Mend Python SDK
SDK written in Python to simplify access to Mend resources
The SDK contains the following modules:
- web - Module for accessing Mend Application (reports, administration, etc...).
- client - UA wrapper layer (download UA, execute scan, read UA output files...).
Supported Operating Systems
- Linux (Bash): CentOS, Debian, Ubuntu, RedHat
- Windows (PowerShell): 10, 2012, 2016
How to install package from PyPi
- Obtain connection details from WS Application (Home > Admin > Integration).
- Install package from Pypi:
pip install ws-sdk
.
How to build and install package from source (for developers)
- Download the code:
git clone https://github.com/whitesource-ps/ws-sdk.git
. - Build wheel package
python setup.py bdist_wheel
. - Download wheel from GitHub and install :
pip install ws-sdk*.whl
.
Execution
# Unified (can do both WSApp and WSClient)
from ws_sdk.web import WS
ws = WS(url="WS_URL", user_key="USER_KEY", token="ORG_TOKEN")
# Web (Mend Application)
from ws_sdk.app import WSApp
ws = WSApp(url="WS_URL", user_key="USER_KEY", token="ORG_TOKEN")
# Get alerts
all_alerts = ws.get_alerts()
# Get vulnerabilities report in XLSX format
vul_report = ws.get_vulnerability(report=True)
# Get all projects ()
project_list = ws.get_projects()
# Create user in the organization
ws.create_user(name='USER_TEST1', email="USER_TEST1@EMAIL.COM", inviter_email="INVITER@EMAIL.COM")
# Client (Mend Unified Agent)
from ws_sdk.client import WSClient
ws_client = WSClient(url="WS_URL", user_key="USER_KEY", token="ORG_TOKEN", ua_path="/UA/WORKING/DIR")
# Download latest UA jar and conf file
ws_client.download_ua()
# Execute scan into defined project token
out = ws_client.scan(scan_dir="/PATH/TO/DIR", project_token="PROJ_TOKEN", product_token="PROD_TOKEN")
# Read scan artifact's policy rejection summary
pol_rej = ws_client.get_policy_rejection_summary()