cycode 0.2.3__tar.gz → 0.2.4.dev10__tar.gz

{cycode-0.2.3 → cycode-0.2.4.dev10}/PKG-INFO

@@ -1,19 +1,45 @@
 Metadata-Version: 2.1
 Name: cycode
-Version: 0.2.3
+Version: 0.2.4.dev10
 Summary: Perform secrets/iac scans for your sources using Cycode's engine
 Home-page: https://github.com/cycodehq-public/cycode-cli
+License: MIT
+Keywords: secret-scan,cycode,devops,token,secret,security,cycode,code
 Author: Cycode
 Author-email: support@cycode.com
-License: MIT
-Keywords: secret-scan cycode devops token secret security cycode code
+Requires-Python: >=3.7,<4.0
+Classifier: Development Status :: 5 - Production/Stable
 Classifier: Environment :: Console
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Natural Language :: English
+Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.7
 Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
+Requires-Dist: arrow (>=0.17.0,<0.18.0)
+Requires-Dist: binaryornot (>=0.4.4,<0.5.0)
+Requires-Dist: click (>=8.1.0,<8.2.0)
+Requires-Dist: colorama (>=0.4.3,<0.5.0)
+Requires-Dist: gitpython (>=3.1.30,<3.2.0)
+Requires-Dist: halo (==0.0.31)
+Requires-Dist: marshmallow (>=3.8.0,<3.9.0)
+Requires-Dist: pathspec (>=0.8.0,<0.9.0)
+Requires-Dist: pyyaml (>=6.0,<7.0)
+Requires-Dist: requests (>=2.24,<3.0)
+Requires-Dist: texttable (>=1.6.7,<1.7.0)
+Requires-Dist: typing (>=3.7.4.3,<3.8.0.0)
+Project-URL: Repository, https://github.com/cycodehq-public/cycode-cli
 Description-Content-Type: text/markdown
-License-File: LICENCE
 
 # Cycode CLI User Guide
 

cycode-0.2.4.dev10/cycode/__init__.py

@@ -0,0 +1 @@
+__version__ = '0.2.4.dev10'   # placeholder. Will be filled automatically on poetry build from Git Tag

cycode-0.2.4.dev10/cycode/cli/auth/auth_command.py

@@ -0,0 +1,79 @@
+import json
+
+import click
+import traceback
+
+from cycode.cli.auth.auth_manager import AuthManager
+from cycode.cli.user_settings.credentials_manager import CredentialsManager
+from cycode.cli.exceptions.custom_exceptions import AuthProcessError, NetworkError, HttpUnauthorizedError
+from cycode.cyclient import logger
+from cycode.cyclient.cycode_token_based_client import CycodeTokenBasedClient
+
+
+@click.group(invoke_without_command=True)
+@click.pass_context
+def authenticate(context: click.Context):
+    """ Authenticates your machine to associate CLI with your cycode account """
+    if context.invoked_subcommand is not None:
+        # if it is a subcommand do nothing
+        return
+
+    try:
+        logger.debug("starting authentication process")
+        auth_manager = AuthManager()
+        auth_manager.authenticate()
+        click.echo("Successfully logged into cycode")
+    except Exception as e:
+        _handle_exception(context, e)
+
+
+@authenticate.command(name='check')
+@click.pass_context
+def authorization_check(context: click.Context):
+    """ Check your machine associating CLI with your cycode account """
+    passed_auth_check_args = {'context': context, 'content': {
+        'success': True,
+        'message': 'You are authorized'
+    }, 'color': 'green'}
+    failed_auth_check_args = {'context': context, 'content': {
+        'success': False,
+        'message': 'You are not authorized'
+    }, 'color': 'red'}
+
+    client_id, client_secret = CredentialsManager().get_credentials()
+    if not client_id or not client_secret:
+        return _print_result(**failed_auth_check_args)
+
+    try:
+        # TODO(MarshalX): This property performs HTTP request to refresh the token. This must be the method.
+        if CycodeTokenBasedClient(client_id, client_secret).api_token:
+            return _print_result(**passed_auth_check_args)
+    except (NetworkError, HttpUnauthorizedError):
+        if context.obj['verbose']:
+            click.secho(f'Error: {traceback.format_exc()}', fg='red', nl=False)
+
+        return _print_result(**failed_auth_check_args)
+
+
+def _print_result(context: click.Context, content: dict, color: str) -> None:
+    # the current impl of printers supports only results of scans
+    if context.obj['output'] == 'text':
+        return click.secho(content['message'], fg=color)
+
+    return click.echo(json.dumps({'result': content['success'], 'message': content['message']}))
+
+
+def _handle_exception(context: click.Context, e: Exception):
+    verbose = context.obj["verbose"]
+    if verbose:
+        click.secho(f'Error: {traceback.format_exc()}', fg='red', nl=False)
+    if isinstance(e, AuthProcessError):
+        click.secho('Authentication failed. Please try again later using the command `cycode auth`',
+                    fg='red', nl=False)
+    elif isinstance(e, NetworkError):
+        click.secho('Authentication failed. Please try again later using the command `cycode auth`',
+                    fg='red', nl=False)
+    elif isinstance(e, click.ClickException):
+        raise e
+    else:
+        raise click.ClickException(str(e))

