devsecops-engine-tools 1.11.0__tar.gz → 1.11.2__tar.gz

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.11.0
+Version: 1.11.2
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team
@@ -144,10 +144,14 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
     <td>Free</td>
   </tr>
   <tr>
-    <td>ENGINE_DEPENDENCIES</td>
+    <td rowspan="2">ENGINE_DEPENDENCIES</td>
     <td><a href="https://jfrog.com/help/r/get-started-with-the-jfrog-platform/jfrog-xray">XRAY</a></td>
     <td>Paid</td>
   </tr>
+  <tr>
+    <td><a href="https://owasp.org/www-project-dependency-check/">DEPENDENCY CHECK</a></td>
+    <td>Free</td>
+  </tr>
   <tr>
     <td>ENGINE_CODE</td>
     <td><a href="https://docs.bearer.com/quickstart/">BEARER</a></td>

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py

@@ -65,7 +65,8 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 "TRIVY": "Trivy Scan",
                 "KUBESCAPE": "Kubescape Scanner",
                 "KICS": "KICS Scanner",
-                "BEARER": "Bearer CLI"
+                "BEARER": "Bearer CLI",
+                "DEPENDENCY_CHECK": "Dependency Check Scan"
             }
 
             if any(

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py

@@ -11,7 +11,7 @@ from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.driven_ada
 )
 from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
 from devsecops_engine_tools.engine_utilities import settings
-from devsecops_engine_tools.engine_utilities.github.infrastructure.github_api import GithubApi
+from devsecops_engine_tools.engine_utilities.utils.utils import Utils
 
 logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
 
@@ -28,7 +28,7 @@ class KicsTool(ToolGateway):
             logger.error(f"An error ocurred downloading {file} {ex}")
 
     def install_tool(self, file, url, command_prefix):
-        github_api = GithubApi()
+        utils = Utils()
         kics = f"./{command_prefix}/kics"
         installed = subprocess.run(
             ["which", command_prefix],
@@ -38,7 +38,7 @@ class KicsTool(ToolGateway):
         if installed.returncode == 1:
             try:
                 self.download(file, url)
-                github_api.unzip_file(file, command_prefix)
+                utils.unzip_file(file, command_prefix)
                 subprocess.run(["chmod", "+x", kics])
                 return kics
             except Exception as e:
@@ -56,9 +56,9 @@ class KicsTool(ToolGateway):
             return command_prefix
         except:
             try:
-                github_api = GithubApi()
+                utils = Utils()
                 self.download(file, url)
-                github_api.unzip_file(file, command_prefix)
+                utils.unzip_file(file, command_prefix)
                 return f"./{command_prefix}/kics"
 
             except Exception as e:
@@ -81,34 +81,32 @@ class KicsTool(ToolGateway):
             logger.error(f"An error ocurred loading KICS results {ex}")
             return None
 
-    def select_operative_system(self, os_platform, folders_to_scan, config_tool, path_kics):
+    def select_operative_system(self, os_platform, config_tool, path_kics):
         command_prefix = path_kics
         if os_platform == "Linux":
             kics_zip = "kics_linux.zip"
             url_kics = config_tool[self.TOOL_KICS]["KICS_LINUX"]
-            command_prefix = self.install_tool(kics_zip, url_kics, command_prefix)
+            return self.install_tool(kics_zip, url_kics, command_prefix)
         elif os_platform == "Windows":
             kics_zip = "kics_windows.zip"
             url_kics = config_tool[self.TOOL_KICS]["KICS_WINDOWS"]
-            command_prefix = self.install_tool_windows(kics_zip, url_kics, command_prefix)
+            return self.install_tool_windows(kics_zip, url_kics, command_prefix)
         elif os_platform == "Darwin":
             kics_zip = "kics_macos.zip"
             url_kics = config_tool[self.TOOL_KICS]["KICS_MAC"]
-            command_prefix = self.install_tool(kics_zip, url_kics, command_prefix)
+            return self.install_tool(kics_zip, url_kics, command_prefix)
         else:
             logger.warning(f"{os_platform} is not supported.")
             return [], None
 
