PyPI - devsecops-engine-tools - Versions diffs - 1.32.2__py3-none-any.whl → 1.32.4__py3-none-any.whl - Mend

devsecops-engine-tools 1.32.2py3-none-any.whl → 1.32.4py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (9) hide show

devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py CHANGED Viewed

@@ -146,7 +146,7 @@ def get_inputs_from_cli(args):
     parser.add_argument(
         "--token_engine_container",
         required=False,
-        help="Token to execute engine_container if is necessary",
+        help="Token to execute engine_container if is necessary, accesskey:secretkey",
     )
     parser.add_argument(
         "--token_engine_dependencies",

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py CHANGED Viewed

@@ -21,14 +21,13 @@ class PrismaCloudManagerScan(ToolGateway):
     def download_twistcli(
         self,
         file_path,
-        prisma_access_key,
-        prisma_secret_key,
+        prisma_key,
         prisma_console_url,
         prisma_api_version,
     ):
         url = f"{prisma_console_url}/api/{prisma_api_version}/util/twistcli"
         credentials = base64.b64encode(
-            f"{prisma_access_key}:{prisma_secret_key}".encode()
+            prisma_key.encode()
         ).decode()
         headers = {"Authorization": f"Basic {credentials}"}
         try:
@@ -46,7 +45,7 @@ class PrismaCloudManagerScan(ToolGateway):
             raise ValueError(f"Error downloading twistcli: {e}")
     def scan_image(
-        self, file_path, image_name, result_file, remoteconfig, prisma_secret_key
+        self, file_path, image_name, result_file, remoteconfig, prisma_key
     ):
         command = (
             file_path,
@@ -55,9 +54,9 @@ class PrismaCloudManagerScan(ToolGateway):
             "--address",
             remoteconfig["PRISMA_CLOUD"]["PRISMA_CONSOLE_URL"],
             "--user",
-            remoteconfig["PRISMA_CLOUD"]["PRISMA_ACCESS_KEY"],
+            self._split_prisma_token(prisma_key)[0],
             "--password",
-            prisma_secret_key,
+            self._split_prisma_token(prisma_key)[1],
             "--output-file",
             result_file,
             "--details",
@@ -100,11 +99,11 @@ class PrismaCloudManagerScan(ToolGateway):
         except subprocess.CalledProcessError as e:
              logger.error(f"Error during write image base of {base_image}: {e.stderr}")
-    def _generate_sbom(self, image_scanned, remoteconfig, prisma_secret_key, image_name):
+    def _generate_sbom(self, image_scanned, remoteconfig, prisma_key, image_name):
         url = f"{remoteconfig['PRISMA_CLOUD']['PRISMA_CONSOLE_URL']}/api/{remoteconfig['PRISMA_CLOUD']['PRISMA_API_VERSION']}/sbom/download/cli-images"
         credentials = base64.b64encode(
-            f"{remoteconfig['PRISMA_CLOUD']['PRISMA_ACCESS_KEY']}:{prisma_secret_key}".encode()
+            prisma_key.encode()
         ).decode()
         headers = {"Authorization": f"Basic {credentials}"}
         try:
@@ -137,11 +136,19 @@ class PrismaCloudManagerScan(ToolGateway):
         except Exception as e:
             logger.error(f"Error generating SBOM: {e}")
+    def _split_prisma_token(self, prisma_key):
+        try:
+            access_prisma, token_prisma = prisma_key.split(":")
+            return access_prisma, token_prisma
+        except ValueError:
+            raise ValueError("The string is not properly formatted. Make sure it contains a ':'.")
     def run_tool_container_sca(
         self, remoteconfig, secret_tool, token_engine_container, image_name, result_file, base_image, exclusions, generate_sbom
     ):
-        prisma_secret_key = (
-            secret_tool["token_prisma_cloud"] if secret_tool else token_engine_container
+        prisma_key = (
+            f"{secret_tool['access_prisma']}:{secret_tool['token_prisma']}" if secret_tool else token_engine_container
         )
         file_path = os.path.join(
             os.getcwd(), remoteconfig["PRISMA_CLOUD"]["TWISTCLI_PATH"]
@@ -151,8 +158,7 @@ class PrismaCloudManagerScan(ToolGateway):
         if not os.path.exists(file_path):
             self.download_twistcli(
                 file_path,
-                remoteconfig["PRISMA_CLOUD"]["PRISMA_ACCESS_KEY"],
-                prisma_secret_key,
+                prisma_key,
                 remoteconfig["PRISMA_CLOUD"]["PRISMA_CONSOLE_URL"],
                 remoteconfig["PRISMA_CLOUD"]["PRISMA_API_VERSION"],
             )
@@ -161,7 +167,7 @@ class PrismaCloudManagerScan(ToolGateway):
             image_name,
             result_file,
             remoteconfig,
-            prisma_secret_key
+            prisma_key
         )
         if base_image:
             self._write_image_base(result_file, base_image, exclusions)
@@ -169,7 +175,7 @@ class PrismaCloudManagerScan(ToolGateway):
             sbom_components = self._generate_sbom(
                 image_scanned,
                 remoteconfig,
-                prisma_secret_key,
+                prisma_key,
                 image_name
             )

devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product_type.py CHANGED Viewed

