devsecops-engine-tools 1.10.0__py3-none-any.whl → 1.11.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +2 -1
- devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py +15 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py +1 -0
- devsecops_engine_tools/engine_sast/engine_code/src/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/applications/runner_engine_code.py +31 -0
- devsecops_engine_tools/engine_sast/engine_code/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/model/config_tool.py +11 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/model/gateways/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/model/gateways/tool_gateway.py +15 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/domain/usecases/code_scan.py +123 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_deserealizator.py +49 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_tool.py +126 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/entry_point_tool.py +6 -0
- devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_scan.py +1 -1
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py +1 -1
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py +1 -0
- devsecops_engine_tools/engine_utilities/git_cli/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/git_cli/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/{engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli → engine_utilities/git_cli/infrastructure}/git_run.py +1 -1
- devsecops_engine_tools/engine_utilities/git_cli/model/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/git_cli/model/gateway/__init__.py +0 -0
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/METADATA +10 -2
- {devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/RECORD +39 -15
- /devsecops_engine_tools/engine_sast/{engine_secret/src/infrastructure/driven_adapters/git_cli → engine_code}/__init__.py +0 -0
- /devsecops_engine_tools/{engine_sast/engine_secret/src/domain → engine_utilities/git_cli}/model/gateway/git_gateway.py +0 -0
- {devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/top_level.txt +0 -0
|
@@ -77,6 +77,7 @@ def get_inputs_from_cli(args):
|
|
|
77
77
|
choices=[
|
|
78
78
|
"engine_iac",
|
|
79
79
|
"engine_dast",
|
|
80
|
+
"engine_code",
|
|
80
81
|
"engine_secret",
|
|
81
82
|
"engine_dependencies",
|
|
82
83
|
"engine_container",
|
|
@@ -91,7 +92,7 @@ def get_inputs_from_cli(args):
|
|
|
91
92
|
"--folder_path",
|
|
92
93
|
type=str,
|
|
93
94
|
required=False,
|
|
94
|
-
help="Folder Path to scan, only apply engine_iac and engine_dependencies tools",
|
|
95
|
+
help="Folder Path to scan, only apply engine_iac, engine_code and engine_dependencies tools",
|
|
95
96
|
)
|
|
96
97
|
parser.add_argument(
|
|
97
98
|
"-p",
|
|
@@ -4,6 +4,9 @@ from devsecops_engine_tools.engine_sast.engine_iac.src.applications.runner_iac_s
|
|
|
4
4
|
from devsecops_engine_tools.engine_sast.engine_secret.src.applications.runner_secret_scan import (
|
|
5
5
|
runner_secret_scan,
|
|
6
6
|
)
|
|
7
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.applications.runner_engine_code import (
|
|
8
|
+
runner_engine_code,
|
|
9
|
+
)
|
|
7
10
|
from devsecops_engine_tools.engine_core.src.domain.model.gateway.vulnerability_management_gateway import (
|
|
8
11
|
VulnerabilityManagementGateway,
|
|
9
12
|
)
|
|
@@ -117,6 +120,18 @@ class HandleScan:
|
|
|
117
120
|
return findings_list, input_core
|
|
118
121
|
elif "engine_dast" in dict_args["tool"]:
|
|
119
122
|
print(MESSAGE_ENABLED)
|
|
123
|
+
elif "engine_code" in dict_args["tool"]:
|
|
124
|
+
findings_list, input_core = runner_engine_code(
|
|
125
|
+
dict_args, config_tool["ENGINE_CODE"]["TOOL"], self.devops_platform_gateway
|
|
126
|
+
)
|
|
127
|
+
if (
|
|
128
|
+
dict_args["use_vulnerability_management"] == "true"
|
|
129
|
+
