devsecops-engine-tools 1.27.0__py3-none-any.whl → 1.28.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +1 -1
- devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py +3 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py +3 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py +4 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py +81 -39
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py +5 -1
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py +5 -2
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py +3 -3
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py +22 -22
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py +6 -9
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py +22 -46
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py +1 -1
- devsecops_engine_tools/engine_utilities/azuredevops/models/AzurePredefinedVariables.py +5 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py +1 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py +5 -4
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/cmdb.py +81 -30
- devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py +6 -0
- devsecops_engine_tools/engine_utilities/sonarqube/src/domain/usecases/report_sonar.py +4 -1
- devsecops_engine_tools/engine_utilities/utils/utils.py +7 -7
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/METADATA +3 -3
- {devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/RECORD +25 -26
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/DeserializeConfigTool.py +0 -18
- {devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/top_level.txt +0 -0
|
@@ -101,7 +101,7 @@ def get_inputs_from_cli(args):
|
|
|
101
101
|
"--folder_path",
|
|
102
102
|
type=str,
|
|
103
103
|
required=False,
|
|
104
|
-
help="Folder Path to scan, only apply engine_iac, engine_code and engine_dependencies tools",
|
|
104
|
+
help="Folder Path to scan, only apply engine_iac, engine_code, engine_secret and engine_dependencies tools",
|
|
105
105
|
)
|
|
106
106
|
parser.add_argument(
|
|
107
107
|
"-p",
|
|
@@ -196,6 +196,9 @@ class HandleScan:
|
|
|
196
196
|
self.devops_platform_gateway.get_variable("branch_tag"),
|
|
197
197
|
self.devops_platform_gateway.get_variable("commit_hash"),
|
|
198
198
|
env,
|
|
199
|
+
self.devops_platform_gateway.get_variable("vm_product_type_name"),
|
|
200
|
+
self.devops_platform_gateway.get_variable("vm_product_name"),
|
|
201
|
+
self.devops_platform_gateway.get_variable("vm_product_description"),
|
|
199
202
|
)
|
|
200
203
|
)
|
|
201
204
|
|
|
@@ -7,6 +7,7 @@ from devsecops_engine_tools.engine_utilities.azuredevops.models.AzurePredefinedV
|
|
|
7
7
|
SystemVariables,
|
|
8
8
|
ReleaseVariables,
|
|
9
9
|
AgentVariables,
|
|
10
|
+
VMVariables
|
|
10
11
|
)
|
|
11
12
|
from devsecops_engine_tools.engine_utilities.azuredevops.infrastructure.azure_devops_api import (
|
|
12
13
|
AzureDevopsApi,
|
|
@@ -95,6 +96,9 @@ class AzureDevops(DevopsPlatformGateway):
|
|
|
95
96
|
"target_branch": SystemVariables.System_TargetBranchName,
|
|
96
97
|
"source_branch": SystemVariables.System_SourceBranch,
|
|
97
98
|
"repository_provider": BuildVariables.Build_Repository_Provider,
|
|
99
|
+
"vm_product_type_name": VMVariables.Vm_Product_Type_Name,
|
|
100
|
+
"vm_product_name": VMVariables.Vm_Product_Name,
|
|
101
|
+
"vm_product_description": VMVariables.Vm_Product_Description,
|
|
98
102
|
}
|
|
99
103
|
try:
|
|
100
104
|
return variable_map.get(variable).value()
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py
CHANGED
|
@@ -30,6 +30,7 @@ from functools import partial
|
|
|
30
30
|
|
|
31
31
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
32
32
|
from devsecops_engine_tools.engine_utilities import settings
|
|
33
|
+
from devsecops_engine_tools.engine_utilities.defect_dojo.domain.serializers.import_scan import ImportScanSerializer
|
|
33
34
|
import time
|
|
34
35
|
import concurrent.futures
|
|
35
36
|
|
|
@@ -87,44 +88,17 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
|
|
|
87
88
|
tags = vulnerability_management.dict_args["tool"]
|
|
88
89
|
if vulnerability_management.dict_args["tool"] == "engine_iac":
|
|
89
90
|
tags = f"{vulnerability_management.dict_args['tool']}_{'_'.join(vulnerability_management.dict_args['platform'])}"
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
host_cmdb=vulnerability_management.config_tool[
|
|
102
|
-
"VULNERABILITY_MANAGER"
|
|
103
|
-
]["DEFECT_DOJO"]["HOST_CMDB"],
|
|
104
|
-
expression=vulnerability_management.config_tool[
|
|
105
|
-
"VULNERABILITY_MANAGER"
|
|
106
|
-
]["DEFECT_DOJO"]["REGEX_EXPRESSION_CMDB"],
|
|
107
|
-
token_defect_dojo=token_dd,
|
|
108
|
-
host_defect_dojo=vulnerability_management.config_tool[
|
|
109
|
-
"VULNERABILITY_MANAGER"
|
|
110
|
-
]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
|
|
111
|
-
scan_type=scan_type_mapping[vulnerability_management.scan_type],
|
|
112
|
-
engagement_name=vulnerability_management.input_core.scope_pipeline,
|
|
113
|
-
service=vulnerability_management.input_core.scope_pipeline,
|
|
114
|
-
file=vulnerability_management.input_core.path_file_results,
|
|
115
|
-
version=vulnerability_management.version,
|
|
116
|
-
build_id=vulnerability_management.build_id,
|
|
117
|
-
source_code_management_uri=vulnerability_management.source_code_management_uri,
|
|
118
|
-
branch_tag=vulnerability_management.branch_tag,
|
|
119
|
-
commit_hash=vulnerability_management.commit_hash,
|
|
120
|
-
environment=(
|
|
121
|
-
enviroment_mapping[vulnerability_management.environment.lower()]
|
|
122
|
-
if vulnerability_management.environment is not None
|
|
123
|
-
and vulnerability_management.environment.lower()
|
|
124
|
-
in enviroment_mapping
|
|
125
|
-
else enviroment_mapping["default"]
|
|
126
|
-
),
|
|
127
|
-
tags=tags,
|
|
91
|
+
|
|
92
|
+
use_cmdb = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["USE_CMDB"]
|
|
93
|
+
|
|
94
|
+
request = self._build_request_importscan(
|
|
95
|
+
vulnerability_management,
|
|
96
|
+
token_cmdb,
|
|
97
|
+
token_dd,
|
|
98
|
+
scan_type_mapping,
|
|
99
|
+
enviroment_mapping,
|
|
100
|
+
tags,
|
|
101
|
+
use_cmdb
|
|
128
102
|
)
|
|
129
103
|
|
|
130
104
|
def request_func():
|
|
@@ -170,7 +144,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
|
|
|
170
144
|
request={
|
|
171
145
|
"name": Connect.get_code_app(
|
|
172
146
|
service,
|
|
173
|
-
config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"][
|
|
147
|
+
config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"][
|
|
174
148
|
"REGEX_EXPRESSION_CMDB"
|
|
175
149
|
],
|
|
176
150
|
),
|
|
@@ -387,6 +361,74 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
|
|
|
387
361
|
ex
|
|
388
362
|
)
|
|
389
363
|
)
|
|
364
|
+
|
|
365
|
+
def _build_request_importscan(
|
|
366
|
+
self,
|
|
367
|
+
vulnerability_management: VulnerabilityManagement,
|
|
368
|
+
token_cmdb,
|
|
369
|
+
token_dd,
|
|
370
|
+
scan_type_mapping,
|
|
371
|
+
enviroment_mapping,
|
|
372
|
+
tags,
|
|
373
|
+
