PyPI - boman-cli - Versions diffs - 2.0__tar.gz → 2.1__tar.gz - Mend

boman-cli 2.0tar.gz → 2.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

{boman-cli-2.0 → boman-cli-2.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: boman-cli
-Version: 2.0
+Version: 2.1
 Summary: CLI tool of boman.ai
 Home-page: https://boman.ai
 Author: Sumeru Software Solutions Pvt. Ltd.
@@ -83,11 +83,15 @@ Example: boman-cli -a run -zap_session_script ./session.js
 ### Release Note:
+### V2.1
+    - New scan added: SBOM.
 ### V2.0
     - New scan added: Container scan.
     - New Tool added for SCA scan type.
 ### V1.9:
     - [Bug fix] Updated the Upload Logs success message

{boman-cli-2.0 → boman-cli-2.1}/README.md RENAMED Viewed

@@ -68,11 +68,15 @@ Example: boman-cli -a run -zap_session_script ./session.js
 ### Release Note:
+### V2.1
+    - New scan added: SBOM.
 ### V2.0
     - New scan added: Container scan.
     - New Tool added for SCA scan type.
 ### V1.9:
     - [Bug fix] Updated the Upload Logs success message

{boman-cli-2.0 → boman-cli-2.1}/boman_cli.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: boman-cli
-Version: 2.0
+Version: 2.1
 Summary: CLI tool of boman.ai
 Home-page: https://boman.ai
 Author: Sumeru Software Solutions Pvt. Ltd.
@@ -83,11 +83,15 @@ Example: boman-cli -a run -zap_session_script ./session.js
 ### Release Note:
+### V2.1
+    - New scan added: SBOM.
 ### V2.0
     - New scan added: Container scan.
     - New Tool added for SCA scan type.
 ### V1.9:
     - [Bug fix] Updated the Upload Logs success message

{boman-cli-2.0 → boman-cli-2.1}/bomancli/Config.py RENAMED Viewed

@@ -115,7 +115,7 @@ class Config:
     log_level = "INFO"
-    version = 'v2.0'
+    version = 'v2.1'
     boman_config_file = 'boman.yaml'
@@ -149,4 +149,14 @@ class Config:
     con_scan_upload_status=None
     con_scan_status=None
     con_scan_type=None
-    con_scan_target=None
+    con_scan_target=None
+     #sbom
+    sbom_present=None
+    sbom_build_dir=None
+    sbom_message=None
+    sbom_response=None
+    sbom_errors=None
+    sbom_upload_status=None
+    sbom_scan_status=None
+    sbom_target=None

{boman-cli-2.0 → boman-cli-2.1}/bomancli/auth.py RENAMED Viewed

@@ -46,7 +46,7 @@ def authorize():
         logging.info(f"Boman opted for: {Config.sca_lang} scan")
     logging.info('Authenticating with boman server')
-    data = {'app_token': Config.app_token, 'customer_token': Config.customer_token, 'sast':Config.sast_present,"dast":Config.dast_present,"dast_type":Config.dast_type,"dast_auth_enabled":Config.dast_auth_present,"sast_langs":Config.sast_lang,"sca":Config.sca_present,"sca_langs":Config.sca_lang,"sca_scan_type":Config.sca_type,"secret_scan":Config.secret_scan_present,'container_scan': Config.con_scan_present,'container_scan_type': Config.con_scan_type}
+    data = {'app_token': Config.app_token, 'customer_token': Config.customer_token, 'sast':Config.sast_present,"dast":Config.dast_present,"dast_type":Config.dast_type,"dast_auth_enabled":Config.dast_auth_present,"sast_langs":Config.sast_lang,"sca":Config.sca_present,"sca_langs":Config.sca_lang,"sca_scan_type":Config.sca_type,"secret_scan":Config.secret_scan_present,'container_scan': Config.con_scan_present,'container_scan_type': Config.con_scan_type,"sbom":Config.sbom_present}
     headers = {'Content-type': 'application/json', 'Accept': 'text/plain'}
     try:
         res = requests.post(url, json=data, headers=headers)
@@ -69,7 +69,8 @@ def authorize():
                 Config.secret_scan_response = json_response['data']['secret_scan']
                 Config.scan_token = json_response['data']['scan_token']
                 Config.scan_name = json_response['data']['scan_name']
-                Config.con_scan_response = json_response['data']['cs']
+                Config.con_scan_response = json_response['data']['cs']
+                Config.sbom_response = json_response['data']['sbom']
                 return 1
             except:

