detail="Details about the vulnerability.", + id="CVE-2021-1234", + ratings=[ + CycloneDXVulnerabilityRating( + score=9.0, + severity="high", + vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", + ), + ], + references=[ + CycloneDXVulnerabilityReference( + id="GHSA-35m5-8cvj-8783", + source=CycloneDXVulnerabilityReferenceSource( + url="https://example.com", + ), + ), + ], + ), + ], +) + +configuration = Configuration() +configuration.unstable_operations["import_security_vulnerabilities"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.import_security_vulnerabilities(body=body) diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index ef1da82442..7d582439fe 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -443,6 +443,7 @@ def __init__( "v2.get_static_analysis_node_types": False, "v2.get_static_analysis_ruleset": False, "v2.get_static_analysis_tree_sitter_wasm": False, + "v2.import_security_vulnerabilities": False, "v2.list_findings": False, "v2.list_historical_jobs": False, "v2.list_indicators_of_compromise": False, diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 8c5ff67fdf..3c435c4312 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -91,6 +91,7 @@ from datadog_api_client.v2.model.vulnerability_status import VulnerabilityStatus from datadog_api_client.v2.model.vulnerability_tool import VulnerabilityTool from datadog_api_client.v2.model.vulnerability_ecosystem import VulnerabilityEcosystem +from datadog_api_client.v2.model.cyclone_dx_bom import CycloneDXBom from datadog_api_client.v2.model.list_vulnerable_assets_response import ListVulnerableAssetsResponse from datadog_api_client.v2.model.security_monitoring_critical_assets_response import ( SecurityMonitoringCriticalAssetsResponse, @@ -2643,6 +2644,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._import_security_vulnerabilities_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities", + "operation_id": "import_security_vulnerabilities", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (CycloneDXBom,), + "location": "body", + }, + }, + headers_map={"accept": ["*/*"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._list_assets_sbo_ms_endpoint = _Endpoint( settings={ "response_type": (ListAssetsSBOMsResponse,), @@ -6486,6 +6507,37 @@ def get_vulnerability_notification_rules( kwargs: Dict[str, Any] = {} return self._get_vulnerability_notification_rules_endpoint.call_with_http_info(**kwargs) + def import_security_vulnerabilities( + self, + body: CycloneDXBom, + ) -> None: + """Import security vulnerabilities. + + Import security vulnerabilities from an external scanner in CycloneDX 1.5 format. + + The payload is validated against the CycloneDX 1.5 JSON schema and the following + additional constraints: + + * ``metadata`` , ``metadata.component`` , and ``metadata.component.name`` are required. + * ``metadata.tools.components`` must contain exactly one element with a ``name`` field. + * ``components`` cannot be empty. Each component requires ``bom-ref`` , ``type`` , ``name`` , and ``version``. + * When ``type`` is ``library`` , ``purl`` is required and must be a valid PURL. + * When ``type`` is ``operating-system`` , ``name`` must be one of the supported OS values: + ``alma`` , ``alpine`` , ``amazon`` , ``azurelinux`` , ``bottlerocket`` , ``cbl-mariner`` , ``chainguard`` , + ``centos`` , ``debian`` , ``fedora`` , ``opensuse`` , ``opensuse-leap`` , ``opensuse-tumbleweed`` , + ``oracle`` , ``photon`` , ``redhat`` , ``rocky`` , ``slem`` , ``sles`` , ``ubuntu`` , ``wolfi`` , ``windows`` , ``macos``. + * ``vulnerabilities`` cannot be empty. Each vulnerability requires ``id`` , exactly one ``ratings`` entry, + and at least one ``affects`` entry. + * Each ``affects[].ref`` must match a ``bom-ref`` value in ``components``. + + :type body: CycloneDXBom + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._import_security_vulnerabilities_endpoint.call_with_http_info(**kwargs) + def list_assets_sbo_ms( self, *, diff --git a/src/datadog_api_client/v2/model/cyclone_dx_bom.py b/src/datadog_api_client/v2/model/cyclone_dx_bom.py new file mode 100644 index 0000000000..de5593b419 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_bom.py @@ -0,0 +1,86 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_component import CycloneDXComponent + from datadog_api_client.v2.model.cyclone_dx_metadata import CycloneDXMetadata + from datadog_api_client.v2.model.cyclone_dx_vulnerability import CycloneDXVulnerability + + +class CycloneDXBom(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_component import CycloneDXComponent + from datadog_api_client.v2.model.cyclone_dx_metadata import CycloneDXMetadata + from datadog_api_client.v2.model.cyclone_dx_vulnerability import CycloneDXVulnerability + + return { + "bom_format": (str,), + "components": ([CycloneDXComponent],), + "metadata": (CycloneDXMetadata,), + "spec_version": (str,), + "version": (int,), + "vulnerabilities": ([CycloneDXVulnerability],), + } + + attribute_map = { + "bom_format": "bomFormat", + "components": "components", + "metadata": "metadata", + "spec_version": "specVersion", + "version": "version", + "vulnerabilities": "vulnerabilities", + } + + def __init__( + self_, + bom_format: str, + components: List[CycloneDXComponent], + metadata: CycloneDXMetadata, + spec_version: str, + vulnerabilities: List[CycloneDXVulnerability], + version: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + A CycloneDX 1.5 Bill of Materials (BOM) document containing vulnerability data. + + :param bom_format: The BOM format identifier. Must be ``CycloneDX``. + :type bom_format: str + + :param components: The list of scanned software components. Cannot be empty. + :type components: [CycloneDXComponent] + + :param metadata: Metadata about the BOM, including the scanned asset and the scanner tool. + :type metadata: CycloneDXMetadata + + :param spec_version: The CycloneDX specification version. Must be ``1.5``. + :type spec_version: str + + :param version: The version number of the BOM document. + :type version: int, optional + + :param vulnerabilities: The list of detected vulnerabilities. Cannot be empty. + :type vulnerabilities: [CycloneDXVulnerability] + """ + if version is not unset: + kwargs["version"] = version + super().__init__(kwargs) + + self_.bom_format = bom_format + self_.components = components + self_.metadata = metadata + self_.spec_version = spec_version + self_.vulnerabilities = vulnerabilities diff --git a/src/datadog_api_client/v2/model/cyclone_dx_component.py b/src/datadog_api_client/v2/model/cyclone_dx_component.py new file mode 100644 index 0000000000..33810ee2c9 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_component.py @@ -0,0 +1,75 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_component_type import CycloneDXComponentType + + +class CycloneDXComponent(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_component_type import CycloneDXComponentType + + return { + "bom_ref": (str,), + "name": (str,), + "purl": (str,), + "type": (CycloneDXComponentType,), + "version": (str,), + } + + attribute_map = { + "bom_ref": "bom-ref", + "name": "name", + "purl": "purl", + "type": "type", + "version": "version", + } + + def __init__( + self_, + bom_ref: str, + name: str, + type: CycloneDXComponentType, + version: str, + purl: Union[str, UnsetType] = unset, + **kwargs, + ): + """ + A software component identified during scanning. + + :param bom_ref: A unique reference identifier used to link vulnerabilities to this component. + :type bom_ref: str + + :param name: The name of the component. + :type name: str + + :param purl: The Package URL (PURL) of the component. Required when ``type`` is ``library``. + :type purl: str, optional + + :param type: The type of the scanned component. + :type type: CycloneDXComponentType + + :param version: The version of the component. + :type version: str + """ + if purl is not unset: + kwargs["purl"] = purl + super().