PolicyApi

veracode_platform::policy

Struct PolicyApi 

Source 
pub struct PolicyApi<'a> { /* private fields */ }
Expand description

Veracode Policy API operations

Implementations§

Source§

impl<'a> PolicyApi<'a>

Source

pub fn new(client: &'a VeracodeClient) -> Self

Create a new PolicyApi instance

Source

pub async fn list_policies( &self, params: Option<PolicyListParams>, ) -> Result<Vec<SecurityPolicy>, PolicyError>

List all available security policies

§Arguments
  • params - Optional query parameters for filtering
§Returns

A Result containing a list of policies or an error.

Source

pub async fn get_policy( &self, policy_guid: &str, ) -> Result<SecurityPolicy, PolicyError>

Get a specific policy by GUID

§Arguments
  • policy_guid - The GUID of the policy
§Returns

A Result containing the policy or an error.

Source

pub async fn get_default_policy(&self) -> Result<SecurityPolicy, PolicyError>

Get the default policy for the organization

§Returns

A Result containing the default policy or an error.

Source

pub async fn evaluate_policy_compliance_via_buildinfo( &self, app_id: &str, sandbox_id: Option<&str>, ) -> Result<Cow<'static, str>, PolicyError>

Evaluates policy compliance for an application or sandbox using XML API

This uses the /api/5.0/getbuildinfo.do endpoint which is the only working policy compliance endpoint as the REST API compliance endpoints return 404.

§Arguments
  • app_id - The numeric ID of the application
  • sandbox_id - Optional numeric ID of the sandbox to evaluate
§Returns

A Result containing the policy compliance status string or an error.

Source

pub async fn evaluate_policy_compliance_via_buildinfo_with_retry( &self, app_id: &str, sandbox_id: Option<&str>, max_retries: u32, retry_delay_seconds: u64, ) -> Result<Cow<'static, str>, PolicyError>

Evaluates policy compliance with retry logic for when assessment is not yet complete

This function will retry the policy evaluation check when the status is “Not Assessed” until either the assessment completes or the maximum retry attempts are reached.

§Arguments
  • app_id - The numeric ID of the application
  • sandbox_id - Optional numeric ID of the sandbox to evaluate
  • max_retries - Maximum number of retry attempts (default: 30)
  • retry_delay_seconds - Delay between retries in seconds (default: 10)
§Returns

A Result containing the policy compliance status string or an error.

Source

pub fn should_break_build(status: &str) -> bool

Determines if build should break based on policy compliance status

§Arguments
  • status - The policy compliance status string from XML API
§Returns

true if build should break, false otherwise

Source

pub fn get_exit_code_for_status(status: &str) -> i32

Gets the appropriate exit code for CI/CD systems based on policy compliance

§Arguments
  • status - The policy compliance status string from XML API
§Returns

Exit code: 0 for success, 4 for policy failure (build break)

Source

pub async fn get_summary_report( &self, app_guid: &str, build_id: Option<&str>, sandbox_guid: Option<&str>, ) -> Result<SummaryReport, PolicyError>

Get summary report for an application build using the REST API

This uses the /appsec/v2/applications/{app_guid}/summary_report endpoint to get policy compliance status and scan results.

§Arguments
  • app_guid - The GUID of the application
  • build_id - The build ID (GUID) to get summary for
  • sandbox_guid - Optional sandbox GUID for sandbox scans
§Returns

A Result containing the summary report or an error.

Source

pub async fn get_summary_report_with_policy_retry( &self, app_guid: &str, build_id: Option<&str>, sandbox_guid: Option<&str>, max_retries: u32, retry_delay_seconds: u64, enable_break_build: bool, ) -> Result<(SummaryReport, Option<Cow<'static, str>>), PolicyError>

Gets summary report with retry logic and returns both the full report and compliance status

This function combines the functionality of both get_summary_report and evaluate_policy_compliance_via_summary_report_with_retry to avoid redundant API calls. It will retry until the policy compliance status is ready (not “Not Assessed”).

§Arguments
  • app_guid - The GUID of the application
  • build_id - The build ID to check compliance for
  • sandbox_guid - Optional sandbox GUID for sandbox scans
  • max_retries - Maximum number of retry attempts
  • retry_delay_seconds - Delay between retries in seconds
  • debug - Enable debug logging
§Returns

A Result containing a tuple of (SummaryReport, Option<compliance_status>) or an error. The compliance_status is Some(status) if break_build evaluation is needed, None otherwise.

