PyPI - devsecops-engine-tools - Versions diffs - 1.6.7__py3-none-any.whl - Mend

devsecops-engine-tools 1.6.7__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (231) hide show

devsecops_engine_tools/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/applications/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py ADDED Viewed

@@ -0,0 +1,124 @@
+from devsecops_engine_tools.engine_core.src.infrastructure.entry_points.entry_point_core import (
+    init_engine_core,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.defect_dojo.defect_dojo import (
+    DefectDojoPlatform,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.aws.secrets_manager import (
+    SecretsManager,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.azure.azure_devops import (
+    AzureDevops,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.runtime_local.runtime_local import (
+    RuntimeLocal,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.aws.s3_manager import (
+    S3Manager,
+)
+from devsecops_engine_tools.engine_core.src.infrastructure.driven_adapters.printer_pretty_table.printer_pretty_table import (
+    PrinterPrettyTable,
+)
+import sys
+import argparse
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+from devsecops_engine_tools.version import version
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
+def get_inputs_from_cli(args):
+    parser = argparse.ArgumentParser()
+    parser.add_argument("-v", "--version", action='version', version='{version}'.format(version=version))
+    parser.add_argument("-pd", "--platform_devops", choices=["azure", "local"], type=str, required=True, help="Platform where is executed")
+    parser.add_argument("-rcf" ,"--remote_config_repo", type=str, required=True, help="Name or Folder Path of Config Repo")
+    parser.add_argument("-t",
+        "--tool",
+        choices=[
+            "engine_iac",
+            "engine_dast",
+            "engine_secret",
+            "engine_dependencies",
+            "engine_container",
+        ],
+        type=str,
+        required=True,
+        help="Tool to execute",
+    )
+    parser.add_argument("-fp", "--folder_path", type=str, required=False, help="Folder Path to scan, only apply engine_iac tool")
+    parser.add_argument("-p",
+        "--platform", choices=["eks", "openshift"], type=str, required=False, help="Platform to execute,  only apply engine_iac tool"
+    )
+    parser.add_argument(
+        "--use_secrets_manager",
+        choices=["true", "false"],
+        type=str,
+        required=False,
+        help="Use Secrets Manager to get the tokens",
+    )
+    parser.add_argument(
+        "--use_vulnerability_management",
+        choices=["true", "false"],
+        type=str,
+        required=False,
+        help="Use Vulnerability Management to send the vulnerabilities to the platform",
+    )
+    parser.add_argument(
+        "--send_metrics",
+        choices=["true", "false"],
+        type=str,
+        required=False,
+        help="Enable or Disable the send metrics to the driven adapter metrics",
+    )
+    parser.add_argument("--token_cmdb", required=False, help="Token to connect to the CMDB")
+    parser.add_argument("--token_vulnerability_management", required=False, help="Token to connect to the Vulnerability Management")
+    parser.add_argument("--token_engine_container", required=False, help="Token to execute engine_container if is necessary")
+    parser.add_argument("--token_engine_dependencies", required=False, help="Token to execute engine_dependencies if is necessary")
+    args = parser.parse_args()
+    return {
+        "platform_devops": args.platform_devops,
+        "remote_config_repo": args.remote_config_repo,
+        "tool": args.tool,
+        "folder_path": args.folder_path,
+        "platform": args.platform,
+        "use_secrets_manager": args.use_secrets_manager,
+        "use_vulnerability_management": args.use_vulnerability_management,
+        "send_metrics": args.send_metrics,
+        "token_cmdb": args.token_cmdb,
+        "token_vulnerability_management": args.token_vulnerability_management,
+        "token_engine_container": args.token_engine_container,
+        "token_engine_dependencies": args.token_engine_dependencies,
+    }
+def application_core():
+    try:
+        # Get inputs from CLI
+        args = get_inputs_from_cli(sys.argv[1:])
+        # Define driven adapters for gateways
+        vulnerability_management_gateway = DefectDojoPlatform()
+        secrets_manager_gateway = SecretsManager()
+        devops_platform_gateway = AzureDevops() if args["platform_devops"] == "azure" else RuntimeLocal()
+        printer_table_gateway = PrinterPrettyTable()
+        metrics_manager_gateway = S3Manager()
+        init_engine_core(
+            vulnerability_management_gateway,
+            secrets_manager_gateway,
+            devops_platform_gateway,
+            printer_table_gateway,
+            metrics_manager_gateway,
+            args
+        )
+    except Exception as e:
+        logger.error("Error SCAN: {0} ".format(str(e)))
+        print(
+            devops_platform_gateway.message(
+                "error", "Error SCAN: {0} ".format(str(e))
+            )
+        )
+        print(devops_platform_gateway.result_pipeline("failed"))
+if __name__ == "__main__":
+    application_core()

devsecops_engine_tools/engine_core/src/deployment/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/domain/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/domain/model/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/domain/model/customs_exceptions.py ADDED Viewed