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/auth/auth_manager.py

@@ -2,13 +2,14 @@ import time
 import webbrowser
 from requests import Request
 from typing import Optional
-from cli.exceptions.custom_exceptions import AuthProcessError
-from cli.utils.string_utils import generate_random_string, hash_string_to_sha256
-from cli.user_settings.configuration_manager import ConfigurationManager
-from cli.user_settings.credentials_manager import CredentialsManager
-from cyclient.auth_client import AuthClient
-from cyclient.models import ApiToken, ApiTokenGenerationPollingResponse
-from cyclient import logger
+
+from cycode.cli.exceptions.custom_exceptions import AuthProcessError
+from cycode.cli.utils.string_utils import generate_random_string, hash_string_to_sha256
+from cycode.cli.user_settings.configuration_manager import ConfigurationManager
+from cycode.cli.user_settings.credentials_manager import CredentialsManager
+from cycode.cyclient.auth_client import AuthClient
+from cycode.cyclient.models import ApiToken, ApiTokenGenerationPollingResponse
+from cycode.cyclient import logger
 
 
 class AuthManager:
@@ -84,6 +85,7 @@ class AuthManager:
             'code_challenge': code_challenge,
             'session_id': session_id
         }
+        # TODO(MarshalX). Use auth_client instead and don't depend on "requests" lib here
         request = Request(url=login_url, params=query_params)
         return request.prepare().url
 

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/code_scanner.py

@@ -1,3 +1,5 @@
+from typing import Type, NamedTuple
+
 import click
 import json
 import logging
@@ -12,22 +14,22 @@ from sys import getsizeof
 
 from halo import Halo
 
-from cli.printers import ResultsPrinter
-from cli.models import Document, DocumentDetections, Severity
-from cli.ci_integrations import get_commit_range
-from cli.consts import *
-from cli.config import configuration_manager, config
-from cli.utils.path_utils import is_sub_path, is_binary_file, get_file_size, get_relevant_files_in_path, \
+from cycode.cli.printers import ResultsPrinter
+from cycode.cli.models import Document, DocumentDetections, Severity
+from cycode.cli.ci_integrations import get_commit_range
+from cycode.cli.consts import *
+from cycode.cli.config import configuration_manager
+from cycode.cli.utils.path_utils import is_sub_path, is_binary_file, get_file_size, get_relevant_files_in_path, \
     get_path_by_os, get_file_content
-from cli.utils.string_utils import get_content_size, is_binary_content
-from cli.utils.task_timer import TimeoutAfter
-from cli.utils import scan_utils
-from cli.user_settings.config_file_manager import ConfigFileManager
-from cli.zip_file import InMemoryZip
-from cli.exceptions.custom_exceptions import *
-from cyclient import logger
-from cyclient.models import *
-from cli.helpers import sca_code_scanner
+from cycode.cli.utils.string_utils import get_content_size, is_binary_content
+from cycode.cli.utils.task_timer import TimeoutAfter
+from cycode.cli.utils import scan_utils
+from cycode.cli.user_settings.config_file_manager import ConfigFileManager
+from cycode.cli.zip_file import InMemoryZip
+from cycode.cli.exceptions.custom_exceptions import *
+from cycode.cli.helpers import sca_code_scanner
+from cycode.cyclient import logger
+from cycode.cyclient.models import *
 
 start_scan_time = time.time()
 
@@ -817,34 +819,76 @@ def _is_subpath_of_cycode_configuration_folder(filename: str) -> bool:
            or filename.endswith(ConfigFileManager.get_config_file_route())
 
