PyPI - conviso-cli - Versions diffs - 1.14.0rc0__tar.gz - Mend

conviso-cli 1.14.0rc0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

conviso-cli-1.14.0rc0/PKG-INFO ADDED Viewed

@@ -0,0 +1,20 @@
+Metadata-Version: 2.1
+Name: conviso-cli
+Version: 1.14.0rc0
+Summary: UNKNOWN
+Maintainer: Conviso
+Maintainer-email: development@convisoappsec.com
+License: UNKNOWN
+Platform: UNKNOWN
+Requires-Python: >=3.5
+Description-Content-Type: text/markdown
+# CLI
+This is a command line tool to interact with [convisoappsec] API.
+# Documentation
+Please visit the [official documentation] for further information.
+[official documentation]: <https://docs.convisoappsec.com/cli/installation>

conviso-cli-1.14.0rc0/README.md ADDED Viewed

@@ -0,0 +1,8 @@
+# CLI
+This is a command line tool to interact with [convisoappsec] API.
+# Documentation
+Please visit the [official documentation] for further information.
+[official documentation]: <https://docs.convisoappsec.com/cli/installation>

conviso-cli-1.14.0rc0/conviso_cli.egg-info/PKG-INFO ADDED Viewed

@@ -0,0 +1,20 @@
+Metadata-Version: 2.1
+Name: conviso-cli
+Version: 1.14.0rc0
+Summary: UNKNOWN
+Maintainer: Conviso
+Maintainer-email: development@convisoappsec.com
+License: UNKNOWN
+Platform: UNKNOWN
+Requires-Python: >=3.5
+Description-Content-Type: text/markdown
+# CLI
+This is a command line tool to interact with [convisoappsec] API.
+# Documentation
+Please visit the [official documentation] for further information.
+[official documentation]: <https://docs.convisoappsec.com/cli/installation>