use_cmdb: bool
|
|
374
|
+
):
|
|
375
|
+
common_fields = {
|
|
376
|
+
"scan_type": scan_type_mapping[vulnerability_management.scan_type],
|
|
377
|
+
"file": vulnerability_management.input_core.path_file_results,
|
|
378
|
+
"engagement_name": vulnerability_management.input_core.scope_pipeline,
|
|
379
|
+
"source_code_management_uri": vulnerability_management.source_code_management_uri,
|
|
380
|
+
"tags": tags,
|
|
381
|
+
"version": vulnerability_management.version,
|
|
382
|
+
"build_id": vulnerability_management.build_id,
|
|
383
|
+
"branch_tag": vulnerability_management.branch_tag,
|
|
384
|
+
"commit_hash": vulnerability_management.commit_hash,
|
|
385
|
+
"service": vulnerability_management.input_core.scope_pipeline,
|
|
386
|
+
"environment": (
|
|
387
|
+
enviroment_mapping[vulnerability_management.environment.lower()]
|
|
388
|
+
if vulnerability_management.environment is not None
|
|
389
|
+
and vulnerability_management.environment.lower()
|
|
390
|
+
in enviroment_mapping
|
|
391
|
+
else enviroment_mapping["default"]
|
|
392
|
+
),
|
|
393
|
+
"token_defect_dojo": token_dd,
|
|
394
|
+
"host_defect_dojo": vulnerability_management.config_tool[
|
|
395
|
+
"VULNERABILITY_MANAGER"
|
|
396
|
+
]["DEFECT_DOJO"]["HOST_DEFECT_DOJO"],
|
|
397
|
+
"expression": vulnerability_management.config_tool[
|
|
398
|
+
"VULNERABILITY_MANAGER"
|
|
399
|
+
]["DEFECT_DOJO"]["CMDB"]["REGEX_EXPRESSION_CMDB"],
|
|
400
|
+
}
|
|
401
|
+
|
|
402
|
+
if use_cmdb:
|
|
403
|
+
cmdb_mapping = vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING"]
|
|
404
|
+
return Connect.cmdb(
|
|
405
|
+
cmdb_mapping={
|
|
406
|
+
"product_type_name": cmdb_mapping["PRODUCT_TYPE_NAME"],
|
|
407
|
+
"product_name": cmdb_mapping["PRODUCT_NAME"],
|
|
408
|
+
"tag_product": cmdb_mapping["TAG_PRODUCT"],
|
|
409
|
+
"product_description": cmdb_mapping["PRODUCT_DESCRIPTION"],
|
|
410
|
+
"codigo_app": cmdb_mapping["CODIGO_APP"],
|
|
411
|
+
},
|
|
412
|
+
compact_remote_config_url=f'{vulnerability_management.base_compact_remote_config_url}{vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_MAPPING_PATH"]}',
|
|
413
|
+
personal_access_token=vulnerability_management.access_token,
|
|
414
|
+
token_cmdb=token_cmdb,
|
|
415
|
+
host_cmdb=vulnerability_management.config_tool[
|
|
416
|
+
"VULNERABILITY_MANAGER"
|
|
417
|
+
]["DEFECT_DOJO"]["CMDB"]["HOST_CMDB"],
|
|
418
|
+
cmdb_request_response=vulnerability_management.config_tool["VULNERABILITY_MANAGER"]["DEFECT_DOJO"]["CMDB"]["CMDB_REQUEST_RESPONSE"],
|
|
419
|
+
**common_fields,
|
|
420
|
+
)
|
|
421
|
+
else:
|
|
422
|
+
request: ImportScanRequest = ImportScanSerializer().load(
|
|
423
|
+
{
|
|
424
|
+
"product_type_name":vulnerability_management.vm_product_type_name,
|
|
425
|
+
"product_name": vulnerability_management.vm_product_name,
|
|
426
|
+
"product_description":vulnerability_management.vm_product_description,
|
|
427
|
+
"code_app":vulnerability_management.vm_product_name,
|
|
428
|
+
**common_fields,
|
|
429
|
+
}
|
|
430
|
+
)
|
|
431
|
+
return request
|
|
390
432
|
|
|
391
433
|
def _process_component(self, component_sbom, session_manager, engagement):
|
|
392
434
|
request = {
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py
CHANGED
|
@@ -6,7 +6,8 @@ from devsecops_engine_tools.engine_utilities.github.models.GithubPredefinedVaria
|
|
|
6
6
|
BuildVariables,
|
|
7
7
|
SystemVariables,
|
|
8
8
|
ReleaseVariables,
|
|
9
|
-
AgentVariables
|
|
9
|
+
AgentVariables,
|
|
10
|
+
VMVariables
|
|
10
11
|
)
|
|
11
12
|
from devsecops_engine_tools.engine_utilities.github.infrastructure.github_api import (
|
|
12
13
|
GithubApi,
|
|
@@ -85,6 +86,9 @@ class GithubActions(DevopsPlatformGateway):
|
|
|
85
86
|
"target_branch": SystemVariables.github_event_base_ref,
|
|
86
87
|
"source_branch": SystemVariables.github_ref,
|
|
87
88
|
"repository_provider": BuildVariables.GitHub,
|
|
89
|
+
"vm_product_type_name": VMVariables.Vm_Product_Type_Name,
|
|
90
|
+
"vm_product_name": VMVariables.Vm_Product_Name,
|
|
91
|
+
"vm_product_description": VMVariables.Vm_Product_Description,
|
|
88
92
|
}
|
|
89
93
|
try:
|
|
90
94
|
return variable_map.get(variable).value()
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py
CHANGED
|
@@ -21,7 +21,7 @@ class RuntimeLocal(DevopsPlatformGateway):
|
|
|
21
21
|
def get_remote_config(self, repository, path, branch=""):
|
|
22
22
|
remote_config_path = f"{repository}/{path}"
|
|
23
23
|
|
|
24
|
-
with open(remote_config_path) as f:
|
|
24
|
+
with open(remote_config_path, 'r', encoding='utf-8') as f:
|
|
25
25
|
return json.load(f)
|
|
26
26
|
|
|
27
27
|
def message(self, type, message):
|
|
@@ -66,6 +66,9 @@ class RuntimeLocal(DevopsPlatformGateway):
|
|
|
66
66
|
"temp_directory" : "DET_TEMP_DIRECTORY",
|
|
67
67
|
"target_branch" : "DET_TARGET_BRANCH",
|
|
68
68
|
"source_branch" : "DET_SOURCE_BRANCH",
|
|
69
|
-
"repository_provider" : "DET_REPOSITORY_PROVIDER"
|
|
69
|
+
"repository_provider" : "DET_REPOSITORY_PROVIDER",
|
|
70
|
+
"vm_product_type_name" : "DET_VM_PRODUCT_TYPE_NAME",
|
|
71
|
+
"vm_product_name" : "DET_VM_PRODUCT_NAME",
|
|
72
|
+
"vm_product_description" : "DET_VM_PRODUCT_DESCRIPTION",
|
|
70
73
|
}
|
|
71
74
|
return os.environ.get(env_variables[variable], None)
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
from abc import ABCMeta, abstractmethod
|
|
2
|
-
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.DeserializeConfigTool import DeserializeConfigTool
|
|
3
2
|
|
|
4
3
|
class ToolGateway(metaclass=ABCMeta):
|
|
5
4
|
@abstractmethod
|
|
@@ -11,8 +10,9 @@ class ToolGateway(metaclass=ABCMeta):
|
|
|
11
10
|
agent_os: str,
|
|
12
11
|
agent_work_folder: str,
|
|
13
12
|
repository_name: str,
|
|
14
|
-
config_tool
|
|
13
|
+
config_tool,
|
|
15
14
|
secret_tool,
|
|
16
15
|
secret_external_checks,
|
|
17
|
-
agent_tem_dir:str
|
|
16
|
+
agent_tem_dir:str,
|
|
17
|
+
tool) -> str:
|
|
18
18
|
"run tool secret scan"
|
|
@@ -1,8 +1,5 @@
|
|
|
1
1
|
import re
|
|
2
|
-
|
|
3
|
-
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.DeserializeConfigTool import (
|
|
4
|
-
DeserializeConfigTool,
|
|
5
|
-
)
|
|
2
|
+
|
|
6
3
|
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.tool_gateway import (
|
|
7
4
|
ToolGateway,
|
|
8
5
|
)
|
|
@@ -29,31 +26,35 @@ class SecretScan:
|
|
|
29
26
|
self.tool_deserialize = tool_deserialize
|
|
30
27
|
self.git_gateway = git_gateway
|
|
31
28
|
|
|
32
|
-
def process(self, skip_tool, config_tool, secret_tool, dict_args):
|
|
29
|
+
def process(self, skip_tool, config_tool, secret_tool, dict_args, tool):
|
|
30
|
+
tool = str(tool).lower()
|
|
33
31
|
finding_list = []
|
|
34
32
|
file_path_findings = ""
|
|
35
33
|
secret_external_checks=dict_args["token_external_checks"]
|
|
34
|
+
files_to_scan = None if dict_args["folder_path"] is None else [dict_args["folder_path"]]
|
|
36
35
|
if skip_tool == False:
|
|
37
|
-
self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"), config_tool
|
|
38
|
-
|
|
39
|
-
self.
