devsecops-engine-tools 1.57.0__py3-none-any.whl → 1.58.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (7) hide show
  1. devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py +91 -49
  2. devsecops_engine_tools/version.py +1 -1
  3. {devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/METADATA +2 -1
  4. {devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/RECORD +7 -7
  5. {devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/WHEEL +0 -0
  6. {devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/entry_points.txt +0 -0
  7. {devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/top_level.txt +0 -0
devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py CHANGED
@@ -15,6 +15,8 @@ from collections import Counter
15
15
  import copy
16
16
  import sympy as sp
17
17
  import math
18
+ from datetime import datetime, timedelta
19
+ import holidays
18
20
 
19
21
 
20
22
  class BreakBuild:
@@ -138,7 +140,16 @@ class BreakBuild:
138
140
  formula = sp.Eq(
139
141
  remediation_rate_name,
140
142
  100
141
- * (mitigated_name / (all_findings_name - new_findings - white_list_name - transferred_name - base_image_name)),
143
+ * (
144
+ mitigated_name
145
+ / (
146
+ all_findings_name
147
+ - new_findings
148
+ - white_list_name
149
+ - transferred_name
150
+ - base_image_name
151
+ )
152
+ ),
142
153
  )
143
154
  print("\n")
144
155
  sp.pretty_print(formula)
@@ -167,7 +178,13 @@ class BreakBuild:
167
178
  print(
168
179
  f"Mitigated: {mitigated_count} AllFindings: {all_findings_count} BaseImage: {base_image_count} NewFindings: {self.policy_excluded} Transferred: {transferred_list_count} WhiteList: {white_list_count}\n\n"
169
180
  )
170
- total = all_findings_count - self.policy_excluded - white_list_count - base_image_count - transferred_list_count
181
+ total = (
182
+ all_findings_count
183
+ - self.policy_excluded
184
+ - white_list_count
185
+ - base_image_count
186
+ - transferred_list_count
187
+ )
171
188
 
172
189
  if total == 0:
173
190
  print(
@@ -198,7 +215,9 @@ class BreakBuild:
198
215
  )
199
216
  self.warning_build = True
200
217
  else:
201
- missing_findings = math.ceil((risk_threshold / 100 * total) - mitigated_count)
218
+ missing_findings = math.ceil(
219
+ (risk_threshold / 100 * total) - mitigated_count
220
+ )
202
221
  print(
203
222
  self.devops_platform_gateway.message(
204
223
  "error",
@@ -281,62 +300,85 @@ class BreakBuild:
281
300
  remote_config = self.remote_config
282
301
  if report_list:
283
302
  tag_blacklist = set(remote_config["TAG_BLACKLIST_EXCLUSION_DAYS"].keys())
303
+ colombian_holidays = holidays.Colombia()
284
304
 
285
- filtered_reports_above_threshold = [
286
- (report, tag)
287
- for report in report_list
288
- for tag in report.tags
289
- if tag in tag_blacklist
290
- and report.age >= remote_config["TAG_BLACKLIST_EXCLUSION_DAYS"][tag]
291
- ]
305
+ def calculate_working_days(start_date, days):
306
+ current_date = start_date
307
+ working_days = 0
308
+ while working_days < days:
309
+ current_date += timedelta(days=1)
310
+ if (
311
+ current_date.weekday() < 5
312
+ and current_date not in colombian_holidays
313
+ ):
314
+ working_days += 1
315
+ return current_date
292
316
 
293
- filtered_reports_below_threshold = [
294
- (report, tag)
295
- for report in report_list
296
- for tag in report.tags
297
- if tag in tag_blacklist
298
- and report.age < remote_config["TAG_BLACKLIST_EXCLUSION_DAYS"][tag]
299
- ]
317
+ filtered_reports_above_threshold = []
318
+ filtered_reports_below_threshold = []
300
319
 