@@ -0,0 +1,9 @@
+class ExceptionVulnerabilityManagement(Exception):
+    def __init__(self, message):
+        self.message = message
+        super().__init__(self.message)
+class ExceptionFindingsExcepted(Exception):
+    def __init__(self, message):
+        self.message = message
+        super().__init__(self.message)

devsecops_engine_tools/engine_core/src/domain/model/exclusions.py ADDED Viewed

@@ -0,0 +1,14 @@
+from dataclasses import dataclass
+@dataclass
+class Exclusions:
+    def __init__(self, **kwargs):
+        self.id = kwargs.get("id", "")
+        self.where = kwargs.get("where", "")
+        self.cve_id = kwargs.get("cve_id", "")
+        self.create_date = kwargs.get("create_date", "")
+        self.expired_date = kwargs.get("expired_date", "")
+        self.severity = kwargs.get("severity", "")
+        self.hu = kwargs.get("hu", "")
+        self.reason = kwargs.get("reason", "Risk acceptance")

devsecops_engine_tools/engine_core/src/domain/model/finding.py ADDED Viewed

@@ -0,0 +1,20 @@
+from enum import Enum
+from dataclasses import dataclass
+class Category(Enum):
+    VULNERABILITY = "vulnerability"
+    COMPLIANCE = "compliance"
+@dataclass
+class Finding:
+    id: str
+    cvss: str
+    where: str
+    description: str
+    severity: str
+    identification_date: str
+    published_date_cve: str
+    module: str
+    category: Category
+    requirements: str
+    tool: str

devsecops_engine_tools/engine_core/src/domain/model/gateway/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools/engine_core/src/domain/model/gateway/devops_platform_gateway.py ADDED Viewed

@@ -0,0 +1,27 @@
+from abc import ABCMeta, abstractmethod
+class DevopsPlatformGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def get_remote_config(self, repository, path):
+        "get_remote_config"
+    @abstractmethod
+    def message(self, type, message):
+        "message"
+    @abstractmethod
+    def result_pipeline(self, type):
+        "result_pipeline"
+    @abstractmethod
+    def get_source_code_management_uri(self):
+        "get_source_code_management_uri"
+    @abstractmethod
+    def get_base_compact_remote_config_url(self, remote_config_repo):
+        "get_base_compact_remote_config_url"
+    @abstractmethod
+    def get_variable(self, variable):
+        "get_variable"

devsecops_engine_tools/engine_core/src/domain/model/gateway/metrics_manager_gateway.py ADDED Viewed

@@ -0,0 +1,7 @@
+from abc import ABCMeta, abstractmethod
+class MetricsManagerGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def send_metrics(self, config_tool, tool, file_path):
+        "send_metrics"

devsecops_engine_tools/engine_core/src/domain/model/gateway/printer_table_gateway.py ADDED Viewed

@@ -0,0 +1,13 @@
+from abc import ABCMeta, abstractmethod
+from devsecops_engine_tools.engine_core.src.domain.model.finding import (
+    Finding,
+)
+class PrinterTableGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def print_table_findings(self, finding_list: "list[Finding]"):
+        "print_table_findings"
+    @abstractmethod
+    def print_table_exclusions(self, exclusions_list):
+        "print_table_exclusions"

devsecops_engine_tools/engine_core/src/domain/model/gateway/secrets_manager_gateway.py ADDED Viewed

@@ -0,0 +1,7 @@
+from abc import ABCMeta, abstractmethod
+class SecretsManagerGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def get_secret(self, config_tool):
+        "get_secret"

devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_management_gateway.py ADDED Viewed

@@ -0,0 +1,17 @@
+from abc import ABCMeta, abstractmethod
+from devsecops_engine_tools.engine_core.src.domain.model.vulnerability_management import VulnerabilityManagement
+class VulnerabilityManagementGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def send_vulnerability_management(
+        self, vulnerability_management: VulnerabilityManagement
+    ):
+        "send_vulnerability_management"
+    @abstractmethod
+    def get_findings_excepted(
+        self, service, dict_args, secret_tool, config_tool
+    ):
+        "get_findings_excepted"

devsecops_engine_tools/engine_core/src/domain/model/input_core.py ADDED Viewed

@@ -0,0 +1,12 @@
+from dataclasses import dataclass
+from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
+from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
+@dataclass
+class InputCore:
+    totalized_exclusions: "list[Exclusions]"
+    threshold_defined: Threshold
+    path_file_results: str
+    custom_message_break_build: str
+    scope_pipeline: str
+    stage_pipeline: str

devsecops_engine_tools/engine_core/src/domain/model/level_compliance.py ADDED Viewed

@@ -0,0 +1,3 @@
+class LevelCompliance:
+    def __init__(self, data):
+        self.critical = data.get("Critical")

devsecops_engine_tools/engine_core/src/domain/model/level_vulnerability.py ADDED Viewed

@@ -0,0 +1,7 @@
+class LevelVulnerability:
+    def __init__(self, data):
+        self.critical = data.get("Critical")
+        self.high = data.get("High")
+        self.medium = data.get("Medium")
+        self.low = data.get("Low")
+        self.unknown = data.get("Unknown")

devsecops_engine_tools/engine_core/src/domain/model/threshold.py ADDED Viewed

@@ -0,0 +1,12 @@
+from devsecops_engine_tools.engine_core.src.domain.model.level_vulnerability import (
+    LevelVulnerability,
+)
+from devsecops_engine_tools.engine_core.src.domain.model.level_compliance import (
+    LevelCompliance,
+)
+class Threshold:
+    def __init__(self, data):
+        self.vulnerability = LevelVulnerability(data.get("VULNERABILITY"))
+        self.compliance = LevelCompliance(data.get("COMPLIANCE"))
+        self.cve = data.get("CVE",[])

devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py ADDED Viewed

@@ -0,0 +1,20 @@
+from dataclasses import dataclass
+from devsecops_engine_tools.engine_core.src.domain.model.input_core import InputCore
+@dataclass
+class VulnerabilityManagement:
+    scan_type: str
+    input_core: InputCore
+    dict_args: any
+    secret_tool: any
+    config_tool: any
+    source_code_management_uri: str
+    base_compact_remote_config_url: str
+    access_token: str
+    version: str
+    build_id: str
+    branch_tag: str
+    commit_hash: str
+    environment: str

devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py ADDED Viewed

File without changes