PyPI - conviso-ast - Versions diffs - 3.0.0__py3-none-any.whl - Mend

conviso-ast 3.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (128) hide show

conviso_ast-3.0.0.data/scripts/flow_bash_completer.sh +21 -0
conviso_ast-3.0.0.data/scripts/flow_fish_completer.fish +1 -0
conviso_ast-3.0.0.data/scripts/flow_zsh_completer.sh +32 -0
conviso_ast-3.0.0.dist-info/METADATA +37 -0
conviso_ast-3.0.0.dist-info/RECORD +128 -0
conviso_ast-3.0.0.dist-info/WHEEL +5 -0
conviso_ast-3.0.0.dist-info/entry_points.txt +3 -0
conviso_ast-3.0.0.dist-info/top_level.txt +1 -0
convisoappsec/__init__.py +0 -0
convisoappsec/common/__init__.py +5 -0
convisoappsec/common/box.py +251 -0
convisoappsec/common/cleaner.py +78 -0
convisoappsec/common/docker.py +399 -0
convisoappsec/common/exceptions.py +8 -0
convisoappsec/common/git_data_parser.py +76 -0
convisoappsec/common/graphql/__init__.py +0 -0
convisoappsec/common/graphql/error_handlers.py +75 -0
convisoappsec/common/graphql/errors.py +16 -0
convisoappsec/common/graphql/low_client.py +51 -0
convisoappsec/common/retry_handler.py +40 -0
convisoappsec/common/strings.py +8 -0
convisoappsec/flow/__init__.py +3 -0
convisoappsec/flow/api.py +104 -0
convisoappsec/flow/cleaner.py +118 -0
convisoappsec/flow/graphql_api/__init__.py +0 -0
convisoappsec/flow/graphql_api/beta/__init__.py +0 -0
convisoappsec/flow/graphql_api/beta/client.py +18 -0
convisoappsec/flow/graphql_api/beta/models/__init__.py +0 -0
convisoappsec/flow/graphql_api/beta/models/issues/__init__.py +0 -0
convisoappsec/flow/graphql_api/beta/models/issues/container.py +72 -0
convisoappsec/flow/graphql_api/beta/models/issues/iac.py +6 -0
convisoappsec/flow/graphql_api/beta/models/issues/normalize.py +13 -0
convisoappsec/flow/graphql_api/beta/models/issues/sast.py +53 -0
convisoappsec/flow/graphql_api/beta/models/issues/sca.py +78 -0
convisoappsec/flow/graphql_api/beta/resources_api.py +142 -0
convisoappsec/flow/graphql_api/beta/schemas/__init__.py +0 -0
convisoappsec/flow/graphql_api/beta/schemas/mutations/__init__.py +61 -0
convisoappsec/flow/graphql_api/beta/schemas/resolvers/__init__.py +0 -0
convisoappsec/flow/graphql_api/v1/__init__.py +0 -0
convisoappsec/flow/graphql_api/v1/client.py +46 -0
convisoappsec/flow/graphql_api/v1/models/__init__.py +0 -0
convisoappsec/flow/graphql_api/v1/models/asset.py +14 -0
convisoappsec/flow/graphql_api/v1/models/issues.py +16 -0
convisoappsec/flow/graphql_api/v1/models/project.py +35 -0
convisoappsec/flow/graphql_api/v1/resources_api.py +489 -0
convisoappsec/flow/graphql_api/v1/schemas/__init__.py +0 -0
convisoappsec/flow/graphql_api/v1/schemas/mutations/__init__.py +212 -0
convisoappsec/flow/graphql_api/v1/schemas/resolvers/__init__.py +180 -0
convisoappsec/flow/source_code_scanner/__init__.py +9 -0
convisoappsec/flow/source_code_scanner/exceptions.py +2 -0
convisoappsec/flow/source_code_scanner/scc.py +68 -0
convisoappsec/flow/source_code_scanner/source_code_scanner.py +177 -0
convisoappsec/flow/util/__init__.py +7 -0
convisoappsec/flow/util/ci_provider.py +99 -0
convisoappsec/flow/util/metrics.py +16 -0
convisoappsec/flow/util/source_code_compressor.py +22 -0
convisoappsec/flow/version_control_system_adapter.py +528 -0
convisoappsec/flow/version_searchers/__init__.py +9 -0
convisoappsec/flow/version_searchers/sorted_by_versioning_style.py +85 -0
convisoappsec/flow/version_searchers/timebased_version_seacher.py +39 -0
convisoappsec/flow/version_searchers/version_searcher_result.py +33 -0