and input_core.path_file_results
|
|
130
|
+
):
|
|
131
|
+
self._use_vulnerability_management(
|
|
132
|
+
config_tool, input_core, dict_args, secret_tool, env
|
|
133
|
+
)
|
|
134
|
+
return findings_list, input_core
|
|
120
135
|
elif "engine_secret" in dict_args["tool"]:
|
|
121
136
|
findings_list, input_core = runner_secret_scan(
|
|
122
137
|
dict_args,
|
|
File without changes
|
|
File without changes
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.entry_points.entry_point_tool import (
|
|
2
|
+
init_engine_sast_code,
|
|
3
|
+
)
|
|
4
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.driven_adapters.bearer.bearer_tool import (
|
|
5
|
+
BearerTool
|
|
6
|
+
)
|
|
7
|
+
from devsecops_engine_tools.engine_utilities.git_cli.infrastructure.git_run import (
|
|
8
|
+
GitRun
|
|
9
|
+
)
|
|
10
|
+
|
|
11
|
+
def runner_engine_code(dict_args, tool, devops_platform_gateway):
|
|
12
|
+
try:
|
|
13
|
+
tool_gateway = None
|
|
14
|
+
git_gateway = GitRun()
|
|
15
|
+
if (tool == "BEARER"):
|
|
16
|
+
tool_gateway = BearerTool()
|
|
17
|
+
|
|
18
|
+
return init_engine_sast_code(
|
|
19
|
+
devops_platform_gateway=devops_platform_gateway,
|
|
20
|
+
tool_gateway=tool_gateway,
|
|
21
|
+
dict_args=dict_args,
|
|
22
|
+
git_gateway=git_gateway,
|
|
23
|
+
tool=tool,
|
|
24
|
+
)
|
|
25
|
+
|
|
26
|
+
except Exception as e:
|
|
27
|
+
raise Exception(f"Error engine_code : {str(e)}")
|
|
28
|
+
|
|
29
|
+
|
|
30
|
+
if __name__ == "__main__":
|
|
31
|
+
runner_engine_code()
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
|
|
2
|
+
|
|
3
|
+
class ConfigTool:
|
|
4
|
+
def __init__(self, json_data, scope):
|
|
5
|
+
self.data = json_data
|
|
6
|
+
self.exclude_folder = self.data["EXCLUDE_FOLDER"]
|
|
7
|
+
self.ignore_search_pattern = self.data["IGNORE_SEARCH_PATTERN"]
|
|
8
|
+
self.target_branches = self.data["TARGET_BRANCHES"]
|
|
9
|
+
self.message_info_engine_code = self.data["MESSAGE_INFO_ENGINE_CODE"]
|
|
10
|
+
self.threshold = Threshold(self.data["THRESHOLD"])
|
|
11
|
+
self.scope_pipeline = scope
|
|
File without changes
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
from abc import ABCMeta, abstractmethod
|
|
2
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.config_tool import (
|
|
3
|
+
ConfigTool,
|
|
4
|
+
)
|
|
5
|
+
|
|
6
|
+
class ToolGateway(metaclass=ABCMeta):
|
|
7
|
+
|
|
8
|
+
@abstractmethod
|
|
9
|
+
def run_tool(self,
|
|
10
|
+
folder_to_scan: str,
|
|
11
|
+
pull_request_files: list,
|
|
12
|
+
agent_work_folder: str,
|
|
13
|
+
repository: str,
|
|
14
|
+
config_tool: ConfigTool):
|
|
15
|
+
"run code scan tool"
|
|
File without changes
|
|
@@ -0,0 +1,123 @@
|
|
|
1
|
+
import re
|
|
2
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.gateways.tool_gateway import (
|
|
3
|
+
ToolGateway,
|
|
4
|
+
)
|
|
5
|
+
from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
|
|
6
|
+
DevopsPlatformGateway,
|
|
7
|
+
)
|
|
8
|
+
from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import (
|
|
9
|
+
GitGateway
|
|
10
|
+
)
|
|
11
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.config_tool import (
|
|
12
|
+
ConfigTool,
|
|
13
|
+
)
|
|
14
|
+
from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
|
|
15
|
+
from devsecops_engine_tools.engine_core.src.domain.model.input_core import (
|
|
16
|
+
InputCore
|
|
17
|
+
)
|
|
18
|
+
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
19
|
+
from devsecops_engine_tools.engine_utilities import settings
|
|
20
|
+
|
|
21
|
+
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
class CodeScan:
|
|
25
|
+
def __init__(
|
|
26
|
+
self, tool_gateway: ToolGateway, devops_platform_gateway: DevopsPlatformGateway, git_gateway: GitGateway
|
|
27
|
+
):
|
|
28
|
+
self.tool_gateway = tool_gateway
|
|
29
|
+
self.devops_platform_gateway = devops_platform_gateway