@@ -22,7 +22,7 @@ class ProductTypeRestConsumer:
         data = json.dumps({"name": product_type_name})
         headers = {"Authorization": f"Token {self.__token}", "Content-Type": "application/json"}
         try:
-            response = self.__session.post(url, headers=headers, data=data)
+            response = self.__session.post(url, headers=headers, data=data, verify=VERIFY_CERTIFICATE)
             if response.status_code != 201:
                 raise ApiError(response.json())
             product_type_object = ProductType.from_dict(response.json())

devsecops_engine_tools/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- version = '1.32.2'
1	+ version = '1.32.4'

{devsecops_engine_tools-1.32.2.dist-info → devsecops_engine_tools-1.32.4.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.32.2
+Version: 1.32.4
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.32.2.dist-info → devsecops_engine_tools-1.32.4.dist-info}/RECORD RENAMED Viewed

@@ -1,9 +1,9 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=senOKHMZAzIHFUXseEu6mEWgWf3zPOXsmhaEzbgyK1s,19
+devsecops_engine_tools/version.py,sha256=0uZtIbhK55lCaidPU2RJOEwavxsRwzccsr8jQzMdHG8,19
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=mA_xkvCgSQEqg33pV-bFEyaBFpfuKjFGIFGXL418IVM,7758
+devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=poPtyIEmOWjkE2L0l8l01O50dRG84xkp3V33zXDxU6g,7779
 devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -186,7 +186,7 @@ devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_ada
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=kJfJbbsHgwmN1NWJ0lb4HhWNcadaFuSnLzr5xUV7QoM,1857
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=Tl2nxtGkUHymm9snXId6qrB5tgYqtGllyO-EdxkH7yo,6572
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=C4We_sIE-hO2z0udrPDAQMT7o0kRtYRoZFZ8nNHoudA,6688
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=oK0NKuPODm38qDgQjf6w40lfNG6NFJS43p5k44wDoMA,2562
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py,sha256=LGqnO10Zt-0-TxUW6F1S46jVktlIwxWSYATKSVblCWI,2535
@@ -274,7 +274,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapt
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/finding_exclusion.py,sha256=BL4xf1FE5tMsBri0LetxBRUgOgLogdoHX97rQkHh10g,1524
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/import_scan.py,sha256=68Qd8o0oSxFG-3cRlX97BkX9muS6k64DGslGtX9sx6M,5897
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product.py,sha256=DhiLPv8KyRhHBRhvF0ULhchhGAT8SQyn1ftiuou_aKw,2576
-devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product_type.py,sha256=9Lzsh9HCs4rbJ2b6X11renvYU3g6s-1q2NUDwbYX0qY,3051
+devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product_type.py,sha256=x-Gh2BEP6IZccS2m_DLB8xI6aEkS19J0ZUpP2mjY88o,3078
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/scan_configurations.py,sha256=YVIHiXPkJ8m1nOW7lG8LGbST16eMZoJwFQcrRRU7R6k,3089
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/settings.py,sha256=5ni59GuAHT-avpWNc4FSedVpoFRTGRNzjQJkAXpWv6c,28
@@ -324,8 +324,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=dAklY11OGNDODjZyt9dO68Xiwu9pLJmqLOslqQ7rXa8,6112
-devsecops_engine_tools-1.32.2.dist-info/METADATA,sha256=oqc7DmtPOEYnKUHHAZ1C-BFAHtw-GmuZmzSDvD-qacA,11378
-devsecops_engine_tools-1.32.2.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-devsecops_engine_tools-1.32.2.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
-devsecops_engine_tools-1.32.2.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.32.2.dist-info/RECORD,,
+devsecops_engine_tools-1.32.4.dist-info/METADATA,sha256=RWdJP57TxK9VFY5Q7zcgaHQcTY28RqYnYly6pTzMOuM,11378
+devsecops_engine_tools-1.32.4.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+devsecops_engine_tools-1.32.4.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
+devsecops_engine_tools-1.32.4.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.32.4.dist-info/RECORD,,

{devsecops_engine_tools-1.32.2.dist-info → devsecops_engine_tools-1.32.4.dist-info}/WHEEL RENAMED Viewed

File without changes

{devsecops_engine_tools-1.32.2.dist-info → devsecops_engine_tools-1.32.4.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{devsecops_engine_tools-1.32.2.dist-info → devsecops_engine_tools-1.32.4.dist-info}/top_level.txt RENAMED Viewed

File without changes

devsecops-engine-tools 1.32.2__py3-none-any.whl → 1.32.4__py3-none-any.whl

Potentially problematic release.

devsecops-engine-tools 1.32.2py3-none-any.whl → 1.32.4py3-none-any.whl