-        self.execute_kics(folders_to_scan, command_prefix)
-
     def get_assets(self, kics_version):
         name_zip = "assets_compressed.zip"
         assets_url = f"https://github.com/Checkmarx/kics/releases/download/v{kics_version}/extracted-info.zip"
         self.download(name_zip, assets_url)
 
         directory_assets = "kics_assets"
-        github_api = GithubApi()
-        github_api.unzip_file(name_zip, directory_assets)
+        utils = Utils()
+        utils.unzip_file(name_zip, directory_assets)
 
     def run_tool(
             self, config_tool, folders_to_scan, **kwargs
@@ -120,7 +118,8 @@ class KicsTool(ToolGateway):
             self.get_assets(kics_version)
 
         os_platform = platform.system()
-        self.select_operative_system(os_platform, folders_to_scan, config_tool, path_kics)
+        command_prefix = self.select_operative_system(os_platform, config_tool, path_kics)
+        self.execute_kics(folders_to_scan, command_prefix)
 
         data = self.load_results()
         if data:

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_deserealizator.py

@@ -46,7 +46,7 @@ class KubescapeDeserealizator:
                     resource = resources.get(resource_id)
 
                     if resource:
-                        relative_path = resource.get("source", {}).get("path", "").replace("\\", "/")
+                        relative_path = resource.get("source", {}).get("relativePath", "").replace("\\", "/")
                         severity_score = self.get_severity_score(frameworks, control_id)
 
                         result_extracted_data.append({

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_tool.py

@@ -72,30 +72,28 @@ class KubescapeTool(ToolGateway):
             logger.error("The JSON result is empty.")
         return None
 
-    def select_operative_system(self, os_platform, folders_to_scan, base_url):
+    def select_operative_system(self, os_platform, base_url):
         if os_platform == "Linux":
             distro_name = distro.name()
             if distro_name == "Ubuntu":
                 file = "kubescape-ubuntu-latest"
                 self.install_tool(file, base_url + file)
-                command_prefix = f"./{file}"
+                return f"./{file}"
             else:
                 logger.warning(f"{distro_name} is not supported.")
                 return None
         elif os_platform == "Windows":
             file = "kubescape-windows-latest.exe"
             self.install_tool_windows(file, base_url + file)
-            command_prefix = f"./{file}"
+            return f"./{file}"
         elif os_platform == "Darwin":
             file = "kubescape-macos-latest"
             self.install_tool(file, base_url + file)
-            command_prefix = f"./{file}"
+            return f"./{file}"
         else:
             logger.warning(f"{os_platform} is not supported.")
             return [], None
 
-        self.execute_kubescape(folders_to_scan, command_prefix)
-
     def run_tool(self, config_tool, folders_to_scan, platform_to_scan, **kwargs):
 
         if folders_to_scan and "k8s" in platform_to_scan:
@@ -103,7 +101,8 @@ class KubescapeTool(ToolGateway):
             kubescape_version = config_tool["KUBESCAPE"]["VERSION"]
             os_platform = platform.system()
             base_url = f"https://github.com/kubescape/kubescape/releases/download/v{kubescape_version}/"
-            self.select_operative_system(os_platform, folders_to_scan, base_url)
+            command_prefix = self.select_operative_system(os_platform, base_url)
+            self.execute_kubescape(folders_to_scan, command_prefix)
 
             json_name = "results_kubescape.json"
             data = self.load_json(json_name)

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_sca/engine_dependencies/src/applications/runner_dependencies_scan.py

@@ -4,6 +4,12 @@ from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.dr
 from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.driven_adapters.xray_tool.xray_deserialize_output import (
     XrayDeserializator,
 )
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.driven_adapters.dependency_check.dependency_check_tool import (
+    DependencyCheckTool,
+)
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.driven_adapters.dependency_check.dependency_check_deserialize import (
+    DependencyCheckDeserialize,
+)
 from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.entry_points.entry_point_tool import (
     init_engine_dependencies,
 )
@@ -11,9 +17,21 @@ from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.en
 
