Skip to content

Client User Guide

Sumio Kiyooka edited this page Apr 15, 2021 · 26 revisions

Introduction

The Client class is a binding to Blackduck's REST API that provides a robust connection backed by a Session object. The user specifies a base URL, timeout, retries, proxies, and TLS verification upon initialization and these attributes are persisted across all requests.

At the REST API level, the Client class provides a consistent way to discover and traverse public resources, uses a generator to fetch all items using pagination, and automatically renews the bearer token.

Note that unlike HubRestApi's HubInstance, Client does not provide a multitude of methods to simplify specific end-point use. Instead it encourages the user delegate as much functionality as possible to the underlying session.

It is designed to provide a solid foundation especially suited for long-running scripts.

Table of Contents

Python 3 is required. Use pip to install the library from PyPI.

pip install blackduck

First generate an access token from Blackduck's UI: My Access Tokens

Save the token and provide it to Client. In the following example, the token is saved to an environment variable: blackduck_token

from blackduck import Client
import logging
import os
from pprint import pprint
import sys

logging.basicConfig(
    level=logging.INFO,
    format="[%(asctime)s] {%(module)s:%(lineno)d} %(levelname)s - %(message)s"
)

bd = Client(
    token=os.environ.get('blackduck_token'),
    base_url="https://your.blackduck.url",
    # verify=False  # TLS certificate verification
)

Blackduck's REST API provides a way to discover and traverse available resources identified by name. To take advantage of this mechanism, Client provides two key methods: list_resources() and get_resource()

To fetch what public resources are available, use the method list_resources() which returns a Python dict.

pprint(bd.list_resources())  # resources available at the root level

For an object returned from get_resource(), one can invoke list_resources() on it to see what sub-resources are available.

for project in bd.get_resource('projects'):
    pprint(bd.list_resources(project))
    sys.exit(0)

To see the URL for the resource itself use the 'href' key:

resources_dict = bd.list_resources(project)
print(resources_dict['href'])

To fetch a resource pass in the name (str) provided by an earlier list_resources() call.

If the resource is paginated it will automatically return a generator that will fetch items as required and eventually will return all items. This generator can naturally be used in a for loop:

for project in bd.get_resource('projects'):
    print(project['name'])

To fetch a sub-resource, pass in the parent. To get the versions for each project:

for project in bd.get_resource('projects'):
    print(project['name'])
    for version in bd.get_resource('versions', project):
        print(version['versionName'])

If the resource is not paginated pass items=False and a dict will be returned:

bd.get_resource('maxSnippetFileSize', items=False)

This covers a few key advanced topics that are relevant to a user more familiar with the REST API.

Parameters are set using 'params' of session.request. To fetch all users sorted by firstname:

params = {
    'sort': 'firstname'
}
bd.get_resource('users', params=params)  # constructs url /api/users?sort=firstname

It is possible to provide multiple values for the same key. To fetch all users with the letters 't' AND 'e' in the 'userName':

params = {
    'q': ["userName:t", "userName:e"]
}
bd.get_resource('users', params=params)  # constructs url: /api/users?q=userName:t&q=userName:e

A more complicated example to get all users with 'e' in the userName AND 'test' in the email, sorting the results by firstname:

params = {
    'q': ["userName:e", "email:test"],
    'sort': 'firstname',
}
bd.get_resource('users', params=params)  # constructs url: /api/users?q=userName:t&q=userName:e&sort=firstname

By default, the following media type headers are sent with every get_resource() call:

headers = {
    'accept': "application/json",
    'content-type': "application/json"
}

Generally "application/json" instructs the REST API to use the most recent external version of an end-point. To use a specific media type header:

headers = {
    'accept': "application/vnd.blackducksoftware.user-4+json",
    'content-type': "application/vnd.blackducksoftware.user-4+json"
}
items = bd.get_resource('dormantUsers', headers=headers)

The underlying session can be accessed directly and this allows a user to customize the URL directly to send an arbitrary request. It is expected that the user provides any headers and handles the response object. See the very excellent Requests documentation.

response = bd.session.get("/api/projects?offset=0&limit=10")

response.raise_for_status()
d = response.json()
items = d['items']

Additionally to see the requests sent to the server, set the logging level to DEBUG

logging.basicConfig(
    level=logging.DEBUG,
    ...
)

Username/password authentication is not recommended and it may be deprecated in the future. It is recommended to use the more secure access token authentication instead.

However, it is still possible to authenticate via username/password if required:

from blackduck import Client
from blackduck.Client import HubSession
from blackduck.Authentication import CookieAuth
import logging

logging.basicConfig(
    level=logging.INFO,
    format='[%(asctime)s] {%(module)s:%(lineno)d} %(levelname)s - %(message)s'
)

verify = False  # TLS certificate verification
base_url = "https://your.blackduck.url"
session = HubSession(base_url, timeout=15.0, retries=3, verify=verify)
auth = CookieAuth(session, username="sysadmin", password="PASSWORD")

bd = Client(
    base_url=base_url,
    session=session,
    auth=auth,
    verify=verify
)