convisoappsec/flow/versioning_style/__init__.py +0 -0
convisoappsec/flow/versioning_style/semantic_versioning.py +44 -0
convisoappsec/flowcli/__init__.py +3 -0
convisoappsec/flowcli/__main__.py +4 -0
convisoappsec/flowcli/assets/__init__.py +4 -0
convisoappsec/flowcli/assets/create.py +88 -0
convisoappsec/flowcli/assets/entrypoint.py +20 -0
convisoappsec/flowcli/assets/ls.py +63 -0
convisoappsec/flowcli/ast/__init__.py +3 -0
convisoappsec/flowcli/ast/entrypoint.py +427 -0
convisoappsec/flowcli/common.py +175 -0
convisoappsec/flowcli/companies/__init__.py +0 -0
convisoappsec/flowcli/companies/ls.py +25 -0
convisoappsec/flowcli/container/__init__.py +3 -0
convisoappsec/flowcli/container/entrypoint.py +17 -0
convisoappsec/flowcli/container/run.py +306 -0
convisoappsec/flowcli/context.py +49 -0
convisoappsec/flowcli/deploy/__init__.py +0 -0
convisoappsec/flowcli/deploy/create/__init__.py +4 -0
convisoappsec/flowcli/deploy/create/context.py +12 -0
convisoappsec/flowcli/deploy/create/entrypoint.py +31 -0
convisoappsec/flowcli/deploy/create/with_/__init__.py +3 -0
convisoappsec/flowcli/deploy/create/with_/entrypoint.py +20 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/__init__.py +4 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/context.py +11 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/entrypoint.py +30 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/__init__.py +4 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/entrypoint.py +21 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/time_.py +84 -0
convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/versioning_style.py +115 -0
convisoappsec/flowcli/deploy/create/with_/values.py +133 -0
convisoappsec/flowcli/entrypoint.py +103 -0
convisoappsec/flowcli/environment_checker.py +45 -0
convisoappsec/flowcli/findings/__init__.py +4 -0
convisoappsec/flowcli/findings/create/__init__.py +4 -0
convisoappsec/flowcli/findings/create/entrypoint.py +18 -0
convisoappsec/flowcli/findings/create/with_/__init__.py +3 -0
convisoappsec/flowcli/findings/create/with_/entrypoint.py +19 -0
convisoappsec/flowcli/findings/create/with_/version_tracker.py +93 -0
convisoappsec/flowcli/findings/entrypoint.py +19 -0
convisoappsec/flowcli/findings/import_sarif/__init__.py +4 -0
convisoappsec/flowcli/findings/import_sarif/entrypoint.py +430 -0
convisoappsec/flowcli/help_option.py +18 -0
convisoappsec/flowcli/iac/__init__.py +3 -0
convisoappsec/flowcli/iac/entrypoint.py +17 -0
convisoappsec/flowcli/iac/run.py +328 -0
convisoappsec/flowcli/requirements_verifier.py +132 -0
convisoappsec/flowcli/sast/__init__.py +3 -0
convisoappsec/flowcli/sast/entrypoint.py +17 -0
convisoappsec/flowcli/sast/run.py +485 -0
convisoappsec/flowcli/sbom/__init__.py +3 -0
convisoappsec/flowcli/sbom/entrypoint.py +17 -0
convisoappsec/flowcli/sbom/generate.py +235 -0
convisoappsec/flowcli/sca/__init__.py +3 -0
convisoappsec/flowcli/sca/entrypoint.py +17 -0
convisoappsec/flowcli/sca/run.py +479 -0
convisoappsec/flowcli/vulnerability/__init__.py +3 -0
convisoappsec/flowcli/vulnerability/assert_security_rules.py +201 -0
convisoappsec/flowcli/vulnerability/container_vulnerability_manager.py +175 -0
convisoappsec/flowcli/vulnerability/entrypoint.py +18 -0
convisoappsec/flowcli/vulnerability/rules_schema.json +53 -0
convisoappsec/flowcli/vulnerability/run.py +487 -0
convisoappsec/logger.py +29 -0
convisoappsec/sast/__init__.py +0 -0
convisoappsec/sast/decision.py +45 -0
convisoappsec/sast/sastbox.py +296 -0
convisoappsec/version.py +1 -0

