ArmorCode
Port's ArmorCode integration allows you to model ArmorCode resources in your software catalog and ingest data into them.
Overview
This integration allows you to:
- Track security vulnerabilities and findings from ArmorCode in Port.
- Map products, sub-products, and their security findings.
- Monitor security posture across your software catalog.
Supported resources
The resources that can be ingested from ArmorCode into Port are listed below. It is possible to reference any field that appears in the API responses linked below in the mapping configuration.
Products- ArmorCode products representing applications or services.Sub-Products- Repositories or components within products.Findings- Security vulnerabilities and issues detected by ArmorCode.
Setup
Choose one of the following installation methods:
- Hosted by Port
- Self-hosted
- CI
-
Go to the ArmorCode data source page in your portal.
-
Under
Select your installation method, chooseHosted by Port. -
configure the
custom settingsandadvanced configurationas you wish (see below for details).
Custom settings
Each integration has its own tool-specific configuration that you provide during setup:
Advanced configuration
In Port, you can configure the following settings for the integration:
-
Live event support:Currently, live events are not supported for this integration.
Resyncs will be performed periodically (with a configurable interval), or manually triggered by you via Port's UI.Therefore, real-time events (including GitOps) will not be ingested into Port immediately.
Live events support for this integration is WIP and will be supported in the near future.Supported live event triggers (click to expand)
-
Actions processing enabled:
When enabled, Port will automatically process actions for this integration. -
Create default resources:
When enabled, Port will automatically create default blueprints and mapping configurations for this integration.
Port secrets
Some integration settings require sensitive pieces of data, such as tokens. For these settings, Port secrets will be used, ensuring that your sensitive data is encrypted and secure.
When filling in such a setting, its value will be obscured (shown as ••••••••).
For each such setting, Port will automatically create a secret in your organization.
To see all secrets in your organization, follow these steps.
Port source IP addresses
When using this installation method, Port will make outbound calls to your 3rd-party applications from static IP addresses. You may need to add these addresses to your allowlist, in order to allow Port to interact with the integrated service:
- Europe (EU):
54.73.167.226,63.33.143.237,54.76.185.219 - United States (US):
3.234.37.33,54.225.172.136,3.225.234.99
Using this installation option means that the integration will be able to update Port in real time using webhooks.
Prerequisites
-
A Kubernetes cluster - the integration's container chart will be deployed to this cluster.
-
kubectlandhelmmust be installed on your machine. YourkubectlCLI must be connected to the Kubernetes cluster where you plan to install the integration.
For details about the available parameters for the installation, see the table below.
- Helm
- ArgoCD
-
Go to the ArmorCode data source page in your portal.
-
Select the
Real-time and always onmethod. -
A
helmcommand will be displayed, with default values already filled out (e.g. your Port client ID, client secret, etc). Copy the command, replace the placeholders with your values, then run it in your terminal to install the integration.
BaseUrl & webhook configuration
To enable real-time updates of the data in your software catalog, you need to define the liveEvents.baseUrl parameter.
This parameter should be set to the URL of your ArmorCode integration instance, which needs to have the option to setup webhooks via HTTP requests/receive HTTP requests, so ensure the network is configured accordingly.
- If ArmorCode and the integration are in the same cluster/network: Use an internal URL (e.g., a Kubernetes service DNS name).
For Kubernetes deployments, create a service to expose the integration pod and use the service URL asliveEvents.baseUrl. If both the source system and integration are in the same cluster, an internal ClusterIP service is sufficient. - If ArmorCode is external to the integration's network: The integration must be exposed via an ingress, load balancer, or public URL that ArmorCode can reach.
If liveEvents.baseUrl is not provided, the integration will continue to function correctly. In such a configuration, to retrieve the latest information from the target system, the scheduledResyncInterval parameter has to be set, or a manual resync will need to be triggered through Port's UI.
To test webhooks or live event delivery to your local environment, expose your local pod or service to the internet using ngrok (e.g. ngrok http http://localhost:8000)
Scalable mode for large integrations
If you are deploying the integration at scale and want to decouple the resync process from the live events process (recommended for large or high-throughput environments), you can enable scalable mode by adding the following flags to your Helm install command:
--set workload.kind="CronJob" \
--set workload.cron.resyncTimeoutMinutes=60 \
--set scheduledResyncInterval="'*/60 * * * *'" \
--set liveEvents.worker.enabled=true
All Ocean integrations expose a health check endpoint at /docs.