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
36
|
+
self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"), config_tool[tool]["VERSION"])
|
|
37
|
+
if files_to_scan is None:
|
|
38
|
+
files_to_scan = self.git_gateway.get_files_pull_request(
|
|
39
|
+
self.devops_platform_gateway.get_variable("path_directory"),
|
|
40
|
+
self.devops_platform_gateway.get_variable("target_branch"),
|
|
41
|
+
config_tool["TARGET_BRANCHES"],
|
|
42
|
+
self.devops_platform_gateway.get_variable("source_branch"),
|
|
43
|
+
self.devops_platform_gateway.get_variable("access_token"),
|
|
44
|
+
self.devops_platform_gateway.get_variable("organization"),
|
|
45
|
+
self.devops_platform_gateway.get_variable("project_name"),
|
|
46
|
+
self.devops_platform_gateway.get_variable("repository"),
|
|
47
|
+
self.devops_platform_gateway.get_variable("repository_provider"))
|
|
48
48
|
findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
|
|
49
|
-
|
|
49
|
+
files_to_scan,
|
|
50
50
|
self.devops_platform_gateway.get_variable("os"),
|
|
51
51
|
self.devops_platform_gateway.get_variable("path_directory"),
|
|
52
52
|
self.devops_platform_gateway.get_variable("repository"),
|
|
53
53
|
config_tool,
|
|
54
54
|
secret_tool,
|
|
55
55
|
secret_external_checks,
|
|
56
|
-
self.devops_platform_gateway.get_variable("temp_directory")
|
|
56
|
+
self.devops_platform_gateway.get_variable("temp_directory"),
|
|
57
|
+
tool)
|
|
57
58
|
finding_list = self.tool_deserialize.get_list_vulnerability(
|
|
58
59
|
findings,
|
|
59
60
|
self.devops_platform_gateway.get_variable("os"),
|
|
@@ -69,12 +70,11 @@ class SecretScan:
|
|
|
69
70
|
init_config_tool = self.devops_platform_gateway.get_remote_config(
|
|
70
71
|
dict_args["remote_config_repo"], "engine_sast/engine_secret/ConfigTool.json", dict_args["remote_config_branch"]
|
|
71
72
|
)
|
|
72
|
-
|
|
73
|
-
config_tool.scope_pipeline = self.devops_platform_gateway.get_variable("pipeline_name")
|
|
73
|
+
init_config_tool['SCOPE_PIPELINE'] = self.devops_platform_gateway.get_variable("pipeline_name")
|
|
74
74
|
|
|
75
|
-
skip_tool = bool(re.match(
|
|
75
|
+
skip_tool = bool(re.match(init_config_tool["IGNORE_SEARCH_PATTERN"], init_config_tool["SCOPE_PIPELINE"], re.IGNORECASE))
|
|
76
76
|
|
|
77
|
-
return
|
|
77
|
+
return init_config_tool, skip_tool
|
|
78
78
|
|
|
79
79
|
def skip_from_exclusion(self, exclusions, skip_tool_isp):
|
|
80
80
|
"""
|
|
@@ -2,12 +2,9 @@ from devsecops_engine_tools.engine_core.src.domain.model.input_core import Input
|
|
|
2
2
|
from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
|
|
3
3
|
DevopsPlatformGateway,
|
|
4
4
|
)
|
|
5
|
-
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.DeserializeConfigTool import (
|
|
6
|
-
DeserializeConfigTool,
|
|
7
|
-
)
|
|
8
5
|
from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
|
|
9
6
|
from devsecops_engine_tools.engine_utilities.utils.utils import Utils
|
|
10
|
-
|
|
7
|
+
from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
|
|
11
8
|
|
|
12
9
|
class SetInputCore:
|
|
13
10
|
def __init__(
|
|
@@ -15,7 +12,7 @@ class SetInputCore:
|
|
|
15
12
|
tool_remote: DevopsPlatformGateway,
|
|
16
13
|
dict_args,
|
|
17
14
|
tool,
|
|
18
|
-
config_tool
|
|
15
|
+
config_tool,
|
|
19
16
|
):
|
|
20
17
|
self.tool_remote = tool_remote
|
|
21
18
|
self.dict_args = dict_args
|
|
@@ -80,12 +77,12 @@ class SetInputCore:
|
|
|
80
77
|
),
|
|
81
78
|
threshold_defined=Utils.update_threshold(
|
|
82
79
|
self,
|
|
83
|
-
self.config_tool
|
|
80
|
+
Threshold(self.config_tool['THRESHOLD']),
|
|
84
81
|
exclusions_config,
|
|
85
|
-
self.config_tool
|
|
82
|
+
self.config_tool["SCOPE_PIPELINE"],
|
|
86
83
|
),
|
|
87
84
|
path_file_results=finding_list,
|
|
88
|
-
custom_message_break_build=self.config_tool
|
|
89
|
-
scope_pipeline=self.config_tool
|
|
85
|
+
custom_message_break_build=self.config_tool["MESSAGE_INFO_ENGINE_SECRET"],
|
|
86
|
+
scope_pipeline=self.config_tool["SCOPE_PIPELINE"],
|
|
90
87
|
stage_pipeline=self.tool_remote.get_variable("stage").capitalize(),
|
|
91
88
|
)
|
|
@@ -7,11 +7,10 @@ import concurrent.futures
|
|
|
7
7
|
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.tool_gateway import (
|
|
8
8
|
ToolGateway,
|
|
9
9
|
)
|
|
10
|
-
|
|
11
|
-
GithubApi,
|
|
12
|
-
)
|
|
10
|
+
|
|
13
11
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
14
12
|
from devsecops_engine_tools.engine_utilities import settings
|
|
13
|
+
from devsecops_engine_tools.engine_utilities.utils.utils import Utils
|
|
15
14
|
|
|
16
15
|
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
17
16
|
|
|
@@ -44,7 +43,7 @@ class TrufflehogRun(ToolGateway):
|
|
|
44
43
|
|
|
45
44
|
def run_install(self, tool_version):
|
|
46
45
|
command = f"curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin v{tool_version}"
|
|
47
|
-
|
|
46
|
+
subprocess.run(command, capture_output=True, shell=True)
|
|
48
47
|
|
|
49
48
|
def run_install_win(self, agent_temp_dir, tool_version):
|
|
50
49
|
command_complete = f"powershell -Command [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; [Net.ServicePointManager]::SecurityProtocol; New-Item -Path {agent_temp_dir} -ItemType Directory -Force; Invoke-WebRequest -Uri 'https://github.com/trufflesecurity/trufflehog/releases/download/v{tool_version}/trufflehog_{tool_version}_windows_amd64.tar.gz' -OutFile {agent_temp_dir}/trufflehog.tar.gz -UseBasicParsing; tar -xzf {agent_temp_dir}/trufflehog.tar.gz -C {agent_temp_dir}; Remove-Item {agent_temp_dir}/trufflehog.tar.gz; $env:Path += '; + {agent_temp_dir}'; & {agent_temp_dir}/trufflehog.exe --version"
|
|
@@ -62,35 +61,20 @@ class TrufflehogRun(ToolGateway):
|
|
|
62
61
|
config_tool,
|
|
63
62
|
secret_tool,
|
|
64
63
|
secret_external_checks,
|
|
65
|
-
agent_temp_dir
|
|
64
|
+
agent_temp_dir,
|
|
65
|
+
tool
|
|
66
66
|
):
|
|
67
67
|
trufflehog_command = "trufflehog"
|
|
68
68
|