convisoappsec/flowcli/ast/entrypoint.py ADDED Viewed

@@ -0,0 +1,427 @@
+import subprocess
+import traceback
+import click
+from convisoappsec.flowcli import help_option
+from convisoappsec.flowcli.common import DeployFormatter, PerformDeployException, asset_id_option
+from convisoappsec.flowcli.deploy.create.context import pass_create_context
+from convisoappsec.flowcli.deploy.create.with_.values import values
+from convisoappsec.flowcli.requirements_verifier import RequirementsVerifier
+from convisoappsec.flowcli.sast import sast
+from convisoappsec.flowcli.sca import sca
+from convisoappsec.flowcli.iac import iac
+from convisoappsec.flowcli.vulnerability import vulnerability
+from copy import deepcopy as clone
+from convisoappsec.flow import GitAdapter
+from convisoappsec.flowcli.context import pass_flow_context
+from convisoappsec.logger import LOGGER, log_and_notify_ast_event
+from convisoappsec.common.cleaner import Cleaner
+def get_default_params_values(cmd_params):
+    """ Further information in https://click.palletsprojects.com/en/8.1.x/api/?highlight=params#click.Command.params
+    Args:
+        cmd_params (List[click.core.Parameter]):
+    Returns:
+        dict: default params values dictionarie
+    """
+    default_params = {}
+    for param in cmd_params:
+        unwanted = param.name in ['help', 'verbosity']
+        if not unwanted:
+            default_params.update({param.name: param.default})
+    return default_params
+def parse_params(ctx_params: dict, expected_params: list):
+    """ Parse the params from the context extracting the expected params values to the context.
+    Args:
+        ctx_params (dict): context params: Further information at https://click.palletsprojects.com/en/8.1.x/api/?highlight=context%20param#click.Context.params
+        expected_params (list): Further information at https://click.palletsprojects.com/en/8.1.x/api/?highlight=params#click.Command.params
+    Returns:
+        dict: parsed_params: parsed params as key and value
+    """
+    parsed_params = get_default_params_values(expected_params)
+    for param in ctx_params:
+        if param in parsed_params:
+            parsed_params.update({param: ctx_params.get(param)})
+    return parsed_params
+def perform_sast(context, control_sync_status_id) -> int:
+    """Setup and runs the "sast run" command.
+    Args:
+        context (<class 'click.core.Context'>): cloned context
+        control_sync_status_id (str): control sync status id
+    """
+    sast_run = sast.commands.get('run')
+    specific_params = {
+        "deploy_id": context.obj.deploy['deploy_id'],
+        "start_commit": context.obj.deploy['previous_commit'],
+        "end_commit": context.obj.deploy['current_commit'],
+        "control_sync_status_id": control_sync_status_id
+    }
+    context.params.update(specific_params)
+    context.params = parse_params(context.params, sast_run.params)
+    try:
+        LOGGER.info(
+            'Running SAST on deploy ID "{deploy_id}"...'
+            .format(deploy_id=context.params["deploy_id"])
+        )
+        sast_run.invoke(context)
+        return context.params.get('sast_vulnerability_count', 0)
+    except Exception as err:
+        raise click.ClickException(str(err)) from err
+def perform_sca(context, control_sync_status_id) -> int:
+    """Setup and runs the "sca run" command.
+    Args:
+        context (<class 'click.core.Context'>): cloned context
+        control_sync_status_id (str): control sync status id
+    """
+    sca_run = sca.commands.get('run')
+    context.params.update(
+        {"deploy_id": context.obj.deploy['deploy_id'],
+        "control_sync_status_id": control_sync_status_id}
+    )
+    context.params = parse_params(context.params, sca_run.params)
+    try:
+        LOGGER.info(
+            'Running SCA on deploy ID "{deploy_id}"...'
+            .format(deploy_id=context.params["deploy_id"])
+        )
+        sca_run.invoke(context)
+        return context.params.get('sca_vulnerability_count', 0)
+    except Exception as err:
+        raise click.ClickException(str(err)) from err
+def perform_iac(context, control_sync_status_id) -> None:
+    """Setup and runs the "iac run" command.
+    Args:
+        context (<class 'click.core.Context'>): clonned context
+        control_sync_status_id (str): control sync status id
+    """
+    iac_run = iac.commands.get('run')
+    context.params.update(
+        {"deploy_id": context.obj.deploy['deploy_id'],
+        "control_sync_status_id": control_sync_status_id}
+    )
+    context.params = parse_params(context.params, iac_run.params)
+    try:
+        LOGGER.info(
+            'Running IAC on deploy ID "{deploy_id}"...'
+            .format(deploy_id=context.params["deploy_id"])
+        )
+        iac_run.invoke(context)
+    except Exception as err:
+        raise click.ClickException(str(err)) from err
+def perform_vulnerabilities_service(context, company_id, control_sync_status_id) -> None:
+    auto_close_run = vulnerability.commands.get('run')
+    specific_params = {
+        "deploy_id": context.obj.deploy['deploy_id'],
+        "start_commit": context.obj.deploy['previous_commit'],
+        "end_commit": context.obj.deploy['current_commit'],
+        "company_id": context.params['company_id'] or company_id,
+        "control_sync_status_id": control_sync_status_id
+    }
+    context.params.update(specific_params)