Source

pub async fn evaluate_policy_compliance_via_summary_report_with_retry( &self, app_guid: &str, build_id: &str, sandbox_guid: Option<&str>, max_retries: u32, retry_delay_seconds: u64, ) -> Result<Cow<'static, str>, PolicyError>

Evaluates policy compliance using the summary report API with retry logic

This function uses the summary_report endpoint instead of the buildinfo XML API and will retry when results are not ready yet.

§Arguments
  • app_guid - The GUID of the application
  • build_id - The build ID (GUID) to check compliance for
  • sandbox_guid - Optional sandbox GUID for sandbox scans
  • max_retries - Maximum number of retry attempts (default: 30)
  • retry_delay_seconds - Delay between retries in seconds (default: 10)
§Returns

A Result containing the policy compliance status string or an error.

Source

pub async fn evaluate_policy_compliance_via_summary_report( &self, app_guid: &str, build_id: &str, sandbox_guid: Option<&str>, ) -> Result<Cow<'static, str>, PolicyError>

Evaluates policy compliance using the summary report API (single attempt)

This is a convenience method that calls the retry version with default parameters.

§Arguments
  • app_guid - The GUID of the application
  • build_id - The build ID (GUID) to check compliance for
  • sandbox_guid - Optional sandbox GUID for sandbox scans
§Returns

A Result containing the policy compliance status string or an error.

Source

pub async fn initiate_policy_scan( &self, request: PolicyScanRequest, ) -> Result<PolicyScanResult, PolicyError>

Initiate a policy scan for an application

§Arguments
  • request - The policy scan request
§Returns

A Result containing the scan result or an error.

Source

pub async fn get_policy_scan_result( &self, scan_id: u64, ) -> Result<PolicyScanResult, PolicyError>

Get policy scan status and results

§Arguments
  • scan_id - The ID of the policy scan
§Returns

A Result containing the scan result or an error.

Source

pub async fn is_policy_scan_complete( &self, scan_id: u64, ) -> Result<bool, PolicyError>

Check if a policy scan is complete

§Arguments
  • scan_id - The ID of the policy scan
§Returns

A Result containing a boolean indicating completion status.

Source

pub async fn get_policy_status_with_fallback( &self, app_guid: &str, app_id: &str, build_id: Option<&str>, sandbox_guid: Option<&str>, sandbox_id: Option<&str>, max_retries: u32, retry_delay_seconds: u64, enable_break_build: bool, force_buildinfo_api: bool, ) -> Result<(Option<SummaryReport>, String, ApiSource), PolicyError>

Gets policy compliance status with automatic fallback from summary report to buildinfo

This method first tries the summary report API for full functionality. If access is denied (401/403), it automatically falls back to the getbuildinfo.do XML API for policy compliance status only. This provides the best user experience while maintaining compatibility.

§Arguments
  • app_guid - Application GUID (for REST API)
  • app_id - Application numeric ID (for XML API fallback)
  • build_id - Optional build ID
  • sandbox_guid - Optional sandbox GUID (for REST API)
  • sandbox_id - Optional sandbox numeric ID (for XML API fallback)
  • max_retries - Maximum number of retry attempts
  • retry_delay_seconds - Delay between retries in seconds
  • enable_break_build - Whether to enable break build evaluation
  • force_buildinfo_api - Skip summary report and use buildinfo directly
§Returns

A tuple containing:

  • Optional SummaryReport (None if fallback was used)
  • Policy compliance status string
  • ApiSource indicating which API was used
Source

pub async fn get_active_policies( &self, ) -> Result<Vec<SecurityPolicy>, PolicyError>

Get active policies for the organization

§Returns

A Result containing a list of active policies or an error.

Auto Trait Implementations§

§

impl<'a> Freeze for PolicyApi<'a>

§

impl<'a> !RefUnwindSafe for PolicyApi<'a>

§

impl<'a> Send for PolicyApi<'a>

§

impl<'a> Sync for PolicyApi<'a>

§

impl<'a> Unpin for PolicyApi<'a>

§

impl<'a> !UnwindSafe for PolicyApi<'a>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ErasedDestructor for T
where T: 'static,