devsecops-engine-tools 1.13.0__py3-none-any.whl → 1.13.2__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py +28 -12
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py +2 -0
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/METADATA +1 -1
- {devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/RECORD +8 -8
- {devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/top_level.txt +0 -0
|
@@ -51,7 +51,9 @@ class HandleRisk:
|
|
|
51
51
|
"Error getting finding list in handle risk: {0}".format(str(e))
|
|
52
52
|
)
|
|
53
53
|
|
|
54
|
-
def _filter_engagements(
|
|
54
|
+
def _filter_engagements(
|
|
55
|
+
self, engagements, service, endings_to_exclude, risk_config
|
|
56
|
+
):
|
|
55
57
|
filtered_engagements = []
|
|
56
58
|
min_word_length = risk_config["HANDLE_SERVICE_NAME"]["MIN_WORD_LENGTH"]
|
|
57
59
|
words = [
|
|
@@ -63,6 +65,7 @@ class HandleRisk:
|
|
|
63
65
|
]
|
|
64
66
|
check_words_regex = risk_config["HANDLE_SERVICE_NAME"]["REGEX_CHECK_WORDS"]
|
|
65
67
|
min_word_amount = risk_config["HANDLE_SERVICE_NAME"]["MIN_WORD_AMOUNT"]
|
|
68
|
+
|
|
66
69
|
for engagement in engagements:
|
|
67
70
|
if service.lower() in engagement.name.lower():
|
|
68
71
|
filtered_engagements += [engagement.name]
|
|
@@ -71,6 +74,13 @@ class HandleRisk:
|
|
|
71
74
|
>= min_word_amount
|
|
72
75
|
):
|
|
73
76
|
filtered_engagements += [engagement.name]
|
|
77
|
+
if endings_to_exclude:
|
|
78
|
+
filtered_engagements = [
|
|
79
|
+
engagement
|
|
80
|
+
for engagement in filtered_engagements
|
|
81
|
+
if not any(engagement.endswith(ending) for ending in endings_to_exclude)
|
|
82
|
+
]
|
|
83
|
+
|
|
74
84
|
return filtered_engagements
|
|
75
85
|
|
|
76
86
|
def _exclude_services(self, dict_args, pipeline_name, service_list):
|
|
@@ -82,16 +92,18 @@ class HandleRisk:
|
|
|
82
92
|
and risk_exclusions[pipeline_name].get("SKIP_SERVICE", 0)
|
|
83
93
|
and risk_exclusions[pipeline_name]["SKIP_SERVICE"].get("services", 0)
|
|
84
94
|
):
|
|
85
|
-
services_to_exclude =
|
|
86
|
-
"services", []
|
|
95
|
+
services_to_exclude = set(
|
|
96
|
+
risk_exclusions[pipeline_name]["SKIP_SERVICE"].get("services", [])
|
|
87
97
|
)
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
98
|
+
service_set = set(service_list)
|
|
99
|
+
|
|
100
|
+
remaining_services = list(service_set - services_to_exclude)
|
|
101
|
+
service_excluded = list(service_set & services_to_exclude)
|
|
102
|
+
|
|
93
103
|
print(f"Services to exclude: {service_excluded}")
|
|
94
104
|
logger.info(f"Services to exclude: {service_excluded}")
|
|
105
|
+
|
|
106
|
+
return remaining_services
|
|
95
107
|
return service_list
|
|
96
108
|
|
|
97
109
|
def process(self, dict_args: any, remote_config: any):
|
|
@@ -108,12 +120,16 @@ class HandleRisk:
|
|
|
108
120
|
service_list = []
|
|
109
121
|
|
|
110
122
|
if risk_config["HANDLE_SERVICE_NAME"]["ENABLED"].lower() == "true":
|
|
123
|
+
exclusive_endings = risk_config["HANDLE_SERVICE_NAME"]["EXCLUSIVE_ENDING"]
|
|
124
|
+
endings_to_exclude = [
|
|
125
|
+
ending
|
|
126
|
+
for ending in exclusive_endings
|
|
127
|
+
if not pipeline_name.endswith(ending)
|
|
128
|
+
]
|
|
111
129
|
service = next(
|
|
112
130
|
(
|
|
113
131
|
pipeline_name.replace(ending, "")
|
|
114
|
-
for ending in
|
|
115
|
-
"ERASE_SERVICE_ENDING"
|
|
116
|
-
]
|
|
132
|
+
for ending in exclusive_endings
|
|
117
133
|
if pipeline_name.endswith(ending)
|
|
118
134
|
),
|
|
119
135
|
pipeline_name,
|
|
@@ -131,7 +147,7 @@ class HandleRisk:
|
|
|
131
147
|
service_code, dict_args, secret_tool, remote_config
|
|
132
148
|
)
|
|
133
149
|
service_list += self._filter_engagements(
|
|
134
|
-
engagements, service, risk_config
|
|
