conviso-cli 2.2.27rc0__tar.gz → 2.3.0.dev0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (135) hide show
  1. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/PKG-INFO +1 -1
  2. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/PKG-INFO +1 -1
  3. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/ast/entrypoint.py +20 -8
  4. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/container/run.py +79 -20
  5. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sbom/generate.py +3 -3
  6. conviso-cli-2.3.0.dev0/convisoappsec/version.py +1 -0
  7. conviso-cli-2.2.27rc0/convisoappsec/version.py +0 -1
  8. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/README.md +0 -0
  9. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/SOURCES.txt +0 -0
  10. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/dependency_links.txt +0 -0
  11. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/entry_points.txt +0 -0
  12. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/requires.txt +0 -0
  13. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/top_level.txt +0 -0
  14. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/__init__.py +0 -0
  15. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/__init__.py +0 -0
  16. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/box.py +0 -0
  17. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/docker.py +0 -0
  18. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/exceptions.py +0 -0
  19. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/git_data_parser.py +0 -0
  20. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/graphql/__init__.py +0 -0
  21. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/graphql/error_handlers.py +0 -0
  22. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/graphql/errors.py +0 -0
  23. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/graphql/low_client.py +0 -0
  24. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/retry_handler.py +0 -0
  25. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/common/strings.py +0 -0
  26. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/__init__.py +0 -0
  27. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/api.py +0 -0
  28. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/__init__.py +0 -0
  29. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/__init__.py +0 -0
  30. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/client.py +0 -0
  31. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/__init__.py +0 -0
  32. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/__init__.py +0 -0
  33. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/container.py +0 -0
  34. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/iac.py +0 -0
  35. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/normalize.py +0 -0
  36. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/sast.py +0 -0
  37. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/models/issues/sca.py +0 -0
  38. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/resources_api.py +0 -0
  39. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/schemas/__init__.py +0 -0
  40. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/schemas/mutations/__init__.py +0 -0
  41. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/beta/schemas/resolvers/__init__.py +0 -0
  42. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/__init__.py +0 -0
  43. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/client.py +0 -0
  44. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/models/__init__.py +0 -0
  45. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/models/asset.py +0 -0
  46. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/models/issues.py +0 -0
  47. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/models/project.py +0 -0
  48. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/resources_api.py +0 -0
  49. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/schemas/__init__.py +0 -0
  50. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/schemas/mutations/__init__.py +0 -0
  51. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/graphql_api/v1/schemas/resolvers/__init__.py +0 -0
  52. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/source_code_scanner/__init__.py +0 -0
  53. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/source_code_scanner/exceptions.py +0 -0
  54. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/source_code_scanner/scc.py +0 -0
  55. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/source_code_scanner/source_code_scanner.py +0 -0
  56. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/util/__init__.py +0 -0
  57. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/util/ci_provider.py +0 -0
  58. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/util/metrics.py +0 -0
  59. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/util/source_code_compressor.py +0 -0
  60. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/version_control_system_adapter.py +0 -0
  61. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/version_searchers/__init__.py +0 -0
  62. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/version_searchers/sorted_by_versioning_style.py +0 -0
  63. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/version_searchers/timebased_version_seacher.py +0 -0
  64. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/version_searchers/version_searcher_result.py +0 -0
  65. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/versioning_style/__init__.py +0 -0
  66. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flow/versioning_style/semantic_versioning.py +0 -0
  67. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/__init__.py +0 -0
  68. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/__main__.py +0 -0
  69. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/assets/__init__.py +0 -0
  70. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/assets/create.py +0 -0
  71. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/assets/entrypoint.py +0 -0
  72. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/assets/ls.py +0 -0
  73. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/ast/__init__.py +0 -0
  74. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/common.py +0 -0
  75. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/companies/__init__.py +0 -0
  76. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/companies/ls.py +0 -0
  77. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/container/__init__.py +0 -0
  78. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/container/entrypoint.py +0 -0
  79. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/context.py +0 -0
  80. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/__init__.py +0 -0
  81. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/__init__.py +0 -0
  82. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/context.py +0 -0
  83. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/entrypoint.py +0 -0
  84. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/__init__.py +0 -0
  85. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/entrypoint.py +0 -0
  86. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/__init__.py +0 -0
  87. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/context.py +0 -0
  88. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/entrypoint.py +0 -0
  89. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/__init__.py +0 -0
  90. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/entrypoint.py +0 -0
  91. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/time_.py +0 -0
  92. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/tag_tracker/sort_by/versioning_style.py +0 -0
  93. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/create/with_/values.py +0 -0
  94. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/entrypoint.py +0 -0
  95. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/ls.py +0 -0
  96. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/deploy/show.py +0 -0
  97. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/entrypoint.py +0 -0
  98. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/__init__.py +0 -0
  99. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/create/__init__.py +0 -0
  100. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/create/entrypoint.py +0 -0
  101. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/create/with_/__init__.py +0 -0
  102. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/create/with_/entrypoint.py +0 -0
  103. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/create/with_/version_tracker.py +0 -0
  104. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/entrypoint.py +0 -0
  105. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/import_sarif/__init__.py +0 -0
  106. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/findings/import_sarif/entrypoint.py +0 -0
  107. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/help_option.py +0 -0
  108. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/iac/__init__.py +0 -0
  109. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/iac/entrypoint.py +0 -0
  110. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/iac/run.py +0 -0
  111. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/projects/__init__.py +0 -0
  112. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/projects/ls.py +0 -0
  113. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/requirements_verifier.py +0 -0
  114. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sast/__init__.py +0 -0
  115. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sast/entrypoint.py +0 -0
  116. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sast/run.py +0 -0
  117. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sbom/__init__.py +0 -0
  118. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sbom/entrypoint.py +0 -0
  119. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sca/__init__.py +0 -0
  120. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sca/entrypoint.py +0 -0
  121. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sca/run.py +0 -0
  122. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/vulnerability/__init__.py +0 -0
  123. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/vulnerability/assert_security_rules.py +0 -0
  124. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/vulnerability/entrypoint.py +0 -0
  125. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/vulnerability/rules_schema.json +0 -0
  126. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/vulnerability/run.py +0 -0
  127. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/logger.py +0 -0
  128. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/sast/__init__.py +0 -0
  129. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/sast/decision.py +0 -0
  130. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/sast/sastbox.py +0 -0
  131. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/scripts/shell_completer/flow_bash_completer.sh +0 -0
  132. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/scripts/shell_completer/flow_fish_completer.fish +0 -0
  133. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/scripts/shell_completer/flow_zsh_completer.sh +0 -0
  134. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/setup.cfg +0 -0
  135. {conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/setup.py +0 -0
{conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: conviso-cli
3
- Version: 2.2.27rc0
3
+ Version: 2.3.0.dev0
4
4
  Summary: UNKNOWN
5
5
  Maintainer: Conviso
6
6
  Maintainer-email: development@convisoappsec.com
{conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/conviso_cli.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: conviso-cli
3
- Version: 2.2.27rc0
3
+ Version: 2.3.0.dev0
4
4
  Summary: UNKNOWN
5
5
  Maintainer: Conviso
6
6
  Maintainer-email: development@convisoappsec.com
{conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/ast/entrypoint.py RENAMED
@@ -172,26 +172,31 @@ def perform_deploy(context, flow_context, prepared_context):
172
172
  try:
173
173
  branch_name = git_adapter.get_branch_name()
174
174
  except Exception:
175
- LOGGER.warning("HEAD is detached. Checking for 'main' or 'master'...")
175
+ LOGGER.warning("HEAD is detached. Checking for latest branch ...")
176
176
 