+    context.params = parse_params(context.params, auto_close_run.params)
+    try:
+        LOGGER.info("[*] Verifying if any vulnerability was fixed...")
+        auto_close_run.invoke(context)
+    except Exception as err:
+        raise click.ClickException(str(err)) from err
+def perform_deploy(context, flow_context, prepared_context, control_sync_status_id):
+    context.obj.output_formatter = DeployFormatter(format=DeployFormatter.DEFAULT)
+    context.params = parse_params(context.params, values.params)
+    repository_dir = context.params['repository_dir']
+    asset_id = prepared_context.params.get('asset_id')
+    if not asset_id:
+        raise PerformDeployException("Asset ID is required")
+    LOGGER.info("Creating new deploy...")
+    try:
+        created_deploy = values.invoke(context)
+        if created_deploy is None:
+            conviso_api = flow_context.create_conviso_graphql_client()
+            conviso_api.control_sync_status.increase_count(
+                control_sync_status_id=control_sync_status_id,
+                asset_id=prepared_context.params['asset_id'],
+                success_count=1 # increase by one just to be success
+            )
+            return None
+        conviso_api = flow_context.create_conviso_graphql_client()
+        api_key = flow_context.key
+        git_adapter = GitAdapter(repository_dir)
+        branch_name = get_branch_name(git_adapter, repository_dir)
+        LOGGER.info(f"Creating deploy: asset_id={asset_id}, "
+                    f"previous={created_deploy['previous_commit']}, "
+                    f"current={created_deploy['current_commit']}")
+        response = conviso_api.deploys.create_deploy(
+            asset_id=asset_id,
+            previous_commit=created_deploy['previous_commit'],
+            current_commit=created_deploy['current_commit'],
+            branch_name=branch_name,
+            api_key=api_key,
+            commit_history=created_deploy['commit_history']
+        )
+        response_deploy_id = response['createDeploy']['deploy']['id']
+        deploy_params = {
+            "deploy_id": response_deploy_id,
+            "current_commit": created_deploy['current_commit'],
+            "previous_commit": created_deploy['previous_commit'],
+        }
+        created_deploy.update(deploy_params)
+        return created_deploy
+    except Exception as err:
+        error_message = str(err)
+        error_text = "A deploy with the same previous and current commit already exists"
+        found = False
+        if error_text in error_message:
+            found = True
+        elif hasattr(err, 'errors') and isinstance(err.errors, list):
+            for nested_err in err.errors:
+                if isinstance(nested_err, dict) and error_text in nested_err.get('message', ''):
+                    found = True
+                    break
+                elif isinstance(nested_err, str) and error_text in nested_err:
+                    found = True
+                    break
+        elif error_text in repr(err):
+            found = True
+        if found:
+            LOGGER.warning("Deploy with same commits already exists")
+            return None
+        else:
+            raise PerformDeployException(f"Failed to create deploy: {error_message}") from err
+def get_branch_name(git_adapter, repository_dir):
+    """Gets branch name"""
+    try:
+        return git_adapter.get_branch_name()
+    except Exception as e:
+        LOGGER.warning(f"HEAD is detached or error getting branch: {e}")
+        LOGGER.info("Looking for most recent branch...")
+        try:
+            result = subprocess.run(
+                ["git", "for-each-ref", "--sort=-creatordate",
+                 "--format=%(refname:short)", "refs/heads/"],
+                cwd=repository_dir,
+                stdout=subprocess.PIPE,
+                stderr=subprocess.PIPE,
+                check=True,
+                timeout=10
+            )
+            branches = result.stdout.decode().strip().splitlines()
+            if branches:
+                branch_name = branches[0]
+                LOGGER.info(f"Using branch: {branch_name}")
+                return branch_name
+            else:
+                LOGGER.warning("No branches found")
+                return "unknown"
+        except (subprocess.SubprocessError, subprocess.TimeoutExpired) as e:
+            LOGGER.error(f"Error executing git command: {e}")
+            return "unknown"
+@click.command(
+    context_settings=dict(
+        allow_extra_args=True,
+        ignore_unknown_options=True
+    )
+)
+@asset_id_option(required=False)
+@click.option(
+    "--send-to-flow/--no-send-to-flow",
+    default=True,
+    show_default=True,
+    required=False,
+    help="""Enable or disable the ability of send analysis result
+    reports to flow.""",
+    hidden=True
+)
+@click.option(
+    '-r',
+    '--repository-dir',
+    default=".",
+    show_default=True,
+    type=click.Path(exists=True, resolve_path=True),
+    required=False,
+    help="""The source code repository directory.""",
+)
+@click.option(
+    "-c",
+    "--current-commit",
+    required=False,
+    help="If no value is given the HEAD commit of branch is used. [DEPLOY]",
+)
+@click.option(
+    "-p",
+    "--previous-commit",
+    required=False,
+    help="""If no value is given, the value is retrieved from the lastest
+    deploy at flow application. [DEPLOY]""",