|
|
30
|
+
self.git_gateway = git_gateway
|
|
31
|
+
|
|
32
|
+
def set_config_tool(self, dict_args):
|
|
33
|
+
init_config_tool = self.devops_platform_gateway.get_remote_config(
|
|
34
|
+
dict_args["remote_config_repo"],
|
|
35
|
+
"engine_sast/engine_code/ConfigTool.json"
|
|
36
|
+
)
|
|
37
|
+
scope_pipeline = self.devops_platform_gateway.get_variable(
|
|
38
|
+
"pipeline_name"
|
|
39
|
+
)
|
|
40
|
+
return ConfigTool(json_data=init_config_tool, scope=scope_pipeline)
|
|
41
|
+
|
|
42
|
+
def get_pull_request_files(self, target_branches):
|
|
43
|
+
files_pullrequest = self.git_gateway.get_files_pull_request(
|
|
44
|
+
self.devops_platform_gateway.get_variable("path_directory"),
|
|
45
|
+
self.devops_platform_gateway.get_variable("target_branch"),
|
|
46
|
+
target_branches,
|
|
47
|
+
self.devops_platform_gateway.get_variable("source_branch"),
|
|
48
|
+
self.devops_platform_gateway.get_variable("access_token"),
|
|
49
|
+
self.devops_platform_gateway.get_variable("organization"),
|
|
50
|
+
self.devops_platform_gateway.get_variable("project_name"),
|
|
51
|
+
self.devops_platform_gateway.get_variable("repository"),
|
|
52
|
+
self.devops_platform_gateway.get_variable("repository_provider")
|
|
53
|
+
)
|
|
54
|
+
return files_pullrequest
|
|
55
|
+
|
|
56
|
+
def get_exclusions(self, dict_args, tool):
|
|
57
|
+
exclusions_data = self.devops_platform_gateway.get_remote_config(
|
|
58
|
+
dict_args["remote_config_repo"],
|
|
59
|
+
"engine_sast/engine_code/Exclusions.json"
|
|
60
|
+
)
|
|
61
|
+
list_exclusions = []
|
|
62
|
+
skip_tool = False
|
|
63
|
+
for pipeline, exclusions in exclusions_data.items():
|
|
64
|
+
if (pipeline == "All") or (pipeline == self.devops_platform_gateway.get_variable("pipeline_name")):
|
|
65
|
+
if exclusions.get("SKIP_TOOL", False):
|
|
66
|
+
skip_tool = True
|
|
67
|
+
elif exclusions.get(tool, False):
|
|
68
|
+
for exc in exclusions[tool]:
|
|
69
|
+
exclusion = Exclusions(
|
|
70
|
+
id=exc.get("id", ""),
|
|
71
|
+
where=exc.get("where", ""),
|
|
72
|
+
create_date=exc.get("create_date", ""),
|
|
73
|
+
expired_date=exc.get("expired_date", ""),
|
|
74
|
+
severity=exc.get("severity", ""),
|
|
75
|
+
hu=exc.get("hu", ""),
|
|
76
|
+
reason=exc.get("reason", "Risk acceptance"),
|
|
77
|
+
)
|
|
78
|
+
list_exclusions.append(exclusion)
|
|
79
|
+
return list_exclusions, skip_tool
|
|
80
|
+
|
|
81
|
+
def apply_exclude_path(self, exclude_folder, ignore_search_pattern, pull_request_file):
|
|
82
|
+
patterns = ignore_search_pattern
|
|
83
|
+
patterns.extend([rf"/{re.escape(folder)}//*" for folder in exclude_folder])
|
|
84
|
+
|
|
85
|
+
for pattern in patterns:
|
|
86
|
+
if re.search(pattern, pull_request_file):
|
|
87
|
+
return True
|
|
88
|
+
return False
|
|
89
|
+
|
|
90
|
+
def process(self, dict_args, tool):
|
|
91
|
+
config_tool = self.set_config_tool(dict_args)
|
|
92
|
+
list_exclusions, skip_tool = self.get_exclusions(dict_args, tool)
|
|
93
|
+
findings_list, path_file_results = [], ""
|
|
94
|
+
|
|
95
|
+
if not skip_tool:
|
|
96
|
+
pull_request_files = []
|
|
97
|
+
if not dict_args["folder_path"]:
|
|
98
|
+
pull_request_files = self.get_pull_request_files(config_tool.target_branches)
|
|
99
|
+
pull_request_files = [pf for pf in pull_request_files
|
|
100
|
+
if not self.apply_exclude_path(config_tool.exclude_folder, config_tool.ignore_search_pattern, pf)]
|
|
101
|
+
|
|
102
|
+
findings_list, path_file_results = self.tool_gateway.run_tool(
|
|
103
|
+
dict_args["folder_path"],
|
|
104
|
+
pull_request_files,
|
|
105
|
+
self.devops_platform_gateway.get_variable("path_directory"),
|
|
106
|
+
self.devops_platform_gateway.get_variable("repository"),
|
|
107
|
+
config_tool
|
|
108
|
+
)
|
|
109
|
+
|
|
110
|
+
else:
|
|
111
|
+
print(f"Tool skipped by DevSecOps policy")