if "Windows" in agent_os:
|
|
69
69
|
trufflehog_command = f"{agent_temp_dir}/trufflehog.exe"
|
|
70
70
|
with open(f"{agent_work_folder}/excludedPath.txt", "w") as file:
|
|
71
|
-
file.write("\n".join(config_tool
|
|
71
|
+
file.write("\n".join(config_tool[tool]["EXCLUDE_PATH"]))
|
|
72
72
|
exclude_path = f"{agent_work_folder}/excludedPath.txt"
|
|
73
73
|
include_paths = self.config_include_path(files_commits, agent_work_folder, agent_os)
|
|
74
|
-
enable_custom_rules = config_tool
|
|
75
|
-
|
|
76
|
-
github_api = GithubApi()
|
|
77
|
-
|
|
78
|
-
if secret_tool is not None:
|
|
79
|
-
secret_tmp = secret_tool
|
|
80
|
-
secret = github_api.get_installation_access_token(
|
|
81
|
-
secret_tmp["github_token"],
|
|
82
|
-
config_tool.app_id_github,
|
|
83
|
-
config_tool.installation_id_github
|
|
84
|
-
)
|
|
85
|
-
elif secret_external_checks is not None:
|
|
86
|
-
secret = secret_external_checks.split("github:")[1] if "github" in secret_external_checks else None
|
|
74
|
+
enable_custom_rules = config_tool[tool]["ENABLE_CUSTOM_RULES"]
|
|
75
|
+
Utils().configurate_external_checks(tool, config_tool, secret_tool, secret_external_checks, agent_work_folder)
|
|
87
76
|
|
|
88
|
-
|
|
89
|
-
self.configurate_external_checks(config_tool, secret)
|
|
90
|
-
else: #In case that remote config from tool is enable but in the args dont send any type of secrets. So dont modified command
|
|
91
|
-
enable_custom_rules = "false"
|
|
92
|
-
|
|
93
|
-
with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool.number_threads) as executor:
|
|
77
|
+
with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool[tool]["NUMBER_THREADS"]) as executor:
|
|
94
78
|
results = executor.map(
|
|
95
79
|
self.run_trufflehog,
|
|
96
80
|
[trufflehog_command] * len(include_paths),
|
|
@@ -99,8 +83,9 @@ class TrufflehogRun(ToolGateway):
|
|
|
99
83
|
include_paths,
|
|
100
84
|
[repository_name] * len(include_paths),
|
|
101
85
|
[enable_custom_rules] * len(include_paths),
|
|
86
|
+
[agent_os] * len(include_paths)
|
|
102
87
|
)
|
|
103
|
-
findings, file_findings = self.create_file(self.decode_output(results), agent_work_folder, config_tool)
|
|
88
|
+
findings, file_findings = self.create_file(self.decode_output(results), agent_work_folder, config_tool, tool)
|
|
104
89
|
return findings, file_findings
|
|
105
90
|
|
|
106
91
|
def config_include_path(self, files, agent_work_folder, agent_os):
|
|
@@ -130,13 +115,16 @@ class TrufflehogRun(ToolGateway):
|
|
|
130
115
|
exclude_path,
|
|
131
116
|
include_path,
|
|
132
117
|
repository_name,
|
|
133
|
-
enable_custom_rules
|
|
118
|
+
enable_custom_rules,
|
|
119
|
+
agent_os
|
|
134
120
|
):
|
|
135
121
|
command = f"{trufflehog_command} filesystem {agent_work_folder + '/' + repository_name} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --no-update --json"
|
|
136
122
|
|
|
137
|
-
if
|
|
138
|
-
command = command.replace("--no-verification --no-update --json", "--config
|
|
139
|
-
|
|
123
|
+
if enable_custom_rules:
|
|
124
|
+
command = command.replace("--no-verification --no-update --json", f"--config {agent_work_folder}//rules//trufflehog//custom-rules.yaml --no-verification --no-update --json" if "Windows" in agent_os else
|
|
125
|
+
"/tmp/rules/trufflehog/custom-rules.yaml --no-verification --no-update --json" if "Linux" in agent_os else
|
|
126
|
+
"--no-verification --no-update --json")
|
|
127
|
+
|
|
140
128
|
result = subprocess.run(command, capture_output=True, shell=True, text=True, encoding='utf-8')
|
|
141
129
|
return result.stdout.strip()
|
|
142
130
|
|
|
@@ -150,7 +138,7 @@ class TrufflehogRun(ToolGateway):
|
|
|
150
138
|
result.append(json_obj)
|
|
151
139
|
return result
|
|
152
140
|
|
|
153
|
-
def create_file(self, findings, agent_work_folder, config_tool):
|
|
141
|
+
def create_file(self, findings, agent_work_folder, config_tool, tool):
|
|
154
142
|
file_findings = os.path.join(agent_work_folder, "secret_scan_result.json")
|
|
155
143
|
with open(file_findings, "w") as file:
|
|
156
144
|
for find in findings:
|
|
@@ -159,20 +147,8 @@ class TrufflehogRun(ToolGateway):
|
|
|
159
147
|
where_text = original_where.replace(agent_work_folder, "")
|
|
160
148
|
find["SourceMetadata"]["Data"]["Filesystem"]["file"] = where_text
|
|
161
149
|
find["Id"] = "MISCONFIGURATION_SCANNING" if "exposure" in find["Raw"] else "SECRET_SCANNING"
|
|
162
|
-
find["References"] = config_tool
|
|
163
|
-
find["Mitigation"] = config_tool
|
|
150
|
+
find["References"] = config_tool[tool]["RULES"][find["Id"]]["References"] if "SECRET_SCANNING" not in find["Id"] else "N.A"
|
|
151
|
+
find["Mitigation"] = config_tool[tool]["RULES"][find["Id"]]["Mitigation"] if "SECRET_SCANNING" not in find["Id"] else "N.A"
|
|
164
152
|
json_str = json.dumps(find)
|
|
165
153
|
file.write(json_str + '\n')
|
|
166
|
-
return findings, file_findings
|
|
167
|
-
|
|
168
|
-
def configurate_external_checks(self, config_tool, secret):
|
|
169
|
-
try:
|
|
170
|
-
github_api = GithubApi()
|
|
171
|
-
github_api.download_latest_release_assets(
|
|
172
|
-
config_tool.external_dir_owner,
|
|
173
|
-
config_tool.external_dir_repo,
|
|
174
|
-
secret,
|
|
175
|
-
"/tmp",
|
|
176
|
-
)
|
|
177
|
-
except Exception as ex:
|
|
178
|
-
logger.error(f"An error ocurred download external checks {ex}")
|
|
154
|
+
return findings, file_findings
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py
CHANGED
|
@@ -11,6 +11,6 @@ def engine_secret_scan(devops_platform_gateway, tool_gateway, dict_args, tool, t
|
|
|
11
11
|
secret_scan = SecretScan(tool_gateway, devops_platform_gateway, tool_deserealizator, git_gateway)
|
|
12
12
|
config_tool, skip_tool_isp = secret_scan.complete_config_tool(dict_args, tool)
|
|
13
13
|
skip_tool = secret_scan.skip_from_exclusion(exclusions, skip_tool_isp)
|
|
14
|
-
finding_list, file_path_findings = secret_scan.process(skip_tool, config_tool, secret_tool, dict_args)
