devsecops-engine-tools 1.104.3__py3-none-any.whl → 1.106.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (8) hide show
  1. devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py +38 -8
  2. devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py +10 -2
  3. devsecops_engine_tools/version.py +1 -1
  4. {devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/METADATA +1 -1
  5. {devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/RECORD +8 -8
  6. {devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/WHEEL +0 -0
  7. {devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/entry_points.txt +0 -0
  8. {devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/top_level.txt +0 -0
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py CHANGED
@@ -2,6 +2,7 @@ from dataclasses import dataclass
2
2
  import requests
3
3
  import subprocess
4
4
  import platform
5
+ import os
5
6
 
6
7
  from devsecops_engine_tools.engine_core.src.domain.model.gateway.sbom_manager import (
7
8
  SbomManagerGateway,
@@ -26,6 +27,15 @@ class CdxGen(SbomManagerGateway):
26
27
  try:
27
28
  cdxgen_version = config["CDXGEN"]["CDXGEN_VERSION"]
28
29
  slim = "-slim" if config["CDXGEN"]["SLIM_BINARY"] else ""
30
+ exclude_types = config["CDXGEN"].get("EXCLUDE_TYPES", "")
31
+ recurse = config["CDXGEN"].get("RECURSE", True)
32
+ debug_pipelines = config["CDXGEN"].get("DEBUG_PIPELINES", [])
33
+
34
+ enable_debug = service_name in debug_pipelines if debug_pipelines else False
35
+ if enable_debug:
36
+ logger.info(f"Enabling debug mode for pipeline: {service_name}")
37
+ os.environ["CDXGEN_DEBUG_MODE"] = "debug"
38
+
29
39
  os_platform = platform.system()
30
40
  base_url = (
31
41
  f"https://github.com/CycloneDX/cdxgen/releases/download/v{cdxgen_version}/"
@@ -51,31 +61,51 @@ class CdxGen(SbomManagerGateway):
51
61
  logger.warning(f"{os_platform} is not supported.")
52
62
  return None
53
63
 
54
- result_sbom = self._run_cdxgen(command_prefix, artifact, service_name)
64
+ result_sbom = self._run_cdxgen(command_prefix, artifact, service_name, exclude_types, recurse, enable_debug)
55
65
  return get_list_component(result_sbom, config["CDXGEN"]["OUTPUT_FORMAT"])
56
66
  except Exception as e:
57
67
  logger.error(f"Error generating SBOM: {e}")
58
68
  return None
59
69
 
60
- def _run_cdxgen(self, command_prefix, artifact, service_name):
70
+ def _run_cdxgen(self, command_prefix, artifact, service_name, exclude_types, recurse, enable_debug=False):
61
71
  result_file = f"{service_name}_SBOM.json"
62
72
  command = [
63
73
  command_prefix,
64
74
  artifact,
65
75
  "-o",
66
- result_file,
76
+ result_file
67
77
  ]
68
78
 
79
+ if exclude_types:
80
+ command.extend(
81
+ ["--exclude-type", exclude_types]
82
+ )
83
+
84
+ if not recurse:
85
+ command.append(
86
+ "--no-recurse"
87
+ )
88
+
69
89
  try:
70
- subprocess.run(
90
+ result = subprocess.run(
71
91
  command,
72
- check=True,
73
92
  stdout=subprocess.PIPE,
74
93
  stderr=subprocess.PIPE,
75
- text=True,
94
+ text=True
76
95
  )
77
- print(f"SBOM generated and saved to: {result_file}")
78
- return result_file
96
+
97
+ if enable_debug:
98
+ if result.stdout:
99
+ logger.info(f"CDXGEN stdout: {result.stdout}")
100
+ if result.stderr:
101
+ logger.info(f"CDXGEN stderr: {result.stderr}")
102
+
103
+ if result.returncode == 0:
104
+ print(f"SBOM generated and saved to: {result_file}")
105
+ return result_file
106
+ else:
107
+ raise Exception(f"CDXGEN command failed with return code: {result.returncode}")
108
+
79
109
  except Exception as e:
80
110
  logger.error(f"Error running cdxgen: {e}")
81
111
 
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py CHANGED
@@ -76,6 +76,9 @@ class TrufflehogRun(ToolGateway):
76
76
  enable_custom_rules = config_tool[tool]["ENABLE_CUSTOM_RULES"]
77
77
  if enable_custom_rules:
78
78
  Utils().configurate_external_checks(tool, config_tool, secret_tool, secret_external_checks, path)
79
+ exclude_detectors = config_tool[tool]["EXCLUDE_DETECTORS"]
80
+ if exclude_detectors:
81
+ exclude_detectors = ",".join(exclude_detectors)
79
82
 
