devsecops-engine-tools 1.6.7__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/__init__.py +0 -0
- devsecops_engine_tools/engine_core/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +124 -0
- devsecops_engine_tools/engine_core/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/domain/model/customs_exceptions.py +9 -0
- devsecops_engine_tools/engine_core/src/domain/model/exclusions.py +14 -0
- devsecops_engine_tools/engine_core/src/domain/model/finding.py +20 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/devops_platform_gateway.py +27 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/metrics_manager_gateway.py +7 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/printer_table_gateway.py +13 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/secrets_manager_gateway.py +7 -0
- devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_management_gateway.py +17 -0
- devsecops_engine_tools/engine_core/src/domain/model/input_core.py +12 -0
- devsecops_engine_tools/engine_core/src/domain/model/level_compliance.py +3 -0
- devsecops_engine_tools/engine_core/src/domain/model/level_vulnerability.py +7 -0
- devsecops_engine_tools/engine_core/src/domain/model/threshold.py +12 -0
- devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py +20 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py +375 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py +148 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py +59 -0
- devsecops_engine_tools/engine_core/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/s3_manager.py +52 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secrets_manager.py +40 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py +103 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py +215 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py +84 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/runtime_local.py +71 -0
- devsecops_engine_tools/engine_core/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/entry_points/entry_point_core.py +50 -0
- devsecops_engine_tools/engine_core/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_core/src/infrastructure/helpers/aws.py +9 -0
- devsecops_engine_tools/engine_core/src/infrastructure/helpers/util.py +15 -0
- devsecops_engine_tools/engine_dast/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_dast/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/applications/runner_iac_scan.py +30 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/config_tool.py +24 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py +6 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py +130 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_config.py +135 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_deserealizator.py +35 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py +195 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/entry_points/entry_point_tool.py +6 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/helpers/file_generator_tool.py +74 -0
- devsecops_engine_tools/engine_sast/engine_secret/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_scan.py +34 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/DeserializeConfigTool.py +11 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gateway_deserealizator.py +11 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py +15 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py +16 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py +72 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py +73 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py +60 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py +39 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py +104 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py +11 -0
- devsecops_engine_tools/engine_sca/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/applications/runner_container_scan.py +45 -0
- devsecops_engine_tools/engine_sca/engine_container/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/deserealizator_gateway.py +8 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py +7 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/tool_gateway.py +7 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py +82 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py +67 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py +76 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py +22 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py +123 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py +62 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py +48 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_manager_scan.py +114 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py +40 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/helpers/images_scanned.py +16 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/applications/runner_dependencies_scan.py +32 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/deployment/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/deployment/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/deserializator_gateway.py +8 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/tool_gateway.py +9 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py +44 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/find_artifacts.py +95 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/find_mono_repos.py +29 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/handle_remote_config_patterns.py +90 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/set_input_core.py +65 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_deserialize_output.py +57 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py +154 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/__init__.py +0 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py +83 -0