__init__(kwargs) + + self_.bom_ref = bom_ref + self_.name = name + self_.type = type + self_.version = version diff --git a/src/datadog_api_client/v2/model/cyclone_dx_component_type.py b/src/datadog_api_client/v2/model/cyclone_dx_component_type.py new file mode 100644 index 0000000000..6602311310 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_component_type.py @@ -0,0 +1,41 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class CycloneDXComponentType(ModelSimple): + """ + The type of the scanned component. + + :param value: Must be one of ["library", "application", "operating-system"]. + :type value: str + """ + + allowed_values = { + "library", + "application", + "operating-system", + } + LIBRARY: ClassVar["CycloneDXComponentType"] + APPLICATION: ClassVar["CycloneDXComponentType"] + OPERATING_SYSTEM: ClassVar["CycloneDXComponentType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +CycloneDXComponentType.LIBRARY = CycloneDXComponentType("library") +CycloneDXComponentType.APPLICATION = CycloneDXComponentType("application") +CycloneDXComponentType.OPERATING_SYSTEM = CycloneDXComponentType("operating-system") diff --git a/src/datadog_api_client/v2/model/cyclone_dx_metadata.py b/src/datadog_api_client/v2/model/cyclone_dx_metadata.py new file mode 100644 index 0000000000..12ae7dc926 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_metadata.py @@ -0,0 +1,48 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_metadata_component import CycloneDXMetadataComponent + from datadog_api_client.v2.model.cyclone_dx_metadata_tools import CycloneDXMetadataTools + + +class CycloneDXMetadata(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_metadata_component import CycloneDXMetadataComponent + from datadog_api_client.v2.model.cyclone_dx_metadata_tools import CycloneDXMetadataTools + + return { + "component": (CycloneDXMetadataComponent,), + "tools": (CycloneDXMetadataTools,), + } + + attribute_map = { + "component": "component", + "tools": "tools", + } + + def __init__(self_, component: CycloneDXMetadataComponent, tools: CycloneDXMetadataTools, **kwargs): + """ + Metadata about the BOM, including the scanned asset and the scanner tool. + + :param component: The asset that was scanned (for example, a host or container image). + :type component: CycloneDXMetadataComponent + + :param tools: Information about the scanner tool that produced this BOM. + :type tools: CycloneDXMetadataTools + """ + super().__init__(kwargs) + + self_.component = component + self_.tools = tools diff --git a/src/datadog_api_client/v2/model/cyclone_dx_metadata_component.py b/src/datadog_api_client/v2/model/cyclone_dx_metadata_component.py new file mode 100644 index 0000000000..202c86adf7 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_metadata_component.py @@ -0,0 +1,52 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXMetadataComponent(ModelNormal): + @cached_property + def openapi_types(_): + return { + "bom_ref": (str,), + "name": (str,), + "type": (str,), + } + + attribute_map = { + "bom_ref": "bom-ref", + "name": "name", + "type": "type", + } + + def __init__( + self_, name: str, bom_ref: Union[str, UnsetType] = unset, type: Union[str, UnsetType] = unset, **kwargs + ): + """ + The asset that was scanned (for example, a host or container image). + + :param bom_ref: A unique reference identifier for this metadata component. If set, must match a ``bom-ref`` in ``components``. + :type bom_ref: str, optional + + :param name: The name or identifier of the scanned asset (for example, an instance ID or hostname). + :type name: str + + :param type: The type of the scanned asset. + :type type: str, optional + """ + if bom_ref is not unset: + kwargs["bom_ref"] = bom_ref + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) + + self_.name = name diff --git a/src/datadog_api_client/v2/model/cyclone_dx_metadata_tools.py b/src/datadog_api_client/v2/model/cyclone_dx_metadata_tools.py new file mode 100644 index 0000000000..85f4d9a7b2 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_metadata_tools.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_tool_component import CycloneDXToolComponent + + +class CycloneDXMetadataTools(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_tool_component import CycloneDXToolComponent + + return { + "components": ([CycloneDXToolComponent],), + } + + attribute_map = { + "components": "components", + } + + def __init__(self_, components: List[CycloneDXToolComponent], **kwargs): + """ + Information about the scanner tool that produced this BOM. + + :param components: The scanner tool components. Must contain exactly one element. + :type components: [CycloneDXToolComponent] + """ + super().