code-audit-23 0.1.1__py3-none-any.whl

code_audit_23/logger.py

@@ -0,0 +1,62 @@
+import logging
+import os
+import sys
+from logging.handlers import RotatingFileHandler
+from pathlib import Path
+
+from dotenv import load_dotenv
+
+load_dotenv()
+
+LOG_LEVEL = os.getenv("LOG_LEVEL", "WARNING").upper()
+
+
+def setup_logger(name):
+    """
+    Set up a logger with both file and console handlers.
+    Logs are stored in the directory where the command is executed.
+    """
+
+    # Always use the current working directory for logs
+    log_dir = Path.cwd() / "logs"
+
+    # Create logs directory if missing
+    log_dir.mkdir(parents=True, exist_ok=True)
+
+    # Initialize logger
+    logger = logging.getLogger(name)
+    logger.setLevel(LOG_LEVEL)
+
+    # Prevent duplicate handlers
+    if logger.hasHandlers():
+        return logger
+
+    # Formatters
+    file_formatter = logging.Formatter(
+        "%(asctime)s - %(name)s - %(levelname)s - %(message)s",
+        datefmt="%Y-%m-%d %H:%M:%S",
+    )
+    console_formatter = logging.Formatter("%(levelname)-8s %(message)s")
+
+    # File handler (rotating)
+    log_file = log_dir / "audit_scanner.log"
+    file_handler = RotatingFileHandler(
+        log_file, maxBytes=5 * 1024 * 1024, backupCount=3, encoding="utf-8"
+    )
+    file_handler.setLevel(LOG_LEVEL)
+    file_handler.setFormatter(file_formatter)
+
+    # Console handler
+    console_handler = logging.StreamHandler()
+    console_handler.setLevel(LOG_LEVEL)
+    console_handler.setFormatter(console_formatter)
+
+    # Add handlers
+    logger.addHandler(file_handler)
+    logger.addHandler(console_handler)
+
+    return logger
+
+
+# Default logger instance
+logger = setup_logger(__name__)