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/helpers/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/azuredevops/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/azure_devops_api.py +67 -0
- devsecops_engine_tools/engine_utilities/azuredevops/models/AzureMessageLoggingPipeline.py +21 -0
- devsecops_engine_tools/engine_utilities/azuredevops/models/AzurePredefinedVariables.py +65 -0
- devsecops_engine_tools/engine_utilities/azuredevops/models/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/__init__.py +5 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/applications/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/applications/connect.py +37 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/applications/defect_dojo.py +40 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/applications/finding.py +40 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/cmdb.py +11 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/engagement.py +55 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/finding.py +96 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/product.py +35 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/product_list.py +12 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/product_type.py +16 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/product_type_list.py +13 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/models/scan_configuration.py +21 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/finding.py +95 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/import_scan.py +125 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/finding.py +100 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py +223 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/cmdb.py +59 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/finding.py +38 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan.py +133 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/hello_world.py +2 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/cmdb.py +55 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/engagement.py +55 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/finding.py +37 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/import_scan.py +115 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product.py +50 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/product_type.py +59 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/scan_configurations.py +65 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/settings.py +1 -0
- devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/repository/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/github/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/github/infrastructure/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/github/infrastructure/github_api.py +49 -0
- devsecops_engine_tools/engine_utilities/github/models/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/input_validations/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/input_validations/env_utils.py +10 -0
- devsecops_engine_tools/engine_utilities/input_validations/validate_input_with_regex_letters_number_and_only.py +8 -0
- devsecops_engine_tools/engine_utilities/settings.py +38 -0
- devsecops_engine_tools/engine_utilities/ssh/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/ssh/managment_private_key.py +67 -0
- devsecops_engine_tools/engine_utilities/utils/__init__.py +0 -0
- devsecops_engine_tools/engine_utilities/utils/api_error.py +14 -0
- devsecops_engine_tools/engine_utilities/utils/dataclass_classmethod.py +84 -0
- devsecops_engine_tools/engine_utilities/utils/datetime_parsing.py +10 -0
- devsecops_engine_tools/engine_utilities/utils/logger_info.py +109 -0
- devsecops_engine_tools/engine_utilities/utils/name_conversion.py +12 -0
- devsecops_engine_tools/engine_utilities/utils/printers.py +21 -0
- devsecops_engine_tools/engine_utilities/utils/session_manager.py +14 -0
- devsecops_engine_tools/version.py +1 -0
- devsecops_engine_tools-1.6.7.dist-info/METADATA +156 -0
- devsecops_engine_tools-1.6.7.dist-info/RECORD +231 -0
- devsecops_engine_tools-1.6.7.dist-info/WHEEL +5 -0
- devsecops_engine_tools-1.6.7.dist-info/entry_points.txt +2 -0
- devsecops_engine_tools-1.6.7.dist-info/top_level.txt +1 -0
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.tool_gateway import (
|
|
2
|
+
ToolGateway,
|
|
3
|
+
)
|
|
4
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.deserializator_gateway import (
|
|
5
|
+
DeserializatorGateway,
|
|
6
|
+
)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
class DependenciesScan:
|
|
10
|
+
def __init__(
|
|
11
|
+
self,
|
|
12
|
+
tool_run: ToolGateway,
|
|
13
|
+
tool_deserializator: DeserializatorGateway,
|
|
14
|
+
remote_config,
|
|
15
|
+
dir_to_scan_path,
|
|
16
|
+
bypass_limits_flag,
|
|
17
|
+
token,
|
|
18
|
+
):
|
|
19
|
+
self.tool_run = tool_run
|
|
20
|
+
self.tool_deserializator = tool_deserializator
|
|
21
|
+
self.remote_config = remote_config
|
|
22
|
+
self.dir_to_scan_path = dir_to_scan_path
|
|
23
|
+
self.bypass_limits_flag = bypass_limits_flag
|
|
24
|
+
self.token = token
|
|
25
|
+
|
|
26
|
+
def process(self):
|
|
27
|
+
"""
|
|
28
|
+
Process SCA dependencies scan.
|
|
29
|
+
|
|
30
|
+
Return: dict: SCA scanning results.
