devsecops-engine-tools 1.7.11__py3-none-any.whl → 1.7.13__py3-none-any.whl

devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py

@@ -110,7 +110,7 @@ class HandleScan:
             else:
                 secret_sca = dict_args["token_engine_container"]
             findings_list, input_core = runner_engine_container(
-                dict_args, config_tool, secret_sca, self.devops_platform_gateway
+                dict_args, config_tool["ENGINE_CONTAINER"]["TOOL"], secret_sca, self.devops_platform_gateway
             )
             if (
                 dict_args["use_vulnerability_management"] == "true"
@@ -128,6 +128,13 @@ class HandleScan:
                 config_tool["ENGINE_SECRET"]["TOOL"],
                 self.devops_platform_gateway
             )
+            if (
+                dict_args["use_vulnerability_management"] == "true"
+                and input_core.path_file_results
+            ):
+                self._use_vulnerability_management(
+                    config_tool, input_core, dict_args, secret_tool, env
+                )
             return findings_list, input_core
         elif "engine_dependencies" in dict_args["tool"]:
             if secret_tool is not None:

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py

@@ -53,6 +53,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 "CHECKOV": "Checkov Scan",
                 "PRISMA": "Twistlock Image Scan",
                 "XRAY": "JFrog Xray On Demand Binary Scan",
+                "TRUFFLEHOG": "Trufflehog Scan",
             }
 
             if any(
@@ -60,7 +61,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 for branch in vulnerability_management.config_tool[
                     "VULNERABILITY_MANAGER"
                 ]["BRANCH_FILTER"].split(",")
-            ):
+            ) or (vulnerability_management.dict_args["tool"] == 'engine_secret'):
                 request: ImportScanRequest = Connect.cmdb(
                     cmdb_mapping={
                         "product_type_name": "nombreevc",

devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py

@@ -28,16 +28,10 @@ class SecretScan:
         self.tool_deserialize = tool_deserialize
         self.git_gateway = git_gateway
 
-    def process(self, dict_args, tool):
-        tool = str(tool).lower()
-        init_config_tool = self.devops_platform_gateway.get_remote_config(
-            dict_args["remote_config_repo"], "engine_sast/engine_secret/ConfigTool.json"
-        )
-        config_tool, skip_tool = self.complete_config_tool(
-            init_config_tool, tool
-        )
+    def process(self, skip_tool, config_tool):
         finding_list = []
-        if skip_tool == "false":
+        file_path_findings = ""
+        if skip_tool == False:
             self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"))
             files_pullrequest = self.git_gateway.get_files_pull_request(
                 self.devops_platform_gateway.get_variable("work_folder"),
@@ -49,24 +43,40 @@ class SecretScan:
                 self.devops_platform_gateway.get_variable("project_name"),
                 self.devops_platform_gateway.get_variable("repository"),
                 self.devops_platform_gateway.get_variable("repository_provider"))
-            finding_list = self.tool_deserialize.get_list_vulnerability(
-                self.tool_gateway.run_tool_secret_scan(
+            findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
                     files_pullrequest,
                     config_tool.exclude_path,
                     self.devops_platform_gateway.get_variable("os"),
                     self.devops_platform_gateway.get_variable("work_folder"),
                     config_tool.number_threads,
                     self.devops_platform_gateway.get_variable("repository")
-                    ),
+                    )
+            finding_list = self.tool_deserialize.get_list_vulnerability(
+                findings,
                 self.devops_platform_gateway.get_variable("os"),
                 self.devops_platform_gateway.get_variable("work_folder")
                 )
-        return finding_list, config_tool
+        return finding_list, file_path_findings
     
