Example10 (snyk-labs#31)

jdewinne · web-flow · commit dd0a44025925 · 2019-07-10T05:37:16.000-07:00
* Fixing example10
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,9 @@
-.idea
-__pycache__
-output
 .coverage
+.idea
 .mypy_cache
+
+__pycache__
+
 dist
+output
+pysnyk.egg-info
diff --git a/examples/ProjectDependenciesReport.py b/examples/ProjectDependenciesReport.py
@@ -24,25 +24,23 @@ def list_of_dictionaries_to_map(input_list, key_field, data_fields_list=None):
 
 def get_project_tree(snyk_token, org_id, project_id):
     client = SnykClient(snyk_token)
-    json_res_dep_graph = client.snyk_projects_get_product_dependency_graph(
-        org_id, project_id
-    )
-    print_json(json_res_dep_graph)
+    res_dep_graph = client.organizations.get(org_id).projects.get(project_id).dependency_graph
+    print(res_dep_graph)
 
     print("\nPackages (Flat List):")
-    for pkg in json_res_dep_graph["depGraph"]["pkgs"]:
-        print("%s | %s" % (pkg["id"], pkg["info"]))
+    for pkg in res_dep_graph.pkgs:
+        print("%s | %s" % (pkg.id, pkg.info))
 
-    all_packages = json_res_dep_graph["depGraph"]["pkgs"]
+    all_packages = res_dep_graph.pkgs
 
     print("\nGraph data:")
-    graph = json_res_dep_graph["depGraph"]["graph"]
-    root_node_id = graph["rootNodeId"]
-    nodes = graph["nodes"]
+    graph = res_dep_graph.graph
+    root_node_id = graph.rootNodeId
+    nodes = graph.nodes
 
     for node in nodes:
-        print("%s | %s" % (node["nodeId"], node["pkgId"]))
-        child_nodes = node["deps"]
+        print("%s | %s" % (node.nodeId, node.pkgId))
+        child_nodes = node.deps
         if len(child_nodes) > 0:
             for child_node in child_nodes:
                 print("  - Child: %s" % child_node)
@@ -52,62 +50,58 @@ def get_project_tree(snyk_token, org_id, project_id):
     packages_lookup_map = {}
     for pkg in all_packages:
         print(pkg)
-        package_id = pkg["id"]
+        package_id = pkg.id
         packages_lookup_map[package_id] = {
-            "package_name": pkg["info"]["name"],
-            "package_version": pkg["info"]["version"],
+            "package_name": pkg.info.name,
+            "package_version": pkg.info.version,
         }
 
     # Get licenses for all dependencies in the project
-    lst_res_license = client.snyk_dependencies_list_all_dependencies_by_project(
-        org_id, project_id
-    )
+    lst_res_license = client.organizations.get(org_id).projects.get(project_id).dependencies.all()
 
     # make into a lookup table by package_id
     package_id_to_license_info_map = {}  # package_id -> { license info }
     for r in lst_res_license:
-        package_id = r["id"]
-        licenses = r["licenses"]
+        package_id = r.id
+        licenses = r.licenses
         package_id_to_license_info_map[package_id] = licenses
 
     print("\n\npackage_id_to_license_info_map:")
-    print_json(package_id_to_license_info_map)
+    print(package_id_to_license_info_map)
 
     # Get the license issues and then enhance package_id_to_license_info_map with the license classification or none
-    get_project_issues_response = client.snyk_projects_project_issues(
-        org_id, project_id
-    )
-    license_issues_list = get_project_issues_response["issues"]["licenses"]
+    issues = client.organizations.get(org_id).projects.get(project_id).issueset.all().issues
+    license_issues_list = issues.licenses
 
     # map to lookup table
-    license_issues_lookup_map = list_of_dictionaries_to_map(license_issues_list, "id")
+    license_issues_lookup_map = {license_issue.id: license_issue.severity for license_issue in license_issues_list}
 
     for pkgId, licensesList in package_id_to_license_info_map.items():
         for l in licensesList:
-            license_id = l["id"]
+            license_id = l.id
             print(license_id)
 
             if license_id in license_issues_lookup_map:
                 print("append additional info")
-                severity = license_issues_lookup_map[license_id]["severity"]
-                l["severity"] = severity
+                severity = license_issues_lookup_map[license_id]
+                l.severity = severity
             else:
-                l["severity"] = "none"
+                l.severity = "none"
 
             # lookup the license id in license_issues_lookup_map and see if there's an issue
             # add a 'classification' to the licenseInfo
 
     # Convert nodes to a dictionary by nodeId
     node_lookup_map = {}
     for node in nodes:
-        node_id = node["nodeId"]
-        package_id = node["pkgId"]
+        node_id = node.nodeId
+        package_id = node.pkgId
         node_lookup_map[node_id] = {
-            "pkgId": node["pkgId"],
+            "pkgId": node.pkgId,
             # TODO: Pull in the packages_name and package_version from packages_lookup_map
             "package_name": packages_lookup_map[package_id]["package_name"],
             "package_version": packages_lookup_map[package_id]["package_version"],
-            "deps": node["deps"],
+            "deps": node.deps,
         }
 
     print(node_lookup_map)
@@ -126,10 +120,9 @@ def get_project_tree(snyk_token, org_id, project_id):
 