conviso-cli-1.14.0rc0/conviso_cli.egg-info/SOURCES.txt ADDED Viewed

@@ -0,0 +1,121 @@
+README.md
+setup.py
+conviso_cli.egg-info/PKG-INFO
+conviso_cli.egg-info/SOURCES.txt
+conviso_cli.egg-info/dependency_links.txt
+conviso_cli.egg-info/entry_points.txt
+conviso_cli.egg-info/requires.txt
+conviso_cli.egg-info/top_level.txt
+convisoappsec/__init__.py
+convisoappsec/logger.py
+convisoappsec/version.py
+convisoappsec/common/__init__.py
+convisoappsec/common/box.py
+convisoappsec/common/docker.py
+convisoappsec/common/exceptions.py
+convisoappsec/common/git_data_parser.py
+convisoappsec/common/strings.py
+convisoappsec/common/graphql/__init__.py
+convisoappsec/common/graphql/error_handlers.py
+convisoappsec/common/graphql/errors.py
+convisoappsec/common/graphql/low_client.py
+convisoappsec/flow/__init__.py
+convisoappsec/flow/api.py
+convisoappsec/flow/version_control_system_adapter.py
+convisoappsec/flow/graphql_api/__init__.py
+convisoappsec/flow/graphql_api/beta/__init__.py
+convisoappsec/flow/graphql_api/beta/client.py
+convisoappsec/flow/graphql_api/beta/resources_api.py
+convisoappsec/flow/graphql_api/beta/models/__init__.py
+convisoappsec/flow/graphql_api/beta/models/issues/__init__.py
+convisoappsec/flow/graphql_api/beta/models/issues/iac.py
+convisoappsec/flow/graphql_api/beta/models/issues/normalize.py
+convisoappsec/flow/graphql_api/beta/models/issues/sast.py
+convisoappsec/flow/graphql_api/beta/models/issues/sca.py
+convisoappsec/flow/graphql_api/beta/schemas/__init__.py
+convisoappsec/flow/graphql_api/beta/schemas/mutations/__init__.py
+convisoappsec/flow/graphql_api/beta/schemas/resolvers/__init__.py
+convisoappsec/flow/graphql_api/v1/__init__.py
+convisoappsec/flow/graphql_api/v1/client.py
+convisoappsec/flow/graphql_api/v1/resources_api.py
+convisoappsec/flow/graphql_api/v1/models/__init__.py
+convisoappsec/flow/graphql_api/v1/models/asset.py
+convisoappsec/flow/graphql_api/v1/models/project.py
+convisoappsec/flow/graphql_api/v1/schemas/__init__.py
+convisoappsec/flow/graphql_api/v1/schemas/mutations/__init__.py
+convisoappsec/flow/graphql_api/v1/schemas/resolvers/__init__.py
+convisoappsec/flow/source_code_scanner/__init__.py
+convisoappsec/flow/source_code_scanner/exceptions.py
+convisoappsec/flow/source_code_scanner/scc.py
+convisoappsec/flow/source_code_scanner/source_code_scanner.py
+convisoappsec/flow/util/__init__.py
+convisoappsec/flow/util/ci_provider.py
+convisoappsec/flow/util/metrics.py
+convisoappsec/flow/util/source_code_compressor.py
+convisoappsec/flow/version_searchers/__init__.py
+convisoappsec/flow/version_searchers/sorted_by_versioning_style.py
+convisoappsec/flow/version_searchers/timebased_version_seacher.py
+convisoappsec/flow/version_searchers/version_searcher_result.py
+convisoappsec/flow/versioning_style/__init__.py
+convisoappsec/flow/versioning_style/semantic_versioning.py
+convisoappsec/flowcli/__init__.py
+convisoappsec/flowcli/__main__.py
+convisoappsec/flowcli/common.py
+convisoappsec/flowcli/context.py
+convisoappsec/flowcli/entrypoint.py
+convisoappsec/flowcli/help_option.py
+convisoappsec/flowcli/requirements_verifier.py
+convisoappsec/flowcli/assets/__init__.py
+convisoappsec/flowcli/assets/create.py
+convisoappsec/flowcli/assets/entrypoint.py
+convisoappsec/flowcli/assets/ls.py
+convisoappsec/flowcli/ast/__init__.py
+convisoappsec/flowcli/ast/entrypoint.py
+convisoappsec/flowcli/companies/__init__.py
+convisoappsec/flowcli/companies/ls.py
+convisoappsec/flowcli/deploy/__init__.py
+convisoappsec/flowcli/deploy/entrypoint.py
+convisoappsec/flowcli/deploy/ls.py
+convisoappsec/flowcli/deploy/show.py
+convisoappsec/flowcli/deploy/create/__init__.py
+convisoappsec/flowcli/deploy/create/context.py
+convisoappsec/flowcli/deploy/create/entrypoint.py
+convisoappsec/flowcli/deploy/create/with_/__init__.py
+convisoappsec/flowcli/deploy/create/with_/entrypoint.py
+convisoappsec/flowcli/deploy/create/with_/values.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/__init__.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/context.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/entrypoint.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/__init__.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/entrypoint.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/time_.py
+convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/versioning_style.py
+convisoappsec/flowcli/findings/__init__.py
+convisoappsec/flowcli/findings/entrypoint.py
+convisoappsec/flowcli/findings/create/__init__.py
+convisoappsec/flowcli/findings/create/entrypoint.py
+convisoappsec/flowcli/findings/create/with_/__init__.py
+convisoappsec/flowcli/findings/create/with_/entrypoint.py
+convisoappsec/flowcli/findings/create/with_/version_tracker.py
+convisoappsec/flowcli/findings/import_sarif/__init__.py
+convisoappsec/flowcli/findings/import_sarif/entrypoint.py
+convisoappsec/flowcli/iac/__init__.py
+convisoappsec/flowcli/iac/entrypoint.py
+convisoappsec/flowcli/iac/run.py
+convisoappsec/flowcli/projects/__init__.py
+convisoappsec/flowcli/projects/ls.py
+convisoappsec/flowcli/sast/__init__.py
+convisoappsec/flowcli/sast/entrypoint.py
+convisoappsec/flowcli/sast/run.py
+convisoappsec/flowcli/sca/__init__.py
+convisoappsec/flowcli/sca/entrypoint.py
+convisoappsec/flowcli/sca/run.py
+convisoappsec/flowcli/vulnerability/__init__.py
+convisoappsec/flowcli/vulnerability/assert_security_rules.py
+convisoappsec/flowcli/vulnerability/entrypoint.py
+convisoappsec/sast/__init__.py
+convisoappsec/sast/decision.py
+convisoappsec/sast/sastbox.py
+scripts/shell_completer/flow_bash_completer.sh
+scripts/shell_completer/flow_fish_completer.fish
+scripts/shell_completer/flow_zsh_completer.sh

conviso-cli-1.14.0rc0/conviso_cli.egg-info/dependency_links.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+

conviso-cli-1.14.0rc0/conviso_cli.egg-info/entry_points.txt ADDED Viewed

@@ -0,0 +1,4 @@
+[console_scripts]
+conviso = convisoappsec.flowcli.entrypoint:cli
+flow = convisoappsec.flowcli.entrypoint:cli