-    def complete_config_tool(self, data_file_tool, tool):
-        config_tool = DeserializeConfigTool(json_data=data_file_tool, tool=tool)
+    def complete_config_tool(self, dict_args, tool):
+        tool = str(tool).lower()
+        init_config_tool = self.devops_platform_gateway.get_remote_config(
+            dict_args["remote_config_repo"], "engine_sast/engine_secret/ConfigTool.json"
+        )
+        config_tool = DeserializeConfigTool(json_data=init_config_tool, tool=tool)
         config_tool.scope_pipeline = self.devops_platform_gateway.get_variable("pipeline_name")
-        skip_tool = "false"
-        if config_tool.scope_pipeline in config_tool.ignore_search_pattern:
-            skip_tool = "true"
-        return config_tool, skip_tool
+        return config_tool
+        
+    def skip_from_exclusion(self, exclusions):
+        """
+        Handle skip tool.
+
+        Return: bool: True -> skip tool, False -> not skip tool.
+        """
+        pipeline_name = self.devops_platform_gateway.get_variable("pipeline_name")
+        if (pipeline_name in exclusions) and (
+            exclusions[pipeline_name].get("SKIP_TOOL", 0)
+        ):
+            return True
+        else:
+            return False

devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py

@@ -37,19 +37,20 @@ class SetInputCore:
         list_exclusions = []
         for key, value in exclusions_data.items():
             if (key == "All") or (key == pipeline_name):
-                exclusions = [
-                    Exclusions(
-                        id=item.get("id", ""),
-                        where=item.get("where", ""),
-                        create_date=item.get("create_date", ""),
-                        expired_date=item.get("expired_date", ""),
-                        severity=item.get("severity", ""),
-                        hu=item.get("hu", ""),
-                        reason=item.get("reason", "Risk acceptance"),
-                    )
-                    for item in value[tool]
-                ]
-                list_exclusions.extend(exclusions)
+                if value.get(tool, 0):
+                    exclusions = [
+                        Exclusions(
+                            id=item.get("id", ""),
+                            where=item.get("where", ""),
+                            create_date=item.get("create_date", ""),
+                            expired_date=item.get("expired_date", ""),
+                            severity=item.get("severity", ""),
+                            hu=item.get("hu", ""),
+                            reason=item.get("reason", "Risk acceptance"),
+                        )
+                        for item in value[tool]
+                    ]
+                    list_exclusions.extend(exclusions)
         return list_exclusions
 
     def set_input_core(self, finding_list):

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py

@@ -1,4 +1,5 @@
 import json
+import os
 import re
 import subprocess
 import concurrent.futures
@@ -61,7 +62,8 @@ class TrufflehogRun(ToolGateway):
                 include_paths,
                 [repository_name] * len(include_paths),
             )
-        return self.decode_output(results)
+        findings, file_findings = self.create_file(self.decode_output(results), agent_work_folder)
+        return  findings, file_findings
 
     def config_include_path(self, files, agent_work_folder):
         chunks = []
@@ -102,3 +104,15 @@ class TrufflehogRun(ToolGateway):
                     if json_obj not in result:
                         result.append(json_obj)
         return result
+    
+    def create_file(self, findings, agent_work_folder):
+        file_findings = os.path.join(agent_work_folder, "secret_scan_result.json")
+        with open(file_findings, "w") as file:
+            for find in findings:
+                original_where = str(find.get("SourceMetadata").get("Data").get("Filesystem").get("file"))
+                original_where = original_where.replace("\\", "/")
+                where_text = original_where.replace(agent_work_folder, "")
+                find["SourceMetadata"]["Data"]["Filesystem"]["file"] = where_text
+                json_str = json.dumps(find)
+                file.write(json_str + '\n')
+        return findings, file_findings