     # Now create a new structure based on node_lookup_map which is a deeply nested structure of the same data
     project_structured_tree = {}
+    
 
-    def get_node_to_append(
-        node_id, base_path
-    ):  # might make sense to rename get_dependencies
+    def get_node_to_append(node_id, base_path):  # might make sense to rename get_dependencies
         obj = node_lookup_map[node_id]
         pkgId = obj["pkgId"]
         print("node_id: %s" % pkgId)
@@ -160,7 +153,6 @@ def get_node_to_append(
     # print(root_node_package_id)
     project_dependencies_structure = get_node_to_append(root_node_id, "")
     project_structured_tree = {"project": project_dependencies_structure}
-
     return project_structured_tree
 
 
diff --git a/examples/README.md b/examples/README.md
@@ -4,12 +4,14 @@
 The following examples require you to create a file at `~/.ssh/tokens/snyk-api-token` which contains a valid Snyk API token - either your [personal token](https://app.snyk.io/account) or a [service account](https://snyk.io/docs/service-accounts/) token. This file should contain the token alone with no formatting.
 
 ## Running a Script
-The sample scripts are all a bit different, so you should try them each out or look at the code.
-
-In general the form is:
-```
-python examples/<script-name.py> --orgId=<your-org_id> ...
-```
+The sample scripts are all a bit different, so you should try them each out or look at the code. 
+
+1. The dependencies are managed by [poetry](https://poetry.eustace.io/). Installation is described on the [poetry docs](https://poetry.eustace.io/docs/#introduction)
+1. Install the dependencies using `poetry install`
+1. You can execute an example in general using:
+    ```
+    poetry run python examples/<script-name.py> --orgId=<your-org_id> ...
+    ```
 
 ## List Project Issues
 ```
diff --git a/examples/api-demo-10-project-deps-licenses-report.py b/examples/api-demo-10-project-deps-licenses-report.py
@@ -65,10 +65,10 @@ def get_flat_dependencies(dep_list):
         licences = d["licenses"]
         path = d["path"]
 
-        simplified_liceses_list = [l["title"] for l in licences]
+        simplified_liceses_list = [l.title for l in licences]
         licenses_str = ", ".join(simplified_liceses_list)
 
-        license_issues_list = [l["severity"] for l in licences]
+        license_issues_list = [l.severity for l in licences]
         license_issues_str = ", ".join(license_issues_list)
 
         flat_dep_list.append(
diff --git a/examples/api-demo-6-find-issues-without-jira-tickets.py b/examples/api-demo-6-find-issues-without-jira-tickets.py
@@ -21,20 +21,17 @@ def parse_command_line_args():
 project_id = args.projectId
 
 client = SnykClient(snyk_token)
+org = client.organizations.get(org_id)
 project = client.organizations.get(org_id).projects.get(project_id)
-issues = project.issues.issues
+issues = project.issueset.all().issues
 jira_issues = project.jira_issues.all()
 
-all_issue_ids = []
-all_issue_ids.extend([i.id for i in issues.vulnerabilities])
-all_issue_ids.extend([i.id for i in issues.licenses])
-
 snyk_issue_with_jira_issues = list(jira_issues.keys())
 
 for issue in issues.vulnerabilities + issues.licenses:
     if issue.id not in list(jira_issues.keys()):
         print("Found issue without Jira issue: %s" % issue.id)
         print(
             "  https://app.snyk.io/org/%s/project/%s#%s"
-            % (org_id, project_id, issue.id)
+            % (org.name, project_id, issue.id)
         )
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -16,6 +16,7 @@ pytest-black = "^0.3.7"
 pytest-cov = "^2.7"
 pytest-mypy = "^0.3.2"
 requests-mock = "^1.6"
+xlsxwriter = "^1.1.8"
 
 [build-system]
 requires = ["poetry>=0.12"]
diff --git a/snyk/managers.py b/snyk/managers.py
@@ -178,17 +178,13 @@ def all(self, page: int = 1):
             "total"
         ]  # contains the total number of results (for pagination use)
 
-        results = dependency_data["results"]
+        results = [self.klass.from_dict(item) for item in dependency_data["results"]]
 
         if total > (page * results_per_page):
             next_results = self.all(page + 1)
             results.extend(next_results)
-            return results
 
-        dependencies = []
-        for dependency_data in results:
-            dependencies.append(self.klass.from_dict(dependency_data))
-        return dependencies
+        return results
 
 
 class EntitlementManager(DictManager):
@@ -292,7 +288,9 @@ def all(self) -> Any:
         )
         resp = self.client.get(path)
         dependency_data = resp.json()
-        return self.klass.from_dict(dependency_data)
+        if "depGraph" in dependency_data:
+            return self.klass.from_dict(dependency_data["depGraph"])
+        raise SnykError
 
 
 class IssueSetManager(SingletonManager):
diff --git a/snyk/models.py b/snyk/models.py
diff --git a/snyk/test_models.py b/snyk/test_models.py