 def runner_engine_dependencies(dict_args, config_tool, secret_tool, devops_platform_gateway):
     try:
-        if config_tool["ENGINE_DEPENDENCIES"]["TOOL"] == "XRAY":
-            tool_run = XrayScan()
-            tool_deserializator = XrayDeserializator()
+        tools_mapping = {
+            "XRAY": {
+                "tool_run": XrayScan,
+                "tool_deserializator": XrayDeserializator
+            },
+            "DEPENDENCY_CHECK": {
+                "tool_run": DependencyCheckTool,
+                "tool_deserializator": DependencyCheckDeserialize
+            }
+        }
+
+        selected_tool = config_tool["ENGINE_DEPENDENCIES"]["TOOL"]
+        tool_run = tools_mapping[selected_tool]["tool_run"]()
+        tool_deserializator = tools_mapping[selected_tool]["tool_deserializator"]()
+
 
         return init_engine_dependencies(
             tool_run,

devsecops_engine_tools-1.11.2/devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/dependency_check/dependency_check_deserialize.py

@@ -0,0 +1,62 @@
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.deserializator_gateway import (
+    DeserializatorGateway,
+)
+from devsecops_engine_tools.engine_core.src.domain.model.finding import (
+    Finding,
+    Category,
+)
+from dataclasses import dataclass
+from datetime import datetime
+import json
+import os
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
+
+@dataclass
+class DependencyCheckDeserialize(DeserializatorGateway):
+
+    def get_list_findings(self, dependencies_scanned_file) -> "list[Finding]":
+        filename, extension = os.path.splitext(dependencies_scanned_file)
+        if extension.lower() != ".json":
+            dependencies_scanned_file = f"{filename}.json"
+
+        data_result = self.load_results(dependencies_scanned_file)
+
+        list_open_vulnerabilities = []
+        for dependency in data_result.get("dependencies", []):
+            for vulnerability in dependency.get("vulnerabilities", []):
+                vulnerable_software = vulnerability.get("vulnerableSoftware", [])
+                fix = (
+                    vulnerable_software[0]
+                    .get("software", {})
+                    .get("versionEndExcluding", None)
+                    if vulnerable_software
+                    else None
+                )
+                finding_open = Finding(
+                    id=vulnerability["name"][:20],
+                    cvss=str(vulnerability.get("cvssv3", {})),
+                    where=dependency.get("fileName").split(':')[-1].strip(),
+                    description=vulnerability["description"][:170].replace("\n\n", " "),
+                    severity=vulnerability["severity"].lower(),
+                    identification_date=datetime.now().strftime("%d%m%Y"),
+                    published_date_cve=None,
+                    module="engine_dependencies",
+                    category=Category.VULNERABILITY,
+                    requirements=fix,
+                    tool="DEPENDENCY_CHECK"
+                )
+                list_open_vulnerabilities.append(finding_open)
+
+        return list_open_vulnerabilities
+    
+    def load_results(self, dependencies_scanned_file):
+        try:
+            with open(dependencies_scanned_file) as f:
+                data = json.load(f)
+            return data
+        except Exception as ex:
+            logger.error(f"An error ocurred loading dependency-check results {ex}")
+            return None

devsecops_engine_tools-1.11.2/devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/dependency_check/dependency_check_tool.py