301
- for report, tag in filtered_reports_above_threshold:
302
- report.reason = "Blacklisted"
303
- print(
304
- self.devops_platform_gateway.message(
305
- "error",
306
- f"Report {report.vm_id} with tag '{tag}' is blacklisted and age {report.age} is above threshold {remote_config['TAG_BLACKLIST_EXCLUSION_DAYS'][tag]}",
307
- )
320
+ for report in report_list:
321
+ for tag in report.tags:
322
+ if tag in tag_blacklist:
323
+ exclusion_value = remote_config["TAG_BLACKLIST_EXCLUSION_DAYS"][tag]
324
+ if isinstance(exclusion_value, str) and "WD" in exclusion_value:
325
+ working_days_threshold = int(exclusion_value.replace("WD", ""))
326
+ report_created_date = datetime.strptime(
327
+ report.created.split("T")[0], "%Y-%m-%d"
328
+ )
329
+ threshold_date = calculate_working_days(
330
+ report_created_date, working_days_threshold
331
+ )
332
+ if datetime.now() >= threshold_date:
333
+ filtered_reports_above_threshold.append((report, tag))
334
+ else:
335
+ filtered_reports_below_threshold.append((report, tag))
336
+ else:
337
+ numeric_threshold = int(exclusion_value)
338
+ if report.age >= numeric_threshold:
339
+ filtered_reports_above_threshold.append((report, tag))
340
+ else:
341
+ filtered_reports_below_threshold.append((report, tag))
342
+
343
+ for report, tag in filtered_reports_above_threshold:
344
+ report.reason = "Blacklisted"
345
+ print(
346
+ self.devops_platform_gateway.message(
347
+ "error",
348
+ f"Report {report.vm_id} with tag '{tag}' is blacklisted and age {report.age} is above threshold {remote_config['TAG_BLACKLIST_EXCLUSION_DAYS'][tag]}",
308
349
  )
350
+ )
309
351
 
310
- for report, tag in filtered_reports_below_threshold:
311
- print(
312
- self.devops_platform_gateway.message(
313
- "warning",
314
- f"Report {report.vm_id} with tag '{tag}' is blacklisted but age {report.age} is below threshold {remote_config['TAG_BLACKLIST_EXCLUSION_DAYS'][tag]}",
315
- )
352
+ for report, tag in filtered_reports_below_threshold:
353
+ print(
354
+ self.devops_platform_gateway.message(
355
+ "warning",
356
+ f"Report {report.vm_id} with tag '{tag}' is blacklisted but age {report.age} is below threshold {remote_config['TAG_BLACKLIST_EXCLUSION_DAYS'][tag]}",
316
357
  )
317
- self.policy_excluded += 1
358
+ )
359
+ self.policy_excluded += 1
318
360
 
319
- if filtered_reports_above_threshold:
320
- self.break_build = True
321
- self.blacklisted += len(filtered_reports_above_threshold)
322
- self.report_breaker.extend(
323
- copy.deepcopy(
324
- [report for report, _ in filtered_reports_above_threshold]
325
- )
361
+ if filtered_reports_above_threshold:
362
+ self.break_build = True
363
+ self.blacklisted += len(filtered_reports_above_threshold)
364
+ self.report_breaker.extend(
365
+ copy.deepcopy(
366
+ [report for report, _ in filtered_reports_above_threshold]
326
367
  )
368
+ )
327
369
 
328
- for report in report_list:
329
- if "On Blacklist" in report.risk_status:
330
- self.break_build = True
331
- report.reason = "Blacklisted"
332
- self.blacklisted += 1
333
- self.report_breaker.append(copy.deepcopy(report))
334
- print(
335
- self.devops_platform_gateway.message(
336
- "error",
337
- f"Report {report.vm_id} is blacklisted.",
338
- )
370
+ for report in report_list:
371
+ if "On Blacklist" in report.risk_status:
372
+ self.break_build = True
373
+ report.reason = "Blacklisted"
374
+ self.blacklisted += 1
375
+ self.report_breaker.append(copy.deepcopy(report))
376
+ print(
377
+ self.devops_platform_gateway.message(
378
+ "error",
379
+ f"Report {report.vm_id} is blacklisted.",
339
380
  )
381
+ )
340
382
 