|
|
31
|
+
"""
|
|
32
|
+
return self.tool_run.run_tool_dependencies_sca(
|
|
33
|
+
self.remote_config,
|
|
34
|
+
self.dir_to_scan_path,
|
|
35
|
+
self.bypass_limits_flag,
|
|
36
|
+
self.token,
|
|
37
|
+
)
|
|
38
|
+
|
|
39
|
+
def deserializator(self, dependencies_scanned):
|
|
40
|
+
"""
|
|
41
|
+
Process the results deserializer.
|
|
42
|
+
Terun: list: Deserialized list of findings.
|
|
43
|
+
"""
|
|
44
|
+
return self.tool_deserializator.get_list_findings(dependencies_scanned)
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import os
|
|
2
|
+
import tarfile
|
|
3
|
+
import subprocess
|
|
4
|
+
import shutil
|
|
5
|
+
import re
|
|
6
|
+
|
|
7
|
+
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
8
|
+
from devsecops_engine_tools.engine_utilities import settings
|
|
9
|
+
|
|
10
|
+
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
class FindArtifacts:
|
|
14
|
+
def __init__(
|
|
15
|
+
self,
|
|
16
|
+
working_dir,
|
|
17
|
+
pattern,
|
|
18
|
+
):
|
|
19
|
+
self.working_dir = working_dir
|
|
20
|
+
self.pattern = pattern
|
|
21
|
+
|
|
22
|
+
def find_packages(self, pattern, working_dir):
|
|
23
|
+
npm_packages = []
|
|
24
|
+
py_packages = []
|
|
25
|
+
ext_files = []
|
|
26
|
+
extension_pattern = re.compile(pattern, re.IGNORECASE)
|
|
27
|
+
for root, dirs, files in os.walk(working_dir):
|
|
28
|
+
components = root.split(os.path.sep)
|
|
29
|
+
if not ("node_modules" in components) and not (
|
|
30
|
+
"site-packages" in components
|
|
31
|
+
):
|
|
32
|
+
if "site-packages" in dirs:
|
|
33
|
+
py_packages.append(os.path.join(root, "site-packages"))
|
|
34
|
+
if "node_modules" in dirs:
|
|
35
|
+
npm_packages.append(os.path.join(root, "node_modules"))
|
|
36
|
+
for file in files:
|
|
37
|
+
if extension_pattern.search(file):
|
|
38
|
+
ext_files.append(os.path.join(root, file))
|
|
39
|
+
return npm_packages, py_packages, ext_files
|
|
40
|
+
|
|
41
|
+
def get_recent_package(self, packages):
|
|
42
|
+
recent_package = None
|
|
43
|
+
recent_time = 0
|
|
44
|
+
for path in packages:
|
|
45
|
+
created_time = os.path.getctime(path)
|
|
46
|
+
if created_time > recent_time:
|
|
47
|
+
recent_time = created_time
|
|
48
|
+
recent_package = path
|
|
49
|
+
return recent_package
|
|
50
|
+
|
|
51
|
+
def compress_and_mv(self, tar_path, package):
|
|
52
|
+
try:
|
|
53
|
+
if os.path.exists(tar_path):
|
|
54
|
+
os.remove(tar_path)
|
|
55
|
+
with tarfile.open(tar_path, "w") as tar:
|
|
56
|
+
tar.add(
|
|
57
|
+
package,
|
|
58
|
+
arcname=os.path.basename(package),
|
|
59
|
+
filter=lambda x: None if "/.bin/" in x.name else x,
|
|
60
|
+
)
|
|
61
|
+
logger.debug(f"File to scan: {tar_path}")
|
|
62
|
+
|
|
63
|
+
except subprocess.CalledProcessError as e:
|
|
64
|
+
logger.error(f"Error during {package} compression: {e}")
|
|
65
|
+
|
|
66
|
+
def move_files(self, dir_to_scan_path, finded_files):
|
|
67
|
+
for file in finded_files:
|
|
68
|
+
target = os.path.join(dir_to_scan_path, os.path.basename(file))
|
|
69
|
+
shutil.copy2(file, target)
|
|
70
|
+
logger.debug(f"File to scan: {file}")
|
|
71
|
+
|
|
72
|
+
def find_artifacts(self):
|
|
73
|
+
dir_to_scan_path = os.path.join(self.working_dir, "dependencies_to_scan")
|
|
74
|
+
if os.path.exists(dir_to_scan_path):
|
|
75
|
+
shutil.rmtree(dir_to_scan_path)
|
|
76
|
+
os.makedirs(dir_to_scan_path)
|
|
77
|
+
|
|
78
|
+
npm_packages, py_packages, ext_files = self.find_packages(
|
|
79
|
+
self.pattern, self.working_dir
|
|
80
|
+
)
|
|
81
|
+
|
|
82
|
+
if len(npm_packages):
|
|
83
|
+
npm_recent = self.get_recent_package(npm_packages)
|
|
84
|
+
tar_path = os.path.join(dir_to_scan_path, "node_modules.tar")
|
|
85
|
+
self.compress_and_mv(tar_path, npm_recent)
|
|
86
|
+
|
|
87
|
+
if len(py_packages):
|
|
88
|
+
py_recent = self.get_recent_package(py_packages)
|
|
89
|
+
tar_path = os.path.join(dir_to_scan_path, "site-packages.tar")
|
|
90
|
+
self.compress_and_mv(tar_path, py_recent)
|
|
91
|
+
|
|
92
|
+
if len(ext_files):
|
|
93
|
+
self.move_files(dir_to_scan_path, ext_files)
|
|
94
|
+
|
|
95
|
+
return dir_to_scan_path
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import os
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
class FindMonoRepos:
|
|
5
|
+
def __init__(
|
|
6
|
+
self,
|
|
7
|
+
pipeline_name,
|
|
8
|
+
):
|
|
9
|
+
self.pipeline_name = pipeline_name
|
|
10
|
+
|
|
11
|
+
def find_mono_repo(self):
|
|
12
|
+
"""
|
|
13
|
+
Handle find mono repository dir.
|
|
14
|
+
|
|
15
|
+
Return: String: Directory to scan.
|
|
16
|
+
"""
|
|
17
|
+
current_dir = os.getcwd()
|
|
18
|
+
pattern = "_MR_"
|
|
19
|
+
if pattern in self.pipeline_name:
|
|
20
|
+
mr_dir = self.pipeline_name.split(pattern)[1]
|
|
21
|
+
mr_dir_path = os.path.join(current_dir, mr_dir)
|
|
22
|
+
if os.path.isdir(mr_dir_path):
|
|
23
|
+
return mr_dir_path
|
|
24
|
+
|
|
25
|
+
for root, dirs, files in os.walk(current_dir):
|
|
26
|
+
if mr_dir in dirs:
|
|
27
|
+
return os.path.join(root, mr_dir)
|
|
28
|
+
|
|
29
|
+
return current_dir
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import re
|
|
2
|
+
import os
|
|
3
|
+
|
|
4
|
+
class HandleRemoteConfigPatterns:
|
|
5
|
+
def __init__(
|
|
6
|
+
self,
|
|
7
|
+
remote_config,
|
|
8
|
+
exclusions,
|
|
9
|
+
pipeline_name,
|
|
10
|
+
agent_directory,
|
|
11
|
+
):
|
|
12
|
+
self.remote_config = remote_config
|
|
13
|
+
self.exclusions = exclusions
|
|
14
|
+
self.pipeline_name = pipeline_name
|
|
15
|
+
self.agent_directory = agent_directory
|
|
16
|
+
|
|
17
|
+
def excluded_files(self):
|
|
18
|
+
"""
|
|
19
|
+
Handle excluded files.
