diff --git a/.apigentools-info b/.apigentools-info index f483c4d074..eaeeeb8b9c 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-02-27 14:00:43.001632", - "spec_repo_commit": "240ec82d" + "regenerated": "2025-02-27 21:31:40.799230", + "spec_repo_commit": "0b2e3d20" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-02-27 14:00:43.016339", - "spec_repo_commit": "240ec82d" + "regenerated": "2025-02-27 21:31:40.813872", + "spec_repo_commit": "0b2e3d20" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index faa8d0f140..e078fc7945 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -32353,6 +32353,9 @@ components: apm_service_catalog_read: View service catalog and service definitions. apm_service_catalog_write: Add, modify, and delete service catalog definitions when those definitions are maintained by Datadog. + appsec_vm_read: View infrastructure, application code, and library vulnerabilities. + This does not restrict API or inventory SQL access to the vulnerability + data source. cases_read: View Cases. cases_write: Create and update cases. ci_visibility_pipelines_write: Create CI Visibility pipeline spans using @@ -45204,9 +45207,14 @@ paths: security: - apiKeyAuth: [] appKeyAuth: [] + - AuthZ: + - appsec_vm_read summary: List vulnerable assets tags: - Security Monitoring + x-unstable: '**Note**: This endpoint is a private preview. + + If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' /api/v2/security/cloud_workload/policy/download: get: description: 'The download endpoint generates a Cloud Workload Security policy @@ -45296,12 +45304,14 @@ paths: security: - apiKeyAuth: [] appKeyAuth: [] + - AuthZ: + - appsec_vm_read summary: Get SBOM tags: - Security Monitoring x-unstable: '**Note**: This endpoint is a private preview. - If you are interested in accessing this API, please [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' + If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' /api/v2/security/signals/notification_rules: get: description: Returns the list of notification rules for security signals. @@ -45857,9 +45867,14 @@ paths: security: - apiKeyAuth: [] appKeyAuth: [] + - AuthZ: + - appsec_vm_read summary: List vulnerabilities tags: - Security Monitoring + x-unstable: '**Note**: This endpoint is a private preview. + + If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' /api/v2/security/vulnerabilities/notification_rules: get: description: Returns the list of notification rules for security vulnerabilities. diff --git a/examples/v2/security-monitoring/ListVulnerabilities.py b/examples/v2/security-monitoring/ListVulnerabilities.py index d2162f597f..382489b4f2 100644 --- a/examples/v2/security-monitoring/ListVulnerabilities.py +++ b/examples/v2/security-monitoring/ListVulnerabilities.py @@ -9,6 +9,7 @@ from datadog_api_client.v2.model.vulnerability_tool import VulnerabilityTool configuration = Configuration() +configuration.unstable_operations["list_vulnerabilities"] = True with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.list_vulnerabilities( diff --git a/examples/v2/security-monitoring/ListVulnerableAssets.py b/examples/v2/security-monitoring/ListVulnerableAssets.py index 99dacc1c66..a4bdbf6b83 100644 --- a/examples/v2/security-monitoring/ListVulnerableAssets.py +++ b/examples/v2/security-monitoring/ListVulnerableAssets.py @@ -7,6 +7,7 @@ from datadog_api_client.v2.model.asset_type import AssetType configuration = Configuration() +configuration.unstable_operations["list_vulnerable_assets"] = True with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.list_vulnerable_assets( diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index 08f676b721..c5c6468488 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -294,6 +294,8 @@ def __init__( "v2.get_sbom": False, "v2.list_findings": False, "v2.list_historical_jobs": False, + "v2.list_vulnerabilities": False, + "v2.list_vulnerable_assets": False, "v2.mute_findings": False, "v2.run_historical_job": False, "v2.create_scorecard_outcomes_batch": False, diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 2ab2ff3ec4..09d35682b8 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -593,7 +593,7 @@ def __init__(self, api_client=None): self._get_sbom_endpoint = _Endpoint( settings={ "response_type": (GetSBOMResponse,), - "auth": ["apiKeyAuth", "appKeyAuth"], + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], "endpoint_path": "/api/v2/security/sboms/{asset_type}", "operation_id": "get_sbom", "http_method": "GET", @@ -1033,7 +1033,7 @@ def __init__(self, api_client=None): self._list_vulnerabilities_endpoint = _Endpoint( settings={ "response_type": (ListVulnerabilitiesResponse,), - "auth": ["apiKeyAuth", "appKeyAuth"], + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], "endpoint_path": "/api/v2/security/vulnerabilities", "operation_id": "list_vulnerabilities", "http_method": "GET", @@ -1265,7 +1265,7 @@ def __init__(self, api_client=None): self._list_vulnerable_assets_endpoint = _Endpoint( settings={ "response_type": (ListVulnerableAssetsResponse,), - "auth": ["apiKeyAuth", "appKeyAuth"], + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], "endpoint_path": "/api/v2/security/assets", "operation_id": "list_vulnerable_assets", "http_method": "GET", diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index f2533fa7a5..f30d22b3aa 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -473,7 +473,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: asset not found - @team:DataDog/asm-vm + @skip @team:DataDog/asm-vm Scenario: Get SBOM returns "OK" response Given operation "GetSBOM" enabled And new "GetSBOM" request @@ -830,13 +830,15 @@ Feature: Security Monitoring @generated @skip @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given new "ListVulnerabilities" request + Given operation "ListVulnerabilities" enabled + And new "ListVulnerabilities" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Not found: There is no request associated with the provided token." response - Given new "ListVulnerabilities" request + Given operation "ListVulnerabilities" enabled + And new "ListVulnerabilities" request And request contains "page[token]" parameter with value "unknown" And request contains "page[number]" parameter with value 1 When the request is sent @@ -844,7 +846,8 @@ Feature: Security Monitoring @team:DataDog/asm-vm Scenario: List vulnerabilities returns "OK" response - Given new "ListVulnerabilities" request + Given operation "ListVulnerabilities" enabled + And new "ListVulnerabilities" request And request contains "filter[cvss.base.severity]" parameter with value "High" And request contains "filter[asset.type]" parameter with value "Service" And request contains "filter[tool]" parameter with value "Infra" @@ -853,13 +856,15 @@ Feature: Security Monitoring @generated @skip @team:DataDog/asm-vm Scenario: List vulnerable assets returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given new "ListVulnerableAssets" request + Given operation "ListVulnerableAssets" enabled + And new "ListVulnerableAssets" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. @team:DataDog/asm-vm Scenario: List vulnerable assets returns "Not found: There is no request associated with the provided token." response - Given new "ListVulnerableAssets" request + Given operation "ListVulnerableAssets" enabled + And new "ListVulnerableAssets" request And request contains "page[token]" parameter with value "unknown" And request contains "page[number]" parameter with value 1 When the request is sent @@ -867,7 +872,8 @@ Feature: Security Monitoring @team:DataDog/asm-vm Scenario: List vulnerable assets returns "OK" response - Given new "ListVulnerableAssets" request + Given operation "ListVulnerableAssets" enabled + And new "ListVulnerableAssets" request And request contains "filter[type]" parameter with value "Host" And request contains "filter[repository_url]" parameter with value "github.com/datadog/dd-go" And request contains "filter[risks.in_production]" parameter with value true