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py

@@ -6,6 +6,12 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.domain.usecases.set_in
 
 def engine_secret_scan(devops_platform_gateway, tool_gateway, dict_args, tool, tool_deserealizator, git_gateway):
     sys.stdout.reconfigure(encoding='utf-8')
-    finding_list, config_tool = SecretScan(tool_gateway, devops_platform_gateway, tool_deserealizator, git_gateway).process(dict_args, tool)
+    exclusions = devops_platform_gateway.get_remote_config(
+        dict_args["remote_config_repo"], "engine_sast/engine_secret/Exclusions.json"
+    )
+    secret_scan = SecretScan(tool_gateway, devops_platform_gateway, tool_deserealizator, git_gateway)
+    config_tool = secret_scan.complete_config_tool(dict_args, tool)
+    skip_tool = secret_scan.skip_from_exclusion(exclusions)
+    finding_list, file_path_findings = secret_scan.process(skip_tool, config_tool)
     input_core = SetInputCore(devops_platform_gateway, dict_args, tool, config_tool)
-    return finding_list, input_core.set_input_core(finding_list)
+    return finding_list, input_core.set_input_core(file_path_findings)

devsecops_engine_tools/engine_sca/engine_container/src/applications/runner_container_scan.py

@@ -18,12 +18,12 @@ from devsecops_engine_tools.engine_sca.engine_container.src.infrastructure.drive
 )
 
 
-def runner_engine_container(dict_args, config_tool, token, tool_remote):
+def runner_engine_container(dict_args, tool, token, tool_remote):
     try:
-        if config_tool["ENGINE_CONTAINER"]["TOOL"].lower() == "trivy":
+        if tool.lower() == "trivy":
             tool_run = TrivyScan()
             tool_deseralizator = TrivyDeserializator()
-        elif config_tool["ENGINE_CONTAINER"]["TOOL"].lower() == "prisma":
+        elif tool.lower() == "prisma":
             tool_run = PrismaCloudManagerScan()
             tool_deseralizator = PrismaDeserealizator()
         tool_images = DockerImages()
@@ -34,7 +34,7 @@ def runner_engine_container(dict_args, config_tool, token, tool_remote):
             tool_deseralizator,
             dict_args,
             token,
-            config_tool,
+            tool,
         )
 
     except Exception as e:

devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py

@@ -1,6 +1,3 @@
-from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
-    DevopsPlatformGateway,
-)
 from devsecops_engine_tools.engine_sca.engine_container.src.domain.model.gateways.tool_gateway import (
     ToolGateway,
 )
@@ -11,33 +8,23 @@ from devsecops_engine_tools.engine_sca.engine_container.src.domain.model.gateway
     DeseralizatorGateway,
 )
 
+
 class ContainerScaScan:
     def __init__(
         self,
         tool_run: ToolGateway,
-        tool_remote: DevopsPlatformGateway,
+        remote_config,
         tool_images: ImagesGateway,
         tool_deseralizator: DeseralizatorGateway,
-        dict_args,
+        build_id,
         token,
-        skip_flag
     ):
         self.tool_run = tool_run
-        self.tool_remote = tool_remote
+        self.remote_config = remote_config
         self.tool_images = tool_images
         self.tool_deseralizator = tool_deseralizator
-        self.dict_args = dict_args
+        self.build_id = build_id
         self.token = token
-        self.skip_flag = skip_flag
-
-    def get_remote_config(self, file_path):
-        """
-        Get remote configuration.
-
-        Returns:
-            dict: Remote configuration.
-        """
-        return self.tool_remote.get_remote_config(self.dict_args["remote_config_repo"], file_path)
 
     def scan_image(self):
         """
@@ -48,15 +35,6 @@ class ContainerScaScan:
         """
         return self.tool_images.list_images()
 
-    def get_variable(self, variable):
-        """
-        Get variable.
-
-        Returns:
-            dict: Remote variable.
-        """
-        return self.tool_remote.get_variable(variable)
-
     def process(self):
         """
         Process SCA scanning.
@@ -65,11 +43,7 @@ class ContainerScaScan:
             dict: SCA scanning results.
         """
         return self.tool_run.run_tool_container_sca(
-            self.get_remote_config("engine_sca/engine_container/ConfigTool.json"),
-            self.token,
-            self.scan_image(),
-            self.get_variable("build_id"),
-            self.skip_flag
+            self.remote_config, self.token, self.scan_image(), self.build_id
         )
 