|
|
20
|
+
|
|
21
|
+
Return: string: new regex expresion.
|
|
22
|
+
"""
|
|
23
|
+
|
|
24
|
+
pattern = self.remote_config["REGEX_EXPRESSION_EXTENSIONS"]
|
|
25
|
+
if (self.pipeline_name in self.exclusions) and (
|
|
26
|
+
self.exclusions[self.pipeline_name].get("SKIP_FILES", 0)
|
|
27
|
+
):
|
|
28
|
+
exclusion = self.exclusions[self.pipeline_name]["SKIP_FILES"]
|
|
29
|
+
if exclusion.get("files", 0):
|
|
30
|
+
excluded_file_types = exclusion["files"]
|
|
31
|
+
pattern2 = pattern
|
|
32
|
+
for ext in excluded_file_types:
|
|
33
|
+
pattern2 = (
|
|
34
|
+
pattern2.replace("|" + ext, "")
|
|
35
|
+
.replace(ext + "|", "")
|
|
36
|
+
.replace(ext, "")
|
|
37
|
+
)
|
|
38
|
+
pattern = pattern2
|
|
39
|
+
|
|
40
|
+
return pattern
|
|
41
|
+
|
|
42
|
+
def ignore_analysis_pattern(self):
|
|
43
|
+
"""
|
|
44
|
+
Handle analysis pattern.
|
|
45
|
+
|
|
46
|
+
Return: bool: False -> not scan, True -> scan.
|
|
47
|
+
"""
|
|
48
|
+
ignore = self.remote_config["IGNORE_ANALYSIS_PATTERN"]
|
|
49
|
+
if re.match(ignore, self.pipeline_name, re.IGNORECASE):
|
|
50
|
+
return False
|
|
51
|
+
else:
|
|
52
|
+
return True
|
|
53
|
+
|
|
54
|
+
def bypass_archive_limits(self):
|
|
55
|
+
"""
|
|
56
|
+
Handle bypass archive limits.
|
|
57
|
+
|
|
58
|
+
Return: bool: True -> Bypass archive limits, False -> Without bypass archive limits.
|
|
59
|
+
"""
|
|
60
|
+
bypass_limits = self.remote_config["BYPASS_ARCHIVE_LIMITS"]
|
|
61
|
+
if re.match(bypass_limits, self.pipeline_name):
|
|
62
|
+
return True
|
|
63
|
+
else:
|
|
64
|
+
return False
|
|
65
|
+
|
|
66
|
+
def skip_from_exclusion(self):
|
|
67
|
+
"""
|
|
68
|
+
Handle skip tool.
|
|
69
|
+
|
|
70
|
+
Return: bool: True -> skip tool, False -> not skip tool.
|
|
71
|
+
"""
|
|
72
|
+
if (self.pipeline_name in self.exclusions) and (
|
|
73
|
+
self.exclusions[self.pipeline_name].get("SKIP_TOOL", 0)
|
|
74
|
+
):
|
|
75
|
+
return True
|
|
76
|
+
else:
|
|
77
|
+
return False
|
|
78
|
+
|
|
79
|
+
def different_working_directory(self):
|
|
80
|
+
"""
|
|
81
|
+
Handle working directory.
|
|
82
|
+
|
|
83
|
+
Return: String: Working directory.
