Bring Your Own Static Scan
Bring Your Own Static Scan
Learn how to integrate Staticscan tools to Kyndryl Modern Operations – DevOps Intelligence
Devops Intelligence Secure dashboard represents vulnerability details for static scan, license compliance, dependency check & container vulnerability scan.
With
Bring Your Own Static Scan
APIs, vulnerability scan information is transmitted to DevOps Intelligence. Every time a piece of code violates a coding guideline, tools like Sonarquebe highlight a problem. Each issue has one of five severity levels: Blocker
, Critical
, High
, Major
, Minor
, and Info
. DevOps Intelligence allows users to provide a list of vulnerabilities, generate metrics based on these vulnerabilities, and display severity ratings based on the parameters listed below. A
= 0 Vulnerabilities B
= at least 1 Minor Vulnerability C
= at least 1 Major Vulnerability D
= at least 1 Critical Vulnerability E
= at least 1 Blocker Vulnerability Secure functionality is applicable only for premium plan in DevOps Intelligence.
Bring Data into DevOps Intelligence
To bring your own Build tools complete the following steps:
- Go to the DevOps Intelligence Tools Configuration page and navigate to the Tokens tab.
- Click on Create Token and give a unique Token name.
- Select Token Type as Build, then click on the Create button.
- A new entry will be added to the table in the table entry.
- Click on the vertical ellipsis icon on the respective row and select the view/regenerate token option.
- Copy that token by clicking copy icon in the token field.
To Post Data to the APIs mentioned below, Add the service Token (see: Create Service Token) to the
Authorization
header of the request. See cURL Example for referenceFormat
Step 1: TOKEN {the-service-token-from-step1}
Example :
TOKEN 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX
Step 2: API Reference
API : technical-services/static-scan
URL : https://{devops-intelligence-host}/dash/api/build/v3/technical-services/staticscan
Parameters
Parameter | Type | Explanation | Example Value |
Authorization* | Header | Authorization has a service token | 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX |
vulscan * | BODY | Scan Data in Json |
|
URL Example :
Request
curl -X 'POST' \ 'dash/api/dev_secops/v3/technical-services/static-scan' \ -H 'accept: application/json' \ -H 'Authorization: Token aJzv1zn_G-XmerycnRhX1uzUGyPZZWvbK-bcRdAZoRs6XzIUnThfLnolc0sTrzoL' \ -H 'Content-Type: application/json' \ -d '{ "endpoint_hostname": "123", "provider_href": "http://mytest.com", "scannedby": "BYO", "scanned_time": "2022-12-05T07:20:50.52Z", "technical_service": "myservice", "technical_service_tag": { "additionalProp1": "string", "additionalProp2": "string", "additionalProp3": "string" }, "technicalserviceoverride": true, "vulnerabilities": [ { "actions": [ "string" ], "attr": { "jira-issue-key": "string" }, "author": "string", "closeDate": "string", "comments": [ { "createdAt": "string", "htmlText": "string", "key": "string", "login": "string", "markdown": "string", "updatable": true } ], "component": "string", "creationDate": "string", "debt": "string", "effort": "string", "hash": "string", "key": "newkey", "line": 0, "message": "string", "project": "string", "resolution": "string", "rule": "string", "severity": "Critical", "status": "OPEN", "tags": [ "string" ], "textRange": { "endLine": 0, "endOffset": 0, "startLine": 0, "startOffset": 0 }, "transitions": [ "string" ], "type": "string", "updateDate": "string" } ], "vulnerability_density": 0 }'
Response 200
"Total Number of records inserted successfully is 1"
Secure-Static-Scan-vulnerability Request Body Explained
Field | Data Type | Explanation | Example Value |
|---|---|---|---|
endpoint_hostname | string | Name of the endpoints | "myOrg/myRepo" |
provider_href * | string | Provider URL on which vulnerability is scanned | "http://mytest.com |
scannedby * | string | Tool which is used to scan the Vunerabilities of the repositories | "BYO", |
scanned_time * | string | Time of the scan in UTC | "2022-12-05T07:20:50.52Z" technical_service * |
technicalserviceoverride | boolean | Override flag for the service | true |
Vulnerabilities | Details of the fields | ||
Key * | string | Value of the Key | "new_key" |
Severity* | string | Severity of Vulnerability | critical, high, low, medium |
Component | string | Name of the Component | "/var/lib/comp" |
Project | string | Name of the Project | "DI-SecOps" |
Rule | string | Rule Name | unused variable |
Line | int32 | Line number | 124 |
Hash | string | Hash value | d94d76ad5f5cecd413e |
Resolution | string | Reason of remediation | resolved |
Status * | string | Status of the Vulnerability | OPEN, CONFIRMED, REOPEND |
Message | string | Details of the Vulnerability | "This is created for BYO" |
Effort | string | Time taken to resolve | 30 min |
Debt | string | ||
Author | string | Name of the Author | Alice |
Tags | []string | Tages for the vulnerability | unused |
CreationDate | string | Date of creation | "2022-12-05T07:20:50.52Z" |
UpdateDate | string | Date of update | "2022-12-05T07:20:50.52Z" |
CloseDate | string | Date of close | "2022-12-05T07:20:50.52Z" |
Type | string | Type of Vulnerability | internal |
TextRange | string | Range of texts | |
Comments | string | Comments on the vulnerability | "Created for the internal services" |
Attr | []string | Attributes | |
Transitions | string | transitions | |
Actions | string | Actions taken |
Do you have two minutes for a quick survey?
Take Survey