|
|
112
|
+
logger.info(f"Tool skipped by DevSecOps policy")
|
|
113
|
+
|
|
114
|
+
input_core = InputCore(
|
|
115
|
+
totalized_exclusions=list_exclusions,
|
|
116
|
+
threshold_defined=config_tool.threshold,
|
|
117
|
+
path_file_results=path_file_results,
|
|
118
|
+
custom_message_break_build=config_tool.message_info_engine_code,
|
|
119
|
+
scope_pipeline=config_tool.scope_pipeline,
|
|
120
|
+
stage_pipeline=self.devops_platform_gateway.get_variable("stage").capitalize(),
|
|
121
|
+
)
|
|
122
|
+
|
|
123
|
+
return findings_list, input_core
|
|
File without changes
|
|
File without changes
|
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/__init__.py
ADDED
|
File without changes
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_core.src.domain.model.finding import (
|
|
2
|
+
Category,
|
|
3
|
+
Finding,
|
|
4
|
+
)
|
|
5
|
+
from datetime import datetime
|
|
6
|
+
from dataclasses import dataclass
|
|
7
|
+
import json
|
|
8
|
+
import re
|
|
9
|
+
|
|
10
|
+
@dataclass
|
|
11
|
+
class BearerDeserealizator:
|
|
12
|
+
@classmethod
|
|
13
|
+
def get_list_finding(cls,
|
|
14
|
+
scan_result_path,
|
|
15
|
+
agent_work_folder) -> "list[Finding]":
|
|
16
|
+
findings = []
|
|
17
|
+
with open(scan_result_path, encoding='utf-8') as arc:
|
|
18
|
+
try:
|
|
19
|
+
data = json.load(arc)
|
|
20
|
+
severity = list(data.keys())
|
|
21
|
+
except:
|
|
22
|
+
return findings
|
|
23
|
+
|
|
24
|
+
description_pattern = r"(?<=## Description\n)(.*?)(?=##)"
|
|
25
|
+
|
|
26
|
+
for sev in severity:
|
|
27
|
+
vulnerabilities = data[sev]
|
|
28
|
+
for vul in vulnerabilities:
|
|
29
|
+
description = re.search(description_pattern, vul["description"], flags=re.DOTALL).group(1).strip()
|
|
30
|
+
chunks = [description[i : i + 70] for i in range(0, len(description), 70)]
|
|
31
|
+
formatted_description = "\n".join(chunks) + "\n"
|
|
32
|
+
|
|
33
|
+
finding = Finding(
|
|
34
|
+
id=vul["id"],
|
|
35
|
+
cvss="",
|
|
36
|
+
where=vul["full_filename"].replace(agent_work_folder, "").replace("/copy_files_bearer", ""),
|
|
37
|
+
description=formatted_description,
|
|
38
|
+
severity=sev.lower(),
|
|
39
|
+
identification_date=datetime.now().strftime("%d%m%Y"),
|
|
40
|
+
published_date_cve=None,
|
|
41
|
+
module="engine_code",
|
|
42
|
+
category=Category.VULNERABILITY,
|
|
43
|
+
requirements="",
|
|
44
|
+
tool="Bearer"
|
|
45
|
+
)
|
|
46
|
+
findings.append(finding)
|
|
47
|
+
|
|
48
|
+
return findings
|
|
49
|
+
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
import subprocess
|
|
2
|
+
import yaml
|
|
3
|
+
import shutil
|
|
4
|
+
import os
|
|
5
|
+
import json
|
|
6
|
+
import concurrent.futures
|
|
7
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.gateways.tool_gateway import (
|
|
8
|
+
ToolGateway,
|
|
9
|
+
)
|
|
10
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.driven_adapters.bearer.bearer_deserealizator import (
|
|
11
|
+
BearerDeserealizator,
|
|
12
|
+
)
|
|
13
|
+
|
|
14
|
+
class BearerTool(ToolGateway):
|
|
15
|
+
|
|
16
|
+
BEARER_TOOL = "BEARER"
|
|
17
|
+
MAX_RETRY = 5
|
|
18
|
+
|
|
19
|
+
def install_tool(self):
|
|
20
|
+
command = f"bearer version"
|
|
21
|
+
result = subprocess.run(
|
|
22
|
+
command,
|
|
23
|
+
capture_output=True,
|
|
24
|
+
shell=True
|
|
25
|
+
)
|
|
26
|
+
|
|
27
|
+
if result.returncode != 0:
|
|
28
|
+
command = f"curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh -s -- -b /usr/local/bin"
|
|
29
|
+
|
|
30
|
+
for num_try in range(self.MAX_RETRY):
|
|
31
|
+
result = subprocess.run(
|
|
32
|
+
command,
|
|
33
|
+
stdout=subprocess.PIPE,
|
|
34
|
+
stderr=subprocess.PIPE,
|
|
35
|
+
shell=True
|
|
36
|
+
)
|
|
37
|
+
|
|
38
|
+
if result.returncode == 0: break
|
|
39
|
+
if num_try == self.MAX_RETRY - 1:
|
|
40
|
+
raise Exception(f"Error installing Bearer tool.")