80
83
  with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool[tool]["NUMBER_THREADS"]) as executor:
81
84
  results = executor.map(
@@ -87,7 +90,8 @@ class TrufflehogRun(ToolGateway):
87
90
  [repository_name] * len(include_paths),
88
91
  [enable_custom_rules] * len(include_paths),
89
92
  [agent_os] * len(include_paths),
90
- [folder_path] * len(include_paths)
93
+ [folder_path] * len(include_paths),
94
+ [exclude_detectors] * len(include_paths)
91
95
  )
92
96
  findings, file_findings = self.create_file(self.decode_output(results), path, config_tool, tool)
93
97
  return findings, file_findings
@@ -124,7 +128,8 @@ class TrufflehogRun(ToolGateway):
124
128
  repository_name,
125
129
  enable_custom_rules,
126
130
  agent_os,
127
- folder_path
131
+ folder_path,
132
+ exclude_detectors
128
133
  ):
129
134
  path_folder = folder_path if folder_path is not None else f"{path}/{repository_name}"
130
135
  command = f"{trufflehog_command} filesystem {path_folder} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --no-update --json"
@@ -133,6 +138,9 @@ class TrufflehogRun(ToolGateway):
133
138
  f"--config {path}/rules/trufflehog/custom-rules.yaml --no-verification --no-update --json" if "Linux" or "Darwin" in agent_os else
134
139
  "--no-verification --no-update --json")
135
140
 
141
+ if exclude_detectors:
142
+ command = f"{command} --exclude-detectors {exclude_detectors}"
143
+
136
144
  result = subprocess.run(command, capture_output=True, shell=True, text=True, encoding='utf-8')
137
145
  return result.stdout.strip()
138
146
 
devsecops_engine_tools/version.py CHANGED
@@ -1 +1 @@
1
- version = '1.104.3'
1
+ version = '1.106.0'
{devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: devsecops-engine-tools
3
- Version: 1.104.3
3
+ Version: 1.106.0
4
4
  Summary: Tool for DevSecOps strategy
5
5
  Home-page: https://github.com/bancolombia/devsecops-engine-tools
6
6
  Author: Bancolombia DevSecOps Team
{devsecops_engine_tools-1.104.3.dist-info → devsecops_engine_tools-1.106.0.dist-info}/RECORD RENAMED
@@ -1,5 +1,5 @@
1
1
  devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
2
- devsecops_engine_tools/version.py,sha256=XVKyrBQr1hVmdWGG69zNtlIWhGqW9WSWAyrrm1Iw5qw,20
2
+ devsecops_engine_tools/version.py,sha256=uNHlwFQzz1Ejya9vk5HWeS31G3xUHugM9uTD5V4C29A,20
3
3
  devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
5
5
  devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -38,7 +38,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
38
38
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
39
39
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=-3KUPxlzBoxJarj8ZY8w84UffuedtBnj3z4r9UW7nFQ,6027
40
40
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
41
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=t1CTeQG2ePBwUdeNinSYEi3vyMjufD0KuHUIxRZCsAU,4370
41
+ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=aKPBEnhsCM_innNpZ2R5THgLaGctcVafNvXbFjq26tg,5560
42
42
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
43
43
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=GXz-xBxptaZsQU8sR9OTcDAvdIygXmiLfmMIWhlC-hs,33105
44
44
  devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -200,7 +200,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapt
200
200
  devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/gitleaks/gitleaks_tool.py,sha256=HTrbIronNbasyALapm0j3ZEaJCs7X7CRPS6uE_xPAMc,6049
201
201
  devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
202
202
  devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=mrSqPrkMiikxQ_uY-rF2I8QvicsOMdMBzTC8CTV3Wk8,2392
203
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=azMbd25Yvkil9xh6dWcBFBL1tFse1yr_-2zn8sBUYeU,8176
203
+ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=23nTGgwFn_-fNKXJEy2iTV1gIFPE_VdQWX_d8XVEeus,8544
204
204
  devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
205
205
  devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=61OnP4ehmzh-tRbACgZsB4IJi6J6HT9E6KCOcuhvnRw,1185
206
206
  devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -383,8 +383,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
383
383
  devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
384
384
  devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
385
385
  devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
386
- devsecops_engine_tools-1.104.3.dist-info/METADATA,sha256=w8CuG7hlG4Fj_l3cg7xsSXtk7NRBwrDVeNi49XYdjWE,3233
387
- devsecops_engine_tools-1.104.3.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
388
- devsecops_engine_tools-1.104.3.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
389
- devsecops_engine_tools-1.104.3.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
390
- devsecops_engine_tools-1.104.3.dist-info/RECORD,,
386
+ devsecops_engine_tools-1.106.0.dist-info/METADATA,sha256=YRb9FlvrBq26rua87UyyUN-RvTJrDRGTpbMilyx7goo,3233
387
+ devsecops_engine_tools-1.106.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
388
+ devsecops_engine_tools-1.106.0.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
389
+ devsecops_engine_tools-1.106.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
390
+ devsecops_engine_tools-1.106.0.dist-info/RECORD,,