sysdiglabs · filiptubic · Jul 14, 2023 · Jul 14, 2023 · Jul 14, 2023 · Jul 14, 2023
diff --git a/sdcclient/secure/scanning/_alerts.py b/sdcclient/secure/scanning/_alerts.py
@@ -379,3 +379,39 @@ def delete_alert(self, policyid):  # FIXME: policyid must be maintained for back
         if not self._checkResponse(res):
             return [False, self.lasterr]
         return [True, res.text]
+
+    def add_alert_object(self, object):
+        '''
+        Adds alert object as raw JSON object.
+
+        Args:
+            object: JSON repsentation of the alert.
+
+        Examples:
+            >>> client = ScanningAlertsClientV1(sdc_url=os.getenv("SDC_SECURE_URL", "https://secure.sysdig.com"),
+            >>>                                 token=os.getenv("SDC_SECURE_TOKEN"))
+            >>> alert = {
+            >>>     "enabled": True,
+            >>>     "type": "runtime",
+            >>>     "name": "runtime-scanning-alert",
+            >>>     "triggers": {
+            >>>         "unscanned": True,
+            >>>         "analysis_update": False,
+            >>>         "vuln_update": False,
+            >>>         "policy_eval": False,
+            >>>         "failed": False
+            >>>     },
+            >>>     "autoscan": False,
+            >>>     "onlyPassFail": False,
+            >>>     "skipEventSend": False,
+            >>>     "notificationChannelIds": []
+            >>> }
+            >>> client.add_alert_object(alert)
+        '''
+        url = self.url + '/api/scanning/v1/alerts'
+        data = json.dumps(object)
+        res = self.http.post(url, headers=self.hdrs, data=data, verify=self.ssl_verify)
+        if not self._checkResponse(res):
+            return [False, self.lasterr]
+
+        return [True, res.json()]
diff --git a/specs/secure/scanning/alerts_spec.py b/specs/secure/scanning/alerts_spec.py
@@ -1,12 +1,13 @@
 import os
+import uuid
 
-from expects import be_empty, be_false, be_true, contain, contain_exactly, expect, have_keys
+from expects import be_empty, be_false, be_true, contain, contain_exactly, expect, have_keys, equal
 from mamba import after, before, context, description, it
 
 from sdcclient import SdScanningClient
 from specs import be_successful_api_call
 
-with description("Scanning Alerts") as self:
+with description("Scanning Alerts", "integration") as self:
     with before.all:
         self.client = SdScanningClient(sdc_url=os.getenv("SDC_SECURE_URL", "https://secure.sysdig.com"),
                                        token=os.getenv("SDC_SECURE_TOKEN"))
@@ -18,6 +19,34 @@
         for alert in res["alerts"]:
             self.client.delete_alert(alert["alertId"])
 
+    with it("add alert object"):
+        alert = {
+            "enabled": True,
+            "type": "runtime",
+            "name": f"runtime-scanning-alert-{uuid.uuid4()}",
+            "triggers": {
+                "unscanned": True,
+                "analysis_update": False,
+                "vuln_update": False,
+                "policy_eval": False,
+                "failed": False
+            },
+            "autoscan": False,
+            "onlyPassFail": False,
+            "skipEventSend": False,
+            "notificationChannelIds": []
+        }
+        ok, res = self.client.add_alert_object(alert)
+        expect((ok, res)).to(be_successful_api_call)
+        expect(res['enabled']).to(equal(alert['enabled']))
+        expect(res['type']).to(equal(alert['type']))
+        expect(res['name']).to(equal(alert['name']))
+        expect(res['triggers']).to(equal(alert['triggers']))
+        expect(res['autoscan']).to(equal(alert['autoscan']))
+        expect(res['onlyPassFail']).to(equal(alert['onlyPassFail']))
+        expect(res['skipEventSend']).to(equal(alert['skipEventSend']))
+        expect(res['notificationChannelIds']).to(equal(alert['notificationChannelIds']))
+
     with it("lists all the scanning alerts"):
         ok, res = self.client.add_runtime_alert(
                 name="A name",