code_audit_23/main.py

@@ -0,0 +1,286 @@
+import os
+import subprocess
+import sys
+from pathlib import Path
+
+import click
+from dotenv import load_dotenv
+
+# Allow running both as package and script
+if __package__ is None or __package__ == "":
+    # Running as script (e.g. python main.py)
+    sys.path.append(os.path.dirname(os.path.abspath(__file__)))
+    from logger import logger
+    from sonarqube_cli import run_sonarqube_scan
+    from trivy_cli import run_trivy_scan
+else:
+    # Running as installed package
+    from .logger import logger
+    from .sonarqube_cli import run_sonarqube_scan
+    from .trivy_cli import run_trivy_scan
+
+# Load environment variables from .env file
+load_dotenv()
+
+# Default SonarQube configuration
+SONAR_HOST_URL = os.getenv("SONAR_HOST_URL", None)
+SONAR_LOGIN = os.getenv("SONAR_LOGIN", None)
+
+
+def ensure_reports_dir():
+    """Ensure the reports directory exists"""
+    reports_dir = Path("reports")
+    reports_dir.mkdir(exist_ok=True)
+    return reports_dir
+
+
+def get_sonarqube_credentials():
+    """Prompt user for SonarQube credentials if not in environment"""
+    click.echo(
+        click.style("\n🔑 SonarQube Configuration Required", fg="yellow", bold=True)
+    )
+    click.echo(click.style("-" * 40, fg="bright_black"))
+    sonar_url = click.prompt(
+        click.style(
+            "Enter SonarQube URL (e.g., http://localhost:9000)", fg="bright_cyan"
+        ),
+        type=str,
+    )
+    sonar_token = click.prompt(
+        click.style("Enter SonarQube Token (will be hidden)", fg="bright_cyan"),
+        hide_input=True,
+    )
+    click.echo(click.style("✅ Credentials saved for this session\n", fg="green"))
+    return sonar_url, sonar_token
+
+
+def show_welcome_banner():
+    """Display welcome banner with ASCII art"""
+    banner = """
+     ██████╗ ██████╗ ██████╗ ███████╗    █████╗ ██╗   ██╗██████╗ ██╗████████╗    ██████╗ ██████╗ 
+    ██╔════╝██╔═══██╗██╔══██╗██╔════╝   ██╔══██╗██║   ██║██╔══██╗██║╚══██╔══╝    ╚════██╗╚════██╗
+    ██║     ██║   ██║██║  ██║█████╗     ███████║██║   ██║██║  ██║██║   ██║        █████╔╝ █████╔╝
+    ██║     ██║   ██║██║  ██║██╔══╝     ██╔══██║██║   ██║██║  ██║██║   ██║       ██╔═══╝  ╚═══██╗
+    ╚██████╗╚██████╔╝██████╔╝███████╗   ██║  ██║╚██████╔╝██████╔╝██║   ██║      ███████╗██████╔╝
+     ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝   ╚═╝  ╚═╝ ╚═════╝ ╚═════╝ ╚═╝   ╚═╝      ╚══════╝╚═════╝ 
+    """
+    click.echo(click.style(banner, fg="bright_cyan"))
+    click.echo(
+        click.style(
+            " " * 25 + "🚀  Code Quality & Security Scanner  🚀\n",
+            fg="bright_white",
+            bold=True,
+        )
+    )
+    click.echo(click.style(" " * 30 + "Version 1.0.0\n", fg="bright_black"))
+
+    # Ensure reports directory exists
+    ensure_reports_dir()
+
+
+def show_menu():
+    """Display main interactive menu"""
+    click.echo(click.style("\n" + "═" * 80, fg="bright_blue"))
+    click.echo(
+        click.style(
+            " " * 22 + "🔍  CODE AUDIT 23 MENU  🔍", fg="bright_cyan", bold=True
+        )
+    )
+    click.echo(click.style("═" * 80 + "\n", fg="bright_blue"))
+
+    menu_items = [
+        (
+            "1",
+            "Quick Scan (SonarQube + Gitleaks + Trivy)",
+            "Run all security scans in sequence",
+        ),
+        (
+            "2",
+            "Trivy Scan",
+            "Scan for vulnerabilities in dependencies and container images",
+        ),
+        ("3", "SonarQube Scan", "Analyze code quality and security issues"),
+        ("q", "Quit", "Exit the application"),
+    ]
+
+    for num, title, desc in menu_items:
+        click.echo(
+            click.style(f"  [{num}] ", fg="bright_green", bold=True)
+            + click.style(f"{title}", fg="white", bold=True)
+        )
+        click.echo(click.style(f"      {desc}", fg="bright_black"))
+        # click.echo()
+
+    click.echo(click.style("─" * 80, fg="bright_blue"))
+
+
+def prompt_choice():
+    """Prompt user for menu selection with validation"""
+    while True:
+        choice = (
+            click.prompt(
+                click.style("\nSelect an option", fg="bright_yellow"),
+                type=str,
+                default="1",
+                show_default=False,
+            )
+            .strip()
+            .lower()
+        )
+
+        if choice in ["1", "2", "3", "4", "q", "quit"]:
+            return choice
+        click.echo(
+            click.style(
+                "❌ Invalid choice. Please select 1, 2, 3, or q to quit.", fg="red"
+            )
+        )
+
+
+def main():
+    """Interactive entrypoint for Audit Scanner"""
+    # Clear screen and show welcome banner
+    click.clear()
+    show_welcome_banner()
+
+    # Initialize SonarQube credentials
+    global SONAR_HOST_URL, SONAR_LOGIN
+    sonar_credentials_provided = bool(SONAR_HOST_URL and SONAR_LOGIN)
+
+    while True:
+        try:
+            show_menu()
+            choice = prompt_choice()
+            # click.clear()
+
+            # Handle quit option
+            if choice.lower() in ["q", "quit"]:
+                click.echo(
+                    click.style(