+)
+@click.option(
+    "--company-id",
+    required=False,
+    envvar=("CONVISO_COMPANY_ID", "FLOW_COMPANY_ID"),
+    help="Company ID on Conviso Platform",
+)
+@click.option(
+    '--asset-name',
+    required=False,
+    envvar=("CONVISO_ASSET_NAME", "FLOW_ASSET_NAME"),
+    help="Provides a asset name.",
+)
+@click.option(
+    '--vulnerability-auto-close',
+    default=False,
+    is_flag=True,
+    help="Enable auto fixing vulnerabilities on cp.",
+)
+@click.option(
+    '--cleanup',
+    default=False,
+    is_flag=True,
+    show_default=True,
+    help="Clean up system resources, including temporary files, stopped containers, unused Docker images and volumes.",
+)
+@help_option
+@pass_flow_context
+@pass_create_context
+@click.pass_context
+def run(context, create_context, flow_context, **kwargs):
+    """ AST - Application Security Testing. Unifies deploy issue, SAST and SCA analyses.  """
+    increase_failure_count = 1
+    try:
+        prepared_context = RequirementsVerifier.prepare_context(clone(context), from_ast=True)
+        # After ensuring we have both asset and user permissions, AST is ready to start. We then create a control sync status
+        # on the Conviso platform, which will appear on the scans page and in the recent scans list.
+        conviso_api = flow_context.create_conviso_graphql_client()
+        control_sync_status = conviso_api.control_sync_status.create_control_sync_status(
+            asset_id=prepared_context.params['asset_id']
+        )
+        conviso_api.control_sync_status.update_control_sync_status(control_sync_status_id=control_sync_status['id'])
+        try:
+            prepared_context.obj.deploy = perform_deploy(
+                clone(prepared_context), flow_context, prepared_context, control_sync_status['id']
+            )
+            if prepared_context.obj.deploy is None:
+                return
+            total_sast = perform_sast(clone(prepared_context), control_sync_status_id=control_sync_status['id'])
+            total_sca = perform_sca(clone(prepared_context), control_sync_status_id=control_sync_status['id'])
+            perform_iac(clone(prepared_context), control_sync_status_id=control_sync_status['id'])
+            total_vulnerability_count = total_sast + total_sca
+            company_id = prepared_context.params['company_id']
+            if context.params['vulnerability_auto_close'] is True:
+                try:
+                    perform_vulnerabilities_service(clone(prepared_context), company_id, control_sync_status['id'])
+                except Exception:
+                    LOGGER.info("An issue occurred while attempting to fix vulnerabilities. Our technical team has been notified.")
+                    full_trace = traceback.format_exc()
+                    log_and_notify_ast_event(flow_context=flow_context, company_id=company_id,
+                                             asset_id=prepared_context.params['asset_id'], ast_log=full_trace)
+                    return
+            if context.params.get('cleanup'):
+                try:
+                    LOGGER.info("🧹 Cleaning up ...")
+                    cleaner = Cleaner()
+                    cleaner.cleanup()
+                except Exception as e:
+                    LOGGER.info(f"An error occurred while cleaning up. Our technical team has been notified.")
+                    full_trace = traceback.format_exc()
+                    log_and_notify_ast_event(
+                        flow_context=flow_context, company_id=company_id, asset_id=prepared_context.params['asset_id'],
+                        ast_log=full_trace
+                    )
+                    return
+            conviso_api.control_sync_status.update_control_sync_status(
+                control_sync_status_id=control_sync_status['id'],
+                external_vulnerability_count=total_vulnerability_count
+            )
+            # increase success_count by one just to match external_vulnerability_count when ast runs successfully and if
+            # success count and external_vulnerability_count are equals, the scan status will be moved from pending to success.
+            conviso_api.control_sync_status.increase_count(
+                control_sync_status_id=control_sync_status['id'],
+                asset_id=prepared_context.params['asset_id'],
+                success_count=total_vulnerability_count
+            )
+        except Exception as err:
+            failure_details = f"{str(err)}, {traceback.format_exc()}"
+            conviso_api.control_sync_status.increase_count(
+                control_sync_status_id=control_sync_status['id'],
+                asset_id=prepared_context.params['asset_id'],
+                failure_count=increase_failure_count,
+                failure_reason=str(failure_details)
+            )
+            raise click.ClickException(str(err)) from err
+    except Exception as err:
+        error_message = str(err)
+        if "A deploy with the same previous and current commit already exists" in error_message:
+            LOGGER.warning("Deploy with same commits already exists")
+            return None
+        else:
+            LOGGER.error(f"AST initialization failed. Please contact support with the following error: {err}")
+            raise click.ClickException(str(err)) from err
+@click.group()
+def ast():
+    pass
+ast.add_command(run)