341
383
  def _risk_score_control(self, report_list: "list[Report]"):
342
384
  remote_config = self.remote_config
devsecops_engine_tools/version.py CHANGED
@@ -1 +1 @@
1
- version = '1.57.0'
1
+ version = '1.58.0'
{devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: devsecops-engine-tools
3
- Version: 1.57.0
3
+ Version: 1.58.0
4
4
  Summary: Tool for DevSecOps strategy
5
5
  Home-page: https://github.com/bancolombia/devsecops-engine-tools
6
6
  Author: Bancolombia DevSecOps Team
@@ -32,6 +32,7 @@ Requires-Dist: ruamel.yaml==0.18.6
32
32
  Requires-Dist: Authlib==1.3.2
33
33
  Requires-Dist: PyJWT==2.9.0
34
34
  Requires-Dist: sympy==1.13.3
35
+ Requires-Dist: holidays==0.58
35
36
 
36
37
  # DevSecOps Engine Tools
37
38
 
{devsecops_engine_tools-1.57.0.dist-info → devsecops_engine_tools-1.58.0.dist-info}/RECORD RENAMED
@@ -1,5 +1,5 @@
1
1
  devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
2
- devsecops_engine_tools/version.py,sha256=3bV86pCFijJLvT5txSenob-Vya-3X7Wjbmd4BIQVU1w,19
2
+ devsecops_engine_tools/version.py,sha256=az0Lu4HqJfr2fFy_Az3mdBs66w7djPHVRbb1T0hjDmQ,19
3
3
  devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
5
5
  devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -101,7 +101,7 @@ devsecops_engine_tools/engine_risk/src/domain/model/gateways/__init__.py,sha256=
101
101
  devsecops_engine_tools/engine_risk/src/domain/model/gateways/add_epss_gateway.py,sha256=cTm4QSxiaUt7ETCdXWZxKEus8pmEDA3e9k5b39SLDDE,178
102
102
  devsecops_engine_tools/engine_risk/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
103
103
  devsecops_engine_tools/engine_risk/src/domain/usecases/add_data.py,sha256=4wqDj-q7hJfJscvrbMDcy7tONqxdxl-CSl_TWTRUGKA,402
104
- devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py,sha256=KjEdbna0eMaIFcAQa36X3p_UFhexk3d4wnBOTK5ZrIU,15552
104
+ devsecops_engine_tools/engine_risk/src/domain/usecases/break_build.py,sha256=nCUvHa4azCfQSdVzoJcyWOn3vzdSlgibzBS2J3Qqfsc,17011
105
105
  devsecops_engine_tools/engine_risk/src/domain/usecases/check_threshold.py,sha256=VYdmcbAuNNvdHCegRfvza7YJ8FHbFNyDosrKJrMW93I,765
106
106
  devsecops_engine_tools/engine_risk/src/domain/usecases/get_exclusions.py,sha256=1UNNq_Yhg3R78jLRSKcMNQYe8T8gl1C31C0ttBF0OAk,3992
107
107
  devsecops_engine_tools/engine_risk/src/domain/usecases/handle_filters.py,sha256=R53fnuIQYfr7YbpMz1BGPJ1d5z9jY_Hnm7EmPt99wlE,3608
@@ -349,8 +349,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
349
349
  devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
350
350
  devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
351
351
  devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
352
- devsecops_engine_tools-1.57.0.dist-info/METADATA,sha256=VycToEXDHP9bFhj-7MTrhMOtNdWdVmaEe9dz3Q74Ses,11779
353
- devsecops_engine_tools-1.57.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
354
- devsecops_engine_tools-1.57.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
355
- devsecops_engine_tools-1.57.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
356
- devsecops_engine_tools-1.57.0.dist-info/RECORD,,
352
+ devsecops_engine_tools-1.58.0.dist-info/METADATA,sha256=OIufybH_vyGaVr0a4k3V7fhev7UYUgEBQ8dQdZtLepM,11809
353
+ devsecops_engine_tools-1.58.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
354
+ devsecops_engine_tools-1.58.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
355
+ devsecops_engine_tools-1.58.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
356
+ devsecops_engine_tools-1.58.0.dist-info/RECORD,,