sobryan · September 6, 2024 17:17
diff --git a/artifactory_spdx_export.py b/artifactory_spdx_export.py
 import csv
 import requests
 import os
 import argparse

 # Function to read CSV file and extract application name and version
 def read_csv(file_path):
    apps = []
    with open(file_path, 'r') as file:
        reader = csv.reader(file)
        next(reader)  # Skip header if necessary
        for row in reader:
            app_name = row[0]
            version = row[1]
            apps.append((app_name, version))
    return apps

 # Function to get SPDX format from Artifactory
 def get_spdx_from_artifactory(repo, group, app_name, version, token, base_url):
    url = f"{base_url}/xray/api/v2/export/components"
    headers = {
        'Authorization': f'Bearer {token}',
        'Content-Type': 'application/json'
    }

    # Construct the component_name and path
    component_name = f"{group}:{app_name}:{version}"
    path = f"{repo}/{group.replace('.', '/')}/{app_name}/{version}/{app_name}-{version}.jar"

    data = {
        "package_type": "maven",
        "component_name": component_name,
        "path": path,
        "spdx": True,
        "spdx_format": "xlsx"
    }

    response = requests.post(url, json=data, headers=headers)
    
    if response.status_code == 200:
        return response.json().get("export_url")  # Assuming export_url is provided for the SPDX download
    else:
        print(f"Error retrieving SPDX for {app_name}-{version}: {response.status_code} - {response.text}")
        return None

 # Function to download SPDX file
 def download_spdx(spdx_url, app_name, version):
    response = requests.get(spdx_url)
    if response.status_code == 200:
        file_name = f"{app_name}-{version}.xlsx"
        with open(file_name, 'wb') as f:
            f.write(response.content)
        print(f"Downloaded: {file_name}")
    else:
        print(f"Failed to download SPDX for {app_name}-{version}")

 # Main function to process the applications
 def process_applications(repo, group, csv_file, token, base_url):
    apps = read_csv(csv_file)
    for app_name, version in apps:
        spdx_url = get_spdx_from_artifactory(repo, group, app_name, version, token, base_url)
        if spdx_url:
            download_spdx(spdx_url, app_name, version)

 # Argument parser for input arguments
 if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="SPDX Retriever")
    parser.add_argument("--repo", required=True, help="Artifactory repository name")
    parser.add_argument("--group", required=True, help="Group name in dot format (e.g., org.example)")
    parser.add_argument("--csv", required=True, help="CSV file location containing application name and version")
    parser.add_argument("--token", required=True, help="Artifactory API token for authentication")
    parser.add_argument("--url", required=True, help="Base URL of Artifactory")

    args = parser.parse_args()

    # Process the applications
    process_applications(args.repo, args.group, args.csv, args.token, args.url)
	import csv
	import requests
	import os
	import argparse

	# Function to read CSV file and extract application name and version
	def read_csv(file_path):
	apps = []
	with open(file_path, 'r') as file:
	reader = csv.reader(file)
	next(reader) # Skip header if necessary
	for row in reader:
	app_name = row[0]
	version = row[1]
	apps.append((app_name, version))
	return apps

	# Function to get SPDX format from Artifactory
	def get_spdx_from_artifactory(repo, group, app_name, version, token, base_url):
	url = f"{base_url}/xray/api/v2/export/components"
	headers = {
	'Authorization': f'Bearer {token}',
	'Content-Type': 'application/json'
	}

	# Construct the component_name and path
	component_name = f"{group}:{app_name}:{version}"
	path = f"{repo}/{group.replace('.', '/')}/{app_name}/{version}/{app_name}-{version}.jar"

	data = {
	"package_type": "maven",
	"component_name": component_name,
	"path": path,
	"spdx": True,
	"spdx_format": "xlsx"
	}

	response = requests.post(url, json=data, headers=headers)

	if response.status_code == 200:
	return response.json().get("export_url") # Assuming export_url is provided for the SPDX download
	else:
	print(f"Error retrieving SPDX for {app_name}-{version}: {response.status_code} - {response.text}")
	return None

	# Function to download SPDX file
	def download_spdx(spdx_url, app_name, version):
	response = requests.get(spdx_url)
	if response.status_code == 200:
	file_name = f"{app_name}-{version}.xlsx"
	with open(file_name, 'wb') as f:
	f.write(response.content)
	print(f"Downloaded: {file_name}")
	else:
	print(f"Failed to download SPDX for {app_name}-{version}")

	# Main function to process the applications
	def process_applications(repo, group, csv_file, token, base_url):
	apps = read_csv(csv_file)
	for app_name, version in apps:
	spdx_url = get_spdx_from_artifactory(repo, group, app_name, version, token, base_url)
	if spdx_url:
	download_spdx(spdx_url, app_name, version)

	# Argument parser for input arguments
	if __name__ == "__main__":
	parser = argparse.ArgumentParser(description="SPDX Retriever")
	parser.add_argument("--repo", required=True, help="Artifactory repository name")
	parser.add_argument("--group", required=True, help="Group name in dot format (e.g., org.example)")
	parser.add_argument("--csv", required=True, help="CSV file location containing application name and version")
	parser.add_argument("--token", required=True, help="Artifactory API token for authentication")
	parser.add_argument("--url", required=True, help="Base URL of Artifactory")

	args = parser.parse_args()

	# Process the applications
	process_applications(args.repo, args.group, args.csv, args.token, args.url)