convisoappsec/flowcli/common.py ADDED Viewed

@@ -0,0 +1,175 @@
+import io
+import sys
+from shlex import quote
+import click
+import requests
+from convisoappsec.flow.util.ci_provider import CIProvider
+class CreateDeployException(Exception):
+    pass
+class PerformDeployException(Exception):
+    pass
+class DeployFormatter(object):
+    DEFAULT = 'default'
+    ENV_VARS = 'env_vars'
+    def __init__(self, format):
+        self.stategy = self._select_strategy(format)
+    def format(self, deploy):
+        return self.stategy(deploy)
+    def _select_strategy(self, format):
+        format_strategies = {
+            self.DEFAULT: self.default_format,
+            self. ENV_VARS: self.env_vars_format,
+        }
+        strategy = format_strategies.get(format)
+        if not strategy:
+            msg_fmt = "Allowed deploy formats[{0}]. Given {1}"
+            msg = msg_fmt.format(
+                "|".join(self.FORMATS()),
+                format,
+            )
+            raise ValueError(msg)
+        return strategy
+    @classmethod
+    def FORMATS(cls):
+        return [
+            cls.DEFAULT,
+            cls.ENV_VARS,
+        ]
+    def env_vars_format(self, deploy):
+        to_env_vars_translation_args = [
+            # (env_var_name, attrib_name, attrib_default_val)
+            ('FLOW_DEPLOY_ID', 'id', 0),
+            ('FLOW_DEPLOY_CREATED_AT', 'created_at', ''),
+            ('FLOW_DEPLOY_CURRENT_VERSION_TAG', 'current_tag', ''),
+            ('FLOW_DEPLOY_PREVIOUS_VERSION_TAG', 'previous_tag', ''),
+            ('FLOW_DEPLOY_CURRENT_VERSION_COMMIT', 'current_commit', ''),
+            ('FLOW_DEPLOY_PREVIOUS_VERSION_COMMIT', 'previous_commit', ''),
+            ('CONVISO_DEPLOY_ID', 'id', 0),
+            ('CONVISO_DEPLOY_CREATED_AT', 'created_at', ''),
+            ('CONVISO_DEPLOY_CURRENT_VERSION_TAG', 'current_tag', ''),
+            ('CONVISO_DEPLOY_PREVIOUS_VERSION_TAG', 'previous_tag', ''),
+            ('CONVISO_DEPLOY_CURRENT_VERSION_COMMIT', 'current_commit', ''),
+            ('CONVISO_DEPLOY_PREVIOUS_VERSION_COMMIT', 'previous_commit', ''),
+        ]
+        env_vars = {}
+        for arg in to_env_vars_translation_args:
+            env_var_name, attrib_name, attrib_default_val = arg
+            env_var_val = env_vars[env_var_name] = deploy.get(
+                attrib_name, attrib_default_val
+            )
+            env_vars[env_var_name] = str(env_var_val)
+        buffer = io.StringIO()
+        for var_name, var_val in env_vars.items():
+            line_fmt = "export {name}={value}"
+            line = line_fmt.format(
+                name=quote(var_name),
+                value=quote(var_val),
+            )
+            print(line, file=buffer)
+        buffer.seek(0)
+        return buffer.read()
+    def default_format(self, src_deploy):
+        deploy = {
+            'id': 0,
+            'current_tag': '',
+            'previous_tag': '',
+            'current_commit': '',
+            'previous_commit': '',
+            'created_at': '',
+        }
+        deploy.update(src_deploy)
+        default_fmt = '''
+Deploy stats:
+  current_version.commit={current_commit}
+  current_version.tag={current_tag}
+  previous_version.commit={previous_commit}
+  previous_version.tag={previous_tag}