+                        "\n👋 Thank you for using Code Audit 23. Goodbye!\n",
+                        fg="bright_blue",
+                        bold=True,
+                    )
+                )
+                break
+
+            # Run Trivy scan for Quick Scan or Trivy only
+            if choice in ["1", "2"]:
+                if choice == "1":
+                    click.echo("\n" + "─" * 80)
+                report_path = "reports/trivy.sarif"
+                click.echo(
+                    click.style(
+                        f"🔍 Starting Trivy Vulnerability Scan... (Report will be saved to {report_path})",
+                        fg="bright_cyan",
+                        bold=True,
+                    )
+                )
+                # subprocess.run([
+                #     "trivy",
+                #     "repository",
+                #     "--format", "sarif",
+                #     "--output", report_path,
+                #     "."
+                # ], check=True)
+                run_trivy_scan(report_path)
+                if choice == "2":
+                    click.echo(
+                        click.style(
+                            f"\n✅ Trivy Scan completed successfully! Report saved to {report_path}",
+                            fg="bright_green",
+                            bold=True,
+                        )
+                    )
+
+            # Run SonarQube scan for Quick Scan or SonarQube only
+            if choice in ["1", "3"]:
+                if choice == "1":
+                    click.echo("\n" + "─" * 80)
+                click.echo(
+                    click.style(
+                        "🚀 Starting SonarQube Scan...", fg="bright_cyan", bold=True
+                    )
+                )
+                try:
+                    # Get credentials if not already provided
+                    if not sonar_credentials_provided:
+                        SONAR_HOST_URL, SONAR_LOGIN = get_sonarqube_credentials()
+                        sonar_credentials_provided = True
+
+                    run_sonarqube_scan(
+                        sonar_url=SONAR_HOST_URL,
+                        token=SONAR_LOGIN,
+                        project_key=None,
+                        sources=".",
+                    )
+                except Exception as e:
+                    logger.error(f"SonarQube scan failed: {e}")
+                    click.echo(
+                        click.style(f"❌ SonarQube scan failed: {str(e)}", fg="red")
+                    )
+                    if click.confirm(
+                        click.style(
+                            "Do you want to update SonarQube credentials?", fg="yellow"
+                        )
+                    ):
+                        sonar_url, sonar_token = get_sonarqube_credentials()
+                        SONAR_HOST_URL = sonar_url
+                        SONAR_LOGIN = sonar_token
+                        # Retry the scan with new credentials
+                        run_sonarqube_scan(
+                            sonar_url=SONAR_HOST_URL,
+                            token=SONAR_LOGIN,
+                            project_key=None,
+                            sources=".",
+                        )
+                if choice == "3":
+                    click.echo(
+                        click.style(
+                            "\n✅ SonarQube Scan completed successfully!",
+                            fg="bright_green",
+                            bold=True,
+                        )
+                    )
+
+            # Show completion message for Quick Scan
+            if choice == "1":
+                click.echo("\n" + "=" * 80)
+                click.echo(
+                    click.style(
+                        "✅ Quick Scan completed successfully!",
+                        fg="bright_green",
+                        bold=True,
+                    )
+                )
+                click.echo(click.style("=" * 80 + "\n", fg="bright_green"))
+
+            # # Ask if user wants to perform another scan
+            # click.echo("\n" + "─" * 80)
+            # if not click.confirm(click.style("Would you like to perform another scan?", fg='bright_yellow')):
+            #     click.echo(click.style("\n👋 Thank you for using Code Audit 23. Goodbye!\n", fg='bright_blue', bold=True))
+            #     break
+
+            # click.clear()
+            # show_welcome_banner()
+
+        except Exception as e:
+            logger.error(f"Scan failed: {e}")
+            click.echo(click.style("\n❌ An error occurred during the scan.", fg="red"))
+            if not click.confirm(
+                click.style("Would you like to try again?", fg="yellow")
+            ):
+                click.echo(
+                    click.style(
+                        "\n👋 Thank you for using Code Audit 23. Goodbye!\n",
+                        fg="bright_blue",
+                        bold=True,
+                    )
+                )
+                break
+            # click.clear()
+            # show_welcome_banner()
+
+
+if __name__ == "__main__":
+    main()