177
177
  result = subprocess.run(
178
- ["git", "branch", "--list", "main", "master"],
178
+ ["git", "for-each-ref", "--sort=-creatordate", "--format=%(refname:short)", "refs/heads/"],
179
179
  cwd=repository_dir,
180
180
  stdout=subprocess.PIPE,
181
181
  stderr=subprocess.PIPE,
182
182
  check=True
183
183
  )
184
+
184
185
  branches = result.stdout.decode().splitlines()
185
- branches = [branch.strip() for branch in branches]
186
186
 
187
- if "main" in branches:
188
- branch_name = "main"
189
- elif "master" in branches:
190
- branch_name = "master"
187
+ if branches:
188
+ branch_name = branches[0]
191
189
  else:
192
- LOGGER.warning("Failed to find a branch 'main' or 'master'.")
190
+ LOGGER.warning("Failed to find a branch.")
193
191
  branch_name = "not_found"
194
192
 
193
+ log_and_notify_ast_event(
194
+ flow_context=flow_context,
195
+ company_id=prepared_context.params['company_id'],
196
+ asset_id=prepared_context.params['asset_id'],
197
+ ast_log=f"Branch: {branch_name}, git folder zipped: {zipped_file}",
198
+ )
199
+
195
200
  response = conviso_api.deploys.create_deploy(
196
201
  asset_id=prepared_context.params['asset_id'],
197
202
  previous_commit=created_deploy['previous_commit'],
@@ -201,6 +206,13 @@ def perform_deploy(context, flow_context, prepared_context):
201
206
  api_key=api_key
202
207
  )
203
208
 
