PyPI - devsecops-engine-tools - Versions diffs - 1.104.2__py3-none-any.whl → 1.105.0__py3-none-any.whl - Mend

devsecops-engine-tools 1.104.2py3-none-any.whl → 1.105.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (8) hide show

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py CHANGED Viewed

@@ -2,6 +2,7 @@ from dataclasses import dataclass
 import requests
 import subprocess
 import platform
+import os
 from devsecops_engine_tools.engine_core.src.domain.model.gateway.sbom_manager import (
     SbomManagerGateway,
@@ -26,6 +27,15 @@ class CdxGen(SbomManagerGateway):
         try:
             cdxgen_version = config["CDXGEN"]["CDXGEN_VERSION"]
             slim = "-slim" if config["CDXGEN"]["SLIM_BINARY"] else ""
+            exclude_types = config["CDXGEN"].get("EXCLUDE_TYPES", "")
+            recurse = config["CDXGEN"].get("RECURSE", True)
+            debug_pipelines = config["CDXGEN"].get("DEBUG_PIPELINES", [])
+            enable_debug = service_name in debug_pipelines if debug_pipelines else False
+            if enable_debug:
+                logger.info(f"Enabling debug mode for pipeline: {service_name}")
+                os.environ["CDXGEN_DEBUG_MODE"] = "debug"
             os_platform = platform.system()
             base_url = (
                 f"https://github.com/CycloneDX/cdxgen/releases/download/v{cdxgen_version}/"
@@ -51,31 +61,51 @@ class CdxGen(SbomManagerGateway):
                 logger.warning(f"{os_platform} is not supported.")
                 return None
-            result_sbom = self._run_cdxgen(command_prefix, artifact, service_name)
+            result_sbom = self._run_cdxgen(command_prefix, artifact, service_name, exclude_types, recurse, enable_debug)
             return get_list_component(result_sbom, config["CDXGEN"]["OUTPUT_FORMAT"])
         except Exception as e:
             logger.error(f"Error generating SBOM: {e}")
             return None
-    def _run_cdxgen(self, command_prefix, artifact, service_name):
+    def _run_cdxgen(self, command_prefix, artifact, service_name, exclude_types, recurse, enable_debug=False):
         result_file = f"{service_name}_SBOM.json"
         command = [
             command_prefix,
             artifact,
             "-o",
-            result_file,
+            result_file
         ]
+        if exclude_types:
+            command.extend(
+                ["--exclude-type", exclude_types]
+            )
+        if not recurse:
+            command.append(
+                "--no-recurse"
+            )
         try:
-            subprocess.run(
+            result = subprocess.run(
                 command,
-                check=True,
                 stdout=subprocess.PIPE,
                 stderr=subprocess.PIPE,
-                text=True,
+                text=True
             )
-            print(f"SBOM generated and saved to: {result_file}")
-            return result_file
+            if enable_debug:
+                if result.stdout:
+                    logger.info(f"CDXGEN stdout: {result.stdout}")
+                if result.stderr:
+                    logger.info(f"CDXGEN stderr: {result.stderr}")
+            if result.returncode == 0:
+                print(f"SBOM generated and saved to: {result_file}")
+                return result_file
+            else:
+                raise Exception(f"CDXGEN command failed with return code: {result.returncode}")
         except Exception as e:
             logger.error(f"Error running cdxgen: {e}")