For example, if your integration is accessible at https://your-integration-host:8000, you can access the health check at https://your-integration-host:8000/docs.
The port_region, port.baseUrl, portBaseUrl, port_base_url and OCEAN__PORT__BASE_URL parameters select which Port API instance to use:
- EU (app.port.io) →
https://api.getport.io - US (app.us.port.io) →
https://api.us.getport.io
To install the integration using ArgoCD:
- Create a
values.yamlfile inargocd/my-ocean-armorcode-integrationin your git repository with the content:
Remember to replace the placeholder for ARMORCODE_API_TOKEN, ARMORCODE_API_URL.
initializePortResources: true
scheduledResyncInterval: 120
integration:
identifier: my-ocean-armorcode-integration
type: armorcode
eventListener:
type: POLLING
config:
armorcodeApiUrl: ARMORCODE_API_URL
secrets:
armorcodeApiToken: ARMORCODE_API_TOKEN
- Install the
my-ocean-armorcode-integrationArgoCD Application by creating the followingmy-ocean-armorcode-integration.yamlmanifest:
Remember to replace the placeholders for YOUR_PORT_CLIENT_ID YOUR_PORT_CLIENT_SECRET and YOUR_GIT_REPO_URL.
Multiple sources ArgoCD documentation can be found here.
ArgoCD Application (click to expand)
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-ocean-armorcode-integration
namespace: argocd
spec:
destination:
namespace: my-ocean-armorcode-integration
server: https://kubernetes.default.svc
project: default
sources:
- repoURL: 'https://port-labs.github.io/helm-charts/'
chart: port-ocean
targetRevision: 0.8.5
helm:
valueFiles:
- $values/argocd/my-ocean-armorcode-integration/values.yaml
parameters:
- name: port.clientId
value: YOUR_PORT_CLIENT_ID
- name: port.clientSecret
value: YOUR_PORT_CLIENT_SECRET
- name: port.baseUrl
value: https://api.getport.io
- repoURL: YOUR_GIT_REPO_URL
targetRevision: main
ref: values
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
The port_region, port.baseUrl, portBaseUrl, port_base_url and OCEAN__PORT__BASE_URL parameters select which Port API instance to use:
- EU (app.port.io) →
https://api.getport.io - US (app.us.port.io) →
https://api.us.getport.io
- Apply your application manifest with
kubectl:
kubectl apply -f my-ocean-armorcode-integration.yaml
This table summarizes the available parameters for the installation.
| Parameter | Description | Required |
|---|---|---|
port.clientId | Your Port client id | ✅ |
port.clientSecret | Your Port client secret | ✅ |
port.baseUrl | Your Port API URL - https://api.getport.io for EU, https://api.us.getport.io for US | ✅ |
integration.identifier | Change the identifier to describe your integration | ✅ |
integration.type | The integration type | ✅ |
integration.eventListener.type | The event listener type | ✅ |
integration.secrets.armorcodeApiToken | The ArmorCode API Token | ✅ |
integration.config.armorcodeApiUrl | The ArmorCode API URL. If not specified, the default will be https://api.armorcode.com | ❌ |
scheduledResyncInterval | The number of minutes between each resync | ❌ |
initializePortResources | Default true, When set to true the integration will create default blueprints and the port App config Mapping | ❌ |
For advanced configuration such as proxies or self-signed certificates, click here.
This workflow/pipeline will run the ArmorCode integration once and then exit, this is useful for scheduled ingestion of data.
If you want the integration to update Port in real time using webhooks you should use the Real-time (self-hosted) installation option
- GitHub
- Jenkins
- Azure Devops
- GitLab
Make sure to configure the following Github Secrets:
| Parameter | Description | Required |
|---|---|---|
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN | The ArmorCode API Token | ✅ |
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL | The ArmorCode API URL. If not specified, the default will be https://api.armorcode.com | ❌ |
OCEAN__INITIALIZE_PORT_RESOURCES | Default true, When set to false the integration will not create default blueprints and the port App config Mapping | ❌ |
OCEAN__SEND_RAW_DATA_EXAMPLES | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping. Default is true | ❌ |
OCEAN__INTEGRATION__IDENTIFIER | Change the identifier to describe your integration, if not set will use the default one | ❌ |
OCEAN__PORT__CLIENT_ID | Your port client id (How to get the credentials) | ✅ |
OCEAN__PORT__CLIENT_SECRET | Your port client (How to get the credentials) secret | ✅ |
OCEAN__PORT__BASE_URL | Your Port API URL - https://api.getport.io for EU, https://api.us.getport.io for US | ✅ |
Here is an example for armorcode-integration.yml workflow file:
name: ArmorCode Exporter Workflow
on:
workflow_dispatch:
schedule:
- cron: '0 */1 * * *' # Determines the scheduled interval for this workflow. This example runs every hour.
