PyPI - devsecops-engine-tools - Versions diffs - 1.7.11__py3-none-any.whl → 1.7.12__py3-none-any.whl - Mend

devsecops-engine-tools 1.7.11py3-none-any.whl → 1.7.12py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (12) hide show

devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py CHANGED Viewed

@@ -128,6 +128,13 @@ class HandleScan:
                 config_tool["ENGINE_SECRET"]["TOOL"],
                 self.devops_platform_gateway
             )
+            if (
+                dict_args["use_vulnerability_management"] == "true"
+                and input_core.path_file_results
+            ):
+                self._use_vulnerability_management(
+                    config_tool, input_core, dict_args, secret_tool, env
+                )
             return findings_list, input_core
         elif "engine_dependencies" in dict_args["tool"]:
             if secret_tool is not None:

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py CHANGED Viewed

@@ -53,6 +53,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 "CHECKOV": "Checkov Scan",
                 "PRISMA": "Twistlock Image Scan",
                 "XRAY": "JFrog Xray On Demand Binary Scan",
+                "TRUFFLEHOG": "Trufflehog Scan",
             }
             if any(
@@ -60,7 +61,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 for branch in vulnerability_management.config_tool[
                     "VULNERABILITY_MANAGER"
                 ]["BRANCH_FILTER"].split(",")
-            ):
+            ) or (vulnerability_management.dict_args["tool"] == 'engine_secret'):
                 request: ImportScanRequest = Connect.cmdb(
                     cmdb_mapping={
                         "product_type_name": "nombreevc",

devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py CHANGED Viewed

@@ -28,16 +28,10 @@ class SecretScan:
         self.tool_deserialize = tool_deserialize
         self.git_gateway = git_gateway
-    def process(self, dict_args, tool):
-        tool = str(tool).lower()
-        init_config_tool = self.devops_platform_gateway.get_remote_config(
-            dict_args["remote_config_repo"], "engine_sast/engine_secret/ConfigTool.json"
-        )
-        config_tool, skip_tool = self.complete_config_tool(
-            init_config_tool, tool
-        )
+    def process(self, skip_tool, config_tool):
         finding_list = []
-        if skip_tool == "false":
+        file_path_findings = ""
+        if skip_tool == False:
             self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"))
             files_pullrequest = self.git_gateway.get_files_pull_request(
                 self.devops_platform_gateway.get_variable("work_folder"),
@@ -49,24 +43,40 @@ class SecretScan:
                 self.devops_platform_gateway.get_variable("project_name"),
                 self.devops_platform_gateway.get_variable("repository"),
                 self.devops_platform_gateway.get_variable("repository_provider"))
-            finding_list = self.tool_deserialize.get_list_vulnerability(
-                self.tool_gateway.run_tool_secret_scan(
+            findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
                     files_pullrequest,
                     config_tool.exclude_path,
                     self.devops_platform_gateway.get_variable("os"),
                     self.devops_platform_gateway.get_variable("work_folder"),
                     config_tool.number_threads,
                     self.devops_platform_gateway.get_variable("repository")
-                    ),
+                    )
+            finding_list = self.tool_deserialize.get_list_vulnerability(
+                findings,
                 self.devops_platform_gateway.get_variable("os"),
                 self.devops_platform_gateway.get_variable("work_folder")
                 )
-        return finding_list, config_tool
+        return finding_list, file_path_findings
-    def complete_config_tool(self, data_file_tool, tool):
-        config_tool = DeserializeConfigTool(json_data=data_file_tool, tool=tool)
+    def complete_config_tool(self, dict_args, tool):
+        tool = str(tool).lower()
+        init_config_tool = self.devops_platform_gateway.get_remote_config(
+            dict_args["remote_config_repo"], "engine_sast/engine_secret/ConfigTool.json"
+        )
+        config_tool = DeserializeConfigTool(json_data=init_config_tool, tool=tool)
         config_tool.scope_pipeline = self.devops_platform_gateway.get_variable("pipeline_name")
-        skip_tool = "false"
-        if config_tool.scope_pipeline in config_tool.ignore_search_pattern:
-            skip_tool = "true"
-        return config_tool, skip_tool
+        return config_tool
+    def skip_from_exclusion(self, exclusions):
+        """
+        Handle skip tool.
+        Return: bool: True -> skip tool, False -> not skip tool.
+        """
+        pipeline_name = self.devops_platform_gateway.get_variable("pipeline_name")
+        if (pipeline_name in exclusions) and (
+            exclusions[pipeline_name].get("SKIP_TOOL", 0)
+        ):
+            return True
+        else:
+            return False

devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py CHANGED Viewed

@@ -37,19 +37,20 @@ class SetInputCore:
         list_exclusions = []
         for key, value in exclusions_data.items():
             if (key == "All") or (key == pipeline_name):
-                exclusions = [
-                    Exclusions(
-                        id=item.get("id", ""),
-                        where=item.get("where", ""),
-                        create_date=item.get("create_date", ""),
-                        expired_date=item.get("expired_date", ""),
-                        severity=item.get("severity", ""),
-                        hu=item.get("hu", ""),
-                        reason=item.get("reason", "Risk acceptance"),
-                    )
-                    for item in value[tool]
-                ]
-                list_exclusions.extend(exclusions)
+                if value.get(tool, 0):
+                    exclusions = [
+                        Exclusions(
+                            id=item.get("id", ""),
+                            where=item.get("where", ""),
+                            create_date=item.get("create_date", ""),
+                            expired_date=item.get("expired_date", ""),
+                            severity=item.get("severity", ""),
+                            hu=item.get("hu", ""),
+                            reason=item.get("reason", "Risk acceptance"),
+                        )
+                        for item in value[tool]
+                    ]
+                    list_exclusions.extend(exclusions)
         return list_exclusions
     def set_input_core(self, finding_list):

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py CHANGED Viewed

@@ -1,4 +1,5 @@
 import json
+import os
 import re
 import subprocess
 import concurrent.futures
@@ -61,7 +62,8 @@ class TrufflehogRun(ToolGateway):
                 include_paths,
                 [repository_name] * len(include_paths),
             )
-        return self.decode_output(results)
+        findings, file_findings = self.create_file(self.decode_output(results), agent_work_folder)
+        return  findings, file_findings
     def config_include_path(self, files, agent_work_folder):
         chunks = []
@@ -102,3 +104,15 @@ class TrufflehogRun(ToolGateway):
                     if json_obj not in result:
                         result.append(json_obj)
         return result
+    def create_file(self, findings, agent_work_folder):
+        file_findings = os.path.join(agent_work_folder, "secret_scan_result.json")
+        with open(file_findings, "w") as file:
+            for find in findings:
+                original_where = str(find.get("SourceMetadata").get("Data").get("Filesystem").get("file"))
+                original_where = original_where.replace("\\", "/")
+                where_text = original_where.replace(agent_work_folder, "")
+                find["SourceMetadata"]["Data"]["Filesystem"]["file"] = where_text
+                json_str = json.dumps(find)
+                file.write(json_str + '\n')
+        return findings, file_findings

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py CHANGED Viewed

@@ -6,6 +6,12 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.domain.usecases.set_in
 def engine_secret_scan(devops_platform_gateway, tool_gateway, dict_args, tool, tool_deserealizator, git_gateway):
     sys.stdout.reconfigure(encoding='utf-8')
-    finding_list, config_tool = SecretScan(tool_gateway, devops_platform_gateway, tool_deserealizator, git_gateway).process(dict_args, tool)
+    exclusions = devops_platform_gateway.get_remote_config(
+        dict_args["remote_config_repo"], "engine_sast/engine_secret/Exclusions.json"
+    )
+    secret_scan = SecretScan(tool_gateway, devops_platform_gateway, tool_deserealizator, git_gateway)
+    config_tool = secret_scan.complete_config_tool(dict_args, tool)
+    skip_tool = secret_scan.skip_from_exclusion(exclusions)
+    finding_list, file_path_findings = secret_scan.process(skip_tool, config_tool)
     input_core = SetInputCore(devops_platform_gateway, dict_args, tool, config_tool)
-    return finding_list, input_core.set_input_core(finding_list)
+    return finding_list, input_core.set_input_core(file_path_findings)

devsecops_engine_tools/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- version = '1.7.11'
1	+ version = '1.7.12'