|
|
14
|
+
finding_list, file_path_findings = secret_scan.process(skip_tool, config_tool, secret_tool, dict_args, tool)
|
|
15
15
|
input_core = SetInputCore(devops_platform_gateway, dict_args, tool, config_tool)
|
|
16
16
|
return finding_list, input_core.set_input_core(file_path_findings)
|
|
@@ -63,3 +63,8 @@ class AgentVariables(BaseEnum):
|
|
|
63
63
|
Agent_WorkFolder = "Agent.WorkFolder"
|
|
64
64
|
Agent_TempDirectory = "Agent.TempDirectory"
|
|
65
65
|
Agent_OS = "Agent.OS"
|
|
66
|
+
|
|
67
|
+
class VMVariables(BaseEnum):
|
|
68
|
+
Vm_Product_Type_Name = "Vm.Product.Type.Name"
|
|
69
|
+
Vm_Product_Name = "Vm.Product.Name"
|
|
70
|
+
Vm_Product_Description = "Vm.Product.Description"
|
|
@@ -198,16 +198,17 @@ class ImportScanSerializer(Schema):
|
|
|
198
198
|
service = fields.Str(required=False)
|
|
199
199
|
group_by = fields.Str(required=False)
|
|
200
200
|
test_title = fields.Str(required=False)
|
|
201
|
-
|
|
201
|
+
product_description = fields.Str(required=False)
|
|
202
202
|
create_finding_groups_for_all_findings = fields.Str(required=False)
|
|
203
203
|
tools_configuration = fields.Int(required=False, load_default=1)
|
|
204
204
|
code_app = fields.Str(required=False)
|
|
205
205
|
# defect-dojo credential
|
|
206
|
-
token_cmdb = fields.Str(required=
|
|
207
|
-
host_cmdb = fields.Url(required=
|
|
206
|
+
token_cmdb = fields.Str(required=False)
|
|
207
|
+
host_cmdb = fields.Url(required=False)
|
|
208
|
+
cmdb_request_response = fields.Dict(required=False)
|
|
208
209
|
token_defect_dojo = fields.Str(required=True)
|
|
209
210
|
host_defect_dojo = fields.Str(required=True)
|
|
210
|
-
cmdb_mapping = fields.Dict(required=
|
|
211
|
+
cmdb_mapping = fields.Dict(required=False)
|
|
211
212
|
product_type_name_mapping = fields.Dict(required=False)
|
|
212
213
|
# Config remote credential
|
|
213
214
|
compact_remote_config_url = fields.Str(required=False)
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import json
|
|
2
|
+
import ast
|
|
2
3
|
from devsecops_engine_tools.engine_utilities.utils.api_error import ApiError
|
|
3
4
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
4
5
|
from devsecops_engine_tools.engine_utilities.defect_dojo.domain.models.cmdb import Cmdb
|
|
@@ -18,39 +19,89 @@ class CmdbRestConsumer:
|
|
|
18
19
|
self.__session = session._instance
|
|
19
20
|
|
|
20
21
|
def get_product_info(self, request: ImportScanRequest) -> Cmdb:
|
|
21
|
-
|
|
22
|
-
headers =
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
22
|
+
method = request.cmdb_request_response.get("METHOD")
|
|
23
|
+
headers = self.prepare_headers(request.cmdb_request_response.get("HEADERS"))
|
|
24
|
+
response_format = request.cmdb_request_response.get("RESPONSE")
|
|
25
|
+
|
|
26
|
+
if method not in ["GET", "POST"]:
|
|
27
|
+
raise ValueError(f"Unsupported method: {method}")
|
|
28
|
+
|
|
29
|
+
return self.handle_request(method, headers, request, response_format)
|
|
30
|
+
|
|
31
|
+
def handle_request(self, method, headers, request: ImportScanRequest, response_format) -> Cmdb:
|
|
32
|
+
cmdb_object = self.initialize_cmdb_object(request)
|
|
33
|
+
|
|
31
34
|
try:
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
cmdb_object
|
|
35
|
+
if method == "GET":
|
|
36
|
+
params = self.replace_placeholders(
|
|
37
|
+
request.cmdb_request_response.get("PARAMS", {}),
|
|
38
|
+
request.code_app
|
|
39
|
+
)
|
|
40
|
+
response = self.__session.get(self.__host, headers=headers, params=params, verify=VERIFY_CERTIFICATE)
|
|
41
|
+
elif method == "POST":
|
|
42
|
+
body = self.replace_placeholders(
|
|
43
|
+
request.cmdb_request_response.get("BODY", {}),
|
|
44
|
+
request.code_app
|
|
45
|
+
)
|
|
46
|
+
body_json = json.dumps(body)
|
|
47
|
+
response = self.__session.post(self.__host, headers=headers, data=body_json, verify=VERIFY_CERTIFICATE)
|
|
48
|
+
|
|
49
|
+
return self.process_response(response, response_format, cmdb_object, request.code_app)
|
|
47
50
|
except Exception as e:
|
|
48
51
|
logger.warning(e)
|
|
49
52
|
return cmdb_object
|
|
53
|
+
|
|
54
|
+
def process_response(self, response, response_format, cmdb_object, code_app) -> Cmdb:
|
|
55
|
+
if response.status_code != 200:
|
|
56
|
+
logger.warning(response)
|
|
57
|
+
raise ApiError(f"Error querying cmdb: {response.reason}")
|
|
58
|
+
|
|
59
|
+
if response.json() == []:
|
|
60
|
+
logger.warning(f"Engagement: {code_app} not found")
|
|
61
|
+
return cmdb_object # Producto es Orphan
|
|
62
|
+
|
|
63
|
+
data = self.get_nested_data(response, response_format)
|
|
64
|
+
data_map = self.mapping_cmdb(data)
|
|
65
|
+
logger.info(data_map)
|
|
66
|
+
cmdb_object = Cmdb.from_dict(data_map)
|
|
67
|
+
cmdb_object.codigo_app = code_app
|
|
50
68
|
return cmdb_object
|
|
51
69
|
|
|
52
|
-
def
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
70
|
+
def initialize_cmdb_object(self, request: ImportScanRequest) -> Cmdb:
|
|
71
|
+
return Cmdb(
|
|
72
|
+
product_type_name="ORPHAN_PRODUCT_TYPE",
|
|
73
|
+
product_name=f"{request.code_app}_Product",
|
|
74
|
+
tag_product="ORPHAN",
|
|
75
|
+
product_description="Orphan Product Description",
|
|
76
|
+
codigo_app=str(request.code_app),
|
|
77
|
+
)
|
|
78
|
+
|
|
79
|
+
def mapping_cmdb(self, data: dict) -> dict:
|
|
80
|
+
return {key: data.get(value, "") for key, value in self.__mapping_cmdb.items()}
|
|
81
|
+
|
|
82
|
+
def get_nested_data(self, response, keys: list) -> dict:
|
|
83
|
+
data = response.json()
|
|
84
|
+
for key in keys:
|
|
85
|
+
if isinstance(data, dict) and key in data:
|
|
86
|
+
data = data[key]
|
|
87
|
+
elif isinstance(data, list) and isinstance(key, int):
|
|
88
|
+
key = key if key >=0 else len(data) + key
|
|
89
|
+
if 0 <= key < len(data):
|
|
90
|
+
data = data[key]
|
|
91
|
+
else:
|
|
92
|
+
raise KeyError(f"Index '{key}' out of range in the current context.")
