devsecops-engine-tools 1.47.3__py3-none-any.whl → 1.48.1__py3-none-any.whl

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py

@@ -65,6 +65,10 @@ class AzureDevops(DevopsPlatformGateway):
             "github": (
                 f"https://github.com/{BuildVariables.Build_Repository_Name.value()}"
             ),
+            "git": (
+                f"{SystemVariables.System_TeamFoundationCollectionUri.value()}"
+                f"{SystemVariables.System_TeamProject.value()}/_git/{BuildVariables.Build_Repository_Name.value()}"
+            ).replace(" ", "%20")
         }
         return source_code_management_uri.get(BuildVariables.Build_Repository_Provider.value().lower())
 

devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py

@@ -1,4 +1,6 @@
 import yaml
+import requests
+import zipfile
 import subprocess
 import time
 import os
@@ -66,14 +68,14 @@ class CheckovTool(ToolGateway):
 
         installed = shutil.which(package)
         if installed:
-            return True
+            return "checkov"
 
         python_command = "python3" if platform.system() != "Windows" else "python"
 
         python_path = shutil.which(python_command)
         if python_path is None:
             logger.error("Python3 not found on the system.")
-            return False
+            return None
 
         def retry(attempt):
             if attempt < MAX_RETRIES:
@@ -98,17 +100,17 @@ class CheckovTool(ToolGateway):
                 result = subprocess.run(install_cmd, capture_output=True)
                 if result.returncode == 0:
                     logger.debug(INSTALL_SUCCESS_MSG)
-                    return True
+                    return "checkov"
             except Exception as e:
                 logger.error(f"Error during installation: {e}")
 
             retry(attempt)
 
-        return False
+        return None
 
-    def execute(self, checkov_config: CheckovConfig):
+    def execute(self, checkov_config: CheckovConfig, command_prefix):
         command = (
-            "checkov --config-file "
+            f"{command_prefix} --config-file "
             + checkov_config.path_config_file
             + checkov_config.config_file_name
             + self.CHECKOV_CONFIG_FILE
@@ -123,9 +125,9 @@ class CheckovTool(ToolGateway):
         error = result.stderr.strip()
         return output
 
-    def async_scan(self, queue, checkov_config: CheckovConfig):
+    def async_scan(self, queue, checkov_config: CheckovConfig, command_prefix):
         result = []
-        output = self.execute(checkov_config)
+        output = self.execute(checkov_config, command_prefix)
         result.append(json.loads(output))
         queue.put(result)
 
@@ -136,6 +138,7 @@ class CheckovTool(ToolGateway):
         agent_env,
         environment,
         platform_to_scan,
+        command_prefix
     ):
         output_queue = queue.Queue()
         # Crea una lista para almacenar los hilos
@@ -186,7 +189,7 @@ class CheckovTool(ToolGateway):
                     rules_run.update(config_tool[self.TOOL_CHECKOV]["RULES"][rule])
                     t = threading.Thread(
                         target=self.async_scan,
-                        args=(output_queue, checkov_config),
+                        args=(output_queue, checkov_config, command_prefix),
                     )
                     t.start()
                     threads.append(t)
@@ -212,13 +215,21 @@ class CheckovTool(ToolGateway):
         util = Utils()
         agent_env = util.configurate_external_checks(self.TOOL_CHECKOV,config_tool, secret_tool,secret_external_checks)
 
-        checkov_install = self.retryable_install_package(
-            "checkov", config_tool[self.TOOL_CHECKOV]["VERSION"]
-        )
 
-        if checkov_install:
+        install_type = config_tool[self.TOOL_CHECKOV].get("INSTALL_TYPE", "")
+
+        command_prefix = None
+
+        if install_type.casefold() == "remote-binary".casefold():
+            command_prefix = self.install_binary(config_tool[self.TOOL_CHECKOV])
+        else:
+            command_prefix = self.retryable_install_package(
+                "checkov", config_tool[self.TOOL_CHECKOV]["VERSION"]
+            )
+        
+        if command_prefix is not None:
             result_scans, rules_run = self.scan_folders(
-                folders_to_scan, config_tool, agent_env, environment, platform_to_scan
+                folders_to_scan, config_tool, agent_env, environment, platform_to_scan, command_prefix
             )
 
             checkov_deserealizator = CheckovDeserealizator()
@@ -240,4 +251,78 @@ class CheckovTool(ToolGateway):
                 ),
             )
         else:
-            return [], None
+            return [], None
+        
+
+    def install_binary(self,config_tool):
+        os_platform = platform.system()
+        if os_platform == "Linux":
+            architecture = platform.machine()
+            if architecture == "aarch64":
+                url = config_tool["URL_FILE_LINUX_ARM64"]
+            else:
+                url = config_tool["URL_FILE_LINUX"]
+            file = os.path.basename(url)
+            self.install_tool_unix(file, url)
+            return "./checkov"
+        elif os_platform == "Darwin":
+            url = config_tool["URL_FILE_DARWIN"]
+            file = os.path.basename(url)
+            self.install_tool_unix(file, url)
+            return "./checkov"
+        elif os_platform == "Windows":
+            url = config_tool["URL_FILE_WINDOWS"]
+            file = os.path.basename(url)
+            self.install_tool_windows(file, url)
+            return "checkov.exe"
+        else:
+            logger.warning(f"{os_platform} is not supported.")
+            return None
+    
+        
+    def download_tool(self, file, url):
+        try:
+            response = requests.get(url, allow_redirects=True)
+            with open(file, "wb") as compress_file:
+                compress_file.write(response.content)
+        except Exception as e:
+            logger.error(f"Error downloading Checkov: {e}")
+
+    def install_tool_unix(self, file, url):
+        installed = subprocess.run(
+            ["which", "./checkov"],
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+        )
+        if installed.returncode == 1:
+            command = ["chmod", "+x", "./checkov"]
+            try:
+                self.download_tool(file, url)
+                with zipfile.ZipFile(file, 'r') as zip_file:
+                    zip_file.extract(member="dist/checkov")
+                source = os.path.join("dist", "checkov")
+                destination = "checkov"
+                shutil.move(source, destination)
+                subprocess.run(
+                    command, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
+                )
+            except Exception as e:
+                logger.error(f"Error installing Checkov: {e}")
+        
+    def install_tool_windows(self, file, url):
+        try:
+            subprocess.run(
+                ["checkov.exe", "--version"],
+                stdout=subprocess.PIPE,
+                stderr=subprocess.PIPE,
+            )
+        except:
+            try:
+                self.download_tool(file, url)
+                with zipfile.ZipFile(file, 'r') as zip_file:
+                    zip_file.extract(member="dist/checkov.exe")
+                source = os.path.join("dist", "checkov.exe")
+                destination = "checkov.exe"
+                shutil.move(source, destination)
+            except Exception as e:
+                logger.error(f"Error installing Checkov: {e}")

devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py

@@ -179,7 +179,7 @@ class ImportScanSerializer(Schema):
     product_name = fields.Str(required=False)
     engagement_name = fields.Str(required=True)
     engagement_end_date = fields.Str(required=False)
-    source_code_management_uri = fields.Str(required=False)
+    source_code_management_uri = fields.Str(required=False, load_default=None)
     engagement = fields.Int(required=False)
     auto_create_context = fields.Str(required=False, load_default="true")
     deduplication_on_engagement = fields.Str(required=False)

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.47.3'
+version = '1.48.1'

{devsecops_engine_tools-1.47.3.dist-info → devsecops_engine_tools-1.48.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.47.3
+Version: 1.48.1
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.47.3.dist-info → devsecops_engine_tools-1.48.1.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=VsNR1olnzW93rFuJMr9PWVZS8Ze8JmFrCpnipZvXjcg,19
+devsecops_engine_tools/version.py,sha256=fsWA33w6l-rR0RWdoXYfxoaTVXSxTBcmlhCVcZQZfyI,19
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -36,7 +36,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/__init
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/s3_manager.py,sha256=xLPwfh8FQzP5CldRj0ev8LsSxFO4A_i88EnNGBPuN2g,2210
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secrets_manager.py,sha256=ELihQBgSPH4f9QCyg2dgjudsFitaqgdsljnVOmaA_v4,1972
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=_HbiOZ0XdXCiAGm4LS02gCvekTDQu0YKRKcaCR1IqVM,5491
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=SIRGfjZZF_5JC_bjN3bvObKDZaSqtEcCd3DR2FGC5jI,5742
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=dKodTpwafJUDSfCLPWELLkx7THK1m91ncoIO0mqStGg,30603
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -152,7 +152,7 @@ devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_config.py,sha256=qbE6wUO5_WFXF_QolL0JYelaRGEOUakPEZR_6HAKzzI,4355
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_deserealizator.py,sha256=l_opY909gh1m3k2ud2xDrCVnDTBe3ApYT75juBf_uMk,1836
-devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py,sha256=MzyAJlZcZxAU77TqFiOHqYKSFUy21XjArT5Pd6dj-VM,8684
+devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py,sha256=bMcPri5oZkQdzjz2cIWIb-JA3xpdsFwD7LPBp_IDUnQ,11991
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_deserealizator.py,sha256=b1X5GWz2snJtsKZcGEsILNc178hv9p-lg-el0Jc-_Eo,2084
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py,sha256=8lda0A7huVSWgq2zMAN92vQv4ug0HiQMATGdXV5lgyA,5202
@@ -279,7 +279,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/findi
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py,sha256=3OqfunER_l7j8JkcwEiVVao40GvGtGKcHf5YlPqfjsw,5198
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/finding.py,sha256=4IQLjqgyImVdn8AxoU3UKgXnvU-F-x7Tm2bJdp6nHm4,5265
-devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=__mRQMSt94gd3JlC0xZ5RSvMmaUrXOxu8XoWnom72iw,7489
+devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py,sha256=pk28H4i2NdJjrXa58K1Me9zX7mjBcO0NrWpArh9bSqE,7508
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/cmdb.py,sha256=BUOdvP39bEMQ6Unr2hB28eljVGU2Uv8dDEkzRyEJgyQ,2650
 devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/component.py,sha256=_icc-ZAqw-aVgE5J4VH8Q7fSqpCgEGcfmurgRIN9NqM,448
@@ -347,8 +347,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
-devsecops_engine_tools-1.47.3.dist-info/METADATA,sha256=tIk-YkuYM4vLRY0holdhaFKaD54RUIKSr8_ikmsiDcg,11779
-devsecops_engine_tools-1.47.3.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-devsecops_engine_tools-1.47.3.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
-devsecops_engine_tools-1.47.3.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.47.3.dist-info/RECORD,,
+devsecops_engine_tools-1.48.1.dist-info/METADATA,sha256=hqIhjAzLVeg0ie74aQKly3ouyx32l_gutUl5jjWdGCo,11779
+devsecops_engine_tools-1.48.1.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+devsecops_engine_tools-1.48.1.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
+devsecops_engine_tools-1.48.1.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.48.1.dist-info/RECORD,,