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py CHANGED Viewed

@@ -125,43 +125,43 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                         f"{vulnerability_management.dict_args['module']}_{tag_suffix}"
                     ]
-            use_cmdb = vulnerability_management.config_tool[
-                "VULNERABILITY_MANAGER"
-            ]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
-            request = self._build_request_importscan(
-                vulnerability_management,
-                token_cmdb,
-                token_dd,
-                tags,
-                use_cmdb,
-            )
+                use_cmdb = vulnerability_management.config_tool[
+                    "VULNERABILITY_MANAGER"
+                ]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
+                request = self._build_request_importscan(
+                    vulnerability_management,
+                    token_cmdb,
+                    token_dd,
+                    tags,
+                    use_cmdb,
+                )
-            def request_func():
-                return DefectDojo.send_import_scan(request)
+                def request_func():
+                    return DefectDojo.send_import_scan(request)
-            response = Utils().retries_requests(
-                request_func,
-                vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
-                    "DEFECT_DOJO"
-                ]["MAX_RETRIES_QUERY"],
-                retry_delay=5,
-            )
+                response = Utils().retries_requests(
+                    request_func,
+                    vulnerability_management.config_tool["VULNERABILITY_MANAGER"][
+                        "DEFECT_DOJO"
+                    ]["MAX_RETRIES_QUERY"],
+                    retry_delay=5,
+                )
-            if hasattr(response, "url"):
-                if vulnerability_management.config_tool.get("VULNERABILITY_MANAGER").get("DEFECT_DOJO").get("PRINT_DOMAIN"):
-                    response.url = response.url.replace(
-                        vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
-                        vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["PRINT_DOMAIN"]
+                if hasattr(response, "url"):
+                    if vulnerability_management.config_tool.get("VULNERABILITY_MANAGER").get("DEFECT_DOJO").get("PRINT_DOMAIN"):
+                        response.url = response.url.replace(
+                            vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
+                            vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["PRINT_DOMAIN"]
+                        )
+                    url_parts = response.url.split("//")
+                    test_string = "//".join([url_parts[0] + "/", url_parts[1]])
+                    print(
+                        "Report sent to vulnerability management: ",
+                        f"{test_string}?tags={vulnerability_management.dict_args['module']}",
                     )
-                url_parts = response.url.split("//")
-                test_string = "//".join([url_parts[0] + "/", url_parts[1]])
-                print(
-                    "Report sent to vulnerability management: ",
-                    f"{test_string}?tags={vulnerability_management.dict_args['module']}",
-                )
-            else:
-                raise ExceptionVulnerabilityManagement(response)
+                else:
+                    raise ExceptionVulnerabilityManagement(response)
         except Exception as ex:
             raise ExceptionVulnerabilityManagement(
                 f"Error sending report to vulnerability management with the following error: {str(ex)}"

devsecops_engine_tools/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- version = '1.~~104~~.2'
1	+ version = '1.105.0'

{devsecops_engine_tools-1.104.2.dist-info → devsecops_engine_tools-1.105.0.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.104.2
+Version: 1.105.0
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.104.2.dist-info → devsecops_engine_tools-1.105.0.dist-info}/RECORD RENAMED Viewed

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=e6VwYGP4OnZbUNfscag_I6mr8JLOn9MkDEePi60X42Q,20
+devsecops_engine_tools/version.py,sha256=SEPteiAKmXH-B5JojzcRHDChVmeoqG-X532Ga0_GU2U,20
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -38,9 +38,9 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=-3KUPxlzBoxJarj8ZY8w84UffuedtBnj3z4r9UW7nFQ,6027
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=t1CTeQG2ePBwUdeNinSYEi3vyMjufD0KuHUIxRZCsAU,4370
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=aKPBEnhsCM_innNpZ2R5THgLaGctcVafNvXbFjq26tg,5560
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=0Bupn7nE8xWXgLG2Fk7koZwxzR1Bj4Mifs2yDdxa63c,32973
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=GXz-xBxptaZsQU8sR9OTcDAvdIygXmiLfmMIWhlC-hs,33105
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=ed8ybPVNTAVS3UUlelnapMfpSoWJ-0X5aXQ54_wyiQo,4377
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -383,8 +383,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
-devsecops_engine_tools-1.104.2.dist-info/METADATA,sha256=XkE4LGauh8XlOQXyDcVfKu4UP5_GTZEeeRtseLg8wmU,3233
-devsecops_engine_tools-1.104.2.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
-devsecops_engine_tools-1.104.2.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
-devsecops_engine_tools-1.104.2.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.104.2.dist-info/RECORD,,
+devsecops_engine_tools-1.105.0.dist-info/METADATA,sha256=f4p6nZe_WDm7hrJZrf6rcIEQoyKlG71rZKP76z0a-Y4,3233
+devsecops_engine_tools-1.105.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
+devsecops_engine_tools-1.105.0.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
+devsecops_engine_tools-1.105.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.105.0.dist-info/RECORD,,

{devsecops_engine_tools-1.104.2.dist-info → devsecops_engine_tools-1.105.0.dist-info}/WHEEL RENAMED Viewed

File without changes

{devsecops_engine_tools-1.104.2.dist-info → devsecops_engine_tools-1.105.0.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{devsecops_engine_tools-1.104.2.dist-info → devsecops_engine_tools-1.105.0.dist-info}/top_level.txt RENAMED Viewed

File without changes

devsecops-engine-tools 1.104.2__py3-none-any.whl → 1.105.0__py3-none-any.whl

Potentially problematic release.

devsecops-engine-tools 1.104.2py3-none-any.whl → 1.105.0py3-none-any.whl