|
|
84
|
+
"""
|
|
85
|
+
work_dir_different_flag = self.remote_config["WORK_DIR_DIFFERENT_FLAG"]
|
|
86
|
+
if self.agent_directory:
|
|
87
|
+
for root, dirs, files in os.walk(self.agent_directory):
|
|
88
|
+
if work_dir_different_flag in dirs:
|
|
89
|
+
return self.agent_directory
|
|
90
|
+
return os.getcwd()
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_core.src.domain.model.input_core import InputCore
|
|
2
|
+
from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
|
|
3
|
+
from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
class SetInputCore:
|
|
7
|
+
def __init__(self, remote_config, exclusions, pipeline_name, tool):
|
|
8
|
+
self.remote_config = remote_config
|
|
9
|
+
self.exclusions = exclusions
|
|
10
|
+
self.pipeline_name = pipeline_name
|
|
11
|
+
self.tool = tool
|
|
12
|
+
|
|
13
|
+
def get_exclusions(self, exclusions_data, pipeline_name, tool):
|
|
14
|
+
list_exclusions = []
|
|
15
|
+
for key, value in exclusions_data.items():
|
|
16
|
+
if (key == "All") or (key == pipeline_name):
|
|
17
|
+
if value.get(tool, 0):
|
|
18
|
+
exclusions = [
|
|
19
|
+
Exclusions(
|
|
20
|
+
id=item.get("id", ""),
|
|
21
|
+
where=item.get("where", ""),
|
|
22
|
+
cve_id=item.get("cve_id", ""),
|
|
23
|
+
create_date=item.get("create_date", ""),
|
|
24
|
+
expired_date=item.get("expired_date", ""),
|
|
25
|
+
severity=item.get("severity", ""),
|
|
26
|
+
hu=item.get("hu", ""),
|
|
27
|
+
reason=item.get("reason", "Risk acceptance")
|
|
28
|
+
)
|
|
29
|
+
for item in value[tool]
|
|
30
|
+
]
|
|
31
|
+
list_exclusions.extend(exclusions)
|
|
32
|
+
return list_exclusions
|
|
33
|
+
|
|
34
|
+
def update_threshold(self, threshold, exclusions_data, pipeline_name):
|
|
35
|
+
if (pipeline_name in exclusions_data) and (
|
|
36
|
+
exclusions_data[pipeline_name].get("THRESHOLD", 0)
|
|
37
|
+
):
|
|
38
|
+
threshold["VULNERABILITY"] = exclusions_data[pipeline_name][
|
|
39
|
+
"THRESHOLD"
|
|
40
|
+
].get("VULNERABILITY")
|
|
41
|
+
return threshold
|
|
42
|
+
|
|
43
|
+
def set_input_core(self, dependencies_scanned):
|
|
44
|
+
"""
|
|
45
|
+
Set the input core.
|
|
46
|
+
|
|
47
|
+
Returns:
|
|
48
|
+
dict: Input core.
|
|
49
|
+
"""
|
|
50
|
+
return InputCore(
|
|
51
|
+
self.get_exclusions(
|
|
52
|
+
self.exclusions,
|
|
53
|
+
self.pipeline_name,
|
|
54
|
+
self.tool,
|
|
55
|
+
),
|
|
56
|
+
Threshold(
|
|
57
|
+
self.update_threshold(
|
|
58
|
+
self.remote_config["THRESHOLD"], self.exclusions, self.pipeline_name
|
|
59
|
+
)
|
|
60
|
+
),
|
|
61
|
+
dependencies_scanned,
|
|
62
|
+
self.remote_config["MESSAGE_INFO_ENGINE_DEPENDENCIES"],
|
|
63
|
+
self.pipeline_name,
|
|
64
|
+
"Build",
|
|
65
|
+
)
|
|
File without changes
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/__init__.py
ADDED
|
File without changes
|
|
File without changes
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.deserializator_gateway import (
|
|
2
|
+
DeserializatorGateway,
|
|
3
|
+
)
|
|
4
|
+
from devsecops_engine_tools.engine_core.src.domain.model.finding import (
|
|
5
|
+
Finding,
|
|
6
|
+
Category,
|
|
7
|
+
)
|
|
8
|
+
from dataclasses import dataclass
|
|
9
|
+
import json
|
|
10
|
+
from datetime import datetime
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
@dataclass
|
|
14
|
+
class XrayDeserializator(DeserializatorGateway):
|
|
15
|
+
def set_list_finding(self, vul):
|
|
16
|
+
vulnerabilities = [
|
|
17
|
+
Finding(
|
|
18
|
+
id=vul.get("issue_id", ""),
|
|
19
|
+
cvss=(
|
|
20
|
+
vul["cves"][0].get("cvss_v3_score")
|
|
21
|
+
if vul.get("cves", 0) and vul["cves"][0].get("cvss_v3_score", 0)
|
|
22
|
+
else ""
|
|
23
|
+
)
|
|
24
|
+
+ (
|
|
25
|
+
vul["cves"][0].get("cvss_v2_score")
|
|
26
|
+
if vul.get("cves", 0)
|
|
27
|
+
and not (vul["cves"][0].get("cvss_v3_score", 0))
|
|
28
|
+
and vul["cves"][0].get("cvss_v2_score", 0)
|
|
29
|
+
else ""
|
|
30
|
+
),
|
|
31
|
+
where=(component),
|
|
32
|
+
description=(
|
|
33
|
+
vul["cves"][0].get("cve", "") if vul.get("cves", 0) else ""
|
|
34
|
+
),
|
|
35
|
+
severity=vul.get("severity", "").lower(),
|
|
36
|
+
identification_date=datetime.now().strftime("%d-%m-%Y %H:%M:%S"),
|
|
37
|
+
published_date_cve=None,
|
|
38
|
+
module="engine_dependencies",
|
|
39
|
+
category=Category.VULNERABILITY,
|
|
40
|
+
requirements=(
|
|
41
|
+
"".join(vul["components"][component].get("fixed_versions", [""]))
|
|
42
|
+
),
|
|
43
|
+
tool="XRAY",
|
|
44
|
+
)
|
|
45
|
+
for component in vul.get("components", [])
|
|
46
|
+
]
|
|
47
|
+
return vulnerabilities
|
|
48
|
+
|
|
49
|
+
def get_list_findings(self, dependencies_scanned_file) -> "list[Finding]":
|
|
50
|
+
list_open_vulnerabilities = []
|
|
51
|
+
with open(dependencies_scanned_file, "rb") as file:
|
|
52
|
+
json_data = json.loads(file.read())
|
|
53
|
+
if json_data:
|
|
54
|
+
for data in json_data:
|
|
55
|
+
for vul in data.get("vulnerabilities", []):
|
|
56
|
+
list_open_vulnerabilities.extend(self.set_list_finding(vul))
|
|
57
|
+
return list_open_vulnerabilities
|
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.model.gateways.tool_gateway import (
|
|
2
|
+
ToolGateway,
|
|
3
|
+
)
|
|
4
|
+
|
|
5
|
+
import subprocess
|
|
6
|
+
import platform
|
|
7
|
+
import requests
|
|
8
|
+
import re
|
|
9
|
+
import os
|
|
10
|
+
import json
|
|
11
|
+
|
|
12
|
+
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
13
|
+
from devsecops_engine_tools.engine_utilities import settings
|
|
14
|
+
|
|
15
|
+
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
class XrayScan(ToolGateway):
|
|
19
|
+
def install_tool_linux(self, version):
|
|
20
|
+
installed = subprocess.run(
|
|
21
|
+
["which", "./jf"],
|
|
22
|
+
stdout=subprocess.PIPE,
|
|
23
|
+
stderr=subprocess.PIPE,
|
|
24
|
+
)
|
|
25
|
+
if installed.returncode == 1:
|
|
26
|
+
command = ["chmod", "+x", "./jf"]
|
|
27
|
+
try:
|
|
28
|
+
url = f"https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-linux-amd64/jf"
|
|
29
|
+
file = "./jf"
|
|
30
|
+
response = requests.get(url, allow_redirects=True)
|
|
31
|
+
with open(file, "wb") as archivo:
|
|
32
|
+
archivo.write(response.content)
|
|
33
|
+
subprocess.run(
|
|
34
|
+
command, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
|
|
35
|
+
)
|
|
36
|
+
except subprocess.CalledProcessError as error:
|
|
37
|
+
logger.error(f"Error during Jfrog Cli installation on Linux: {error}")
|
|
38
|
+
|
|
39
|
+
def install_tool_windows(self, version):
|
|
40
|
+
try:
|
|
41
|
+
subprocess.run(
|
|
42
|
+
["./jf.exe", "--version"],
|
|
43
|
+
stdout=subprocess.PIPE,
|
|
44
|
+
stderr=subprocess.PIPE,
|
|
45
|
+
)
|
|
46
|
+
except:
|
|
47
|
+
try:
|
|
48
|
+
url = f"https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-windows-amd64/jf.exe"
|
|
49
|
+
exe_file = "./jf.exe"
|
|
50
|
+
response = requests.get(url, allow_redirects=True)
|
|
51
|
+
with open(exe_file, "wb") as archivo:
|
|
52
|
+
archivo.write(response.content)
|
|
53
|
+