     def deseralizator(self, image_scanned):
@@ -79,4 +53,4 @@ class ContainerScaScan:
         Returns:
             list: Deserialized list of findings.
         """
-        return self.tool_deseralizator.get_list_findings(image_scanned)
+        return self.tool_deseralizator.get_list_findings(image_scanned)

devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py

@@ -1,67 +1,32 @@
 import re
-from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
-    DevopsPlatformGateway,
-)
 
 
 class HandleRemoteConfigPatterns:
-    def __init__(
-        self,
-        tool_remote: DevopsPlatformGateway,
-        dict_args,
-    ):
-        self.tool_remote = tool_remote
-        self.dict_args = dict_args
+    def __init__(self, remote_config, exclusions, pipeline_name):
+        self.remote_config = remote_config
+        self.exclusions = exclusions
+        self.pipeline_name = pipeline_name
 
-    def get_remote_config(self, file_path):
-        """
-        Get remote configuration
-        Return: dict: Remote configuration
-        """
-        return self.tool_remote.get_remote_config(
-            self.dict_args["remote_config_repo"], file_path
-        )
-
-    def get_variable(self, variable):
-        """
-        Get variable.
-
-        Returns:
-            dict: Remote variable.
-        """
-        return self.tool_remote.get_variable(variable)
-    
     def ignore_analysis_pattern(self):
         """
         Handle analysis pattern.
         Return: bool: False -> not scan, True -> scan.
         """
-        ignore = self.get_remote_config("engine_sca/engine_container/ConfigTool.json")["IGNORE_SEARCH_PATTERN"]
-        if re.match(ignore, self.get_variable("pipeline_name"), re.IGNORECASE):
+        ignore = self.remote_config["IGNORE_SEARCH_PATTERN"]
+        if re.match(ignore, self.pipeline_name, re.IGNORECASE):
             return False
         else:
             return True
-    
-    def handle_skip_tool(self, exclusions, pipeline_name):
+
+    def skip_from_exclusion(self):
         """
         Handle skip tool.
 
         Return: bool: True -> skip tool, False -> not skip tool.
         """
-        if (pipeline_name in exclusions) and (
-            exclusions[pipeline_name].get("SKIP_TOOL", 0)
+        if (self.pipeline_name in self.exclusions) and (
+            self.exclusions[self.pipeline_name].get("SKIP_TOOL", 0)
         ):
             return True
         else:
             return False
-
-    def process_handle_skip_tool(self):
-        """
-        Process handle skip tool.
-
-        Return: bool: True -> skip tool, False -> not skip tool.
-        """
-        return self.handle_skip_tool(
-            self.get_remote_config("engine_sca/engine_container/Exclusions.json"),
-            self.get_variable("pipeline_name"),
-        )

devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py

@@ -1,54 +1,34 @@
 from devsecops_engine_tools.engine_core.src.domain.model.input_core import InputCore
 from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
-from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
-    DevopsPlatformGateway,
-)
+
 
