Delete old deferral requests

[mtcolman]

Hello, I'm trying to remove old deferral requests via the API:

curl -s -k -u admin:$acs_pass -X DELETE "https://localhost:8443/v1/cve/requests/$id"

However I get:

{"error":"cannot delete exception 6ee5ee7d-4b2c-402f-9903-b404c52f1df9. Only vulnerability exceptions or updates in pending state can be deleted","code":13,"message":"cannot delete exception 6ee5ee7d-4b2c-402f-9903-b404c52f1df9. Only vulnerability exceptions or updates in pending state can be deleted","details":[]}

We are needing to extract deferral request info from ACS as the UI (to put it bluntly) is a bit rubbish for this. However we are finding a load of no longer used deferral requests and we'd like to do some housekeeping. Is it possible via the API please? (The deferrals we are wishing to remove don't show in UI as they've expired).

Thanks!

[ivan-degtiarenko]

Hi @mtcolman,

just like our UI, you can filter deferral requests by status and expiration:

query: Request Status:PENDING,APPROVED_PENDING_UPDATE+Expired Request:false

There is API doc in upper-right corner of the UI, but unfortunately it does not specify how query should be built. However, you can see list of potential parameters of ListVulnerabilityRequests endpoint.

Regarding deletion of expired deferral requests this is unfortunately not possible. As written in the code comments:

	// Only pending exceptions and pending updates to an existing exception can be deleted through API. All other
	// exceptions can only be cancelled and are retained in the system according to the retention configuration.

[dcaravel]

@mtcolman does the information from @ivan-degtiarenko address your question? Please let us know. Thanks.

[mtcolman]

Hi @dcaravel I would appreciate some further explanation on how to use the following:

just like our UI, you can filter deferral requests by status and expiration:

query: Request Status:PENDING,APPROVED_PENDING_UPDATE+Expired Request:false

There is API doc in upper-right corner of the UI, but unfortunately it does not specify how query should be built. However, you can see list of potential parameters of ListVulnerabilityRequests endpoint.

Thanks!

[dcaravel]

Here is one way (assuming bash shell):

query='Request Status:PENDING,APPROVED_PENDING_UPDATE+Expired Request:false'

curl -ksS -H "Authorization: Bearer $ROX_API_TOKEN" "https://$ROX_ENDPOINT/v1/cve/requests" --data-urlencode "query=$query"

Can determine other key/values to add to the query by inspecting the @gotags: search: comments in the protobuf specs (example: Request Status tag, Request Status possible values)

Hope that helps, otherwise will have to defer to @ivan-degtiarenko for additional details.

[vjwilson]

@mtcolman We have created an internal feature request to track your initial problem of deleted expired deferrals thought the API (and possibly also, the UI, which uses API calls under the hood).

We cannot give a definite timeline on that, but we are tracking it.