jobs:
run-integration:
runs-on: ubuntu-latest
timeout-minutes: 30 # Set a time limit for the job
steps:
- uses: port-labs/ocean-sail@v1
with:
type: 'armorcode'
port_client_id: ${{ secrets.OCEAN__PORT__CLIENT_ID }}
port_client_secret: ${{ secrets.OCEAN__PORT__CLIENT_SECRET }}
port_base_url: https://api.getport.io
config: |
armorcode_api_token: ${{ secrets.OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN }}
armorcode_api_url: ${{ secrets.OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL }}
Your Jenkins agent should be able to run docker commands.
Make sure to configure the following Jenkins Credentials
of Secret Text type:
| Parameter | Description | Required |
|---|---|---|
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN | The ArmorCode API Token | ✅ |
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL | The ArmorCode API URL. If not specified, the default will be https://api.armorcode.com | ❌ |
OCEAN__INITIALIZE_PORT_RESOURCES | Default true, When set to false the integration will not create default blueprints and the port App config Mapping | ❌ |
OCEAN__SEND_RAW_DATA_EXAMPLES | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping. Default is true | ❌ |
OCEAN__INTEGRATION__IDENTIFIER | Change the identifier to describe your integration, if not set will use the default one | ❌ |
OCEAN__PORT__CLIENT_ID | Your port client id (How to get the credentials) | ✅ |
OCEAN__PORT__CLIENT_SECRET | Your port client (How to get the credentials) secret | ✅ |
OCEAN__PORT__BASE_URL | Your Port API URL - https://api.getport.io for EU, https://api.us.getport.io for US | ✅ |
OCEAN__BASE_URL | The host of the Port Ocean app. Used to set up the integration endpoint as the target for webhooks created in ArmorCode | ❌ |
Here is an example for Jenkinsfile groovy pipeline file:
pipeline {
agent any
stages {
stage('Run ArmorCode Integration') {
steps {
script {
withCredentials([
string(credentialsId: 'OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN', variable: 'OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN'),
string(credentialsId: 'OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL', variable: 'OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL'),
string(credentialsId: 'OCEAN__PORT__CLIENT_ID', variable: 'OCEAN__PORT__CLIENT_ID'),
string(credentialsId: 'OCEAN__PORT__CLIENT_SECRET', variable: 'OCEAN__PORT__CLIENT_SECRET'),
]) {
sh('''
#Set Docker image and run the container
integration_type="armorcode"
version="latest"
image_name="ghcr.io/port-labs/port-ocean-${integration_type}:${version}"
docker run -i --rm --platform=linux/amd64 \
-e OCEAN__EVENT_LISTENER='{"type":"ONCE"}' \
-e OCEAN__INITIALIZE_PORT_RESOURCES=true \
-e OCEAN__SEND_RAW_DATA_EXAMPLES=true \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL \
-e OCEAN__PORT__CLIENT_ID=$OCEAN__PORT__CLIENT_ID \
-e OCEAN__PORT__CLIENT_SECRET=$OCEAN__PORT__CLIENT_SECRET \
-e OCEAN__PORT__BASE_URL='https://api.getport.io' \
$image_name
exit $?
''')
}
}
}
}
}
}
Your Azure Devops agent should be able to run docker commands.