 
+class CliScanError(NamedTuple):
+    soft_fail: bool
+    code: str
+    message: str
+
+
+CliScanErrors = Dict[Type[Exception], CliScanError]
+
+
 def _handle_exception(context: click.Context, e: Exception):
-    context.obj["did_fail"] = True
-    verbose = context.obj["verbose"]
-    if verbose:
+    context.obj['did_fail'] = True
+
+    if context.obj['verbose']:
         click.secho(f'Error: {traceback.format_exc()}', fg='red', nl=False)
-    if isinstance(e, (CycodeError, ScanAsyncError)):
-        click.secho('Cycode was unable to complete this scan. Please try again by executing the `cycode scan` command',
-                    fg='red', nl=False)
-        context.obj["soft_fail"] = True
-    elif isinstance(e, HttpUnauthorizedError):
-        click.secho('Unable to authenticate to Cycode, your token is either invalid or has expired. '
-                    'Please re-generate your token and reconfigure it by running the `cycode configure` command',
-                    fg='red', nl=False)
-        context.obj["soft_fail"] = True
-    elif isinstance(e, ZipTooLargeError):
-        click.secho('The path you attempted to scan exceeds the current maximum scanning size cap (10MB). '
-                    'Please try ignoring irrelevant paths using the ‘cycode ignore --by-path’ '
-                    'command and execute the scan again',
-                    fg='red', nl=False)
-        context.obj["soft_fail"] = True
-    elif isinstance(e, InvalidGitRepositoryError):
-        click.secho('The path you supplied does not correlate to a git repository. Should you still wish to scan '
-                    'this path, use: ‘cycode scan path <path>’',
-                    fg='red', nl=False)
-    elif isinstance(e, click.ClickException):
+
+    # TODO(MarshalX): Create global CLI errors database and move this
+    errors: CliScanErrors = {
+        NetworkError: CliScanError(
+            soft_fail=True,
+            code='cycode_error',
+            message='Cycode was unable to complete this scan. '
+                    'Please try again by executing the `cycode scan` command'
+        ),
+        ScanAsyncError: CliScanError(
+            soft_fail=True,
+            code='scan_error',
+            message='Cycode was unable to complete this scan. '
+                    'Please try again by executing the `cycode scan` command'
+        ),
+        HttpUnauthorizedError: CliScanError(
+            soft_fail=True,
+            code='auth_error',
+            message='Unable to authenticate to Cycode, your token is either invalid or has expired. '
+                    'Please re-generate your token and reconfigure it by running the `cycode configure` command'
+        ),
+        ZipTooLargeError: CliScanError(
+            soft_fail=True,
+            code='zip_too_large_error',
+            message='The path you attempted to scan exceeds the current maximum scanning size cap (10MB). '
+                    'Please try ignoring irrelevant paths using the ‘cycode ignore --by-path’ command '
+                    'and execute the scan again'
+        ),
+        InvalidGitRepositoryError: CliScanError(
+            soft_fail=False,
+            code='invalid_git_error',
+            message='The path you supplied does not correlate to a git repository. '
+                    'Should you still wish to scan this path, use: ‘cycode scan path <path>’'
+        ),
+    }
+
+    if type(e) in errors:
+        error = errors[type(e)]
+
+        if error.soft_fail is True:
+            context.obj['soft_fail'] = True
+
+        return _print_error(context, error)
+
+    if isinstance(e, click.ClickException):
         raise e
-    else:
-        raise click.ClickException(str(e))
+
+    raise click.ClickException(str(e))
+
+
+def _print_error(context: click.Context, error: CliScanError) -> None:
+    # TODO(MarshalX): Extend functionality of CLI printers and move this
+    if context.obj['output'] == 'text':
+        click.secho(error.message, fg='red', nl=False)
+    elif context.obj['output'] == 'json':
+        click.echo(json.dumps({'error': error.code, 'message': error.message}, ensure_ascii=False))
 
 
 def _report_scan_status(context: click.Context, scan_type: str, scan_id: str, scan_completed: bool,

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/config.py

@@ -1,6 +1,8 @@
 import os
-from cli.utils.yaml_utils import read_file
-from cli.user_settings.configuration_manager import ConfigurationManager
+
+from cycode.cli.utils.yaml_utils import read_file
+from cycode.cli.user_settings.configuration_manager import ConfigurationManager
+
 
 relative_path = os.path.dirname(__file__)
 config_file_path = os.path.join(relative_path, 'config.yaml')

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/exceptions/custom_exceptions.py

@@ -1,7 +1,15 @@
+from requests import Response
+
+
 class CycodeError(Exception):
-    def __init__(self, status_code: int, error_message: str):
+    """Base class for all custom exceptions"""
+
+
+class NetworkError(CycodeError):
+    def __init__(self, status_code: int, error_message: str, response: Response):
         self.status_code = status_code
         self.error_message = error_message
+        self.response = response
         super().__init__(self.error_message)
 
     def __str__(self):
@@ -9,7 +17,7 @@ class CycodeError(Exception):
                f'{self.error_message}'
 