@@ -0,0 +1,120 @@
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.tool_gateway import (
+    ToolGateway,
+)
+
+import requests
+import subprocess
+import os
+import platform
+import shutil
+
+from devsecops_engine_tools.engine_utilities.utils.utils import Utils
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.helpers.get_artifacts import GetArtifacts
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
+
+
+class DependencyCheckTool(ToolGateway):
+    def download_tool(self, cli_version):
+        try:
+            url = f"https://github.com/jeremylong/DependencyCheck/releases/download/v{cli_version}/dependency-check-{cli_version}-release.zip"
+            response = requests.get(url, allow_redirects=True)
+            home_directory = os.path.expanduser("~")
+            zip_name = os.path.join(home_directory, f"dependency_check_{cli_version}.zip")
+            with open(zip_name, "wb") as f:
+                f.write(response.content)
+
+            utils = Utils()
+            utils.unzip_file(zip_name, home_directory)
+        except Exception as ex:
+            logger.error(f"An error ocurred downloading dependency-check {ex}")
+
+    def install_tool(self, cli_version, is_windows=False):
+        command_prefix = "dependency-check.bat" if is_windows else "dependency-check.sh"
+
+        installed = shutil.which(command_prefix)
+        if installed:
+            return command_prefix
+
+        home_directory = os.path.expanduser("~")
+        bin_route = os.path.join(home_directory, f"dependency-check/bin/{command_prefix}")
+
+        if shutil.which(bin_route):
+            return bin_route
+
+        self.download_tool(cli_version)
+
+        try:
+            if os.path.exists(bin_route):
+                if not is_windows:
+                    subprocess.run(["chmod", "+x", bin_route], check=True)
+                return bin_route 
+        except Exception as e:
+            logger.error(f"Error installing OWASP dependency check: {e}")
+            return None
+
+    def scan_dependencies(self, command_prefix, file_to_scan, token):
+        try:
+            command = [command_prefix, "--format", "JSON", "--format", "XML", "--nvdApiKey", token, "--scan", file_to_scan,]
+
+            if not token:
+                print("¡¡Remember!!, it is recommended to use the API key for faster vulnerability database downloads.")
+                command = [command_prefix, "--format", "JSON", "--format", "XML", "--scan", file_to_scan,]
+
+            subprocess.run(command, capture_output=True, check=True)
+        except subprocess.CalledProcessError as error:
+            logger.error(f"Error executing OWASP dependency check scan: {error}")
+
+    def select_operative_system(self, cli_version):
+        os_platform = platform.system()
+
+        if os_platform in ["Linux", "Darwin"]:
+            return self.install_tool(cli_version, is_windows=False)
+        elif os_platform == "Windows":
+            return self.install_tool(cli_version, is_windows=True)
+        else:
+            logger.warning(f"{os_platform} is not supported.")
+            return None
+
+    def search_result(self):
+        try:
+            file_result = os.path.join(os.getcwd(), "dependency-check-report.xml")
+            return file_result
+        except Exception as ex:
+            logger.error(f"An error ocurred search dependency-check results {ex}")
+            return None
+        
+    def is_java_installed(self):
+        return shutil.which("java") is not None
+
+    def run_tool_dependencies_sca(
+        self,
+        remote_config,
+        dict_args,
+        exclusion,
+        pipeline_name,
+        to_scan,
+        token,
+        token_engine_dependencies
+    ):
+        if not self.is_java_installed():
+            logger.error("Java is not installed, please install it to run dependency check")
+            return None
+
+        cli_version = remote_config["DEPENDENCY_CHECK"]["CLI_VERSION"]
+
+        get_artifacts = GetArtifacts()
+
+        pattern = get_artifacts.excluded_files(remote_config, pipeline_name, exclusion, "DEPENDENCY_CHECK")
+        to_scan = get_artifacts.find_artifacts(
+            to_scan, pattern, remote_config["DEPENDENCY_CHECK"]["PACKAGES_TO_SCAN"]
+        )
+
+        if not to_scan:
+            return None
+
+        command_prefix = self.select_operative_system(cli_version)
+        self.scan_dependencies(command_prefix, to_scan, token_engine_dependencies)
+        return self.search_result()

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py

@@ -8,9 +8,8 @@ import requests
 import re
 import os
 import json
-import shutil
-import tarfile
 
+from devsecops_engine_tools.engine_sca.engine_dependencies.src.infrastructure.helpers.get_artifacts import GetArtifacts
 from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
 from devsecops_engine_tools.engine_utilities import settings
 