{boman-cli-2.0 → boman-cli-2.1}/bomancli/main.py RENAMED Viewed

@@ -535,7 +535,48 @@ def runImage(data=None,type=None):
             msg = 'Error recorded while uploading the report'
             Utils.logError(msg,str(e))
+    if type == 'sbom':
+        Utils.checkImageAlreadyExsist(docker_image)
+        logging.info('Running %s',tool_name)
+        try:
+            Config.build_dir = Config.sbom_build_dir
+            command_line = "% s" % command_line.format(target = 'src/')
+            container_output = docker.containers.run(docker_image, command_line, volumes={Config.sbom_build_dir: {
+                        'bind': data['bind']}}, user=uid)
+            logging.info('[SUCCESS]: %s Scan Completed',tool_name)
+            Config.sbom_message ='SBOM scan completed'
+            Config.sbom_scan_status ='Completed'
+        except errors.ContainerError as exc:
+           logging.error('Some Error recorded while scanning %s',tool_name)
+           logging.error('%s',str(exc))
+           msg='\n The following error has been recorded while scanning sca'
+           Config.sbom_scan_status ='Completed'
+           Config.sbom_errors ='Some Error recorded while scanning [',str(exc),']'
+           Utils.logError(msg,str(exc))
+        try:
+            if will_generate_output == 1:
+                logging.info('Uploading %s to the server',output_file)
+                if uploadReport(output_file,tool_name,tool_id,scan_details_id,'sbom'):
+                    Config.sbom_scan_status ='Completed'
+                    Config.sbom_upload_status = 'Completed'
+                    Config.sbom_message ='Scan Completed'
+                else:
+                    Config.sbom_scan_status ='Failed'
+                    Config.sbom_upload_status = 'Failed'
+                    Config.sbom_message ='Error occured while uploading the report, Please check the cli logs'
+            else:
+                logging.error('Cant upload files to the server',tool_name)
+                Config.sbom_message ='Cant upload files to the server for SBOM,Please check your directory for the files.'
+        except EnvironmentError as e:
+            logging.error('Error recorded while uploading the report %s',tool_name)
+            logging.error('%s',str(e))
+            Config.sbom_message ='Error recorded while uploading the report of SBOM, Please check your directory for the files.'           ## need to change logic here -- MM
+            msg = 'Error recorded while uploading the report'
+            Utils.logError(msg,str(e))
 #### function to upload the test report to the server with other data -- MM ------------------------------------
 def uploadReport(filename,toolname,tool_id,scan_details_id,type):
@@ -563,6 +604,9 @@ def uploadReport(filename,toolname,tool_id,scan_details_id,type):
             elif type =="container_scan":
                 message = Config.con_scan_message
                 errors = Config.con_scan_errors
+            elif type =="sbom":
+                message = Config.sbom_message
+                errors = Config.sbom_errors
         except:
             message = 'NA'
             errors = 'NA'
@@ -743,7 +787,7 @@ def main():
     init()
     Validation.yamlValidation()
-    if Config.secret_scan_present == True or Config.sast_present is True or Config.dast_present is True or Config.sca_present is True or Config.con_scan_present is True:
+    if Config.secret_scan_present == True or Config.sast_present is True or Config.dast_present is True or Config.sca_present is True or Config.con_scan_present is True or Config.sbom_present:
         Utils.testServer()
     else:
         content = Auth.authorize()
@@ -882,6 +926,20 @@ def main():
                 runImage(data=data,type='container_scan')
     else:
         logging.info('Ignoring Container Scan')
+    if Config.sbom_present is True:
+        logging.info("Preparing SBOM requirements")
+        for data in Config.sbom_response:
+            if data['scan_status'] == 0 :
+                logging.info('No SBOM Configuration found from SaaS')
+                logging.info('Ignoring SBOM')
+            else:
+                runImage(data=data,type='sbom')
+    else:
+        logging.info('Ignoring SBOM')
     exitFunction()
     return 1

{boman-cli-2.0 → boman-cli-2.1}/bomancli/utils.py RENAMED Viewed

@@ -328,6 +328,16 @@ def showSummary():
         logging.info('SCAN MESSAGE : %s', Config.con_scan_message)
     logging.info('-------------------------------------')
+    logging.info('-------- SBOM SCAN STATUS --------- ')
+    if Config.sbom_present:
+        logging.info('SCAN STATUS: %s',Config.sbom_scan_status)
+        logging.info('UPLOAD STATUS: %s',Config.sbom_upload_status)
+        logging.info('SCAN MESSAGE : %s', Config.sbom_message)
+        logging.info('ERRORS: %s',Config.sbom_errors)
+    else:
+        logging.info('SCAN MESSAGE : %s', Config.sbom_message)
+    logging.info('-------------------------------------')

{boman-cli-2.0 → boman-cli-2.1}/bomancli/validation.py RENAMED Viewed

@@ -263,10 +263,27 @@ def yamlValidation():
         logging.warning('Container Scan is not properly configured. Cant read the "container_scan" configuration.')
         Config.con_scan_message ='Container Scan is not properly configured'
+    try:
+        if "SBOM" in Config.config_data:
+            if Config.config_data['SBOM']:
+                Config.sbom_present = True
+                Config.sbom_build_dir = os.getcwd()+"/"
+                logging.info('SBOM is properly configured and ready to scan')
+            else:
+                Config.sbom_present = False
+                logging.warning('SBOM is not properly configured. Cant read the "sbom" configuration.')
+                Config.sbom_message ='sbom is not properly configured'
+        else:
+            Config.sbom_present = False
+            logging.warning('SBOM is not properly configured. Cant read the "sbom" configuration.')
+            Config.sbom_message ='sbom is not properly configured'
+    except:
+        Config.sbom_present = False
+        logging.warning('SBOM is not properly configured. Cant read the "sbom" configuration.')
+        Config.sbom_message ='sbom is not properly configured'
 ## need to use lingudetect here, but the results are not trustable and misleading ------ MM -------------------
 def findLang():