|
|
93
|
+
else:
|
|
94
|
+
raise KeyError(f"Key '{key}' not found or invalid in the current context.")
|
|
95
|
+
return data
|
|
96
|
+
|
|
97
|
+
def prepare_headers(self, headers: dict) -> dict:
|
|
98
|
+
return {key: (self.__token if value == 'tokenvalue' else value) for key, value in headers.items()}
|
|
99
|
+
|
|
100
|
+
def replace_placeholders(self, data, replacements):
|
|
101
|
+
data = str(data)
|
|
102
|
+
data = data.replace("codappvalue", replacements)
|
|
103
|
+
try:
|
|
104
|
+
return ast.literal_eval(data)
|
|
105
|
+
except (SyntaxError, ValueError) as e:
|
|
106
|
+
raise ValueError(f"Error converting string to dictionary: {e}")
|
|
107
|
+
|
|
@@ -54,3 +54,9 @@ class AgentVariables(BaseEnum):
|
|
|
54
54
|
github_workspace = "github.workspace"
|
|
55
55
|
runner_os = "runner.os"
|
|
56
56
|
runner_tool_cache = "runner.tool.cache"
|
|
57
|
+
|
|
58
|
+
|
|
59
|
+
class VMVariables(BaseEnum):
|
|
60
|
+
Vm_Product_Type_Name = "Vm.Product.Type.Name"
|
|
61
|
+
Vm_Product_Name = "Vm.Product.Name"
|
|
62
|
+
Vm_Product_Description = "Vm.Product.Description"
|
|
@@ -99,7 +99,10 @@ class ReportSonar:
|
|
|
99
99
|
build_id = self.devops_platform_gateway.get_variable("build_id"),
|
|
100
100
|
branch_tag = branch,
|
|
101
101
|
commit_hash = self.devops_platform_gateway.get_variable("commit_hash"),
|
|
102
|
-
environment = environment
|
|
102
|
+
environment = environment,
|
|
103
|
+
vm_product_type_name = self.devops_platform_gateway.get_variable("vm_product_type_name"),
|
|
104
|
+
vm_product_name = self.devops_platform_gateway.get_variable("vm_product_name"),
|
|
105
|
+
vm_product_description = self.devops_platform_gateway.get_variable("vm_product_description"),
|
|
103
106
|
)
|
|
104
107
|
|
|
105
108
|
for project_key in project_keys:
|
|
@@ -30,7 +30,7 @@ class Utils:
|
|
|
30
30
|
with zipfile.ZipFile(zip_file_path, "r") as zip_ref:
|
|
31
31
|
zip_ref.extractall(extract_path)
|
|
32
32
|
|
|
33
|
-
def configurate_external_checks(self, tool, config_tool, secret_tool, secret_external_checks):
|
|
33
|
+
def configurate_external_checks(self, tool, config_tool, secret_tool, secret_external_checks, agent_work_folder="/tmp"):
|
|
34
34
|
try:
|
|
35
35
|
agent_env = None
|
|
36
36
|
secret = None
|
|
@@ -100,12 +100,12 @@ class Utils:
|
|
|
100
100
|
config_tool[tool]["INSTALLATION_ID_GITHUB"]
|
|
101
101
|
) if secret.get("github_apps") else secret.get("github_token")
|
|
102
102
|
github_api.download_latest_release_assets(
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
103
|
+
config_tool[tool]["EXTERNAL_DIR_OWNER"],
|
|
104
|
+
config_tool[tool]["EXTERNAL_DIR_REPOSITORY"],
|
|
105
|
+
github_token,
|
|
106
|
+
agent_work_folder if platform.system() in "Windows" else "/tmp"
|
|
107
|
+
)
|
|
108
|
+
|
|
109
109
|
except Exception as ex:
|
|
110
110
|
logger.error(f"An error occurred configuring external checks: {ex}")
|
|
111
111
|
return agent_env
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.28.0'
|
{devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: devsecops-engine-tools
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.28.0
|
|
4
4
|
Summary: Tool for DevSecOps strategy
|
|
5
5
|
Home-page: https://github.com/bancolombia/devsecops-engine-tools
|
|
6
6
|
Author: Bancolombia DevSecOps Team
|
|
@@ -70,7 +70,7 @@ pip3 install devsecops-engine-tools
|
|
|
70
70
|
### Scan running - flags (CLI)
|
|
71
71
|
|
|
72
72
|
```bash
|
|
73
|
-
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --remote_config_branch ["remote_config_branch"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk", "engine_code"] --folder_path ["Folder path scan engine_iac, engine_code and
|
|
73
|
+
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --remote_config_branch ["remote_config_branch"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk", "engine_code"] --folder_path ["Folder path scan engine_iac, engine_code, engine_dependencies and engine_secret"] --platform ["k8s","cloudformation","docker", "openapi", "terraform"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
|
|
74
74
|
```
|
|
75
75
|
|
|
76
76
|
### Structure Remote Config
|
|
@@ -99,7 +99,7 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
|
|
|
99
99
|
┃ ┗ 📜ConfigTool.json
|
|
100
100
|
┃ ┗ 📜Exclusions.json
|
|
101
101
|
```
|
|
102
|
-
|
|
102
|
+
For more information visit [here](https://github.com/bancolombia/devsecops-engine-tools/blob/trunk/example_remote_config_local/README.md)
|
|
103
103
|
#### Tools available for the modules (Configuration engine_core/ConfigTool.json)
|
|
104
104
|
|
|
105
105
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=5nHzrvImXgxNlyTnvrD5Snkxx_-p23ujKyy3G22fTzs,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
6
|
-
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=
|
|
6
|
+
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=mA_xkvCgSQEqg33pV-bFEyaBFpfuKjFGIFGXL418IVM,7758
|
|
7
7
|
devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -17,7 +17,7 @@ devsecops_engine_tools/engine_core/src/domain/model/level_compliance.py,sha256=n
|
|
|
17
17
|
devsecops_engine_tools/engine_core/src/domain/model/level_vulnerability.py,sha256=0sySEnFNkS2Y8uF5GUVAYehXw-i2OglUClkVobnSTPc,257
|
|
18
18
|
devsecops_engine_tools/engine_core/src/domain/model/report.py,sha256=09QV_jBQbucoiGM_PjVzRwWvvnebAx24Vehs2bqEe2o,1929
|
|
19
19
|
devsecops_engine_tools/engine_core/src/domain/model/threshold.py,sha256=TCBECuvoC3-9g8vg3iKWGIixssNecP0iUaZ9Qzv0n7w,596
|
|
20
|
-
devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py,sha256=
|
|
20
|
+
devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py,sha256=04ALQoTM4uoea9s505WCDw18J3Cvu6phf54ZTKODN64,552
|
|
21
21
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
22
22
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/devops_platform_gateway.py,sha256=7u7Qq2fq_QW7PJmGnSKZZyVSjTwnj3Oj-HBpj6nI8jk,684
|
|
23
23
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/metrics_manager_gateway.py,sha256=u_ivbmCyymw0Je7gRFg0uD9iDmZfTbteH5UwcgP0JAs,191
|
|
@@ -28,7 +28,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_manage
|
|
|
28
28
|
devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
29
29
|
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=0JK4U5LGxzrLVZOw68j1PMxmLTDPru7Kts_-RtAG0jA,15965
|
|
30
30
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=RirHqsW5AhGjV7ITa13bW_BfM6VE99DffrPASoB9SN0,9403
|
|
31
|
-