conviso-cli-1.14.0rc0/conviso_cli.egg-info/requires.txt ADDED Viewed

@@ -0,0 +1,12 @@
+GitPython<4,>=3.1.2
+click<8,>=7.1.2
+requests<3,>=2.23.0
+urllib3<=2.0.6
+semantic-version<3,>=2.8.5
+docker<=6.1.3
+PyYAML==5.3.1
+click-log<1,>=0.3.2
+transitions<1,>=0.8.7
+jsonschema<3,>=2.5.1
+giturlparse<=0.12.0
+jmespath<1.0.1,>=0.9.0

conviso-cli-1.14.0rc0/conviso_cli.egg-info/top_level.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ convisoappsec

conviso-cli-1.14.0rc0/convisoappsec/__init__.py ADDED Viewed

File without changes

conviso-cli-1.14.0rc0/convisoappsec/common/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+from urllib.parse import urljoin
+def safe_join_url(base_url, path):
+    return urljoin(base_url, path)

conviso-cli-1.14.0rc0/convisoappsec/common/box.py ADDED Viewed

@@ -0,0 +1,261 @@
+import docker
+import tarfile
+import tempfile
+import time
+from concurrent.futures import ThreadPoolExecutor
+from transitions import Machine
+from transitions.extensions.states import Timeout, add_state_features
+from convisoappsec.common.docker import SCSCommon
+from convisoappsec.logger import LOGGER
+RAW_STATE_MSG = 'Scanner {} entered on {} state'
+class SARIFParsingError(BaseException):
+    pass
+class PropertyRequiredError(SARIFParsingError):
+    def __init__(self, stderr_log=''):
+        pretty_error = self.__parse_pretty_property_error(stderr_log)
+        print('Error:', pretty_error)
+    def __parse_pretty_property_error(self, stderr_logs):
+        expected_error_line = ''
+        for log_line in stderr_logs.split('\n'):
+            expected_error_text = 'PropertyRequiredError'
+            if expected_error_text in log_line:
+                expected_error_line = log_line
+                break
+        error = self.__extract_text_after_colon(expected_error_line)
+        return error.strip()
+    def __extract_text_after_colon(self, text):
+        try:
+            return text.split(':', 3)[-1]
+        except IndexError:
+            return ''
+@add_state_features(Timeout)
+class ScannerMachine(Machine):
+    pass
+class ScannerEntity:
+    def __init__(self, token, scanner, logger=None, timeout=7200):
+        self.logger = logger or LOGGER
+        self.token = token
+        self.scanner = self.__setup_scanner(scanner)
+        self.name = self.scanner.name
+        self.results = None
+        self.states = [
+            'waiting',
+            {'name': 'pulling', 'timeout': timeout, 'on_timeout': self._on_timeout},
+            {'name': 'running', 'timeout': timeout, 'on_timeout': self._on_timeout},
+            {'name': 'sending', 'timeout': timeout, 'on_timeout': self._on_timeout},
+            'done'
+        ]
+        self.machine = ScannerMachine(
+            model=self,
+            states=self.states,
+            initial='waiting'
+        )
+        self.machine.add_ordered_transitions()
+        self._set_callbacks()
+        self.to_waiting()
+    def __setup_scanner(self, scanner):
+        if isinstance(scanner, SCSCommon):
+            return scanner
+        else:
+            return self._instanciate_scanner(scanner)
+    def _set_callbacks(self):
+        self.machine.on_enter_waiting('_on_waiting')
+        self.machine.on_enter_pulling('_on_pulling')
+        self.machine.on_enter_running('_on_running')
+        self.machine.on_enter_sending('_on_sending')
+        self.machine.on_enter_done('_on_done')
+    def _instanciate_scanner(self, data):
+        return SCSCommon(
+            **data,
+            token=self.token,
+            logger=self.logger,
+        )
+    def _on_timeout(self):
+        self.logger.debug('Scanner {} timeout on state {}'.format(
+            self.name, self.state
+        ))
+    def _on_waiting(self):
+        self.logger.debug(RAW_STATE_MSG.format(
+            self.name, self.state
+        ))
+    def _on_pulling(self):
+        self.logger.debug(RAW_STATE_MSG.format(
+            self.name, self.state
+        ))
+        self.logger.info('   Pulling {} image'.format(self.name))
+        image = self.scanner.pull()
+        if image:
+            self.logger.debug('Image: {}'.format(image))
+            self.next_state()
+        else:
+            raise RuntimeError("Image not found.")
+    def _on_running(self):
+        self.logger.info('   Scanner {} is running.'.format(
+            self.scanner.repository_name, self.state
+        ))
+        self.scanner.run()
+        self.end_time = time.time()