@@ -18,100 +17,6 @@ logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
 
 
 class XrayScan(ToolGateway):
-    def excluded_files(self, remote_config, pipeline_name, exclusions):
-        pattern = remote_config["XRAY"]["REGEX_EXPRESSION_EXTENSIONS"]
-        if pipeline_name in exclusions:
-            for ex in exclusions[pipeline_name]["XRAY"]:
-                if ex.get("SKIP_FILES", 0):
-                    exclusion = ex.get("SKIP_FILES")
-                    if exclusion.get("files", 0):
-                        excluded_file_types = exclusion["files"]
-                        pattern2 = pattern
-                        for ext in excluded_file_types:
-                            pattern2 = (
-                                pattern2.replace("|" + ext, "")
-                                .replace(ext + "|", "")
-                                .replace(ext, "")
-                            )
-                        pattern = pattern2
-
-        return pattern
-
-    def find_packages(self, pattern, packages, working_dir):
-        packages_list = []
-        files_list = []
-        extension_pattern = re.compile(pattern, re.IGNORECASE)
-        for root, dirs, files in os.walk(working_dir):
-            components = root.split(os.path.sep)
-            flag = 0
-            for package in packages:
-                if not (package in components):
-                    flag = 1
-                    if package in dirs:
-                        packages_list.append(os.path.join(root, package))
-            if flag:
-                for file in files:
-                    if extension_pattern.search(file):
-                        files_list.append(os.path.join(root, file))
-        return packages_list, files_list
-
-    def compress_and_mv(self, tar_path, package):
-        try:
-            with tarfile.open(tar_path, "w") as tar:
-                tar.add(
-                    package,
-                    arcname=os.path.basename(package),
-                    filter=lambda x: None if "/.bin/" in x.name else x,
-                )
-
-        except subprocess.CalledProcessError as e:
-            logger.error(f"Error during {package} compression: {e}")
-
-    def move_files(self, dir_to_scan_path, finded_files):
-        for file in finded_files:
-            target = os.path.join(dir_to_scan_path, os.path.basename(file))
-            shutil.copy2(file, target)
-            logger.debug(f"File to scan: {file}")
-
-    def find_artifacts(self, to_scan, pattern, packages):
-        dir_to_scan_path = os.path.join(to_scan, "dependencies_to_scan")
-        if os.path.exists(dir_to_scan_path):
-            shutil.rmtree(dir_to_scan_path)
-        os.makedirs(dir_to_scan_path)
-
-        packages_list, files_list = self.find_packages(pattern, packages, to_scan)
-
-        for package in packages_list:
-            tar_path = os.path.join(
-                dir_to_scan_path,
-                "pkg"
-                + str(packages_list.index(package) + 1)
-                + "_"
-                + os.path.basename(package)
-                + ".tar",
-            )
-            self.compress_and_mv(tar_path, package)
-
-        if len(files_list):
-            self.move_files(dir_to_scan_path, files_list)
-
-        files = os.listdir(dir_to_scan_path)
-        files = [
-            file
-            for file in files
-            if os.path.isfile(os.path.join(dir_to_scan_path, file))
-        ]
-        file_to_scan = None
-        if files:
-            file_to_scan = os.path.join(dir_to_scan_path, "file_to_scan.tar")
-            self.compress_and_mv(file_to_scan, dir_to_scan_path)
-            files_string = ", ".join(files)
-            logger.debug(f"Files to scan: {files_string}")
-            print(f"Files to scan: {files_string}")
-        else:
-            logger.warning("No artifacts found")
-
-        return file_to_scan
 
     def install_tool_linux(self, prefix, version):
         installed = subprocess.run(
@@ -241,8 +146,9 @@ class XrayScan(ToolGateway):
     ):
         token = secret_tool["token_xray"] if secret_tool else token_engine_dependencies
         if dict_args["xray_mode"] == "scan":
-            pattern = self.excluded_files(remote_config, pipeline_name, exclusion)
-            to_scan = self.find_artifacts(
+            get_artifacts = GetArtifacts()
+            pattern = get_artifacts.excluded_files(remote_config, pipeline_name, exclusion, "XRAY")
+            to_scan = get_artifacts.find_artifacts(
                 to_scan, pattern, remote_config["XRAY"]["PACKAGES_TO_SCAN"]
             )
             cwd = os.getcwd()

devsecops_engine_tools-1.11.2/devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/helpers/get_artifacts.py