 
-class ScanAsyncError(Exception):
+class ScanAsyncError(CycodeError):
     def __init__(self, error_message: str):
         self.error_message = error_message
         super().__init__(self.error_message)
@@ -18,17 +26,18 @@ class ScanAsyncError(Exception):
         return f'error occurred during the scan. error message: {self.error_message}'
 
 
-class HttpUnauthorizedError(Exception):
-    def __init__(self, error_message: str):
+class HttpUnauthorizedError(CycodeError):
+    def __init__(self, error_message: str, response: Response):
         self.status_code = 401
         self.error_message = error_message
+        self.response = response
         super().__init__(self.error_message)
 
     def __str__(self):
         return 'Http Unauthorized Error'
 
 
-class ZipTooLargeError(Exception):
+class ZipTooLargeError(CycodeError):
     def __init__(self, size_limit: int):
         self.size_limit = size_limit
         super().__init__()
@@ -37,7 +46,7 @@ class ZipTooLargeError(Exception):
         return f'The size of zip to scan is too large, size limit: {self.size_limit}'
 
 
-class AuthProcessError(Exception):
+class AuthProcessError(CycodeError):
     def __init__(self, error_message: str):
         self.error_message = error_message
         super().__init__()

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/helpers/maven/base_restore_maven_dependencies.py

@@ -3,10 +3,10 @@ from typing import List, Optional, Dict
 
 import click
 
-from cli.models import Document
-from cli.utils.path_utils import join_paths, get_file_dir
-from cli.utils.shell_executor import shell
-from cyclient import logger
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import join_paths, get_file_dir
+from cycode.cli.utils.shell_executor import shell
+from cycode.cyclient import logger
 
 
 def build_dep_tree_path(path: str, generated_file_name: str) -> str:

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/helpers/maven/restore_gradle_dependencies.py

@@ -2,8 +2,8 @@ from typing import List
 
 import click
 
-from cli.helpers.maven.base_restore_maven_dependencies import BaseRestoreMavenDependencies
-from cli.models import Document
+from cycode.cli.helpers.maven.base_restore_maven_dependencies import BaseRestoreMavenDependencies
+from cycode.cli.models import Document
 
 BUILD_GRADLE_FILE_NAME = 'build.gradle'
 BUILD_GRADLE_KTS_FILE_NAME = 'build.gradle.kts'

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/helpers/maven/restore_maven_dependencies.py

@@ -3,10 +3,10 @@ from typing import List, Optional
 
 import click
 
-from cli.helpers.maven.base_restore_maven_dependencies import BaseRestoreMavenDependencies, build_dep_tree_path, \
+from cycode.cli.helpers.maven.base_restore_maven_dependencies import BaseRestoreMavenDependencies, build_dep_tree_path, \
     execute_command
-from cli.models import Document
-from cli.utils.path_utils import get_file_dir, get_file_content, join_paths
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_dir, get_file_content, join_paths
 
 BUILD_MAVEN_FILE_NAME = 'pom.xml'
 MAVEN_CYCLONE_DEP_TREE_FILE_NAME = 'bom.json'

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/helpers/sca_code_scanner.py

@@ -4,12 +4,12 @@ from typing import List, Optional, Dict
 import click
 from git import Repo, GitCommandError
 
-from cli.consts import *
-from cli.helpers.maven.restore_gradle_dependencies import RestoreGradleDependencies
-from cli.helpers.maven.restore_maven_dependencies import RestoreMavenDependencies
-from cli.models import Document
-from cli.utils.path_utils import get_file_dir, join_paths, get_file_content
-from cyclient import logger
+from cycode.cli.consts import *
+from cycode.cli.helpers.maven.restore_gradle_dependencies import RestoreGradleDependencies
+from cycode.cli.helpers.maven.restore_maven_dependencies import RestoreMavenDependencies
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_dir, join_paths, get_file_content
+from cycode.cyclient import logger
 
 BUILD_GRADLE_FILE_NAME = 'build.gradle'
 BUILD_GRADLE_KTS_FILE_NAME = 'build.gradle.kts'