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=
|
|
31
|
+
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=q1RGSDT7LSpPn7NyA9Pl4QGeQLQ3kvawzqmXrVQIKTs,9694
|
|
32
32
|
devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
|
|
33
33
|
devsecops_engine_tools/engine_core/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
34
34
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -36,17 +36,17 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/__init
|
|
|
36
36
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/s3_manager.py,sha256=4h1k5EQnL_3NoGI6oRyVibkN5u3s4j5VUthNU1m1zQc,2206
|
|
37
37
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secrets_manager.py,sha256=ELihQBgSPH4f9QCyg2dgjudsFitaqgdsljnVOmaA_v4,1972
|
|
38
38
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
39
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=
|
|
39
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=buCBJ6kAg-5b_7P-gWzem6NEMbk5lK9Hx0Zuf-BQfXQ,5090
|
|
40
40
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
41
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=
|
|
41
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=Ymr2Xk1BUvRO6mzgmApdKLbx_R-0J6nbTYUa9SlFEk4,24420
|
|
42
42
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
43
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=
|
|
43
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=KCg6tTDncasrRZbB20QiLZNE6TKYkfgQ9zP0wPd3xe0,3925
|
|
44
44
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
45
45
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py,sha256=NkXu7JYoCHXIx0HzHl4DhdLGEpocPMIqs2L0ADS-RcI,5369
|
|
46
46
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_rich_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
47
47
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_rich_table/printer_rich_table.py,sha256=LPr3xSv0I7ENEdu1xj8ve5PXzpUohs7hbQvHjDSaUuE,3028
|
|
48
48
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
49
|
-
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py,sha256=
|
|
49
|
+
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py,sha256=O1ZstzA7JHoFvNCNA_mHK1w7ZWCfMEXz-CZa48tDQqg,2748
|
|
50
50
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/syft/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
51
51
|
devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/syft/syft.py,sha256=hP5MitHTeZf3Ia-xwi5bUdIU5hIwbUNuDSzcsqlxG5c,4457
|
|
52
52
|
devsecops_engine_tools/engine_core/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -147,21 +147,20 @@ devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_
|
|
|
147
147
|
devsecops_engine_tools/engine_sast/engine_secret/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
148
148
|
devsecops_engine_tools/engine_sast/engine_secret/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
149
149
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
150
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/DeserializeConfigTool.py,sha256=jUD_irTwabu_WG1by0VrxIoHJTZXVJZzkNSlSYgAue0,1085
|
|
151
150
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
152
151
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
153
152
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gateway_deserealizator.py,sha256=4fYPengHW3K0uVP6wHgOiNu-gRb08m78E7QZayZ2LC4,441
|
|
154
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=
|
|
153
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=Ow6CpzKoUhZzLl2hAlWW7vn-of1TTdamemLqhgxZvkg,729
|
|
155
154
|
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
156
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=
|
|
157
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=
|
|
155
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=MZveRxMAE3x8aTuqaePsQYD7PDuh0I4_EKPnHKsEkYI,4481
|
|
156
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=VbpiXDHIGeFAGHWb6FBR1axRvh5R2vCOzeYsDkQoHAE,3189
|
|
158
157
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
159
158
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
160
159
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
161
160
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=mrSqPrkMiikxQ_uY-rF2I8QvicsOMdMBzTC8CTV3Wk8,2392
|
|
162
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=
|
|
161
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=EEwKXvn8H4fTLZCuJC8CCJPvclqqrT0s3XDCU5xFd5o,7901
|
|
163
162
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
164
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=
|
|
163
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=N5fiG2r5FoxcDdZ12D5hrkeqnu8eRILtxYLq3aj_LfY,1090
|
|
165
164
|
devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
166
165
|
devsecops_engine_tools/engine_sca/engine_container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
167
166
|
devsecops_engine_tools/engine_sca/engine_container/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -225,7 +224,7 @@ devsecops_engine_tools/engine_utilities/azuredevops/__init__.py,sha256=47DEQpj8H
|
|
|
225
224
|
devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
226
225
|
devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/azure_devops_api.py,sha256=l_sRaktn51NEeJowtEJWfUnUmjaU9uRTqXo4jcNR24E,2968
|
|
227
226
|
devsecops_engine_tools/engine_utilities/azuredevops/models/AzureMessageLoggingPipeline.py,sha256=pCwlPDDl-hgvZ9gvceuC8GsKbsMhRm3ykhFFVByVqcI,664
|
|
228
|
-
devsecops_engine_tools/engine_utilities/azuredevops/models/AzurePredefinedVariables.py,sha256=
|
|
227
|
+
devsecops_engine_tools/engine_utilities/azuredevops/models/AzurePredefinedVariables.py,sha256=z9AGtc64o-BNTngiowRJFBlXmo_JmWqenL8YxdLs0aE,2561
|
|
229
228
|
devsecops_engine_tools/engine_utilities/azuredevops/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
230
229
|
devsecops_engine_tools/engine_utilities/defect_dojo/__init__.py,sha256=pVSjIx2caIhX0E67TbXtual0Jz3Ha28aNFnSJKeRsts,400
|
|
231
230
|
devsecops_engine_tools/engine_utilities/defect_dojo/hello_world.py,sha256=WDvgS22lIJJNoIM4b6mrxT8Bu_6hADmrCOZgvf5yGVY,45
|
|
@@ -249,10 +248,10 @@ devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/product_type_l
|
|
|
249
248
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/scan_configuration.py,sha256=-uVxaTkxnDmUUGQUdN9x_VKR8KJUagJKnGR6B1emoEU,577
|
|
250
249
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
251
250
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/finding.py,sha256=RinG3ISc-u_3VXVqntwdcQvZoQdmHPCvDHWSvnkCkcU,2619