except subprocess.CalledProcessError as error:
|
|
54
|
+
logger.error(f"Error while Jfrog Cli installation on Windows: {error}")
|
|
55
|
+
|
|
56
|
+
def install_tool_darwin(self, version):
|
|
57
|
+
installed = subprocess.run(
|
|
58
|
+
["which", "./jf"],
|
|
59
|
+
stdout=subprocess.PIPE,
|
|
60
|
+
stderr=subprocess.PIPE,
|
|
61
|
+
)
|
|
62
|
+
if installed.returncode == 1:
|
|
63
|
+
command = ["chmod", "+x", "./jf"]
|
|
64
|
+
try:
|
|
65
|
+
url = f"https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/{version}/jfrog-cli-mac-386/jf"
|
|
66
|
+
file = "./jf"
|
|
67
|
+
response = requests.get(url, allow_redirects=True)
|
|
68
|
+
with open(file, "wb") as archivo:
|
|
69
|
+
archivo.write(response.content)
|
|
70
|
+
subprocess.run(
|
|
71
|
+
command, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
|
|
72
|
+
)
|
|
73
|
+
except subprocess.CalledProcessError as error:
|
|
74
|
+
logger.error(f"Error during Jfrog Cli installation on Darwin: {error}")
|
|
75
|
+
|
|
76
|
+
def config_server(self, prefix, token):
|
|
77
|
+
try:
|
|
78
|
+
c_import = [prefix, "c", "im", token]
|
|
79
|
+
result = subprocess.run(
|
|
80
|
+
c_import,
|
|
81
|
+
check=True,
|
|
82
|
+
stdout=subprocess.PIPE,
|
|
83
|
+
stderr=subprocess.PIPE,
|
|
84
|
+
text=True,
|
|
85
|
+
)
|
|
86
|
+
server_id = re.search(r"'(.*?)'", result.stderr).group(1)
|
|
87
|
+
c_set_server = [prefix, "c", "use", server_id]
|
|
88
|
+
subprocess.run(
|
|
89
|
+
c_set_server,
|
|
90
|
+
check=True,
|
|
91
|
+
stdout=subprocess.PIPE,
|
|
92
|
+
stderr=subprocess.PIPE,
|
|
93
|
+
text=True,
|
|
94
|
+
)
|
|
95
|
+
except subprocess.CalledProcessError as error:
|
|
96
|
+
logger.error(f"Error during Xray Server configuration: {error}")
|
|
97
|
+
|
|
98
|
+
def scan_dependencies(self, prefix, target_dir_name, bypass_limits_flag):
|
|
99
|
+
try:
|
|
100
|
+
if bypass_limits_flag:
|
|
101
|
+
command = [
|
|
102
|
+
prefix,
|
|
103
|
+
"scan",
|
|
104
|
+
"--format=json",
|
|
105
|
+
"--bypass-archive-limits",
|
|
106
|
+
f"{target_dir_name}/",
|
|
107
|
+
]
|
|
108
|
+
else:
|
|
109
|
+
command = [prefix, "scan", "--format=json", f"{target_dir_name}/"]
|
|
110
|
+
result = subprocess.run(
|
|
111
|
+
command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True
|
|
112
|
+
)
|
|
113
|
+
scan_result = json.loads(result.stdout)
|
|
114
|
+
file_result = os.path.join(target_dir_name, "scan_result.json")
|
|
115
|
+
with open(file_result, "w") as file:
|
|
116
|
+
json.dump(scan_result, file, indent=4)
|
|
117
|
+
return file_result
|
|
118
|
+
except subprocess.CalledProcessError as error:
|
|
119
|
+
logger.error(f"Error executing jf scan: {error}")
|
|
120
|
+
|
|
121
|
+
def run_tool_dependencies_sca(
|
|
122
|
+
self,
|
|
123
|
+
remote_config,
|
|
124
|
+
dir_to_scan_path,
|
|
125
|
+
bypass_limits_flag,
|
|
126
|
+
token,
|
|
127
|
+
):
|
|
128
|
+
|
|
129
|
+
cli_version = remote_config["XRAY"]["CLI_VERSION"]
|
|
130
|
+
os_platform = platform.system()
|
|
131
|
+
|
|
132
|
+
if os_platform == "Linux":
|
|
133
|
+
self.install_tool_linux(cli_version)
|
|
134
|
+
command_prefix = "./jf"
|
|
135
|
+
elif os_platform == "Windows":
|
|
136
|
+
self.install_tool_windows(cli_version)
|
|
137
|
+
command_prefix = "./jf.exe"
|
|
138
|
+
elif os_platform == "Darwin":
|
|
139
|
+
command_prefix = "./jf"
|
|
140
|
+
self.install_tool_darwin(cli_version)
|
|
141
|
+
else:
|
|
142
|
+
logger.warning(f"{os_platform} is not supported.")