@@ -0,0 +1,107 @@
+import os
+import re
+import tarfile
+import subprocess
+import shutil
+
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
+
+class GetArtifacts:
+
+    def excluded_files(self, remote_config, pipeline_name, exclusions, tool):
+        pattern = remote_config[tool]["REGEX_EXPRESSION_EXTENSIONS"]
+        if pipeline_name in exclusions:
+            for ex in exclusions[pipeline_name][tool]:
+                if ex.get("SKIP_FILES", 0):
+                    exclusion = ex.get("SKIP_FILES")
+                    if exclusion.get("files", 0):
+                        excluded_file_types = exclusion["files"]
+                        pattern2 = pattern
+                        for ext in excluded_file_types:
+                            pattern2 = (
+                                pattern2.replace("|" + ext, "")
+                                .replace(ext + "|", "")
+                                .replace(ext, "")
+                            )
+                        pattern = pattern2
+
+        return pattern
+    
+    def find_packages(self, pattern, packages, working_dir):
+        packages_list = []
+        files_list = []
+        extension_pattern = re.compile(pattern, re.IGNORECASE)
+        for root, dirs, files in os.walk(working_dir):
+            components = root.split(os.path.sep)
+            flag = 0
+            for package in packages:
+                if not (package in components):
+                    flag = 1
+                    if package in dirs:
+                        packages_list.append(os.path.join(root, package))
+            if flag:
+                for file in files:
+                    if extension_pattern.search(file):
+                        files_list.append(os.path.join(root, file))
+        return packages_list, files_list
+    
+    def compress_and_mv(self, tar_path, package):
+        try:
+            with tarfile.open(tar_path, "w") as tar:
+                tar.add(
+                    package,
+                    arcname=os.path.basename(package),
+                    filter=lambda x: None if "/.bin/" in x.name else x,
+                )
+
+        except subprocess.CalledProcessError as e:
+            logger.error(f"Error during {package} compression: {e}")
+
+    def move_files(self, dir_to_scan_path, finded_files):
+        for file in finded_files:
+            target = os.path.join(dir_to_scan_path, os.path.basename(file))
+            shutil.copy2(file, target)
+            logger.debug(f"File to scan: {file}")
+    
+    def find_artifacts(self, to_scan, pattern, packages):
+        dir_to_scan_path = os.path.join(to_scan, "dependencies_to_scan")
+        if os.path.exists(dir_to_scan_path):
+            shutil.rmtree(dir_to_scan_path)
+        os.makedirs(dir_to_scan_path)
+
+        packages_list, files_list = self.find_packages(pattern, packages, to_scan)
+
+        for package in packages_list:
+            tar_path = os.path.join(
+                dir_to_scan_path,
+                "pkg"
+                + str(packages_list.index(package) + 1)
+                + "_"
+                + os.path.basename(package)
+                + ".tar",
+            )
+            self.compress_and_mv(tar_path, package)
+
+        if len(files_list):
+            self.move_files(dir_to_scan_path, files_list)
+
+        files = os.listdir(dir_to_scan_path)
+        files = [
+            file
+            for file in files
+            if os.path.isfile(os.path.join(dir_to_scan_path, file))
+        ]
+        file_to_scan = None
+        if files:
+            file_to_scan = os.path.join(dir_to_scan_path, "file_to_scan.tar")
+            self.compress_and_mv(file_to_scan, dir_to_scan_path)
+            files_string = ", ".join(files)
+            logger.debug(f"Files to scan: {files_string}")
+            print(f"Files to scan: {files_string}")
+        else:
+            logger.warning("No artifacts found")
+
+        return file_to_scan

{devsecops_engine_tools-1.11.0 → devsecops_engine_tools-1.11.2}/devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan.py

@@ -90,11 +90,11 @@ class ImportScanUserCase:
 
         logger.debug(f"search Engagement name: {request.engagement_name}")
         engagement = self.__rest_engagement.get_engagements(request.engagement_name)
-        if engagement.results == [] or any(engagement.name != request.engagement_name for engagement in engagement.results):
+        if engagement.results == [] or not any(engagement.name == request.engagement_name for engagement in engagement.results):
             engagement = self.__rest_engagement.post_engagement(request.engagement_name, product_id)
             logger.debug(f"Egagement created: {engagement.name}")
         else:
-            engagement = [engagement for engagement in engagement.results if engagement.product == product_id]
+            engagement = [engagement for engagement in engagement.results if engagement.product == product_id and engagement.name == request.engagement_name]
             if engagement:
                 logger.debug(f"Engagement found: {engagement[0].name} whit product id: {engagement[0].product}")
             else:

devsecops_engine_tools-1.11.2/devsecops_engine_tools/engine_utilities/utils/utils.py

@@ -0,0 +1,8 @@
+import zipfile
+
+
+class Utils:
+
+    def unzip_file(self, zip_file_path, extract_path):
+        with zipfile.ZipFile(zip_file_path, "r") as zip_ref:
+            zip_ref.extractall(extract_path)

devsecops_engine_tools-1.11.2/devsecops_engine_tools/version.py

@@ -0,0 +1 @@
+version = '1.11.2'