__init__(kwargs) + + self_.components = components diff --git a/src/datadog_api_client/v2/model/cyclone_dx_tool_component.py b/src/datadog_api_client/v2/model/cyclone_dx_tool_component.py new file mode 100644 index 0000000000..ed0abdb207 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_tool_component.py @@ -0,0 +1,43 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXToolComponent(ModelNormal): + @cached_property + def openapi_types(_): + return { + "name": (str,), + "type": (str,), + } + + attribute_map = { + "name": "name", + "type": "type", + } + + def __init__(self_, name: str, type: Union[str, UnsetType] = unset, **kwargs): + """ + A scanner tool component. + + :param name: The name of the scanner tool. + :type name: str + + :param type: The type of the tool component. + :type type: str, optional + """ + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) + + self_.name = name diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability.py new file mode 100644 index 0000000000..b69ce02470 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability.py @@ -0,0 +1,118 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_vulnerability_advisory import CycloneDXVulnerabilityAdvisory + from datadog_api_client.v2.model.cyclone_dx_vulnerability_affects import CycloneDXVulnerabilityAffects + from datadog_api_client.v2.model.cyclone_dx_vulnerability_analysis import CycloneDXVulnerabilityAnalysis + from datadog_api_client.v2.model.cyclone_dx_vulnerability_rating import CycloneDXVulnerabilityRating + from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference import CycloneDXVulnerabilityReference + + +class CycloneDXVulnerability(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_vulnerability_advisory import CycloneDXVulnerabilityAdvisory + from datadog_api_client.v2.model.cyclone_dx_vulnerability_affects import CycloneDXVulnerabilityAffects + from datadog_api_client.v2.model.cyclone_dx_vulnerability_analysis import CycloneDXVulnerabilityAnalysis + from datadog_api_client.v2.model.cyclone_dx_vulnerability_rating import CycloneDXVulnerabilityRating + from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference import CycloneDXVulnerabilityReference + + return { + "advisories": ([CycloneDXVulnerabilityAdvisory],), + "affects": ([CycloneDXVulnerabilityAffects],), + "analysis": (CycloneDXVulnerabilityAnalysis,), + "cwes": ([int],), + "description": (str,), + "detail": (str,), + "id": (str,), + "ratings": ([CycloneDXVulnerabilityRating],), + "references": ([CycloneDXVulnerabilityReference],), + } + + attribute_map = { + "advisories": "advisories", + "affects": "affects", + "analysis": "analysis", + "cwes": "cwes", + "description": "description", + "detail": "detail", + "id": "id", + "ratings": "ratings", + "references": "references", + } + + def __init__( + self_, + affects: List[CycloneDXVulnerabilityAffects], + id: str, + ratings: List[CycloneDXVulnerabilityRating], + advisories: Union[List[CycloneDXVulnerabilityAdvisory], UnsetType] = unset, + analysis: Union[CycloneDXVulnerabilityAnalysis, UnsetType] = unset, + cwes: Union[List[int], UnsetType] = unset, + description: Union[str, UnsetType] = unset, + detail: Union[str, UnsetType] = unset, + references: Union[List[CycloneDXVulnerabilityReference], UnsetType] = unset, + **kwargs, + ): + """ + A security vulnerability affecting one or more components. + + :param advisories: External advisory references for the vulnerability. + :type advisories: [CycloneDXVulnerabilityAdvisory], optional + + :param affects: The components affected by this vulnerability. Must be non-empty. Each ``ref`` must match a ``bom-ref`` in ``components``. + :type affects: [CycloneDXVulnerabilityAffects] + + :param analysis: The exploitability analysis for the vulnerability. When ``state`` is set to ``resolved`` + or ``resolved_with_pedigree`` , the vulnerability is closed in Datadog. + Other state values are accepted but have no effect on the vulnerability status. + :type analysis: CycloneDXVulnerabilityAnalysis, optional + + :param cwes: CWE identifiers