Make sure to configure the following variables using Azure Devops variable groups. Add them into in a variable group named port-ocean-credentials:
| Parameter | Description | Required |
|---|---|---|
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN | The ArmorCode API Token | ✅ |
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL | The ArmorCode API URL. If not specified, the default will be https://api.armorcode.com | ❌ |
OCEAN__INITIALIZE_PORT_RESOURCES | Default true, When set to false the integration will not create default blueprints and the port App config Mapping | ❌ |
OCEAN__SEND_RAW_DATA_EXAMPLES | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping. Default is true | ❌ |
OCEAN__INTEGRATION__IDENTIFIER | Change the identifier to describe your integration, if not set will use the default one | ❌ |
OCEAN__PORT__CLIENT_ID | Your port client id (How to get the credentials) | ✅ |
OCEAN__PORT__CLIENT_SECRET | Your port client (How to get the credentials) secret | ✅ |
OCEAN__PORT__BASE_URL | Your Port API URL - https://api.getport.io for EU, https://api.us.getport.io for US | ✅ |
Here is an example for armorcode-integration.yml pipeline file:
trigger:
- main
pool:
vmImage: "ubuntu-latest"
variables:
- group: port-ocean-credentials # OCEAN__PORT__CLIENT_ID, OCEAN__PORT__CLIENT_SECRET, OCEAN__INTEGRATION__CONFIG__TOKEN
steps:
- script: |
echo Add other tasks to build, test, and deploy your project.
# Set Docker image and run the container
integration_type="armorcode"
version="latest"
image_name="ghcr.io/port-labs/port-ocean-$integration_type:$version"
docker run -i --rm \
-e OCEAN__EVENT_LISTENER='{"type":"ONCE"}' \
-e OCEAN__INITIALIZE_PORT_RESOURCES=true \
-e OCEAN__SEND_RAW_DATA_EXAMPLES=true \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL \
-e OCEAN__PORT__CLIENT_ID=$(OCEAN__PORT__CLIENT_ID) \
-e OCEAN__PORT__CLIENT_SECRET=$(OCEAN__PORT__CLIENT_SECRET) \
-e OCEAN__PORT__BASE_URL='https://api.getport.io' \
$image_name
exit $?
displayName: 'Ingest ArmorCode Data into Port'
Make sure to configure the following GitLab variables:
| Parameter | Description | Required |
|---|---|---|
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN | The ArmorCode API Token | ✅ |
OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL | The ArmorCode API URL. If not specified, the default will be https://api.armorcode.com | ❌ |
OCEAN__INITIALIZE_PORT_RESOURCES | Default true, When set to false the integration will not create default blueprints and the port App config Mapping | ❌ |
OCEAN__SEND_RAW_DATA_EXAMPLES | Enable sending raw data examples from the third party API to port for testing and managing the integration mapping. Default is true | ❌ |
OCEAN__INTEGRATION__IDENTIFIER | Change the identifier to describe your integration, if not set will use the default one | ❌ |
OCEAN__PORT__CLIENT_ID | Your port client id (How to get the credentials) | ✅ |
OCEAN__PORT__CLIENT_SECRET | Your port client (How to get the credentials) secret | ✅ |
OCEAN__PORT__BASE_URL | Your Port API URL - https://api.getport.io for EU, https://api.us.getport.io for US | ✅ |
Here is an example for .gitlab-ci.yml pipeline file:
default:
image: docker:24.0.5
services:
- docker:24.0.5-dind
before_script:
- docker info
variables:
INTEGRATION_TYPE: armorcode
VERSION: latest
stages:
- ingest
ingest_data:
stage: ingest
variables:
IMAGE_NAME: ghcr.io/port-labs/port-ocean-$INTEGRATION_TYPE:$VERSION
script:
- |
docker run -i --rm --platform=linux/amd64 \
-e OCEAN__EVENT_LISTENER='{"type":"ONCE"}' \
-e OCEAN__INITIALIZE_PORT_RESOURCES=true \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_TOKEN \
-e OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL=$OCEAN__INTEGRATION__CONFIG__ARMORCODE_API_URL \
-e OCEAN__PORT__CLIENT_ID=$OCEAN__PORT__CLIENT_ID \
-e OCEAN__PORT__CLIENT_SECRET=$OCEAN__PORT__CLIENT_SECRET \
-e OCEAN__PORT__BASE_URL='https://api.getport.io' \
$IMAGE_NAME
rules: # Run only when changes are made to the main branch
- if: '$CI_COMMIT_BRANCH == "main"'
The port_region, port.baseUrl, portBaseUrl, port_base_url and OCEAN__PORT__BASE_URL parameters select which Port API instance to use:
- EU (app.port.io) →
https://api.getport.io - US (app.us.port.io) →
https://api.us.getport.io
For advanced configuration such as proxies or self-signed certificates, click here.