209
+ log_and_notify_ast_event(
210
+ flow_context=flow_context,
211
+ company_id=prepared_context.params['company_id'],
212
+ asset_id=prepared_context.params['asset_id'],
213
+ ast_log=f"Response: {response}",
214
+ )
215
+
204
216
  response_deploy_id = response['createDeploy']['deploy']['id']
205
217
  deploy_id = {"deploy_id": response_deploy_id}
206
218
  created_deploy.update(deploy_id)
{conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/container/run.py RENAMED
@@ -4,6 +4,7 @@ import json
4
4
  import subprocess
5
5
  import shutil
6
6
  import os
7
+ import datetime
7
8
  from convisoappsec.flowcli import help_option
8
9
  from convisoappsec.flowcli.context import pass_flow_context
9
10
  from convisoappsec.logger import log_and_notify_ast_event
@@ -14,6 +15,8 @@ from convisoappsec.flowcli.common import (
14
15
  project_code_option,
15
16
  )
16
17
 
18
+ DEBUG_MODE = False
19
+
17
20
 
18
21
  @click.command()
19
22
  @project_code_option(
@@ -21,6 +24,11 @@ from convisoappsec.flowcli.common import (
21
24
  required=False
22
25
  )
23
26
  @asset_id_option(required=False)
27
+ @click.option(
28
+ '--debug',
29
+ is_flag=True,
30
+ help='Enable debug mode.'
31
+ )
24
32
  @click.option(
25
33
  '-r',
26
34
  '--repository-dir',
@@ -67,13 +75,21 @@ from convisoappsec.flowcli.common import (
67
75
  @pass_flow_context
68
76
  @click.pass_context
69
77
  def run(
70
- context, flow_context, project_code, asset_id, company_id, repository_dir, send_to_flow, asset_name, vulnerability_auto_close, image_name,
78
+ context, flow_context, project_code, asset_id, debug, company_id, repository_dir,
79
+ send_to_flow, asset_name, vulnerability_auto_close, image_name,
71
80
 
72
81
  ):
73
82
  """ Run command for container vulnerability scan focused on OS vulnerabilities """
83
+ global DEBUG_MODE
84
+ DEBUG_MODE = debug
85
+ start_time = datetime.datetime.now()
86
+
74
87
  if send_to_flow:
75
88
  prepared_context = RequirementsVerifier.prepare_context(clone(context))
76
89
 
90
+ if debug:
91
+ debug_message(f"Context after being prepared: {prepared_context.params}")
92
+
77
93
  params_to_copy = [
78
94
  'asset_id', 'send_to_flow', 'asset_name', 'vulnerability_auto_close', 'project_code', 'repository_dir',
79
95
  'company_id'
@@ -87,32 +103,59 @@ def run(
87
103
  asset_id = context.params['asset_id']
88
104
  company_id = context.params['company_id']
89
105
  else:
106
+ # this just verify if the api key is valid.
90
107
  RequirementsVerifier.list_assets(company_id=company_id, asset_name='example', scan_type='SAST')
91
108
 
109
+ if debug:
110
+ debug_message("User validated!")
111
+
92
112
  if command_exists('trivy'):
113
+ if debug:
114
+ debug_message("Trivy already installed.")
115
+
93
116
  scan_command = f"trivy image --pkg-types os --format json --output result.json {image_name}"
94
117
  else:
118
+ if debug:
119
+ debug_message("Installing trivy ...")
120
+
95
121
  subprocess.run(
96
- "curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b bin/ v0.57.1",
122
+ "curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b conviso/ v0.57.1",
97
123
  shell=True,
98
124
  stdout=subprocess.DEVNULL,
99
125
  stderr=subprocess.DEVNULL
100
126
  )
101
- scan_command = [f"./bin/trivy image --pkg-types os --format json --output result.json {image_name}"]
127
+
128
+ if debug:
129
+ debug_message("Trivy has been installed successfully!")
130
+
131
+ scan_command = [f"./conviso/trivy image --pkg-types os --format json --output result.json {image_name}"]
102
132
 
103
133
  try:
104
134
  log_func(f"🔧 Scanning image {image_name} ...")
135
+
136
+ if debug:
137
+ debug_message(f"Running the following command: {scan_command}")
138
+
105
139
  run_command(scan_command)
106
140
  log_func("✅ Scan completed successfully.")
107
141
 
108
- directory = 'bin/'
142
+ directory = 'conviso/'
109
143
  if os.path.isdir(directory):
144
+ if debug:
145
+ debug_message(f"Removing the trivy installation dir, {directory}")
110
146
  shutil.rmtree(directory)
111
147
 
112
148
  if send_to_flow:
113
149
  send_to_conviso_plataform(flow_context, asset_id, company_id)
114
150
  else:
115
151
  output_results()
152
+
153
+ end_time = datetime.datetime.now()
154
+
155
+ if debug:
156
+ execution_time = end_time - start_time
157
+ debug_message(f"Total execution time: {execution_time.total_seconds():.2f} seconds.")
158
+
116
159
  except Exception as error:
117
160
  log_func(f"❌ Scan failed: {error}")
118
161
 