+        self.logger.debug('Total execution time for {} was {:2f}'.format(
+            self.scanner.repository_name,
+            self.end_time - self.start_time
+        ))
+        status_code = self.scanner.wait()
+        self.logger.info('   Scanner {}@{} returned status code {}'.format(
+            self.scanner.repository_name,
+            self.name,
+            status_code
+        ))
+        self.next_state()
+    def _on_sending(self):
+        self.logger.debug(RAW_STATE_MSG.format(
+            self.name, self.state
+        ))
+        self.results = self.scanner.get_container_reports()
+        self.next_state()
+    def _on_done(self):
+        self.logger.debug(RAW_STATE_MSG.format(
+            self.scanner.repository_name, self.state
+        ))
+        self.scanner.container.remove(v=True, force=True)
+    def start(self):
+        self.start_time = time.time()
+        self.to_pulling()
+class ContainerWrapper:
+    def __init__(self, token, containers_map, logger, timeout, max_workers=5):
+        self.token = token
+        self.logger = logger or LOGGER
+        self.max_workers = max_workers
+        self.scanners = [
+            ScannerEntity(
+                token=token,
+                scanner=scanner,
+                logger=logger,
+                timeout=timeout
+            )
+            for scanner in containers_map.values()
+        ]
+    def run(self):
+        self.logger.debug("Starting Execution")
+        with ThreadPoolExecutor(max_workers=self.max_workers) as exeggutor:
+            for scanner in self.scanners:
+                exeggutor.submit(scanner.start)
+def convert_sarif_to_sastbox1(report_filepath, repository_dir, container_registry_token, scanner_timeout=7200):
+    """
+    Args:
+        report_filepath (str): filepath to the report to be converted
+        repository_dir (str): filepath to the repository being tested
+        token (str): Conviso container registry token
+        scanner_timeout (int): container timeout
+    Returns:
+        string: filepath to the converted report
+    """
+    CONTAINER_IMAGE_NAME = 'sastbox-converter-tool'
+    CONTAINER_IMAGE_TAG = 'cc50dee'
+    CONTAINER_INPUT_FILEPATH = '/code{}'.format(
+        report_filepath.replace(repository_dir, '')
+    )
+    CONTAINER_OUTPUT_FILENAME = CONTAINER_INPUT_FILEPATH.replace(
+        'sarif', 'json'
+    )
+    CONTAINERS_MAP = {
+        CONTAINER_IMAGE_NAME: {
+            'repository_dir': repository_dir,
+            'repository_name': CONTAINER_IMAGE_NAME,
+            'tag': CONTAINER_IMAGE_TAG,
+            'command': [
+                '--format', 'sastbox1',
+                '--input', CONTAINER_INPUT_FILEPATH,
+                '--output', CONTAINER_OUTPUT_FILENAME
+            ],
+        },
+    }
+    converter_wrapped = ContainerWrapper(
+        token=container_registry_token,
+        containers_map=CONTAINERS_MAP,
+        logger=None,
+        timeout=scanner_timeout
+    )
+    converter_wrapped.logger.setLevel('WARN')
+    converter_wrapped.run()
+    converter_wrapped.logger.setLevel('INFO')
+    scanner = converter_wrapped.scanners[0].scanner
+    last_scan_name = scanner.name
+    last_container = scanner.docker.containers.get(
+        last_scan_name
+    )
+    try:
+        chunks, _ = last_container.get_archive(CONTAINER_OUTPUT_FILENAME)
+        output_filepath = __extract_tarball_chunks(
+            chunks, report_filepath.replace('sarif', 'json')
+        )
+    except docker.errors.APIError as error:
+        stderr_log = last_container.logs(stderr=True).decode('utf-8')
+        raise PropertyRequiredError(stderr_log)
+    return output_filepath
+def __extract_tarball_chunks(tarball_chunks, report_absolute_filepath):
+    """
+    Args:
+        tarball_chunks (int): The number of bytes returned by each iteration of the generator
+        report_filename (string): The name of the extracted report
+    Returns:
+        string: Report absolute filepath in local filesystem
+    """
+    output_dirpath = report_absolute_filepath[
+        :report_absolute_filepath.rfind('/')
+    ]
+    with tempfile.TemporaryFile() as tmp_wrapper_file:
+        for chunk in tarball_chunks:
+            tmp_wrapper_file.write(chunk)
+        tmp_wrapper_file.seek(0)
+        with tarfile.open(mode="r|", fileobj=tmp_wrapper_file) as talball_file:
+            talball_file.extractall(path=output_dirpath)
+    return report_absolute_filepath