+        '''
+        return default_fmt.format(
+            **deploy
+        )
+def notify_created_deploy(deploy):
+    formatter = DeployFormatter(DeployFormatter.DEFAULT)
+    click.echo(formatter.format(deploy))
+def asset_id_option(*args, **kwargs):
+    kwargs["envvar"] = kwargs.get("envvar", ("CONVISO_ASSET_ID", "FLOW_ASSET_ID"))
+    kwargs["show_envvar"] = kwargs.get("show_envvar", True)
+    kwargs["required"] = kwargs.get("required", False)
+    kwargs["hidden"] = kwargs.get("hidden", False)
+    asset_id_param = "--asset-id"
+    paramsdecl = args
+    if asset_id_param not in args:
+        paramsdecl = args + (asset_id_param, )
+    return click.option(
+        *paramsdecl,
+        type=int,
+        **kwargs
+    )
+def on_http_error(error):
+    try:
+        raise error
+    except requests.exceptions.HTTPError as e:
+        message = error.response.text
+        if not message:
+            return
+        click.echo(
+            "HttpErrorResponse: {0}".format(message),
+            file=sys.stderr
+        )
+def __try_retrieve_ci_provider(provider_name):
+    try:
+        return CIProvider[provider_name]
+    except KeyError as e:
+        error_msg_fmt = 'Received for parameter provider_name[{}]. Expected values are: [{}]'
+        expected_values = '|'.join(CIProvider.names())
+        error_msg = error_msg_fmt.format(provider_name, expected_values)
+        raise ValueError(error_msg) from e
+def process_ci_provider_option(provider_name, env={}):
+    if provider_name is not None:
+        return __try_retrieve_ci_provider(provider_name)
+    for provider in CIProvider:
+        if provider.env_vars_exists(env):
+            return provider
+    return CIProvider.OTHER

convisoappsec/flowcli/companies/__init__.py ADDED Viewed

File without changes

convisoappsec/flowcli/companies/ls.py ADDED Viewed

@@ -0,0 +1,25 @@
+import click
+from convisoappsec.flowcli.common import on_http_error
+from convisoappsec.common import safe_join_url
+from convisoappsec.flow.graphql_api.v1.client import ConvisoGraphQLClient
+class Companies():
+    def ls(self, flow_context, company_id=None):
+        api_key = flow_context.key
+        try:
+            url = safe_join_url(flow_context.url, "/graphql")
+            conviso_api = ConvisoGraphQLClient(api_url=url,api_key=api_key)
+            return perform_command(conviso_api, company_id)
+        except Exception as exception:
+            on_http_error(exception)
+            raise click.ClickException(str(exception)) from exception
+def perform_command(conviso_api, company_id):
+    if company_id is not None:
+        companies = conviso_api.companies.get_company_by_id(company_id)
+    else:
+        companies = conviso_api.companies.get_companies()
+    return companies

convisoappsec/flowcli/container/__init__.py ADDED Viewed

@@ -0,0 +1,3 @@
+from .entrypoint import container
+__all__ = ['container']

convisoappsec/flowcli/container/entrypoint.py ADDED Viewed

@@ -0,0 +1,17 @@
+import click
+from convisoappsec.flowcli import help_option
+from .run import run
+@click.group()
+@help_option
+def container():
+    pass
+container.add_command(run)
+container.epilog = '''
+  Run conviso container COMMAND --help for more information on a command.
+'''