snyk-labs / snyk-tags-tool Goto Github PK

Is there an existing issue for this?

• I have searched the existing issues

Description of the bug

Trying to tag a project with custom target silently fails if project name has a slash in it e.g.

s:src\Hosepipe.Services\packages.config

and you use a slash in --contains-name

Steps To Reproduce

I have a project name s:src\Hosepipe.Services\packages.config (poor name, I know!) that I want to add a tag to.

 snyk-tags tag alltargets --contains-name s:src\Hosepipe.Services\packages.config --tagkey Pod --tagvalue common

Which gives the folluwing response

Adding the tag key Pod and tag value common to s:srcHosepipe.Servicespackages.config projects in Snyk for easy filtering via the UI

But the tag is not added, despite response suggesting it worked

The following does work

snyk-tags tag alltargets --contains-name Hosepipe.Services --tagkey Pod --tagvalue common

This suggests that slashes aren't escaped properly

Additional Information

Unrelated niggle: but README docs could indicate where to find GROUP_ID - snyk doesn't document this very well and had to resort tl looking at REST exchange in browser.

This tag tool is useful. Thankyou

Is there an existing feature request for this?

• I have searched the existing feature requests

Description

This is similar in style to the Owners feature of the tool where you can tag and filter based on CODEOWNERS. The difference is that you could select a custom property you made in GitHub to tag a Snyk project with. Imagine you want to filter by owner, but CODEOWNERS contains a devops team or something, while the code is really owned by a specific product team. At this point, custom properties is in beta at GitHub.

Additional Information

No response

Is there an existing issue for this?

• I have searched the existing issues

Description of the bug

Hi, it seems snyk-tags tool tags every projects indiscriminately if a non existing "--group-id" passed as parameter.

Steps To Reproduce

Run the command

snyk-tags tag sca --tenant eu --synktkn xxxxxxxxxx --group-id "not-exisiting-group-id"

The tool seems to add a sca tag (Product:Opensource) to all projects for every organization associated to the default group from the Snyk token.

Additional Information

No response

Is there an existing issue for this?

• I have searched the existing issues

Description of the bug

When running any snyk-tags command, the following warning is outputted:

-> snyk-tags ...
/Users/ross/repos/snyk-tags-tool/venv/lib/python3.9/site-packages/urllib3/__init__.py:34: NotOpenSSLWarning: urllib3 v2 only supports OpenSSL 1.1.1+, currently the 'ssl' module is compiled with 'LibreSSL 2.8.3'. See: https://github.com/urllib3/urllib3/issues/3020
  warnings.warn(
...

Steps To Reproduce

I installed the latest snyk-tags into a python virtual environment and am seeing the issue.

Additional Information

Please see the following for additional system info. I am using an M1 Mac.

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> snyk-tags --version
/Users/ross/repos/snyk-tags-tool/venv/lib/python3.9/site-packages/urllib3/__init__.py:34: NotOpenSSLWarning: urllib3 v2 only supports OpenSSL 1.1.1+, currently the 'ssl' module is compiled with 'LibreSSL 2.8.3'. See: https://github.com/urllib3/urllib3/issues/3020
  warnings.warn(
snyk-tags v2.2.1

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> openssl version
OpenSSL 3.1.2 1 Aug 2023 (Library: OpenSSL 3.1.2 1 Aug 2023)

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> which openssl
/opt/homebrew/bin/openssl

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> ll `which openssl`
lrwxr-xr-x  1 ross  admin  37 Aug 13 14:56 /opt/homebrew/bin/openssl -> ../Cellar/openssl@3/3.1.2/bin/openssl

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> python --version
Python 3.9.6

(venv) ------------------------------------------------
[[email protected]] ~/repos/snyk-tags-tool
-> sw_vers
ProductName:		macOS
ProductVersion:		14.2
BuildVersion:		23C64

Is there an existing issue for this?

• I have searched the existing issues

Description of the bug

When using snyk-tags target tag command, all projects beneath the specified target are identified and tagged except Code Analysis. After some testing, it appears this only occurs when custom branching is disabled in an environment as custom branching changes the naming convention of projects.

Steps To Reproduce

1. Ensure customBranch is disabled on Snyk account
2. Execute snyk-tags target tag --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --tagkey=project --tagvalue=snyk with appropriate values
3. Check Code Analysis projects for Tags either through filtering the UI or API call

Additional Information

No response

Is there an existing feature request for this?

• I have searched the existing feature requests

Description

... so that customers can tag all their github repositories, on particular branches, perhaps the default one.

Additional Information

No response

When i run the command snyk-tags tag sast --group-id=abc --snyktkn=abc

I get the following error and I cant work out what is going on.

addprojecttype = False │ │
│ │ client = <httpx.Client object at 0x102992860> │ │
│ │ key = 'Product' │ │
│ │ org_id = 'XXXXXX-4a0c-9cc6-17348a0d5ee6' │ │
│ │ org_ids = [ │ │
│ │ │ 'XXXXXXX-4a0c-9cc6-17348a0d5ee6', │ │
│ │ │ 'XXXXXXX-471f-819a-95e28055b624' │ │
│ │ ]
projects = { │ │
│ │ │ 'code': 404, │ │
│ │ │ 'message': 'Org XXXXXX-4a0c-9cc6-17348a0d5ee6 was not found or │ │
│ │ you may not have the c'+118, │ │
│ │ │ 'error': 'Org XXXXXX-4a0c-9cc6-17348a0d5ee6 was not found or you │ │
│ │ may not have the c'+118 │ │
│ │ }
tag = 'OpenSource' │ │
│ │ token = 'XXXXXXX-22c3d07c0023' │ │
│ │ types = ['npm']