|
|
41
|
+
|
|
42
|
+
def config_data(self, agent_work_folder):
|
|
43
|
+
data = {
|
|
44
|
+
"report": {
|
|
45
|
+
"output": f"{agent_work_folder}/bearer-scan.json",
|
|
46
|
+
"format": "json",
|
|
47
|
+
"report": "security",
|
|
48
|
+
"severity": "critical,high,medium,low"
|
|
49
|
+
},
|
|
50
|
+
"scan": {
|
|
51
|
+
"disable-domain-resolution": True,
|
|
52
|
+
"domain-resolution-timeout": "3s",
|
|
53
|
+
"exit-code": 0,
|
|
54
|
+
"scanner": ["sast"]
|
|
55
|
+
},
|
|
56
|
+
}
|
|
57
|
+
return data
|
|
58
|
+
|
|
59
|
+
def create_config_file(self, agent_work_folder):
|
|
60
|
+
with open(
|
|
61
|
+
f"{agent_work_folder}/bearer.yml",
|
|
62
|
+
"w",
|
|
63
|
+
) as file:
|
|
64
|
+
yaml.dump(self.config_data(agent_work_folder), file, default_flow_style=False)
|
|
65
|
+
file.close()
|
|
66
|
+
|
|
67
|
+
def copy_file(self, pull_file, agent_work_folder, repository, path_to_scan):
|
|
68
|
+
path = f"{agent_work_folder}/{repository}/{pull_file}"
|
|
69
|
+
destination_path = os.path.join(path_to_scan, f"{repository}/{pull_file}")
|
|
70
|
+
os.makedirs(os.path.dirname(destination_path), exist_ok=True)
|
|
71
|
+
shutil.copy2(path, destination_path)
|
|
72
|
+
|
|
73
|
+
def scan_path(self, path, agent_work_folder):
|
|
74
|
+
command = f"bearer scan {path} --config-file {agent_work_folder}/bearer.yml"
|
|
75
|
+
subprocess.run(
|
|
76
|
+
command,
|
|
77
|
+
check=True,
|
|
78
|
+
stdout=subprocess.PIPE,
|
|
79
|
+
stderr=subprocess.PIPE,
|
|
80
|
+
shell=True
|
|
81
|
+
)
|
|
82
|
+
findings = BearerDeserealizator.get_list_finding(
|
|
83
|
+
f"{agent_work_folder}/bearer-scan.json", agent_work_folder
|
|
84
|
+
)
|
|
85
|
+
|
|
86
|
+
return findings
|
|
87
|
+
|
|
88
|
+
def format_scan_file(self, scan_result_path, agent_work_folder):
|
|
89
|
+
with open(scan_result_path, encoding='utf-8') as arc:
|
|
90
|
+
try:
|
|
91
|
+
data = json.load(arc)
|
|
92
|
+
severity = list(data.keys())
|
|
93
|
+
for sev in severity:
|
|
94
|
+
for vul in data[sev]:
|
|
95
|
+
if "snippet" not in vul.keys(): vul["snippet"] = ""
|
|
96
|
+
except:
|
|
97
|
+
data = {}
|
|
98
|
+
|
|
99
|
+
with open(f"{agent_work_folder}/bearer-scan-vul-man.json", "w") as file:
|
|
100
|
+
json.dump(data, file)
|
|
101
|
+
file.close()
|
|
102
|
+
return f"{agent_work_folder}/bearer-scan-vul-man.json"
|
|
103
|
+
|
|
104
|
+
def run_tool(self, folder_to_scan, pull_request_files, agent_work_folder, repository, config_tool):
|
|
105
|
+
self.install_tool()
|
|
106
|
+
|
|
107
|
+
number_threads = config_tool.data[self.BEARER_TOOL]["NUMBER_THREADS"]
|
|
108
|
+
scan_result_path = f"{agent_work_folder}/bearer-scan.json"
|
|
109
|
+
self.create_config_file(agent_work_folder)
|
|
110
|
+
|
|
111
|
+
if folder_to_scan:
|
|
112
|
+
path_to_scan = folder_to_scan
|
|
113
|
+
else:
|
|
114
|
+
path_to_scan = f"{agent_work_folder}/copy_files_bearer"
|
|
115
|
+
os.makedirs(path_to_scan, exist_ok=True)
|
|
116
|
+
with concurrent.futures.ThreadPoolExecutor(max_workers=number_threads) as executor:
|
|
117
|
+
futures = [
|
|
118
|
+
executor.submit(self.copy_file, pull_file, agent_work_folder, repository, path_to_scan)
|
|
119
|
+
for pull_file in pull_request_files
|
|
120
|
+
]
|
|
121
|
+
for future in futures: future.result()
|
|
122
|
+
|
|
123
|
+
findings = self.scan_path(path_to_scan, agent_work_folder)
|
|
124
|
+
scan_result_path_formatted = self.format_scan_file(scan_result_path, agent_work_folder)
|
|
125
|
+
|
|
126
|
+
return findings, scan_result_path_formatted
|
|
File without changes
|
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/entry_point_tool.py
ADDED
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sast.engine_code.src.domain.usecases.code_scan import (
|
|
2
|
+
CodeScan,
|
|
3
|
+
)
|
|
4
|
+
|
|
5
|
+
def init_engine_sast_code(devops_platform_gateway, tool_gateway, dict_args, git_gateway, tool):
|
|
6
|
+
return CodeScan(tool_gateway, devops_platform_gateway, git_gateway).process(dict_args, tool)
|
|
File without changes
|
|
@@ -7,7 +7,7 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.infrastructure.driven_
|
|
|
7
7
|
from devsecops_engine_tools.engine_sast.engine_secret.src.infrastructure.driven_adapters.trufflehog.trufflehog_deserealizator import (
|
|
8
8
|
SecretScanDeserealizator
|
|
9
9
|
)
|
|
10
|
-
from devsecops_engine_tools.
|
|
10
|
+
from devsecops_engine_tools.engine_utilities.git_cli.infrastructure.git_run import (
