Using Python with the ReST API
Topics: Developer, API
Related: GitLab Runner, CollabTools API, Using Git Client with CollabTools, Configuration and Teardown Scripts, Submission Service, CollabTools API, Registering for DoD Machine Certificate, Make ReST API Calls with an ECA Cert, API Tokens

Try pycons3rtapi for an easy way to get started using the ReST API with Python 2.7.

Prerequisites

We suggest using the requests package to make ReST API calls with python, and the requests_toolbelt package to assist in calls using large file uploads like asset imports. Use pip to install prerequisites:

pip install requests
pip install requests_toolbelt

Use an ECA Certificate with python

Once requests is installed, you can leverage it to add your client ECA certificate to API requests to Arcus. Note, certificates are not required in cons3rt.com. To convert your ECA certificate to a passwordless PEM file for use with python, run the following command on a machine with openssl:

openssl pkcs12 -in certfile.pfx -out certfile.pem -nodes

Then include the certificate path as the cert argument to any python requests call like this:

  • response = requests.get(url, headers=headers, cert=’/path/to/certfile.pem’)

Setting Headers

For Arcus requiring certificate-based authentication, set headers:

headers = {
    'token': '12345-67890-12345-67890',
    'Accept': 'application/json'
}

For Cons3rt or any site that does not require certificate-based authentication, add the username header:

headers = {
    'username': cons3rt_username,
    'token': '12345-67890-12345-67890',
    'Accept': 'application/json'
}

Use the following optional headers depending on the requirements of the ReST API call, use Keep-Alive when importing or updating an asset:

headers['Connection'] = 'Keep-Alive'
headers['Content-Type'] = 'application/json'

Handling DoD Root CA Certificates for Arcus

The Arcus DoD root CA certificate is not included in the standard python distribution. There are two ways to handle this:

  • The easy but insecure way, set verify=False in the request like this:
    • response = requests.get(url, headers=headers, verify=False, cert=’/path/to/certfile.pem')
  • Create a cert bundle PEM file containing the DoD root certs, and provide the path to the verify arg in the request like this:
    • response = requests.get(url, headers=headers, verify=’/path/to/dod_bundle.pem’, cert=’/path/to/certfile.pem')

Make a ReST API Call with Python

See these examples on GitHub for sample Python code.

First determine the base URL for the CONS3RT site you are connecting to:

  • For Arcus: base_url = 'https://arcus.mil'
  • For Cons3rt: base_url = 'https://www.cons3rt.com'

Review the API documentation for the ReST API call and determine the:

  • HTTP method (GET, PUT, POST, DELETE, etc.)
  • URL for the call (e.g. /rest/api/drs/)

Let’s put it all together! Now you have all the information you need to make a ReST API call with Python Requests. Here are some sample calls, note these sample calls are written for Arcus with certificate-based authentication, so for Cons3rt you can set verify=None and cert=None:

  • List your Deployment Runs
import requests
base_url = 'https://arcus.mil'
headers = {
    'token': '12345-67890-12345-67890',
    'Accept': 'application/json'
}
response = requests.get(base_url + '/rest/api/drs/?search_type=SEARCH_ALL&in_project=false', headers=headers, verify='/path/to/dod_bundle.pem', cert='/path/to/certfile.pem')
print('CONS3RT returned code: ' + str(response.status_code))
print('API call output: ' + response.content)
  • Import a Software Asset
import requests
from requests_toolbelt import MultipartEncoder
asset_file_name = 'asset.zip'
asset_zip = '/path/to/asset/zip/file/' + asset_file_name
base_url = 'https://arcus.mil'
headers = {
    'token': '12345-67890-12345-67890',
    'Accept': 'application/json'
}
headers['Connection'] = 'Keep-Alive'
    with open(asset_zip, 'r') as f:
        form = MultipartEncoder({
            "file": (asset_file_name, f, "application/octet-stream"),
            "filename": asset_file_name
        })
        headers["Content-Type"] = form.content_type
        response = requests.post(base_url + '/rest/api/software/import', headers=headers, data=form, verify=False, cert=cert_file)
        print('CONS3RT returned code: ' + str(response.status_code))
        print('API call output: ' + str(response.content))
  • Launch a Deployment!
import requests
base_url = 'https://arcus.mil'
deployment_id = '12345'
headers = {
    'token': '12345-67890-12345-67890',
    'Accept': 'application/json'
}
body = { ... set body fields according to the ReST API documentation ... }  
response = requests.put(base_url + '/rest/api/deployments/{i}/execute/'.format(i=deployment_id), headers=headers, data=body, verify='/path/to/dod_bundle.pem', cert='/path/to/certfile.pem')
print('CONS3RT returned code: ' + str(response.status_code))
print('API call output: ' + response.content)