Bug fixes and integrate cxone-async-api (#3)

* fix docker build warnings

* enable audit under debug

* don't allow undefined default policy

* fix audit debug

* fix logger thread problem

* remove embedded copy of cxone_api

* reference cxone-async-api

* remove copying embedded cxone_api

* fix group scheduling

* remediation

* build fix

Author: nleach999

.github/workflows/build.yml

@@ -37,10 +37,9 @@ jobs:
         with:
           ref: refs/tags/${{ inputs.tag }}
 
-      - name: Update version.txt
+      - name: Update version
         run: |
             echo ${{ inputs.tag }} > version.txt
-            echo ${{ inputs.tag }} > cxone_api/version.txt
 
       - name: Build and Push Docker Image
         run: |

.gitignore

@@ -6,6 +6,8 @@ run/*
 env
 mitm*
 
+**/*.whl
+
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]

Dockerfile

@@ -1,8 +1,8 @@
 FROM ubuntu:24.04
-LABEL org.opencontainers.image.source https://github.com/checkmarx-ts/cxone-scan-scheduler
-LABEL org.opencontainers.image.vendor Checkmarx Professional Services
-LABEL org.opencontainers.image.title Checkmarx One Scan Scheduler
-LABEL org.opencontainers.image.description Schedules scans for projects in Checkmarx One
+LABEL org.opencontainers.image.source="https://github.com/checkmarx-ts/cxone-scan-scheduler"
+LABEL org.opencontainers.image.vendor="Checkmarx Professional Services"
+LABEL org.opencontainers.image.title="Checkmarx One Scan Scheduler"
+LABEL org.opencontainers.image.description="Schedules scans for projects in Checkmarx One"
 
 USER root
 
@@ -16,19 +16,19 @@ RUN apt-get update && \
 
 
 WORKDIR /opt/cxone
-COPY *.txt /opt/cxone
+COPY *.txt *.whl /opt/cxone/
 
 RUN pip install -r requirements.txt --no-cache-dir --break-system-packages && \
     apt-get remove -y perl && \
     apt-get autoremove -y && \
     apt-get clean && \
     dpkg --purge $(dpkg --get-selections | grep deinstall | cut -f1)
 
+RUN [ -f *.whl ] && pip install --no-cache-dir --break-system-packages *.whl || :
+
 COPY *.py entrypoint.sh *.json /opt/cxone/
 COPY logic /opt/cxone/logic
 COPY utils /opt/cxone/utils
-COPY cxone_api /opt/cxone/cxone_api
-
 
 RUN ln -s scheduler.py scheduler && \
     ln -s scheduler.py audit

RELEASE_NOTES.md

@@ -1,5 +1,14 @@
 # Release Notes
 
+## v1.3
+
+* Bugfixes
+  * Some projects without tags that aren't eligible for scheduling were not displayed in the audit report.
+  * It was possible to set the default schedule to use a policy that was not defined.
+  * Schedule execution scripts that should have been removed when a schedule was deleted were not being removed.
+  * Group scheduling was broken by a change to an undocumented API.  The published Access Management API is now used.
+* Replace the local `cxone_api` module with the [cxone-async-api](https://github.com/checkmarx-ts/cxone-async-api) shared library.
+
 ## v1.2
 
 * Support added for projects created by code repository integrations.
@@ -15,5 +24,3 @@
 ## v1.0
 
 Initial release
-
-