|
|
11
11
|
GitRun
|
|
12
12
|
)
|
|
13
13
|
|
|
@@ -11,7 +11,7 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.g
|
|
|
11
11
|
from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
|
|
12
12
|
DevopsPlatformGateway,
|
|
13
13
|
)
|
|
14
|
-
from devsecops_engine_tools.
|
|
14
|
+
from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import (
|
|
15
15
|
GitGateway
|
|
16
16
|
)
|
|
17
17
|
|
|
File without changes
|
|
File without changes
|
|
@@ -2,7 +2,7 @@ from dataclasses import dataclass
|
|
|
2
2
|
import os
|
|
3
3
|
import subprocess
|
|
4
4
|
from urllib.parse import quote
|
|
5
|
-
from devsecops_engine_tools.
|
|
5
|
+
from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import GitGateway
|
|
6
6
|
|
|
7
7
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
8
8
|
from devsecops_engine_tools.engine_utilities import settings
|
|
File without changes
|
|
File without changes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.11.0'
|
{devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: devsecops-engine-tools
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.11.0
|
|
4
4
|
Summary: Tool for DevSecOps strategy
|
|
5
5
|
Home-page: https://github.com/bancolombia/devsecops-engine-tools
|
|
6
6
|
Author: Bancolombia DevSecOps Team
|
|
@@ -67,7 +67,7 @@ pip3 install devsecops-engine-tools
|
|
|
67
67
|
### Scan running - flags (CLI)
|
|
68
68
|
|
|
69
69
|
```bash
|
|
70
|
-
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk"] --folder_path ["Folder path scan engine_iac"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
|
|
70
|
+
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk", "engine_code"] --folder_path ["Folder path scan engine_iac, engine_code and engine_dependencies"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
|
|
71
71
|
```
|
|
72
72
|
|
|
73
73
|
### Structure Remote Config
|
|
@@ -85,6 +85,9 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
|
|
|
85
85
|
┃ ┗ 📜Exclusions.json
|
|
86
86
|
┃ ┗ 📂engine_secret
|
|
87
87
|
┃ ┗ 📜ConfigTool.json
|
|
88
|
+
┃ ┗ 📂engine_code
|
|
89
|
+
┃ ┗ 📜ConfigTool.json
|
|
90
|
+
┃ ┗ 📜Exclusions.json
|
|
88
91
|
┣ 📂engine_sca
|
|
89
92
|
┃ ┗ 📂engine_container
|
|
90
93
|
┃ ┗ 📜ConfigTool.json
|
|
@@ -145,6 +148,11 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
|
|
|
145
148
|
<td><a href="https://jfrog.com/help/r/get-started-with-the-jfrog-platform/jfrog-xray">XRAY</a></td>
|
|
146
149
|
<td>Paid</td>
|
|
147
150
|
</tr>
|
|
151
|
+
<tr>
|
|
152
|
+
<td>ENGINE_CODE</td>
|
|
153
|
+
<td><a href="https://docs.bearer.com/quickstart/">BEARER</a></td>
|
|
154
|
+
<td>Free</td>
|
|
155
|
+
</tr>
|
|
148
156
|
</table>
|
|
149
157
|
|
|
150
158
|
### Scan running sample (CLI) - Local
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=vNVSMk6LLy4q2IXG0QROcXdPY5PUVMXo9bzJHL-fZiU,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
6
|
-
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=
|
|
6
|
+
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=r4XhvElDN8DSkEEWSZ9nMi1V5j1hRDON0Y6rnRMT7-w,7179
|
|
7
7
|
devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -27,7 +27,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_manage
|
|
|
27
27
|
devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
28
28
|
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=JP-i5SFaMN7Yi4uDCe_AE1kJ197g1IJGcwQdq-RYbk4,16198
|
|
29
29
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=Au_ZXqwDi3CbVpQWAd29oruDAcZ1RX4e7OABSa_aRyA,7093
|
|
30
|
-
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=
|
|
30
|
+
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=T1NIik_mrV1sSF-2yc5QXFJxaiOkXXNsRciObfOcvP4,7012
|
|
31
31
|
devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
|
|
32
32
|
devsecops_engine_tools/engine_core/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
33
33
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -37,7 +37,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
|
|
|
37
37
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
38
38
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=blI4ZrquRE4y6DJ7N2YRx1nL0wrAXvdpx0fLSUf5qwA,4831
|
|
39
39
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
40
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=
|
|
40
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=BAk_rLQzZ9qV7fVTXQUMEw_7Sfn1iQ9ciIw2j9felxQ,16497
|
|
41
41
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