150
|
+
engagements, service, endings_to_exclude, risk_config
|
|
135
151
|
)
|
|
136
152
|
|
|
137
153
|
service_list += [service]
|
|
@@ -140,6 +140,8 @@ class TrufflehogRun(ToolGateway):
|
|
|
140
140
|
original_where = original_where.replace("\\", "/")
|
|
141
141
|
where_text = original_where.replace(agent_work_folder, "")
|
|
142
142
|
find["SourceMetadata"]["Data"]["Filesystem"]["file"] = where_text
|
|
143
|
+
name = find["ExtraData"]["name"] if find["ExtraData"] != None else None
|
|
144
|
+
find["Id"] = "MISSCONFIGURATION_SCANNING" if name != None and "Actuator" in name else "SECRET_SCANNING"
|
|
143
145
|
json_str = json.dumps(find)
|
|
144
146
|
file.write(json_str + '\n')
|
|
145
147
|
return findings, file_findings
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.13.
|
|
1
|
+
version = '1.13.2'
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=gINKbMqc1Nd_zyGu2UQhdNduMWxlSjF2tSzcHjXwN74,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -26,7 +26,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/secrets_manager_gate
|
|
|
26
26
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_management_gateway.py,sha256=c98JSdYYPyr82VZR4MRy49xSBVxueERbAS1mWwKqV6g,878
|
|
27
27
|
devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
28
28
|
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=JP-i5SFaMN7Yi4uDCe_AE1kJ197g1IJGcwQdq-RYbk4,16198
|
|
29
|
-
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=
|
|
29
|
+
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=JWVYBs3O89r2WDv1R_Ww0G4RxruFslsX_th4_UykOLI,7585
|
|
30
30
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=yrPQdNvFNDeS4g4UxdxFDj-yw17K_OZ3T-HDEiePknE,7041
|
|
31
31
|
devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
|
|
32
32
|
devsecops_engine_tools/engine_core/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -153,7 +153,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,
|
|
|
153
153
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
154
154
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
155
155
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=MdE76XrltkegHjVnDdHWJptUNUZg_bJnsUynVG0MEKI,2565
|
|
156
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=
|
|
156
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=r3JvkTE8injqbFcymevPw4rn-5w6dsOGxWz0NRKx4kg,7367
|
|
157
157
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
158
158
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=TAEZ2HquyM_0ZWMh5_8-qE0OI5EMG0VfyOlypZswbLI,1019
|
|
159
159
|
devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -286,8 +286,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
|
|
|
286
286
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
287
287
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
288
288
|
devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=esLnDBxP9MQBvV8noVohTrdWSVuljTKRpZgrn2kaD_c,192
|
|
289
|
-
devsecops_engine_tools-1.13.
|
|
290
|
-
devsecops_engine_tools-1.13.
|
|
291
|
-
devsecops_engine_tools-1.13.
|
|
292
|
-
devsecops_engine_tools-1.13.
|
|
293
|
-
devsecops_engine_tools-1.13.
|
|
289
|
+
devsecops_engine_tools-1.13.2.dist-info/METADATA,sha256=USwxL0_YhSsRlQXGR2x_bk98RTJ1NDt1GWYaLns6wNk,10854
|
|
290
|
+
devsecops_engine_tools-1.13.2.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
291
|
+
devsecops_engine_tools-1.13.2.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
292
|
+
devsecops_engine_tools-1.13.2.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
293
|
+
devsecops_engine_tools-1.13.2.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.13.0.dist-info → devsecops_engine_tools-1.13.2.dist-info}/top_level.txt
RENAMED
|
File without changes
|