@@ -151,14 +194,7 @@ def send_to_conviso_plataform(flow_context, asset_id, company_id):
151
194
  result_file = "result.json"
152
195
 
153
196
  try:
154
- with open(result_file, 'r') as file:
155
- scan_results = json.load(file)
156
-
157
- results = scan_results.get("Results", [])
158
- if results and isinstance(results, list) and len(results) > 0:
159
- vulnerabilities = results[0].get("Vulnerabilities", [])
160
- else:
161
- vulnerabilities = []
197
+ vulnerabilities = extract_vulnerabilities(result_file)
162
198
 
163
199
  if vulnerabilities:
164
200
  log_func("🔍 Sending vulnerabilities to conviso platform.")
@@ -198,14 +234,7 @@ def output_results():
198
234
  result_file = "result.json"
199
235
 
200
236
  try:
201
- with open(result_file, 'r') as file:
202
- scan_results = json.load(file)
203
-
204
- results = scan_results.get("Results", [])
205
- if results and isinstance(results, list) and len(results) > 0:
206
- vulnerabilities = results[0].get("Vulnerabilities", [])
207
- else:
208
- vulnerabilities = []
237
+ vulnerabilities = extract_vulnerabilities(result_file)
209
238
 
210
239
  if vulnerabilities:
211
240
  log_func(f"🔍 Found: {len(vulnerabilities)} vulnerabilities!")
@@ -227,6 +256,17 @@ def command_exists(command):
227
256
  """
228
257
  return shutil.which(command) is not None
229
258
 
259
+ def extract_vulnerabilities(result_file):
260
+ """Reads a JSON scan result file and extracts vulnerabilities."""
261
+ with open(result_file, 'r') as file:
262
+ scan_results = json.load(file)
263
+
264
+ results = scan_results.get("Results", [])
265
+ if results and isinstance(results, list) and len(results) > 0:
266
+ return results[0].get("Vulnerabilities", [])
267
+
268
+ return []
269
+
230
270
 
231
271
  def log_func(msg, new_line=True):
232
272
  """
@@ -244,3 +284,22 @@ def log_func(msg, new_line=True):
244
284
  str: The output of the message.
245
285
  """
246
286
  click.echo(click.style(msg), nl=new_line, err=True)
287
+
288
+
289
+ def debug_message(msg, new_line=True):
290
+ """
291
+ If debug mode is enabled, this function should be
292
+ used for all debug messages and the message will be styled in orange.
293
+ Otherwise, it uses the default styling.
294
+
295
+ Args:
296
+ msg (str): The message to log.
297
+ new_line (bool, optional): Whether to append a newline at the end of the message.
298
+ Defaults to True.
299
+
300
+ Returns:
301
+ str: The output of the message.
302
+ """
303
+ timestamp = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
304
+ style = {"fg": "bright_yellow"} if DEBUG_MODE else {}
305
+ click.echo(click.style(f"🪲 [{timestamp}] DEBUG: {msg}", **style), nl=new_line, err=True)
{conviso-cli-2.2.27rc0 → conviso-cli-2.3.0.dev0}/convisoappsec/flowcli/sbom/generate.py RENAMED
@@ -147,17 +147,17 @@ def generate(context, flow_context, project_code, asset_id, company_id, reposito
147
147
  command = [f"syft scan {repository_dir} -o cyclonedx-json={file_name}"]
148
148
  else:
149
149
  subprocess.run(
150
- "curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh",
150
+ "curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b conviso/",
151
151
  shell=True,
152
152
  stdout=subprocess.DEVNULL,
153
153
  stderr=subprocess.DEVNULL
154
154
  )
155
- command = [f"./bin/syft scan {repository_dir} -o cyclonedx-json={file_name}"]
155
+ command = [f"./conviso/syft scan {repository_dir} --exclude ./conviso/* -o cyclonedx-json={file_name}"]
156
156
 
157
157
  # Run SBOM generation command
158
158
  subprocess.run(command, shell=True, check=True, capture_output=True)
159
159
 
160
- directory = 'bin/'
160
+ directory = 'conviso/'
161
161
  if os.path.isdir(directory):
162
162
  shutil.rmtree(directory)
163
163
 
conviso-cli-2.3.0.dev0/convisoappsec/version.py ADDED
@@ -0,0 +1 @@
1
+ __version__ = '2.3.0-dev.0'
conviso-cli-2.2.27rc0/convisoappsec/version.py DELETED
@@ -1 +0,0 @@
1
- __version__ = '2.2.27-rc.0'