code_audit_23/sonar-scanner/bin/sonar-scanner

@@ -0,0 +1,74 @@
+#!/usr/bin/env sh
+#
+# SonarScanner CLI Startup Script for Unix
+#
+# Required ENV vars:
+#   JAVA_HOME - Location of Java's installation, optional if use_embedded_jre is set
+#
+# Optional ENV vars:
+#   SONAR_SCANNER_OPTS - Parameters passed to the Java VM when running the SonarScanner
+#   SONAR_SCANNER_DEBUG_OPTS - Extra parameters passed to the Java VM for debugging
+
+real_path () {
+  target=$1
+
+  (
+  while true; do
+    cd "`dirname "$target"`"
+    target=`basename "$target"`
+    test -L "$target" || break
+    target=`readlink "$target"`
+  done
+
+  echo "`pwd -P`/$target"
+  )
+}
+
+script_path=`real_path "$0"`
+sonar_scanner_home=`dirname "$script_path"`/..
+
+# make it fully qualified
+sonar_scanner_home=`cd "$sonar_scanner_home" && pwd -P`
+
+jar_file=$sonar_scanner_home/lib/sonar-scanner-cli-7.3.0.5189.jar
+
+# check that sonar_scanner_home has been correctly set
+if [ ! -f "$jar_file" ] ; then
+  echo "File does not exist: $jar_file"
+  echo "'$sonar_scanner_home' does not point to a valid installation directory: $sonar_scanner_home"
+  exit 1
+fi
+
+use_embedded_jre=false
+if [ "$use_embedded_jre" = true ]; then
+  export JAVA_HOME="$sonar_scanner_home/jre"
+fi
+
+if [ -n "$JAVA_HOME" ]
+then
+  java_cmd="$JAVA_HOME/bin/java"
+else
+  java_cmd="`\\unset -f command; \\command -v java`"
+fi
+
+if [ -z "$java_cmd" -o ! -x "$java_cmd" ] ; then
+  echo "Could not find 'java' executable in JAVA_HOME or PATH."
+  exit 1
+fi
+
+project_home=`pwd`
+
+#echo "Info: Using sonar-scanner at $sonar_scanner_home"
+#echo "Info: Using java at $java_cmd"
+#echo "Info: Using classpath $jar_file"
+#echo "Info: Using project $project_home"
+
+exec "$java_cmd" \
+  -Djava.awt.headless=true \
+  $SONAR_SCANNER_OPTS \
+  $SONAR_SCANNER_DEBUG_OPTS \
+  -classpath  "$jar_file" \
+  -Dscanner.home="$sonar_scanner_home" \
+  -Dproject.home="$project_home" \
+  org.sonarsource.scanner.cli.Main "$@"
+

code_audit_23/sonar-scanner/bin/sonar-scanner-debug

@@ -0,0 +1,19 @@
+#!/usr/bin/env sh
+#
+# SonarScanner CLI Startup Script for Unix
+#
+# Required ENV vars:
+#   JAVA_HOME - Location of Java's installation, optional if use_embedded_jre is set
+#
+# Optional ENV vars:
+#   SONAR_SCANNER_OPTS - parameters passed to the Java VM when running the SonarScanner
+
+SONAR_SCANNER_DEBUG_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000"
+SONAR_SCANNER_JAVA_DEBUG_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8001"
+SONAR_SCANNER_JAVA_OPTS="$SONAR_SCANNER_JAVA_OPTS $SONAR_SCANNER_JAVA_DEBUG_OPTS"
+
+echo "Executing SonarScanner CLI in Debug Mode"
+echo "SONAR_SCANNER_DEBUG_OPTS=\"$SONAR_SCANNER_DEBUG_OPTS\""
+echo "SONAR_SCANNER_JAVA_OPTS=\"$SONAR_SCANNER_JAVA_OPTS\""
+
+env SONAR_SCANNER_OPTS="$SONAR_SCANNER_OPTS" SONAR_SCANNER_DEBUG_OPTS="$SONAR_SCANNER_DEBUG_OPTS" SONAR_SCANNER_JAVA_OPTS="$SONAR_SCANNER_JAVA_OPTS" "`dirname "$0"`"/sonar-scanner "$@"

code_audit_23/sonar-scanner/bin/sonar-scanner-debug.bat

@@ -0,0 +1,18 @@
+@REM SonarScanner CLI Startup Script for Windows
+@REM
+@REM Required ENV vars:
+@REM   JAVA_HOME - Location of Java's installation, optional if use_embedded_jre is set
+@REM
+@REM Optional ENV vars:
+@REM   SONAR_SCANNER_OPTS - parameters passed to the Java VM when running the SonarScanner
+
+@setlocal
+@set SONAR_SCANNER_DEBUG_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+@set SONAR_SCANNER_JAVA_DEBUG_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8001
+
+@set SONAR_SCANNER_JAVA_OPTS=$SONAR_SCANNER_JAVA_OPTS $SONAR_SCANNER_JAVA_DEBUG_OPTS
+
+echo "Executing SonarScanner CLI in Debug Mode"
+echo "SONAR_SCANNER_DEBUG_OPTS=%SONAR_SCANNER_DEBUG_OPTS%"
+echo "SONAR_SCANNER_JAVA_OPTS=%SONAR_SCANNER_JAVA_OPTS%"
+@call "%~dp0"sonar-scanner.bat %*