|
|
143
|
+
|
|
144
|
+
self.config_server(command_prefix, token)
|
|
145
|
+
|
|
146
|
+
results_file = None
|
|
147
|
+
if len(os.listdir(dir_to_scan_path)) == 0:
|
|
148
|
+
logger.warning("No artifacts found")
|
|
149
|
+
else:
|
|
150
|
+
results_file = self.scan_dependencies(
|
|
151
|
+
command_prefix, dir_to_scan_path, bypass_limits_flag
|
|
152
|
+
)
|
|
153
|
+
|
|
154
|
+
return results_file
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/__init__.py
ADDED
|
File without changes
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.usecases.dependencies_sca_scan import (
|
|
2
|
+
DependenciesScan,
|
|
3
|
+
)
|
|
4
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.usecases.set_input_core import (
|
|
5
|
+
SetInputCore,
|
|
6
|
+
)
|
|
7
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.usecases.handle_remote_config_patterns import (
|
|
8
|
+
HandleRemoteConfigPatterns,
|
|
9
|
+
)
|
|
10
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.usecases.find_mono_repos import (
|
|
11
|
+
FindMonoRepos,
|
|
12
|
+
)
|
|
13
|
+
from devsecops_engine_tools.engine_sca.engine_dependencies.src.domain.usecases.find_artifacts import (
|
|
14
|
+
FindArtifacts,
|
|
15
|
+
)
|
|
16
|
+
|
|
17
|
+
import os
|
|
18
|
+
import sys
|
|
19
|
+
|
|
20
|
+
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
21
|
+
from devsecops_engine_tools.engine_utilities import settings
|
|
22
|
+
|
|
23
|
+
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
24
|
+
|
|
25
|
+
|
|
26
|
+
def init_engine_dependencies(
|
|
27
|
+
tool_run, tool_remote, tool_deserializator, dict_args, token, tool
|
|
28
|
+
):
|
|
29
|
+
sys.stdout.reconfigure(encoding="utf-8")
|
|
30
|
+
|
|
31
|
+
remote_config = tool_remote.get_remote_config(
|
|
32
|
+
dict_args["remote_config_repo"], "engine_sca/engine_dependencies/ConfigTool.json"
|
|
33
|
+
)
|
|
34
|
+
exclusions = tool_remote.get_remote_config(
|
|
35
|
+
dict_args["remote_config_repo"], "engine_sca/engine_dependencies/Exclusions.json"
|
|
36
|
+
)
|
|
37
|
+
pipeline_name = tool_remote.get_variable("pipeline_name")
|
|
38
|
+
agent_directory = tool_remote.get_variable("agent_directory")
|
|
39
|
+
|
|
40
|
+
handle_remote_config_patterns = HandleRemoteConfigPatterns(
|
|
41
|
+
remote_config, exclusions, pipeline_name, agent_directory
|
|
42
|
+
)
|
|
43
|
+
skip_flag = handle_remote_config_patterns.skip_from_exclusion()
|
|
44
|
+
scan_flag = handle_remote_config_patterns.ignore_analysis_pattern()
|
|
45
|
+
|
|
46
|
+
dependencies_scanned = None
|
|
47
|
+
deserialized = []
|
|
48
|
+
input_core = SetInputCore(remote_config, exclusions, pipeline_name, tool)
|
|
49
|
+
|
|
50
|
+
if scan_flag and not (skip_flag):
|
|
51
|
+
find_mono_repo = FindMonoRepos(pipeline_name)
|
|
52
|
+
mr_path = find_mono_repo.find_mono_repo()
|
|
53
|
+
agent_path = handle_remote_config_patterns.different_working_directory()
|
|
54
|
+
current_path = os.getcwd()
|
|
55
|
+
if agent_path != current_path:
|
|
56
|
+
current_path = agent_path
|
|
57
|
+
elif mr_path != current_path:
|
|
58
|
+
current_path = mr_path
|
|
59
|
+
|
|
60
|
+
bypass_limits_flag = handle_remote_config_patterns.bypass_archive_limits()
|
|
61
|
+
pattern = handle_remote_config_patterns.excluded_files()
|
|
62
|
+
|
|
63
|
+
find_artifacts = FindArtifacts(current_path, pattern)
|
|
64
|
+
dir_to_scan_path = find_artifacts.find_artifacts()
|
|
65
|
+
|
|
66
|
+
dependencies_sca_scan = DependenciesScan(
|
|
67
|
+
tool_run,
|
|
68
|
+
tool_deserializator,
|
|
69
|
+
remote_config,
|
|
70
|
+
dir_to_scan_path,
|
|
71
|
+
bypass_limits_flag,
|
|
72
|
+
token,
|
|
73
|
+
)
|
|
74
|
+
dependencies_scanned = dependencies_sca_scan.process()
|
|
75
|
+
if dependencies_scanned:
|
|
76
|
+
deserialized = dependencies_sca_scan.deserializator(dependencies_scanned)
|
|
77
|
+
else:
|
|
78
|
+
print(f"Tool skipped by DevSecOps policy")
|
|
79
|
+
logger.info(f"Tool skipped by DevSecOps policy")
|
|
80
|
+
|
|
81
|
+
core_input = input_core.set_input_core(dependencies_scanned)
|
|
82
|
+
|
|
83
|
+
return deserialized, core_input
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|