42
42
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=pxlgjhX4-Dssn-XHKK8AdCOj6Ry6VcQtoDf5q8CxTks,3731
|
|
43
43
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -84,6 +84,27 @@ devsecops_engine_tools/engine_risk/src/infrastructure/entry_points/__init__.py,s
|
|
|
84
84
|
devsecops_engine_tools/engine_risk/src/infrastructure/entry_points/entry_point_risk.py,sha256=HlWPr8Mg7kjnDGDmYqJRk-dJk-V8qDhtB08uUXBPVdw,3399
|
|
85
85
|
devsecops_engine_tools/engine_risk/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
86
86
|
devsecops_engine_tools/engine_sast/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
87
|
+
devsecops_engine_tools/engine_sast/engine_code/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
88
|
+
devsecops_engine_tools/engine_sast/engine_code/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
89
|
+
devsecops_engine_tools/engine_sast/engine_code/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
90
|
+
devsecops_engine_tools/engine_sast/engine_code/src/applications/runner_engine_code.py,sha256=7lYVWfDQO2qCeYZ3WbscoHZCO7-DAuOXYViFODx3zlc,956
|
|
91
|
+
devsecops_engine_tools/engine_sast/engine_code/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
92
|
+
devsecops_engine_tools/engine_sast/engine_code/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
93
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
94
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
95
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/model/config_tool.py,sha256=5OCRuGgebgtw_NxIh3bLuD5G_d0MV7cc6NH7xuzhPBw,537
|
|
96
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
97
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/model/gateways/tool_gateway.py,sha256=kseBXn2SzCaFNJLghY9bTOCVvD2v5t7DKcfxgSmvBc0,459
|
|
98
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
99
|
+
devsecops_engine_tools/engine_sast/engine_code/src/domain/usecases/code_scan.py,sha256=7J9fcMEWM0p8x2S3Q9mSSRDPMXQbp71LxdURb94KxQ0,5530
|
|
100
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
101
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
102
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
103
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_deserealizator.py,sha256=GaCTIfbgvMLLhdPhC2RR5qyY6zoYrltJ4LVaN18668s,1858
|
|
104
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_tool.py,sha256=ZAp3_ep0Gtzz53PXki9grw6c1M1FAR5pOCAkGTavvDg,4611
|
|
105
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
106
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/entry_point_tool.py,sha256=MSwHPApIz2-7j2uuhfO_Rg5rTzOAbGiRHbSjZHplB14,301
|
|
107
|
+
devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
87
108
|
devsecops_engine_tools/engine_sast/engine_iac/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
88
109
|
devsecops_engine_tools/engine_sast/engine_iac/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
89
110
|
devsecops_engine_tools/engine_sast/engine_iac/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -116,7 +137,7 @@ devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/helpers/file_ge
|
|
|
116
137
|
devsecops_engine_tools/engine_sast/engine_secret/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
117
138
|
devsecops_engine_tools/engine_sast/engine_secret/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
118
139
|
devsecops_engine_tools/engine_sast/engine_secret/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
119
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_scan.py,sha256=
|
|
140
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_scan.py,sha256=yMzDoT6EpCVeuI-BLs0YfvAWcuWKWnSPoWSawdL_Cxk,1341
|
|
120
141
|
devsecops_engine_tools/engine_sast/engine_secret/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
121
142
|
devsecops_engine_tools/engine_sast/engine_secret/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
122
143
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -124,15 +145,12 @@ devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/DeserializeCon
|
|
|
124
145
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
125
146
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
126
147
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gateway_deserealizator.py,sha256=4fYPengHW3K0uVP6wHgOiNu-gRb08m78E7QZayZ2LC4,441
|
|
127
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py,sha256=x6LFK8wZuVix-ZCBdBQTzvjQi59nZYVrSOTatCOQbxc,638
|
|
128
148
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=juharYjy__KyB0fFCbU30k_aLd_9cQgsoCMeodq9ebA,593
|
|
129
149
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
130
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=
|
|
150
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=lxvqAtn3TD9xe-VYeVarlRbdG8eWpP5AtoMA0u8hqJI,3904
|
|
131
151
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=k0LZd9PJpqEDns6DLYRGu9DzpRZeFsxAnowcjP5Rml4,2838
|
|
132
152
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
133
153
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
134
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
135
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=ZCPsII6lkUutRJ3MdjD2vTc1lq6DgvHHMtXoaiIadk4,3844
|
|
136
154
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
137
155
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=WpFFswOmP38cLvfZHCrPDiRtdwH86n1CqVNS3K4s6uA,1968
|
|
138
156
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
|
|
@@ -221,7 +239,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/findi
|
|
|
221
239
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py,sha256=Y1ewQ-9wM287MSEraT4myG1RDl4LjmeqansR3-Exn7U,4974
|
|
222
240
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
223
241
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/finding.py,sha256=HNkA_sHSMfQKAcZht-rRPdwm0eHYK2wxM6u61_bl2uE,5233
|
|
224
|
-
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=
|
|
242
|
+
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=q8Zu8zQWFTWFkQnt4xqU4bZO7ojdVbdtAIfEqrfAB2c,7230
|
|
225
243
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
226
244
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/cmdb.py,sha256=BUOdvP39bEMQ6Unr2hB28eljVGU2Uv8dDEkzRyEJgyQ,2650
|
|
227
245
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/engagement.py,sha256=SVX-weFRPT3DK7w6IBrLuWS4L6vboMuZtwXAQmIHfEE,406
|
|
@@ -239,6 +257,12 @@ devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapt
|
|
|
239
257
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
240
258
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/settings.py,sha256=5ni59GuAHT-avpWNc4FSedVpoFRTGRNzjQJkAXpWv6c,28
|
|
241
259
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/repository/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
260
|
+
devsecops_engine_tools/engine_utilities/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
261
|
+
devsecops_engine_tools/engine_utilities/git_cli/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
262
|
+
devsecops_engine_tools/engine_utilities/git_cli/infrastructure/git_run.py,sha256=TI_u-A7PBaH4Lb9KYpBazdGVQBVh4INiA9JeMJDTDjc,3832
|
|
263
|
+
devsecops_engine_tools/engine_utilities/git_cli/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
264
|
+
devsecops_engine_tools/engine_utilities/git_cli/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
265
|
+
devsecops_engine_tools/engine_utilities/git_cli/model/gateway/git_gateway.py,sha256=x6LFK8wZuVix-ZCBdBQTzvjQi59nZYVrSOTatCOQbxc,638
|
|
242
266
|
devsecops_engine_tools/engine_utilities/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
243
267
|
devsecops_engine_tools/engine_utilities/github/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
244
268
|
devsecops_engine_tools/engine_utilities/github/infrastructure/github_api.py,sha256=AURk8GGAkNuHCqTEsiS6UxClL_YYJoqtBrWGBSYgWO4,2436
|
|
@@ -257,8 +281,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
|
|
|
257
281
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
258
282
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
259
283
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
260
|
-
devsecops_engine_tools-1.
|
|
261
|
-
devsecops_engine_tools-1.
|
|
262
|
-
devsecops_engine_tools-1.
|
|
263
|
-
devsecops_engine_tools-1.
|
|
264
|
-
devsecops_engine_tools-1.
|
|
284
|
+
devsecops_engine_tools-1.11.0.dist-info/METADATA,sha256=9lTa2SzugeQLrSAvuKM_gbF63ohK7mzsfX6yNzQ65lY,10717
|
|
285
|
+
devsecops_engine_tools-1.11.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
286
|
+
devsecops_engine_tools-1.11.0.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
287
|
+
devsecops_engine_tools-1.11.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
288
|
+
devsecops_engine_tools-1.11.0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.10.0.dist-info → devsecops_engine_tools-1.11.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|