devsecops-engine-tools 1.60.0__py3-none-any.whl → 1.60.1__py3-none-any.whl

devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/context_iac.py

@@ -1,5 +1,6 @@
 from dataclasses import dataclass
 
+
 @dataclass
 class ContextIac:
     id: str
@@ -10,4 +11,4 @@ class ContextIac:
     resource: str
     description: str
     module: str
-    tool: str
+    tool: str

devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py

@@ -1,12 +1,11 @@
 from abc import ABCMeta, abstractmethod
 
+
 class ToolGateway(metaclass=ABCMeta):
     @abstractmethod
     def run_tool(self, config_tool, folders_to_scan, **kwargs):
         "run_tool"
 
-    @classmethod
-    def get_iac_context_from_results(
-        self, path_file_results
-    ) -> None:
-        "get_iac_context_from_results"
+    @abstractmethod
+    def get_iac_context_from_results(self, path_file_results) -> None:
+        "get_iac_context_from_results"

devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py

@@ -28,14 +28,18 @@ class IacScan:
 
     def process(self, dict_args, secret_tool, tool, env):
         config_tool_iac = self.remote_config_source_gateway.get_remote_config(
-            dict_args["remote_config_repo"], "engine_sast/engine_iac/ConfigTool.json", dict_args["remote_config_branch"]
+            dict_args["remote_config_repo"],
+            "engine_sast/engine_iac/ConfigTool.json",
+            dict_args["remote_config_branch"],
         )
 
         exclusions = self.remote_config_source_gateway.get_remote_config(
-            dict_args["remote_config_repo"], "engine_sast/engine_iac/Exclusions.json", dict_args["remote_config_branch"]
+            dict_args["remote_config_repo"],
+            "engine_sast/engine_iac/Exclusions.json",
+            dict_args["remote_config_branch"],
         )
 
-        config_tool_core, folders_to_scan, skip_tool = self.complete_config_tool(
+        config_tool_core, folders_to_scan, skip_tool = self._complete_config_tool(
             config_tool_iac, exclusions, tool, dict_args
         )
 
@@ -55,12 +59,10 @@ class IacScan:
             print("Tool skipped by DevSecOps policy")
             dict_args["send_metrics"] = "false"
             dict_args["use_vulnerability_management"] = "false"
-        
+
         if dict_args.get("context") == "true":
-            self.tool_gateway.get_iac_context_from_results(
-                path_file_results
-            )
-            
+            self.tool_gateway.get_iac_context_from_results(path_file_results)
+
         totalized_exclusions = []
         (
             totalized_exclusions.extend(
@@ -96,7 +98,7 @@ class IacScan:
 
         return findings_list, input_core
 
-    def complete_config_tool(self, data_file_tool, exclusions, tool, dict_args):
+    def _complete_config_tool(self, data_file_tool, exclusions, tool, dict_args):
         config_tool = ConfigTool(json_data=data_file_tool)
 
         config_tool.exclusions = exclusions
@@ -138,7 +140,7 @@ class IacScan:
 
             folders_to_scan = [dict_args["folder_path"]]
         else:
-            folders_to_scan = self.search_folders(config_tool.search_pattern)
+            folders_to_scan = self._search_folders(config_tool.search_pattern)
 
         if len(folders_to_scan) == 0:
             logger.warning(
@@ -148,7 +150,7 @@ class IacScan:
 
         return config_tool, folders_to_scan, skip_tool
 
-    def search_folders(self, search_pattern):
+    def _search_folders(self, search_pattern):
         current_directory = os.getcwd()
         patron = "(?i).*?(" + "|".join(search_pattern) + ").*$"
         folders = [
@@ -161,4 +163,4 @@ class IacScan:
             for folder in folders
             if re.match(patron, folder)
         ]
-        return matching_folders
+        return matching_folders

devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_deserealizator.py

@@ -5,6 +5,7 @@ from devsecops_engine_tools.engine_core.src.domain.model.finding import (
 from datetime import datetime
 from dataclasses import dataclass
 
+
 @dataclass
 class CheckovDeserealizator:
     @classmethod
@@ -16,20 +17,24 @@ class CheckovDeserealizator:
         for result in results_scan_list:
             if "failed_checks" in str(result):
                 for scan in result["results"]["failed_checks"]:
-                    check_id = scan.get("check_id") 
+                    check_id = scan.get("check_id")
                     if not rules.get(check_id):
                         description = scan.get("check_name")
                         severity = default_severity.lower()
                         category = default_category.lower()
                     else:
-                        description = rules[check_id].get("checkID", scan.get("check_name"))
+                        description = rules[check_id].get(
+                            "checkID", scan.get("check_name")
+                        )
                         severity = rules[check_id].get("severity").lower()
                         category = rules[check_id].get("category").lower()
 
                     finding_open = Finding(
                         id=check_id,
                         cvss=None,
-                        where=scan.get("repo_file_path") + ": " + str(scan.get("resource")),
+                        where=scan.get("repo_file_path")
+                        + ": "
+                        + str(scan.get("resource")),
                         description=description,
                         severity=severity,
                         identification_date=datetime.now().strftime("%d%m%Y"),
@@ -37,10 +42,8 @@ class CheckovDeserealizator:
                         module="engine_iac",
                         category=Category(category),
                         requirements=scan.get("guideline"),
-                        tool="Checkov"
+                        tool="Checkov",
                     )
-                    list_open_findings.append(finding_open)      
-       
+                    list_open_findings.append(finding_open)
+
         return list_open_findings
-    
-