.github/workflows/csvUpdate.yml

name: Python Script Runner with CSV Report

on:
  workflow_dispatch

jobs:
  csv-update:
    runs-on: ubuntu-latest
    steps:
      - name: Setup Bolt
        uses: koalalab-inc/bolt@v1
      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Run script
        id: run_script
        run: |
          python3 -m pip install --upgrade pip

          python3 -m pip install requests==2.31.0
          python3 -m pip install requests-oauthlib==1.3.1
          python3 -m pip install requests-toolbelt==1.0.0
          python3 -m pip install PyYAML==6.0
          python3 -m pip install gitdb==4.0.10
          python3 -m pip install github3.py==4.0.1
          python3 -m pip install GitPython==3.1.31
          python3 -m pip install PyGithub==1.59.0
          python3 -m pip install aiohttp==3.8.1

          python3 - <<EOF

          import os
          import csv
          import requests
          import yaml
          import smtplib
          from github import Github
          from email.mime.multipart import MIMEMultipart
          from email.mime.text import MIMEText
          from email.mime.application import MIMEApplication


          REPOSITORY_OWNER = 'akto-api-security'
          REPOSITORY_NAME = 'akto'
          BRANCH_NAME = '${{ github.ref_name }}'
          FOLDER_PATH = 'apps/dashboard/src/main/resources/inbuilt_test_yaml_files'
          FILE_EXTENSION = '.yaml'

          EMAIL_RECIPIENT = os.getenv("EMAIL_RECIPIENT")
          EMAIL_SUBJECT = f'CSV Report of {REPOSITORY_OWNER}/{REPOSITORY_NAME}'

          CSV_FILE_PATH = f'{REPOSITORY_OWNER}__{REPOSITORY_NAME}.csv'


          def fetch_yaml_data(access_token, yaml_url):
              g = Github(access_token)

              repository_parts = yaml_url.replace("https://github.com/", "").split("/")
              file_path = f"{FOLDER_PATH}/{repository_parts[-1]}"

              repository = g.get_repo(f"{REPOSITORY_OWNER}/{REPOSITORY_NAME}")

              try:
                  print("trying to download: ", yaml_url)
                  rr = requests.get(yaml_url, allow_redirects=True)
                  data = rr.content
                  print("received: ", data)
                  yaml_data = yaml.safe_load(data)
                  
                  print(f"Successfully fetched the template: {repository_parts[-1]}")
                  return yaml_data, data
              except Exception as e:
                  print(f"Failed to fetch YAML data for {repository_parts[-1]}")
                  print(f"Error: {str(e)}")
                  return None, None


          def write_to_csv(csv_writer, yaml_data, yaml_content):
              column = []
              column.append(yaml_data['info']['name'])
              column.append(yaml_data['info']['name'])
              column.append(yaml_data['info']['description'])
              column.append(yaml_data['info']['details'])
              column.append(yaml_data['info']['impact'])
              column.append(yaml_data['info']['category']['displayName'])
              column.append(yaml_data['info']['severity'])
              print("column: ", column)
              references = []
  
              if 'references' in yaml_data['info']:
                  column.append(yaml_data['info']['references'])
                  references = yaml_data['info']['references']
                  if references is None:
                    references = []
                  
              else:
                  column.append("")

              print("references: ", references)
              column.append(yaml_content)

              url_path = ''
              column.append(url_path)
              column.append(yaml_data['id'])
              
              rlink1 = "" 
              
              if len(references) >= 1:
                  rlink1 = references[0]
              
              print("rlink1", rlink1)


              rlink2 = "" 
              
              if len(references) >= 2:
                  rlink2 = references[1]
              
              print("rlink2", rlink2)


              rlink3 = "" 
              
              if len(references) >= 3:
                  rlink3 = references[2]
              
              print("rlink3", rlink3)


              column.append(rlink1)
              column.append(rlink2)
              column.append(rlink3)
              
              csv_writer.writerow(column)


          def fetch_yaml_files(api_url, access_token):
              try:
                  response = requests.get(api_url, headers={'Authorization': f'Bearer {access_token}'})
                  if response.status_code == 200:
                      return response.json()
                  else:
                      print(response.status_code)
                      print("Failed to retrieve the repository contents.")
              except requests.exceptions.RequestException as e:
                  print("Error occurred while fetching repository contents.")
                  print(f"Error: {str(e)}")
              return None


          def fetch_all_yaml(api_url, access_token, csv_file_path):
              yaml_files = fetch_yaml_files(api_url, access_token)
              if yaml_files:
                  with open(csv_file_path, 'w', newline='') as csv_file:
                      writer = csv.writer(csv_file)
                      writer.writerow(['Name', 'Slug', 'Description', 'Details', 'Impact', 'OWASP Category', 'Severity', 'References', 'Content', 'URL Path', 'Test_ID', 'RLink1', 'RLink2', 'RLink3'])

                      for yaml_file in yaml_files:
                          yaml_url = yaml_file['download_url']
                          yaml_data, yaml_content = fetch_yaml_data(access_token, yaml_url)
                          if yaml_data:
                              write_to_csv(writer, yaml_data, yaml_content)
                  print(f"CSV file '{csv_file_path}' has been generated successfully.")
                  send_email(csv_file_path)


          def send_email(csv_file_path):
              msg = MIMEMultipart()
              msg['From'] = os.getenv("SMTP_USERNAME")
              msg['To'] = EMAIL_RECIPIENT
              msg['Subject'] = EMAIL_SUBJECT

              body = 'Please find the attached CSV report.'
              msg.attach(MIMEText(body, 'plain'))

              with open(csv_file_path, 'rb') as attachment:
                  part = MIMEApplication(attachment.read())
                  part.add_header('Content-Disposition', 'attachment', filename=csv_file_path)
                  msg.attach(part)

              smtp_server = 'smtp.gmail.com'
              smtp_port = 587
              smtp_username = os.getenv("SMTP_USERNAME")
              smtp_password = os.getenv("SMTP_PASSWORD")

              with smtplib.SMTP(smtp_server, smtp_port) as server:
                  server.starttls()
                  server.login(smtp_username, smtp_password)
                  server.send_message(msg)

              print("Email sent successfully.")


          def main():
              access_token = os.getenv("GITHUB_ACCESS_TOKEN")
              api_url = f'https://api.github.com/repos/{REPOSITORY_OWNER}/{REPOSITORY_NAME}/contents/{FOLDER_PATH}?ref={BRANCH_NAME}'
              fetch_all_yaml(api_url, access_token, CSV_FILE_PATH)


          if __name__ == "__main__":
              main()

          EOF
        env:
          EMAIL_RECIPIENT: ${{ secrets.EMAIL_RECIPIENT }}
          SMTP_USERNAME: ${{ secrets.SMTP_USERNAME }}
          SMTP_PASSWORD: ${{ secrets.SMTP_PASSWORD }}
          GITHUB_ACCESS_TOKEN: ${{ secrets.MY_TOKEN }}
   