associated with the vulnerability. + :type cwes: [int], optional + + :param description: A short description of the vulnerability. + :type description: str, optional + + :param detail: Detailed information about the vulnerability. + :type detail: str, optional + + :param id: The vulnerability identifier (for example, a CVE ID). + :type id: str + + :param ratings: The severity ratings for the vulnerability. Must contain exactly one element. + :type ratings: [CycloneDXVulnerabilityRating] + + :param references: External reference identifiers for the vulnerability. + :type references: [CycloneDXVulnerabilityReference], optional + """ + if advisories is not unset: + kwargs["advisories"] = advisories + if analysis is not unset: + kwargs["analysis"] = analysis + if cwes is not unset: + kwargs["cwes"] = cwes + if description is not unset: + kwargs["description"] = description + if detail is not unset: + kwargs["detail"] = detail + if references is not unset: + kwargs["references"] = references + super().__init__(kwargs) + + self_.affects = affects + self_.id = id + self_.ratings = ratings diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_advisory.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_advisory.py new file mode 100644 index 0000000000..6775777a39 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_advisory.py @@ -0,0 +1,36 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXVulnerabilityAdvisory(ModelNormal): + @cached_property + def openapi_types(_): + return { + "url": (str,), + } + + attribute_map = { + "url": "url", + } + + def __init__(self_, url: Union[str, UnsetType] = unset, **kwargs): + """ + An external advisory reference for a vulnerability. + + :param url: The URL of the advisory. + :type url: str, optional + """ + if url is not unset: + kwargs["url"] = url + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_affects.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_affects.py new file mode 100644 index 0000000000..72339f6c32 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_affects.py @@ -0,0 +1,33 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class CycloneDXVulnerabilityAffects(ModelNormal): + @cached_property + def openapi_types(_): + return { + "ref": (str,), + } + + attribute_map = { + "ref": "ref", + } + + def __init__(self_, ref: str, **kwargs): + """ + A reference to a component affected by a vulnerability. + + :param ref: The ``bom-ref`` of the affected component. + :type ref: str + """ + super().__init__(kwargs) + + self_.ref = ref diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_analysis.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_analysis.py new file mode 100644 index 0000000000..e0ca41d4a3 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_analysis.py @@ -0,0 +1,38 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXVulnerabilityAnalysis(ModelNormal): + @cached_property + def openapi_types(_): + return { + "state": (str,), + } + + attribute_map = { + "state": "state", + } + + def __init__(self_, state: Union[str, UnsetType] = unset, **kwargs): + """ + The exploitability analysis for the vulnerability. When ``state`` is set to ``resolved`` + or ``resolved_with_pedigree`` , the vulnerability is closed in Datadog. + Other state values are accepted but have no effect on the vulnerability status. + + :param state: The vulnerability analysis state. + :type state: str, optional + """ + if state is not unset: + kwargs["state"] = state + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_rating.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_rating.py new file mode 100644 index 0000000000..19cd57bc72 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_rating.py @@ -0,0 +1,56 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXVulnerabilityRating(ModelNormal): + @cached_property + def openapi_types(_): + return { + "score": (float,), + "severity": (str,), + "vector": (str,), + } + + attribute_map = { + "score": "score", + "severity": "severity", + "vector": "vector", + } + + def __init__( + self_, + score: Union[float, UnsetType] = unset, + severity: Union[str, UnsetType] = unset, + vector: Union[str, UnsetType] = unset, + **kwargs, + ): + """ + A severity rating for a vulnerability. + + :param score: The CVSS score. + :type score: float, optional + + :param severity: The severity level. + :type severity: str, optional + + :param vector: The CVSS vector string. + :type vector: str, optional + """ + if score is not unset: + kwargs["score"] = score + if severity is not unset: + kwargs["severity"] = severity + if vector is not unset: + kwargs["vector"] = vector + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference.py new file mode 100644 index 0000000000..78a58b278d --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference.py @@ -0,0 +1,58 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference_source import ( + CycloneDXVulnerabilityReferenceSource, + ) + + +class CycloneDXVulnerabilityReference(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference_source import ( + CycloneDXVulnerabilityReferenceSource, + ) + + return { + "id": (str,), + "source": (CycloneDXVulnerabilityReferenceSource,), + } + + attribute_map = { + "id": "id", + "source": "source", + } + + def __init__( + self_, + id: Union[str, UnsetType] = unset, + source: Union[CycloneDXVulnerabilityReferenceSource, UnsetType] = unset, + **kwargs, + ): + """ + An external reference identifier for a vulnerability. + + :param id: The identifier of the external reference (for example, a GHSA ID). + :type id: str, optional + + :param source: The source of an external vulnerability reference. + :type source: CycloneDXVulnerabilityReferenceSource, optional + """ + if id is not unset: + kwargs["id"] = id + if source is not unset: + kwargs["source"] = source + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference_source.py b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference_source.py new file mode 100644 index 0000000000..a98e34b389 --- /dev/null +++ b/src/datadog_api_client/v2/model/cyclone_dx_vulnerability_reference_source.py @@ -0,0 +1,36 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class CycloneDXVulnerabilityReferenceSource(ModelNormal): + @cached_property + def openapi_types(_): + return { + "url": (str,), + } + + attribute_map = { + "url": "url", + } + + def __init__(self_, url: Union[str, UnsetType] = unset, **kwargs): + """ + The source of an external vulnerability reference. + + :param url: The URL of the reference source. + :type url: str, optional + """ + if url is not unset: + kwargs["url"] = url + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 8877f93e3f..88f105e22d 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -2079,6 +2079,20 @@ from datadog_api_client.v2.model.customer_org_disable_response_type import CustomerOrgDisableResponseType from datadog_api_client.v2.model.customer_org_disable_status import CustomerOrgDisableStatus from datadog_api_client.v2.model.customer_org_disable_type import CustomerOrgDisableType +from datadog_api_client.v2.model.cyclone_dx_bom import CycloneDXBom +from datadog_api_client.v2.model.cyclone_dx_component import CycloneDXComponent +from datadog_api_client.v2.model.cyclone_dx_component_type import CycloneDXComponentType +from datadog_api_client.v2.model.cyclone_dx_metadata import CycloneDXMetadata +from datadog_api_client.v2.model.cyclone_dx_metadata_component import CycloneDXMetadataComponent +from datadog_api_client.v2.model.cyclone_dx_metadata_tools import CycloneDXMetadataTools +from datadog_api_client.v2.model.cyclone_dx_tool_component import CycloneDXToolComponent +from datadog_api_client.v2.model.cyclone_dx_vulnerability import CycloneDXVulnerability +from datadog_api_client.v2.model.cyclone_dx_vulnerability_advisory import CycloneDXVulnerabilityAdvisory +from datadog_api_client.v2.model.cyclone_dx_vulnerability_affects import CycloneDXVulnerabilityAffects +from datadog_api_client.v2.model.cyclone_dx_vulnerability_analysis import CycloneDXVulnerabilityAnalysis +from datadog_api_client.v2.model.cyclone_dx_vulnerability_rating import CycloneDXVulnerabilityRating +from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference import CycloneDXVulnerabilityReference +from datadog_api_client.v2.model.cyclone_dx_vulnerability_reference_source import