cycode-0.2.3/cli/cycode.py → cycode-0.2.4.dev10/cycode/cli/main.py

@@ -5,17 +5,17 @@ import sys
 
 from typing import List
 
-from cli.models import Severity
-from cli.config import config
-from cli import code_scanner, __version__
-from cyclient import logger
-from cyclient.scan_client import ScanClient
-from cli.user_settings.credentials_manager import CredentialsManager
-from cli.user_settings.configuration_manager import ConfigurationManager
-from cli.user_settings.user_settings_commands import set_credentials, add_exclusions
-from cli.auth.auth_command import authenticate
-from cli.utils import scan_utils
-from cyclient.scan_config.scan_config_creator import create_scan_client
+from cycode import __version__
+from cycode.cli.models import Severity
+from cycode.cli.config import config
+from cycode.cli import code_scanner
+from cycode.cli.user_settings.credentials_manager import CredentialsManager
+from cycode.cli.user_settings.configuration_manager import ConfigurationManager
+from cycode.cli.user_settings.user_settings_commands import set_credentials, add_exclusions
+from cycode.cli.auth.auth_command import authenticate
+from cycode.cli.utils import scan_utils
+from cycode.cyclient import logger
+from cycode.cyclient.scan_config.scan_config_creator import create_scan_client
 
 CONTEXT = dict()
 ISSUE_DETECTED_STATUS_CODE = 1
@@ -60,7 +60,7 @@ NO_ISSUES_STATUS_CODE = 0
               help='Run scan without failing, always return a non-error status code',
               type=bool,
               required=False)
-@click.option('--output', default='text',
+@click.option('--output', default=None,
               help="""
               \b
               Specify the results output (text/json), 
@@ -104,7 +104,9 @@ def code_scan(context: click.Context, scan_type, client_id, secret, show_secret,
         context.obj["soft_fail"] = config["soft_fail"]
 
     context.obj["scan_type"] = scan_type
-    context.obj["output"] = output
+    if output is not None:
+        # save backward compatability with old style command
+        context.obj["output"] = output
     context.obj["client"] = get_cycode_client(client_id, secret)
     context.obj["severity_threshold"] = severity_threshold
     context.obj["monitor"] = monitor
@@ -135,16 +137,25 @@ def finalize(context: click.Context, *args, **kwargs):
 @click.option(
     "--verbose", "-v", is_flag=True, default=False, help="Show detailed logs",
 )
+@click.option(
+    '--output',
+    default='text',
+    help='Specify the output (text/json), the default is text',
+    type=click.Choice(['text', 'json'])
+)
 @click.version_option(__version__, prog_name="cycode")
 @click.pass_context
-def main_cli(context: click.Context, verbose: bool):
+def main_cli(context: click.Context, verbose: bool, output: str):
     context.ensure_object(dict)
     configuration_manager = ConfigurationManager()
+
     verbose = verbose or configuration_manager.get_verbose_flag()
-    context.obj["verbose"] = verbose
+    context.obj['verbose'] = verbose
     log_level = logging.DEBUG if verbose else logging.INFO
     logger.setLevel(log_level)
 
+    context.obj['output'] = output
+
 
 def get_cycode_client(client_id, client_secret):
     if not client_id or not client_secret:

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/models.py

@@ -1,6 +1,6 @@
 from enum import Enum
 from typing import List
-from cyclient.models import Detection
+from cycode.cyclient.models import Detection
 
 
 class Document:

cycode-0.2.4.dev10/cycode/cli/printers/__init__.py

@@ -0,0 +1,10 @@
+from .json_printer import JsonPrinter
+from .text_printer import TextPrinter
+from .results_printer import ResultsPrinter
+
+
+__all__ = [
+    'JsonPrinter',
+    'TextPrinter',
+    'ResultsPrinter'
+]

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/printers/base_printer.py

@@ -1,7 +1,9 @@
-import click
 from abc import ABC, abstractmethod
 from typing import List
-from cli.models import DocumentDetections
+
+import click
+
+from cycode.cli.models import DocumentDetections
 
 
 class BasePrinter(ABC):

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/printers/json_printer.py

@@ -3,9 +3,9 @@ from typing import List
 
 import click
 
-from cli.models import DocumentDetections
-from cli.printers.base_printer import BasePrinter
-from cyclient.models import DetectionSchema, Detection
+from cycode.cli.models import DocumentDetections
+from cycode.cli.printers.base_printer import BasePrinter
+from cycode.cyclient.models import DetectionSchema
 
 
 class JsonPrinter(BasePrinter):

{cycode-0.2.3 → cycode-0.2.4.dev10/cycode}/cli/printers/results_printer.py

@@ -1,10 +1,10 @@
 import click
 from typing import List
 
-from cli.consts import SCA_SCAN_TYPE
-from cli.printers import JsonPrinter, TextPrinter
-from cli.models import DocumentDetections
-from cli.printers.table_printer import TablePrinter
+from cycode.cli.consts import SCA_SCAN_TYPE
+from cycode.cli.printers import JsonPrinter, TextPrinter
+from cycode.cli.models import DocumentDetections
+from cycode.cli.printers.table_printer import TablePrinter
 
 
 class ResultsPrinter: