devsecops-engine-tools 1.101.1__py3-none-any.whl → 1.102.0__py3-none-any.whl

devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py

@@ -35,7 +35,6 @@ from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
 from devsecops_engine_tools.engine_utilities import settings
 from devsecops_engine_tools.version import version
 
-
 logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
 
 
@@ -109,6 +108,7 @@ def get_inputs_from_cli(args):
             "trivy",
             "xray",
             "dependency_check",
+            "kiuwan",
         ],
         type=str,
         required=False,
@@ -199,6 +199,12 @@ def get_inputs_from_cli(args):
         required=False,
         help="Token for downloading external checks from engine_iac or engine_secret if is necessary. Ej: github_token:token, github_app:private_key, ssh:privatekey:pass",
     )
+    parser.add_argument(
+        "--token_engine_code",
+        type=str,
+        required=False,
+        help="Password for connecting with the kiuwan platform. In order to get a kiuwan pass, go to the platform and select the pass of the account selected for the engine."
+    )
     parser.add_argument(
         "--xray_mode",
         choices=["scan", "audit","build-scan"],
@@ -226,13 +232,20 @@ def get_inputs_from_cli(args):
         default="false",
         help="Enable or disable context creation. Applies to engine_iac, engine_container and engine_dependencies. Default is false."
     )
+    parser.add_argument(
+        "-repo",
+        "--repo_name",
+        type=str,
+        required=False,
+        help="Repository name, used when the repository name should not be taken from environment variable. Apply to kiuwan"
+    )
 
     TOOLS = {
         "engine_iac": ["checkov", "kics", "kubescape"],
         "engine_secret": ["trufflehog", "gitleaks"],
         "engine_container": ["prisma", "trivy"],
         "engine_dependencies": ["xray", "dependency_check", "trivy"],
-        "engine_code": ["bearer"],
+        "engine_code": ["bearer", "kiuwan"],
         "engine_dast": ["nuclei"],
         "engine_risk": None,
     }
@@ -264,10 +277,12 @@ def get_inputs_from_cli(args):
         "token_engine_container": args.token_engine_container,
         "token_engine_dependencies": args.token_engine_dependencies,
         "token_external_checks": args.token_external_checks,
+        "token_engine_code": args.token_engine_code,
         "xray_mode": args.xray_mode,
         "image_to_scan": args.image_to_scan,
         "dast_file_path": args.dast_file_path,
-        "context": args.context
+        "context": args.context,
+        "repo_name": args.repo_name
     }
 
 
@@ -317,4 +332,4 @@ def application_core():
 
 
 if __name__ == "__main__":
-    application_core()
+    application_core()

devsecops_engine_tools/engine_core/src/domain/model/finding.py

@@ -17,4 +17,12 @@ class Finding:
     module: str
     category: Category
     requirements: str
-    tool: str
+    tool: str
+
+@dataclass
+class EngineCodeFinding(Finding):
+    analysis_url: str
+    analysis_code: str
+    label: str
+    application_business_value: str
+    defect_type: str

devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py

@@ -50,16 +50,16 @@ class BreakBuild:
 
             findings_excluded, findings_without_exclusions = self._filter_findings(findings_list, exclusions)
             scan_result["findings_excluded"] = [self._map_finding_excluded(item) for item in findings_excluded]
-
+            
             vulnerabilities = [v for v in findings_without_exclusions if v.category == Category.VULNERABILITY]
             compliances = [v for v in findings_without_exclusions if v.category == Category.COMPLIANCE]
 
             vulnerability_counts = self._count_severities(vulnerabilities)
             compliance_counts = self._count_severities(compliances)
 
-            self._handle_vulnerabilities(vulnerability_counts, vulnerabilities, threshold, warning_release, scan_result)
+            self._handle_vulnerabilities(vulnerability_counts, vulnerabilities, threshold, warning_release, scan_result, args)
             self._handle_cve_policy(vulnerabilities, threshold)
-            self._handle_compliances(compliance_counts, compliances, threshold, warning_release, scan_result)
+            self._handle_compliances(compliance_counts, compliances, threshold, warning_release, scan_result, args)
             self._handle_exclusions(findings_excluded, exclusions)
         else:
             print(devops_platform_gateway.message("succeeded", "There are no findings"))
@@ -109,7 +109,7 @@ class BreakBuild:
         return {
             "id": item.id,
             "severity": item.severity,
-            "category": item.category.value,
+            "category": item.category,
         }
 
     def _count_severities(self, findings_list):
@@ -125,7 +125,7 @@ class BreakBuild:
                 counts[severity] += 1
         return counts
 
-    def _handle_vulnerabilities(self, counts, vulnerabilities_list, threshold, warning_release, scan_result):
+    def _handle_vulnerabilities(self, counts, vulnerabilities_list, threshold, warning_release, scan_result, args):
         devops_platform_gateway = self.devops_platform_gateway
         printer_table_gateway = self.printer_table_gateway
         print()
@@ -142,6 +142,8 @@ class BreakBuild:
             counts["low"] >= threshold.vulnerability.low):
             
             print("Below are all vulnerabilities detected.")
+            if vulnerabilities_list and args.get("tool", None) == "kiuwan":
+                print(f"Analysis url: {vulnerabilities_list[0].analysis_url}")
             printer_table_gateway.print_table_findings(vulnerabilities_list)
             print(devops_platform_gateway.message(
                 "error",
@@ -194,13 +196,15 @@ class BreakBuild:
             ))
             print(devops_platform_gateway.result_pipeline("failed"))
 
-    def _handle_compliances(self, counts, compliances_list, threshold, warning_release, scan_result):
+    def _handle_compliances(self, counts, compliances_list, threshold, warning_release, scan_result, args):
         devops_platform_gateway = self.devops_platform_gateway
         printer_table_gateway = self.printer_table_gateway
         print()
 
         if compliances_list:
             print("Below are all compliances issues detected.")
+            if compliances_list and args.get("tool", None) == "kiuwan":
+                print(f"Analysis url: {compliances_list[0].analysis_url}")
             printer_table_gateway.print_table_findings(compliances_list)
             status = "succeeded"
             if counts["critical"] >= threshold.compliance.critical:
@@ -251,4 +255,4 @@ class BreakBuild:
             printer_table_gateway.print_table_exclusions(exclusions_list)
             
             for reason, total in Counter(x["reason"] for x in exclusions_list).items():
-                print("{0} findings count: {1}".format(reason, total))
+                print("{0} findings count: {1}".format(reason, total))

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py

@@ -8,6 +8,7 @@ from devsecops_engine_tools.engine_utilities.azuredevops.models.AzurePredefinedV
     ReleaseVariables,
     AgentVariables,
     VMVariables,
+    ApplicationVariables,
 )
 from devsecops_engine_tools.engine_utilities.azuredevops.infrastructure.azure_devops_api import (
     AzureDevopsApi,
@@ -117,8 +118,9 @@ class AzureDevops(DevopsPlatformGateway):
             "vm_product_type_name": VMVariables.Vm_Product_Type_Name,
             "vm_product_name": VMVariables.Vm_Product_Name,
             "vm_product_description": VMVariables.Vm_Product_Description,
+            "build_task": ApplicationVariables.Application_Build_Task,
         }
         try:
             return variable_map.get(variable).value()
         except ValueError:
-            return None
+            return None

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py

@@ -40,7 +40,6 @@ import concurrent.futures
 
 logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
 
-
 @dataclass
 class DefectDojoPlatform(VulnerabilityManagementGateway):
 
@@ -70,6 +69,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
         "SONARQUBE": "SonarQube API Import",
         "GITLEAKS": "Gitleaks Scan",
         "NUCLEI": "Nuclei Scan",
+        "KIUWAN": "Kiuwan Scan"
     }
 
     def send_vulnerability_management(
@@ -88,6 +88,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 else vulnerability_management.secret_tool["token_cmdb"]
             )
 
+            tags = []
             if any(
                 branch in str(vulnerability_management.branch_tag)
                 for branch in vulnerability_management.config_tool[
@@ -95,12 +96,14 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 ]["BRANCH_FILTER"]
             ) or (vulnerability_management.dict_args["module"] == "engine_secret"):
                 tags = [vulnerability_management.dict_args["module"]]
+
                 if vulnerability_management.dict_args["module"] == "engine_iac":
                     tags = [
                         f"{vulnerability_management.dict_args['module']}_{'_'.join(vulnerability_management.dict_args['platform'])}"
                     ]
                     if vulnerability_management.input_core.scope_service != vulnerability_management.input_core.scope_pipeline:
                         tags.append(vulnerability_management.input_core.scope_service.replace(f"{vulnerability_management.input_core.scope_pipeline}_", ""))
+
                 if (
                     vulnerability_management.dict_args["module"] == "engine_container"
                     and sum(
@@ -122,47 +125,46 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                         f"{vulnerability_management.dict_args['module']}_{tag_suffix}"
                     ]
 
-                use_cmdb = vulnerability_management.config_tool[
-                    "VULNERABILITY_MANAGER"
-                ]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
-
-                request = self._build_request_importscan(
-                    vulnerability_management,
-                    token_cmdb,
-                    token_dd,
-                    tags,
-                    use_cmdb,
-                )
+            use_cmdb = vulnerability_management.config_tool[
+                "VULNERABILITY_MANAGER"
+            ]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
 
-                def request_func():
-                    return DefectDojo.send_import_scan(request)
+            request = self._build_request_importscan(
+                vulnerability_management,
+                token_cmdb,
+                token_dd,
+                tags,
+                use_cmdb,
+            )
 
-                response = Utils().retries_requests(
-                    request_func,
-                    vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
-                        "DEFECT_DOJO"
-                    ]["MAX_RETRIES_QUERY"],
-                    retry_delay=5,
-                )
+            def request_func():
+                return DefectDojo.send_import_scan(request)
+
+            response = Utils().retries_requests(
+                request_func,
+                vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
+                    "DEFECT_DOJO"
+                ]["MAX_RETRIES_QUERY"],
+                retry_delay=5,
+            )
 
-                if hasattr(response, "url"):
-                    if vulnerability_management.config_tool.get("VULNERABILITY_MANAGER").get("DEFECT_DOJO").get("PRINT_DOMAIN"):
-                        response.url = response.url.replace(vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
-                            "DEFECT_DOJO"]["HOST_DEFECT_DOJO"
-                        ], vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["PRINT_DOMAIN"])
-                    url_parts = response.url.split("//")
-                    test_string = "//".join([url_parts[0] + "/", url_parts[1]])
-                    print(
-                        "Report sent to vulnerability management: ",
-                        f"{test_string}?tags={vulnerability_management.dict_args['module']}",
+            if hasattr(response, "url"):
+                if vulnerability_management.config_tool.get("VULNERABILITY_MANAGER").get("DEFECT_DOJO").get("PRINT_DOMAIN"):
+                    response.url = response.url.replace(
+                        vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
+                        vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["PRINT_DOMAIN"]
                     )
-                else:
-                    raise ExceptionVulnerabilityManagement(response)
+                url_parts = response.url.split("//")
+                test_string = "//".join([url_parts[0] + "/", url_parts[1]])
+                print(
+                    "Report sent to vulnerability management: ",
+                    f"{test_string}?tags={vulnerability_management.dict_args['module']}",
+                )
+            else:
+                raise ExceptionVulnerabilityManagement(response)
         except Exception as ex:
             raise ExceptionVulnerabilityManagement(
-                "Error sending report to vulnerability management with the following error: {0} ".format(
-                    ex
-                )
+                f"Error sending report to vulnerability management with the following error: {str(ex)}"
             )
 
     def get_product_type_pipeline(self, service, dict_args, secret_tool, config_tool):
@@ -198,10 +200,11 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
 
         except Exception as ex:
             raise ExceptionVulnerabilityManagement(
-                "Error getting product type with the following error: {0} ".format(ex)
+                f"Error getting product type with the following error: {str(ex)}"
             )
 
     def get_findings_excepted(self, service, dict_args, secret_tool, config_tool):
+        logger.info("Starting get_findings_excepted")
         try:
             session_manager = self._get_session_manager(
                 dict_args, secret_tool, config_tool
@@ -213,7 +216,6 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             dd_max_retries = config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"][
                 "MAX_RETRIES_QUERY"
             ]
-
             tool = dict_args["module"]
 
             risk_accepted_query_params = {
@@ -302,18 +304,18 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 white_list=white_list,
             )
 
-            return (
+            result = (
                 list(exclusions_risk_accepted)
                 + list(exclusions_false_positive)
                 + list(exclusions_out_of_scope)
                 + list(exclusions_transfer_finding)
                 + list(exclusions_white_list)
             )
+            return result
+
         except Exception as ex:
             raise ExceptionFindingsExcepted(
-                "Error getting excepted findings with the following error: {0} ".format(
-                    ex
-                )
+                f"Error getting excepted findings with the following error: {str(ex)}"
             )
 
     def get_all(self, service, dict_args, secret_tool, config_tool):
@@ -368,7 +370,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
 
         except Exception as ex:
             raise ExceptionGettingFindings(
-                "Error getting all findings with the following error: {0} ".format(ex)
+                f"Error getting all findings with the following error: {str(ex)}"
             )
 
     def get_active_engagements(
@@ -411,7 +413,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
 
         except Exception as ex:
             raise ExceptionGettingEngagements(
-                "Error getting engagements with the following error: {0} ".format(ex)
+                f"Error getting engagements with the following error: {str(ex)}"
             )
 
     def send_sbom_components(
@@ -429,7 +431,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             )
 
             with concurrent.futures.ThreadPoolExecutor(max_workers=25) as executor:
-                _ = [
+                futures = [
                     executor.submit(
                         self._process_component,
                         sbom_component,
@@ -438,12 +440,11 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                     )
                     for sbom_component in sbom_components
                 ]
+                concurrent.futures.wait(futures)
 
         except Exception as ex:
             raise ExceptionVulnerabilityManagement(
-                "Error sending components sbom to vulnerability management with the following error: {0} ".format(
-                    ex
-                )
+                f"Error sending components sbom to vulnerability management with the following error: {str(ex)}"
             )
 
     def get_black_list(self, dict_args, secret_tool, config_tool):
@@ -462,10 +463,12 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 },
             )
 
-            return [entry.unique_id_from_tool for entry in exclusions_black_list]
+            result = [entry.unique_id_from_tool for entry in exclusions_black_list]
+            return result
+
         except Exception as ex:
             raise ExceptionVulnerabilityManagement(
-                "Error getting black list with the following error: {0} ".format(ex)
+                f"Error getting black list with the following error: {str(ex)}"
             )
 
     def _build_request_importscan(
@@ -478,6 +481,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
     ):
         tool_scm_conf_mapping = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["TOOL_SCM_MAPPING"]
         tool_sonar_conf_mapping = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["TOOL_SONAR_MAPPING"]
+
         common_fields = {
             "scan_type": self.scan_type_mapping[vulnerability_management.scan_type],
             "file": vulnerability_management.input_core.path_file_results,
@@ -532,7 +536,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             cmdb_mapping = vulnerability_management.config_tool[
                 "VULNERABILITY_MANAGER"
             ]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING"]
-            return Connect.cmdb(
+            request = Connect.cmdb(
                 generate_auth_cmdb=vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["GENERATE_AUTH_CMDB"],
                 auth_cmdb_request_response=vulnerability_management.config_tool[
                     "VULNERABILITY_MANAGER"
@@ -556,7 +560,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 **common_fields,
             )
         else:
-            request: ImportScanRequest = ImportScanSerializer().load(
+            request = ImportScanSerializer().load(
                 {
                     "product_type_name": vulnerability_management.vm_product_type_name,
                     "product_name": vulnerability_management.vm_product_name,
@@ -565,7 +569,8 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                     **common_fields,
                 }
             )
-            return request
+        
+        return request
 
     def _process_component(self, component_sbom, session_manager, engagement):
         request = {
@@ -586,10 +591,11 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
         token_dd = dict_args.get("token_vulnerability_management") or secret_tool.get(
             "token_defect_dojo"
         )
-        return SessionManager(
+        session_manager = SessionManager(
             token_dd,
             config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
         )
+        return session_manager
 
     def _get_report_exclusions(self, total_findings, date_fn, host_dd, **kwargs):
         exclusions = []
@@ -665,8 +671,8 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
         findings = self._get_findings(
             session_manager, service, max_retries, query_params
         )
-
-        return map(
+        
+        result = map(
             partial(
                 self._create_exclusion,
                 date_fn=date_fn,
@@ -676,6 +682,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             ),
             findings,
         )
+        return result
 
     def _get_findings(self, session_manager, service, max_retries, query_params):
         def request_func():
@@ -683,7 +690,8 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 session=session_manager, service=service, **query_params
             ).results
 
-        return Utils().retries_requests(request_func, max_retries, retry_delay=5)
+        findings = Utils().retries_requests(request_func, max_retries, retry_delay=5)
+        return findings
 
     def _get_finding_exclusion(self, session_manager, max_retries, query_params):
         def request_func():
@@ -691,31 +699,33 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 session=session_manager, **query_params
             ).results
 
-        return Utils().retries_requests(request_func, max_retries, retry_delay=5)
+        exclusions = Utils().retries_requests(request_func, max_retries, retry_delay=5)
+        return exclusions
 
     def _date_reason_based(self, finding, date_fn, reason, tool, **kwargs):
         def get_vuln_id(finding, tool):
             if tool == "engine_risk":
-                return (
+                vuln_id = (
                     finding.id[0]["vulnerability_id"]
                     if finding.id
                     else finding.vuln_id_from_tool
                 )
             else:
-                return (
+                vuln_id = (
                     finding.vulnerability_ids[0]["vulnerability_id"]
                     if finding.vulnerability_ids
                     else finding.vuln_id_from_tool
                 )
+            return vuln_id
 
         def get_dates_from_whitelist(vuln_id, white_list):
             matching_finding = next(
                 filter(lambda x: x.unique_id_from_tool == vuln_id, white_list), None
             )
             if matching_finding:
-                return date_fn(matching_finding.create_date), date_fn(
-                    matching_finding.expiration_date
-                )
+                create_date = date_fn(matching_finding.create_date)
+                expiration_date = date_fn(matching_finding.expiration_date)
+                return create_date, expiration_date
             return date_fn(None), date_fn(None)
 
         reason_to_dates = {
@@ -749,8 +759,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
         create_date, expired_date = self._date_reason_based(
             finding, date_fn, reason, tool, **kwargs
         )
-
-        return Exclusions(
+        exclusion = Exclusions(
             id=(
                 finding.vuln_id_from_tool
                 if finding.vuln_id_from_tool
@@ -766,6 +775,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             severity=finding.severity.lower(),
             reason=reason,
         )
+        return exclusion
 
     def _create_report_exclusion(
         self, finding, date_fn, tool, reason, host_dd, **kwargs
@@ -773,8 +783,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
         create_date, expired_date = self._date_reason_based(
             finding, date_fn, reason, tool, **kwargs
         )
-
-        return Exclusions(
+        exclusion = Exclusions(
             id=(
                 finding.vuln_id_from_tool
                 if finding.vuln_id_from_tool
@@ -790,9 +799,10 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             service=finding.service,
             tags=finding.tags,
         )
+        return exclusion
 
     def _create_report(self, finding, host_dd):
-        return Report(
+        report = Report(
             vm_id=str(finding.id),
             vm_id_url=f"{host_dd}/finding/{finding.id}",
             id=finding.vulnerability_ids,
@@ -824,29 +834,33 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
             service=finding.service,
             unique_id_from_tool=finding.unique_id_from_tool,
         )
+        return report
 
     def _format_date_to_dd_format(self, date_string):
-        return (
+        result = (
             format_date(date_string.split("T")[0], "%Y-%m-%d", "%d%m%Y")
             if date_string
             else None
         )
+        return result
 
     def _get_where(self, finding, tool):
         if tool == "engine_dependencies":
-            return (
+            result = (
                 finding.component_name.replace("_", ":")
                 + ":"
                 + finding.component_version
             )
         elif tool == "engine_container":
-            return finding.component_name + ":" + finding.component_version
+            result = finding.component_name + ":" + finding.component_version
         elif tool == "engine_dast":
-            return finding.endpoints
+            result = finding.endpoints
         elif tool == "engine_risk":
             for tag in finding.tags:
-                return self._get_where(finding, tag)
-            return finding.file_path
+                result = self._get_where(finding, tag)
+                return result
+            result = finding.file_path
         else:
+
             return finding.file_path
         

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py

@@ -7,7 +7,8 @@ from devsecops_engine_tools.engine_utilities.github.models.GithubPredefinedVaria
     SystemVariables,
     ReleaseVariables,
     AgentVariables,
-    VMVariables
+    VMVariables,
+    ApplicationVariables
 )
 from devsecops_engine_tools.engine_utilities.github.infrastructure.github_api import (
     GithubApi,
@@ -94,6 +95,7 @@ class GithubActions(DevopsPlatformGateway):
             "vm_product_type_name": VMVariables.Vm_Product_Type_Name,
             "vm_product_name": VMVariables.Vm_Product_Name,
             "vm_product_description": VMVariables.Vm_Product_Description,
+            "build_task":  ApplicationVariables.Application_Build_Task,
         }
         try:
             return variable_map.get(variable).value()

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py

@@ -19,7 +19,7 @@ from prettytable import PrettyTable, DOUBLE_BORDER
 class PrinterPrettyTable(PrinterTableGateway):
     def _create_table(self, headers, finding_list):
         table = PrettyTable(headers)
-
+        
         for finding in finding_list:
             row_data = [
                 finding.severity,
@@ -31,7 +31,9 @@ class PrinterPrettyTable(PrinterTableGateway):
                 finding.module == "engine_dependencies"
             ):
                 row_data.append(finding.requirements)
-
+            elif finding.module == "engine_code":
+                row_data.append(finding.cvss)
+                row_data.append(finding.defect_type)
             table.add_row(row_data)
 
         severity_order = {"critical": 0, "high": 1, "medium": 2, "low": 3, "unknown": 4}
@@ -50,12 +52,17 @@ class PrinterPrettyTable(PrinterTableGateway):
     def print_table_findings(self, finding_list: "list[Finding]"):
         if (
             finding_list
-            and (finding_list[0].module != "engine_container")
-            and (finding_list[0].module != "engine_dependencies")
+            and (
+                (finding_list[0].module == "engine_container") 
+                or (finding_list[0].module == "engine_dependencies")
+                )
         ):
-            headers = ["Severity", "ID", "Description", "Where"]
-        else:
             headers = ["Severity", "ID", "Description", "Where", "Fixed in"]
+        elif finding_list and finding_list[0].module == "engine_code":
+            headers = ["Severity", "ID", "Description", "Where", "Rule", "Defect Type"]
+
+        else:
+            headers = ["Severity", "ID", "Description", "Where"]
 
         sorted_table = self._create_table(headers, finding_list)
 
@@ -165,4 +172,4 @@ class PrinterPrettyTable(PrinterTableGateway):
             new_value = "\n".join(values)
         else:
             new_value = f"{values[0]}"
-        return new_value
+        return new_value

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py

@@ -76,5 +76,6 @@ class RuntimeLocal(DevopsPlatformGateway):
             "vm_product_type_name" : "DET_VM_PRODUCT_TYPE_NAME",
             "vm_product_name" : "DET_VM_PRODUCT_NAME",
             "vm_product_description" : "DET_VM_PRODUCT_DESCRIPTION",
+            "build_task":  "DET_APPLICATION_BUILD_TASK",
         }
         return os.environ.get(env_variables[variable], None)