code_audit_23/sonar-scanner/bin/sonar-scanner.bat

@@ -0,0 +1,92 @@
+@REM SonarScanner CLI Startup Script for Windows
+@REM
+@REM Required ENV vars:
+@REM   JAVA_HOME - Location of Java's installation, optional if use_embedded_jre is set
+@REM
+@REM Optional ENV vars:
+@REM   SONAR_SCANNER_OPTS - parameters passed to the Java VM when running the SonarScanner
+@REM   SONAR_SCANNER_DEBUG_OPTS - Extra parameters passed to the Java VM for debugging
+
+@echo off
+
+set ERROR_CODE=0
+
+@REM set local scope for the variables with windows NT shell
+@setlocal
+
+set "scriptdir=%~dp0"
+if #%scriptdir:~-1%# == #\# set scriptdir=%scriptdir:~0,-1%
+set "SONAR_SCANNER_HOME=%scriptdir%\.."
+
+@REM ==== START VALIDATION ====
+@REM *** JAVA EXEC VALIDATION ***
+
+set use_embedded_jre=false
+if "%use_embedded_jre%" == "true" (
+  set "JAVA_HOME=%SONAR_SCANNER_HOME%\jre"
+)
+
+if not "%JAVA_HOME%" == "" goto foundJavaHome
+
+for %%i in (java.exe) do set JAVA_EXEC=%%~$PATH:i
+
+if not "%JAVA_EXEC%" == "" (
+  set JAVA_EXEC="%JAVA_EXEC%"
+  goto OkJava
+)
+
+if not "%JAVA_EXEC%" == "" goto OkJava
+
+echo.
+echo ERROR: JAVA_HOME not found in your environment, and no Java
+echo        executable present in the PATH.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation, or add "java.exe" to the PATH
+echo.
+goto error
+
+:foundJavaHome
+if EXIST "%JAVA_HOME%\bin\java.exe" goto foundJavaExeFromJavaHome
+
+echo.
+echo ERROR: JAVA_HOME exists but does not point to a valid Java home
+echo        folder. No "\bin\java.exe" file can be found there.
+echo.
+goto error
+
+:foundJavaExeFromJavaHome
+set JAVA_EXEC="%JAVA_HOME%\bin\java.exe"
+
+:OkJava
+goto run
+
+
+@REM ==== START RUN ====
+:run
+
+set PROJECT_HOME=%CD%
+
+@REM remove trailing backslash, see https://groups.google.com/d/msg/sonarqube/wi7u-CyV_tc/3u9UKRmABQAJ
+IF %PROJECT_HOME:~-1% == \ SET PROJECT_HOME=%PROJECT_HOME:~0,-1%
+
+%JAVA_EXEC% -Djava.awt.headless=true %SONAR_SCANNER_DEBUG_OPTS% %SONAR_SCANNER_OPTS% -cp "%SONAR_SCANNER_HOME%\lib\sonar-scanner-cli-7.3.0.5189.jar" "-Dscanner.home=%SONAR_SCANNER_HOME%" "-Dproject.home=%PROJECT_HOME%" org.sonarsource.scanner.cli.Main %*
+if ERRORLEVEL 1 goto error
+goto end
+
+:error
+set ERROR_CODE=1
+
+@REM ==== END EXECUTION ====
+
+:end
+@REM set local scope for the variables with windows NT shell
+@endlocal & set ERROR_CODE=%ERROR_CODE%
+
+@REM see http://code-bear.com/bearlog/2007/06/01/getting-the-exit-code-from-a-batch-file-that-is-run-from-a-python-program/
+goto exit
+
+:returncode
+exit /B %1
+
+:exit
+call :returncode %ERROR_CODE%

code_audit_23/sonar-scanner/conf/sonar-scanner.properties

@@ -0,0 +1,8 @@
+# Configure here general information about the environment, such as the server connection details for example
+# No information about specific project should appear here
+
+#----- SonarQube server URL (default to SonarCloud)
+#sonar.host.url=https://mycompany.com/sonarqube
+
+#sonar.scanner.proxyHost=myproxy.mycompany.com
+#sonar.scanner.proxyPort=8002