|
|
252
|
-
devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py,sha256=
|
|
251
|
+
devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py,sha256=UfvICLF-Wjii3iqvsRq0Tpc-quK4t3oS8U79tozzjfA,5014
|
|
253
252
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
254
253
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/finding.py,sha256=HNkA_sHSMfQKAcZht-rRPdwm0eHYK2wxM6u61_bl2uE,5233
|
|
255
|
-
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=
|
|
254
|
+
devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=AYYPtuAOKagT5qmFvdwuGQ_GupZfQNdMCyMaKzCkTDE,7290
|
|
256
255
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
257
256
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/cmdb.py,sha256=BUOdvP39bEMQ6Unr2hB28eljVGU2Uv8dDEkzRyEJgyQ,2650
|
|
258
257
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/component.py,sha256=_icc-ZAqw-aVgE5J4VH8Q7fSqpCgEGcfmurgRIN9NqM,448
|
|
@@ -262,7 +261,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan
|
|
|
262
261
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/product.py,sha256=6f6eABdC79zOopMe_Rif3XoGG-yFfq9x_EOkevTuGDY,368
|
|
263
262
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
264
263
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
265
|
-
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/cmdb.py,sha256=
|
|
264
|
+
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/cmdb.py,sha256=waucNjkwT9eo-ykeZKxAMZHQCnI-R9Keu0091wVfyOQ,4942
|
|
266
265
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/component.py,sha256=-J0Sv7z709Hctb-tgM0wmp5ofE4WKEIA_uJwzvMnStE,2132
|
|
267
266
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/engagement.py,sha256=39qqmTxECRY5IoFvK_B_R0vfwfJwLbdhGt_pcdvdVIE,3571
|
|
268
267
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/finding.py,sha256=k-z2tg_NPKMni7rZgXMZa2-t8_8F35r8YtF1EcjMyDs,2355
|
|
@@ -282,7 +281,7 @@ devsecops_engine_tools/engine_utilities/git_cli/model/gateway/git_gateway.py,sha
|
|
|
282
281
|
devsecops_engine_tools/engine_utilities/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
283
282
|
devsecops_engine_tools/engine_utilities/github/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
284
283
|
devsecops_engine_tools/engine_utilities/github/infrastructure/github_api.py,sha256=6c4YXGsKZEYPSy6AtMx9arxR4JpYPz1C0VleIV2n2Ms,2779
|
|
285
|
-
devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py,sha256=
|
|
284
|
+
devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py,sha256=8V7rX3jhADkE7wvI4XXWNiIdD8tI_U6JScrd9BY3RqU,1764
|
|
286
285
|
devsecops_engine_tools/engine_utilities/github/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
287
286
|
devsecops_engine_tools/engine_utilities/input_validations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
288
287
|
devsecops_engine_tools/engine_utilities/input_validations/env_utils.py,sha256=nHp9YIuG1k-IvxssQslrE9ny62juJMovmBTzcM7PPk0,258
|
|
@@ -298,7 +297,7 @@ devsecops_engine_tools/engine_utilities/sonarqube/src/domain/model/__init__.py,s
|
|
|
298
297
|
devsecops_engine_tools/engine_utilities/sonarqube/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
299
298
|
devsecops_engine_tools/engine_utilities/sonarqube/src/domain/model/gateways/sonar_gateway.py,sha256=PCrGq7NOINAFPvmX-5V5191MGhahsnQeWXUB1-xL4Xw,1279
|
|
300
299
|
devsecops_engine_tools/engine_utilities/sonarqube/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
301
|
-
devsecops_engine_tools/engine_utilities/sonarqube/src/domain/usecases/report_sonar.py,sha256=
|
|
300
|
+
devsecops_engine_tools/engine_utilities/sonarqube/src/domain/usecases/report_sonar.py,sha256=kC1GzbVA8mX3N1Rp7gX9P-emb6gcbQbXEEspYROOmXs,9193
|
|
302
301
|
devsecops_engine_tools/engine_utilities/sonarqube/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
303
302
|
devsecops_engine_tools/engine_utilities/sonarqube/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
304
303
|
devsecops_engine_tools/engine_utilities/sonarqube/src/infrastructure/driven_adapters/sonarqube/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -317,9 +316,9 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
|
|
|
317
316
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
318
317
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
319
318
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
|
|
320
|
-
devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=
|
|
321
|
-
devsecops_engine_tools-1.
|
|
322
|
-
devsecops_engine_tools-1.
|
|
323
|
-
devsecops_engine_tools-1.
|
|
324
|
-
devsecops_engine_tools-1.
|
|
325
|
-
devsecops_engine_tools-1.
|
|
319
|
+
devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=_yaXWHN1pi2xFFKg0yKbb4fsK_ZRv7Dk_9N1FtPS72k,5964
|
|
320
|
+
devsecops_engine_tools-1.28.0.dist-info/METADATA,sha256=UmYF0xd9sibouWHiSfNUYRCcdjU3Jq-Tj4Ghdfnre6w,11162
|
|
321
|
+
devsecops_engine_tools-1.28.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
322
|
+
devsecops_engine_tools-1.28.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
|
|
323
|
+
devsecops_engine_tools-1.28.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
324
|
+
devsecops_engine_tools-1.28.0.dist-info/RECORD,,
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
|
|
2
|
-
|
|
3
|
-
class DeserializeConfigTool:
|
|
4
|
-
def __init__(self, json_data, tool):
|
|
5
|
-
self.ignore_search_pattern = json_data["IGNORE_SEARCH_PATTERN"]
|
|
6
|
-
self.message_info_engine_secret = json_data["MESSAGE_INFO_ENGINE_SECRET"]
|
|
7
|
-
self.level_compliance = Threshold(json_data['THRESHOLD'])
|
|
8
|
-
self.scope_pipeline = ''
|
|
9
|
-
self.exclude_path = json_data[tool]["EXCLUDE_PATH"]
|
|
10
|
-
self.number_threads = json_data[tool]["NUMBER_THREADS"]
|
|
11
|
-
self.target_branches = json_data["TARGET_BRANCHES"]
|
|
12
|
-
self.enable_custom_rules = json_data[tool]["ENABLE_CUSTOM_RULES"]
|
|
13
|
-
self.external_dir_owner = json_data[tool]["EXTERNAL_DIR_OWNER"]
|
|
14
|
-
self.external_dir_repo = json_data[tool]["EXTERNAL_DIR_REPOSITORY"]
|
|
15
|
-
self.app_id_github = json_data[tool]["APP_ID_GITHUB"]
|
|
16
|
-
self.installation_id_github = json_data[tool]["INSTALLATION_ID_GITHUB"]
|
|
17
|
-
self.tool_version = json_data[tool]["VERSION"]
|
|
18
|
-
self.extradata_rules = json_data[tool]["RULES"]
|
|
File without changes
|
{devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.27.0.dist-info → devsecops_engine_tools-1.28.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|