Configuration
Port integrations use a YAML mapping block to ingest data from the third-party api into Port.
The mapping makes use of the JQ JSON processor to select, modify, concatenate, transform and perform other operations on existing fields and values from the integration API.
Default mapping configuration
This is the default mapping configuration for this integration:
Default mapping configuration (click to expand)
deleteDependentEntities: true
createMissingRelatedEntities: true
enableMergeEntity: true
resources:
- kind: product
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeProduct"'
identifier: .id | tostring
title: .name
properties:
name: .name
description: .description
businessOwner: .business_owner
securityOwner: .security_owner
- kind: sub-product
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeSubProduct"'
identifier: .id | tostring
title: .name
properties:
name: .name
repoLink: .repo_link
programmingLanguage: .programming_language
technologies: .technologies
relations:
product: .product_id
- kind: finding
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeFinding"'
identifier: .id | tostring
title: .title
properties:
source: .source
description: .description
mitigation: .mitigation
severity: .severity
findingCategory: .finding_category
status: .status
productStatus: .product_status
subProductStatuses: .sub_product_statuses
title: .title
toolSeverity: .tool_severity
createdAt: .created_at
lastUpdated: .last_updated
cwe: .cwe
cve: .cve
link: .link
riskScore: .risk_score
findingScore: .finding_score
relations:
product: .product_id
subProduct: .sub_product_id
Monitoring and sync status
To learn more about how to monitor and check the sync status of your integration, see the relevant documentation.
Examples
Examples of blueprints and the relevant integration configurations:
Product
Product blueprint (click to expand)
{
"identifier": "armorcodeProduct",
"title": "Armorcode Product",
"icon": "Package",
"schema": {
"properties": {
"name": {
"type": "string",
"title": "Name"
},
"description": {
"type": "string",
"title": "Description"
},
"businessOwner": {
"type": "string",
"title": "Business Owner"
},
"securityOwner": {
"type": "string",
"title": "Security Owner"
}
},
"required": [
"name"
]
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {}
}
Integration configuration (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: products
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeProduct"'
identifier: .id | tostring
title: .name
properties:
name: .name
description: .description
businessOwner: .business_owner
securityOwner: .security_owner
Sub-Product
Sub-Product blueprint (click to expand)
{
"identifier": "armorcodeSubProduct",
"title": "Armorcode Sub-Product",
"icon": "Git",
"schema": {
"properties": {
"name": {
"type": "string",
"title": "Name"
},
"repoLink": {
"type": "string",
"title": "Repository Link",
"format": "url"
},
"programmingLanguage": {
"type": "string",
"title": "Language"
},
"technologies": {
"type": "array",
"title": "Technologies",
"items": {
"type": "string"
}
}
},
"required": [
"name"
]
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {
"product": {
"title": "Product",
"target": "armorcodeProduct",
"required": false,
"many": false
}
}
}
Integration configuration (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: sub_products
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeSubProduct"'
identifier: .id | tostring
title: .name
properties:
name: .name
repoLink: .repo_link
programmingLanguage: .programming_language
technologies: .technologies
relations:
product: .product_id
Finding
Finding blueprint (click to expand)
{
"identifier": "armorcodeFinding",
"title": "ArmorCode Finding",
"icon": "Bug",
"schema": {
"properties": {
"source": {
"title": "Source",
"type": "string",
"description": "The security tool that generated this finding"
},
"description": {
"title": "Description",
"type": "string",
"description": "Detailed description of the security finding"
},
"mitigation": {
"title": "Mitigation",
"type": "string",
"description": "Recommended mitigation steps for this finding"
},
"severity": {
"type": "string",
"title": "Severity",
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"INFORMATIONAL",
"UNKNOWN"
],
"enumColors": {
"CRITICAL": "red",
"HIGH": "orange",
"MEDIUM": "yellow",
"LOW": "darkGray",
"INFORMATIONAL": "silver",
"UNKNOWN": "lightGray"
}
},
"findingCategory": {