 from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
 
 
 class SetInputCore:
-    def __init__(self, tool_remote: DevopsPlatformGateway, dict_args, config_tool):
-        self.tool_remote = tool_remote
-        self.dict_args = dict_args
-        self.config_tool = config_tool
-
-    def get_remote_config(self, file_path):
-        """
-        Get remote configuration.
-
-        Returns:
-            dict: Remote configuration.
-        """
-        return self.tool_remote.get_remote_config(self.dict_args["remote_config_repo"], file_path)
-
-    def get_variable(self, variable):
-        """
-        Get variable.
-
-        Returns:
-            dict: Remote variable.
-        """
-        return self.tool_remote.get_variable(variable)
-
-    def get_exclusions(self, exclusions_data, pipeline_name, config_tool):
-        list_exclusions = []
-        for key, value in exclusions_data.items():
-            if (key == "All") or (key == pipeline_name):
-                exclusions = [
-                    Exclusions(
-                        id=item.get("id", ""),
-                        where=item.get("where", ""),
-                        cve_id=item.get("cve_id", ""),
-                        create_date=item.get("create_date", ""),
-                        expired_date=item.get("expired_date", ""),
-                        severity=item.get("severity", ""),
-                        hu=item.get("hu", ""),
-                        reason=item.get("reason", "Risk acceptance"),
-                    )
-                    for item in value[config_tool["ENGINE_CONTAINER"]["TOOL"]]
-                ]
-                list_exclusions.extend(exclusions)
+    def __init__(self, remote_config, exclusions, pipeline_name, tool, stage):
+        self.remote_config = remote_config
+        self.exclusions = exclusions
+        self.pipeline_name = pipeline_name
+        self.tool = tool
+        self.stage = stage
+
+    def get_exclusions(self, exclusions_data, pipeline_name, tool):
+        list_exclusions = [
+            Exclusions(
+                id=item.get("id", ""),
+                where=item.get("where", ""),
+                cve_id=item.get("cve_id", ""),
+                create_date=item.get("create_date", ""),
+                expired_date=item.get("expired_date", ""),
+                severity=item.get("severity", ""),
+                hu=item.get("hu", ""),
+                reason=item.get("reason", "Risk acceptance"),
+            )
+            for key, value in exclusions_data.items()
+            if key in {"All", pipeline_name} and value.get(tool)
+            for item in value[tool]
+        ]
         return list_exclusions
 
     def set_input_core(self, images_scanned):
@@ -60,17 +40,13 @@ class SetInputCore:
         """
         return InputCore(
             self.get_exclusions(
-                self.get_remote_config("engine_sca/engine_container/Exclusions.json"),
-                self.get_variable("pipeline_name"),
-                self.config_tool,
-            ),
-            Threshold(
-                self.get_remote_config("engine_sca/engine_container/ConfigTool.json")["THRESHOLD"]
+                self.exclusions,
+                self.pipeline_name,
+                self.tool,
             ),
+            Threshold(self.remote_config["THRESHOLD"]),
             images_scanned[-1] if images_scanned else None,
-            self.get_remote_config("engine_sca/engine_container/ConfigTool.json")[
-                "MESSAGE_INFO_ENGINE_CONTAINER"
-            ],
-            self.get_variable("pipeline_name"),
-            self.get_variable("stage").capitalize(),
+            self.remote_config["MESSAGE_INFO_ENGINE_CONTAINER"],
+            self.pipeline_name,
+            self.stage.capitalize(),
         )

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py

@@ -19,4 +19,4 @@ class DockerImages(ImagesGateway):
             print("Created date last image:", latest_image.attrs["Created"])
             return latest_image
         except subprocess.CalledProcessError as e:
-            raise ValueError(f"Error listing images:{e.stderr}")
+            raise ValueError(f"Error listing images:{e.stderr}")

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py

@@ -3,7 +3,6 @@ import requests
 import os
 import subprocess
 import logging
-import re
 import base64
 from devsecops_engine_tools.engine_sca.engine_container.src.infrastructure.helpers.images_scanned import (
     ImagesScanned,
@@ -87,37 +86,34 @@ class PrismaCloudManagerScan(ToolGateway):
 
         return images_scanned
 
-    def run_tool_container_sca(
-        self, remoteconfig, prisma_secret_key, image, build_id, skip_flag
-    ):
+    def run_tool_container_sca(self, remoteconfig, prisma_secret_key, image, build_id):
         images_scanned = []
-        if not (skip_flag):
-            try:
-                file_path = os.path.join(
-                    os.getcwd(), remoteconfig["PRISMA_CLOUD"]["TWISTCLI_PATH"]
-                )
+        try:
+            file_path = os.path.join(
+                os.getcwd(), remoteconfig["PRISMA_CLOUD"]["TWISTCLI_PATH"]
+            )
 