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.12.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.7.11
+Version: 1.7.12
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.12.dist-info}/RECORD RENAMED Viewed

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=kch8pLRhOVDYQb0GPok1AQuGCWQQYxcJ0g6aeebrt9Q,19
+devsecops_engine_tools/version.py,sha256=XbIhoEEUEJTJUiJEPml2J2LjQIi6Frpqax51My0O9Eg,18
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -26,7 +26,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_manage
 devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=z6lcd-tnb-3QfZ1yf2ZlaRbovwF0YE6nUmS5V92aszc,15534
 devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=EBLEzm-p_lEeB7T8iarn2Fc4_6hY0XAIT1AJATd2JUM,2473
-devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=CBk6KR2lpZ_ayitIdZERjJ0yasg1_dICHA0Tw97s-eo,6410
+devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=bcQV-mBGoMwUENtWWCl245baGJNSmLxOLvd50S0C9zc,6702
 devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
 devsecops_engine_tools/engine_core/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -36,7 +36,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=Ot1j5my-iEpU-ZYy9yNXkwmwLOmJ3f95JyyAUcpFN5g,4967
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=YxW1Otev5V7REBr9yCW36XCmk9e_v5Y-blXrmRX_rZU,10748
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=fnyexfnIfFyP4iCLTeMwWa6OaEP_VYcnPg8roANIKGs,10864
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py,sha256=Tz056qYuIKrdYGKyoPo7xFdOpfN3A0YMd3cCSAGVrYQ,3828
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -113,17 +113,17 @@ devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gatewa
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py,sha256=x6LFK8wZuVix-ZCBdBQTzvjQi59nZYVrSOTatCOQbxc,638
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=juharYjy__KyB0fFCbU30k_aLd_9cQgsoCMeodq9ebA,593
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=AppRyQD1vTkK46BPTLc6mCqGp9gE4YA0fxkg_pPoR2U,3621
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=AR8bVAyrWEwyeJEJwXCQlsZKZMb790918OJPpxkmwyA,2747
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=VSeZorNjc98TTqGxD1NKm1ox__DRlCBqLCrA2heTxtM,3907
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=k0LZd9PJpqEDns6DLYRGu9DzpRZeFsxAnowcjP5Rml4,2838
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=xKIUAnNK4u0pTHgo5tFrzmnquBegBQgN2-3jU6V6vxQ,2642
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=HZcNUa9VvK1InsDY94HiuDQuEH_R6pJIeAN3Zwi8CBA,1825
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=BYbYBdC_DWWxpaxoLWXYdIHiKXDbUJ_zOyExt0coJwA,4544
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=cSCDXXDptaIDeBn-u9y_j5UbtjEY3AYK1zNXyKi9Ilw,693
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=g3DNFlvt6NEYG-g0CjSAQAUUh6spWpnkU64Pvi3cjqM,1028
 devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -242,8 +242,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
 devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=GAslbWaBpwP3mP6fBsgVl07TTBgcCggQTy8h2M9ibeo,612
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
-devsecops_engine_tools-1.7.11.dist-info/METADATA,sha256=CvJMZOvY8BNEkXrKzS99fzgz-8jNTZDn6GcOZp8oPsg,9927
-devsecops_engine_tools-1.7.11.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-devsecops_engine_tools-1.7.11.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
-devsecops_engine_tools-1.7.11.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.7.11.dist-info/RECORD,,
+devsecops_engine_tools-1.7.12.dist-info/METADATA,sha256=kpJhqb5u7IYwXEvJf79--U9cddAzxdHCif-kNijLL04,9927
+devsecops_engine_tools-1.7.12.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+devsecops_engine_tools-1.7.12.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
+devsecops_engine_tools-1.7.12.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.7.12.dist-info/RECORD,,

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.12.dist-info}/WHEEL RENAMED Viewed

File without changes

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.12.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.12.dist-info}/top_level.txt RENAMED Viewed

File without changes

devsecops-engine-tools 1.7.11__py3-none-any.whl → 1.7.12__py3-none-any.whl

Potentially problematic release.

devsecops-engine-tools 1.7.11py3-none-any.whl → 1.7.12py3-none-any.whl