"title": "Finding Category",
"type": "string",
"description": "Category classification of the finding"
},
"status": {
"type": "string",
"title": "Status",
"enum": [
"OPEN",
"CLOSED",
"ACTIVE",
"IN_PROGRESS",
"RESOLVED",
"TRIAGE",
"CONTROLLED",
"SUPPRESS",
"MITIGATED"
],
"enumColors": {
"OPEN": "paleBlue",
"ACTIVE": "olive",
"CLOSED": "lightGray",
"RESOLVED": "green",
"IN_PROGRESS": "orange",
"TRIAGE": "yellow",
"CONTROLLED": "purple",
"SUPPRESS": "darkGray",
"MITIGATED": "lime"
}
},
"productStatus": {
"title": "Product Status",
"type": "string",
"description": "Status of the product containing this finding"
},
"subProductStatuses": {
"title": "Sub-Product Status",
"type": "string",
"description": "Status of the sub-product containing this finding"
},
"title": {
"title": "Title",
"type": "string",
"description": "Brief title describing the finding"
},
"toolSeverity": {
"title": "Tool Severity",
"type": "string",
"description": "Original severity as reported by the security tool"
},
"createdAt": {
"title": "Created At",
"type": "string",
"description": "When the finding was first created"
},
"lastUpdated": {
"title": "Last Updated",
"type": "string",
"format": "date-time",
"description": "When the finding was last updated"
},
"cwe": {
"title": "CWE",
"type": "array",
"description": "Common Weakness Enumeration identifiers",
"items": {
"type": "string"
}
},
"cve": {
"title": "CVE",
"type": "array",
"description": "Common Vulnerabilities and Exposures identifiers",
"items": {
"type": "string"
}
},
"link": {
"title": "Link to Finding",
"type": "string",
"format": "url",
"description": "Direct link to the finding in ArmorCode"
},
"riskScore": {
"title": "Risk Score",
"type": "number",
"description": "Calculated risk score for the finding"
},
"findingScore": {
"title": "Finding Score",
"type": "number",
"description": "ArmorCode finding score"
}
},
"required": [
"title",
"status",
"severity",
"source",
"findingCategory"
]
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"product": {
"title": "Product",
"target": "armorcodeProduct",
"required": true,
"many": false
},
"subProduct": {
"title": "Sub-Product",
"target": "armorcodeSubProduct",
"required": true,
"many": false
}
}
}
Integration configuration (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: findings
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"armorcodeFinding"'
identifier: .id | tostring
title: .title
properties:
source: .source
description: .description
mitigation: .mitigation
severity: .severity
findingCategory: .finding_category
status: .status
productStatus: .product_status
subProductStatuses: .sub_product_statuses
title: .title
toolSeverity: .tool_severity
createdAt: .created_at
lastUpdated: .last_updated
cwe: .cwe
cve: .cve
link: .link
riskScore: .risk_score
findingScore: .finding_score
relations:
product: .product_id
subProduct: .sub_product_id
Let's Test It
This section includes a sample response data from ArmorCode. In addition, it includes the entity created from the resync event based on the Ocean configuration provided in the previous section.
Payload
Here is an example of the payload structure from ArmorCode:
Product response data (click to expand)
{
"id": 1,
"name": "E-commerce Platform",
"description": "Main e-commerce application for online retail",
"business_owner": "John Smith",
"security_owner": "Sarah Johnson",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-20T14:45:00Z"
}
Sub-Product response data (click to expand)
{
"id": 101,
"name": "payment-service",
"repo_link": "https://github.com/company/payment-service",
"programming_language": "Java",
"technologies": ["Spring Boot", "PostgreSQL", "Redis"],
"product_id": 1,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-20T14:45:00Z"
}
Finding response data (click to expand)
{
"id": 1001,
"title": "SQL Injection Vulnerability",
"source": "SAST",
"description": "Potential SQL injection vulnerability detected in user input validation",
"mitigation": "Use parameterized queries and input validation",
"severity": "HIGH",
"finding_category": "Code Security",
"status": "OPEN",
"product_status": "ACTIVE",
"sub_product_statuses": "ACTIVE",
"tool_severity": "HIGH",
"created_at": "2024-01-15T10:30:00Z",
"last_updated": "2024-01-20T14:45:00Z",
"cwe": ["CWE-89"],
"cve": ["CVE-2023-1234"],
"link": "https://app.armorcode.com/findings/1001",
"risk_score": 8.5,
"finding_score": 7.2,
"product_id": 1,
"sub_product_id": 101
}