CycloneDXVulnerabilityReferenceSource from datadog_api_client.v2.model.dora_deployment_fetch_response import DORADeploymentFetchResponse from datadog_api_client.v2.model.dora_deployment_object import DORADeploymentObject from datadog_api_client.v2.model.dora_deployment_object_attributes import DORADeploymentObjectAttributes @@ -11061,6 +11075,20 @@ "CustomerOrgDisableResponseType", "CustomerOrgDisableStatus", "CustomerOrgDisableType", + "CycloneDXBom", + "CycloneDXComponent", + "CycloneDXComponentType", + "CycloneDXMetadata", + "CycloneDXMetadataComponent", + "CycloneDXMetadataTools", + "CycloneDXToolComponent", + "CycloneDXVulnerability", + "CycloneDXVulnerabilityAdvisory", + "CycloneDXVulnerabilityAffects", + "CycloneDXVulnerabilityAnalysis", + "CycloneDXVulnerabilityRating", + "CycloneDXVulnerabilityReference", + "CycloneDXVulnerabilityReferenceSource", "DORADeploymentFetchResponse", "DORADeploymentObject", "DORADeploymentObjectAttributes", diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 0c14124aae..3ec8e88ce3 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -2308,6 +2308,22 @@ Feature: Security Monitoring When the request is sent Then the response status is 400 Bad Request + @generated @skip @team:DataDog/k9-cloud-vm + Scenario: Import security vulnerabilities returns "Bad Request" response + Given operation "ImportSecurityVulnerabilities" enabled + And new "ImportSecurityVulnerabilities" request + And body with value {"bomFormat": "CycloneDX", "components": [{"bom-ref": "a3390fca-c315-41ae-ae05-af5e7859cdee", "name": "lodash", "purl": "pkg:npm/lodash@4.17.21", "type": "library", "version": "4.17.21"}], "metadata": {"component": {"bom-ref": "host-ref-abc123", "name": "i-12345", "type": "operating-system"}, "tools": {"components": [{"name": "my-scanner", "type": "application"}]}}, "specVersion": "1.5", "version": 1, "vulnerabilities": [{"advisories": [{"url": "https://example.com/advisory/CVE-2021-1234"}], "affects": [{"ref": "a3390fca-c315-41ae-ae05-af5e7859cdee"}], "analysis": {"state": "resolved"}, "cwes": [123, 345], "description": "Sample vulnerability detected in the application.", "detail": "Details about the vulnerability.", "id": "CVE-2021-1234", "ratings": [{"score": 9.0, "severity": "high", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}], "references": [{"id": "GHSA-35m5-8cvj-8783", "source": {"url": "https://example.com"}}]}]} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-vm + Scenario: Import security vulnerabilities returns "Vulnerabilities accepted successfully." response + Given operation "ImportSecurityVulnerabilities" enabled + And new "ImportSecurityVulnerabilities" request + And body with value {"bomFormat": "CycloneDX", "components": [{"bom-ref": "a3390fca-c315-41ae-ae05-af5e7859cdee", "name": "lodash", "purl": "pkg:npm/lodash@4.17.21", "type": "library", "version": "4.17.21"}], "metadata": {"component": {"bom-ref": "host-ref-abc123", "name": "i-12345", "type": "operating-system"}, "tools": {"components": [{"name": "my-scanner", "type": "application"}]}}, "specVersion": "1.5", "version": 1, "vulnerabilities": [{"advisories": [{"url": "https://example.com/advisory/CVE-2021-1234"}], "affects": [{"ref": "a3390fca-c315-41ae-ae05-af5e7859cdee"}], "analysis": {"state": "resolved"}, "cwes": [123, 345], "description": "Sample vulnerability detected in the application.", "detail": "Details about the vulnerability.", "id": "CVE-2021-1234", "ratings": [{"score": 9.0, "severity": "high", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}], "references": [{"id": "GHSA-35m5-8cvj-8783", "source": {"url": "https://example.com"}}]}]} + When the request is sent + Then the response status is 200 Vulnerabilities accepted successfully. + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given new "ListAssetsSBOMs" request diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index c07e3792ac..486933f758 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -7294,6 +7294,12 @@ "type": "safe" } }, + "ImportSecurityVulnerabilities": { + "tag": "Security Monitoring", + "undo": { + "type": "unsafe" + } + }, "GetVulnerabilityNotificationRules": { "tag": "Security Monitoring", "undo": {