-                if not os.path.exists(file_path):
-                    self.download_twistcli(
-                        file_path,
-                        remoteconfig["PRISMA_CLOUD"]["PRISMA_ACCESS_KEY"],
-                        prisma_secret_key,
-                        remoteconfig["PRISMA_CLOUD"]["PRISMA_CONSOLE_URL"],
-                        remoteconfig["PRISMA_CLOUD"]["PRISMA_API_VERSION"],
-                    )
-                images_scanned.extend(
-                    self.scan_image(
-                        file_path,
-                        image,
-                        remoteconfig,
-                        prisma_secret_key,
-                        build_id,
-                    )
+            if not os.path.exists(file_path):
+                self.download_twistcli(
+                    file_path,
+                    remoteconfig["PRISMA_CLOUD"]["PRISMA_ACCESS_KEY"],
+                    prisma_secret_key,
+                    remoteconfig["PRISMA_CLOUD"]["PRISMA_CONSOLE_URL"],
+                    remoteconfig["PRISMA_CLOUD"]["PRISMA_API_VERSION"],
+                )
+            images_scanned.extend(
+                self.scan_image(
+                    file_path,
+                    image,
+                    remoteconfig,
+                    prisma_secret_key,
+                    build_id,
                 )
+            )
 
-                return images_scanned
+            return images_scanned
 
-            except Exception as ex:
-                logger.error(f"An overall error occurred: {ex}")
+        except Exception as ex:
+            logger.error(f"An overall error occurred: {ex}")
 
         return images_scanned

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py

@@ -31,8 +31,12 @@ class PrismaDeserealizator(DeseralizatorGateway):
                 image_object = file.read()
 
                 json_data = json.loads(image_object)
-                vulnerabilities_data = json_data["results"][0]["vulnerabilities"] if "vulnerabilities" in json_data["results"][0] else []
-                
+                vulnerabilities_data = (
+                    json_data["results"][0]["vulnerabilities"]
+                    if "vulnerabilities" in json_data["results"][0]
+                    else []
+                )
+
                 # Create a list of findings instances from the JSON data
                 vulnerabilities = [
                     Finding(

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py

@@ -9,6 +9,7 @@ from dataclasses import dataclass
 import json
 from datetime import datetime
 
+
 @dataclass
 class TrivyDeserializator(DeseralizatorGateway):
     def get_list_findings(self, images_scanned: list) -> "list[Finding]":
@@ -34,7 +35,9 @@ class TrivyDeserializator(DeseralizatorGateway):
                         + vul.get("InstalledVersion", ""),
                         description=vul.get("Description", "").replace("\n", ""),
                         severity=vul.get("Severity", "").lower(),
-                        identification_date=datetime.now().strftime("%d-%m-%Y %H:%M:%S"),
+                        identification_date=datetime.now().strftime(
+                            "%d-%m-%Y %H:%M:%S"
+                        ),
                         published_date_cve=vul.get("PublishedDate", ""),
                         module="engine_container",
                         category=Category.VULNERABILITY,

devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py

@@ -7,6 +7,10 @@ from devsecops_engine_tools.engine_sca.engine_container.src.domain.usecases.hand
 from devsecops_engine_tools.engine_sca.engine_container.src.domain.usecases.set_input_core import (
     SetInputCore,
 )
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
 
 
 def init_engine_sca_rm(
@@ -16,25 +20,39 @@ def init_engine_sca_rm(
     tool_deseralizator,
     dict_args,
     token,
-    config_tool,
+    tool,
 ):
-    handle_remote_config_patterns = HandleRemoteConfigPatterns(tool_remote, dict_args)
-    flag = handle_remote_config_patterns.ignore_analysis_pattern()
+    remote_config = tool_remote.get_remote_config(
+        dict_args["remote_config_repo"], "engine_sca/engine_container/ConfigTool.json"
+    )
+    exclusions = tool_remote.get_remote_config(
+        dict_args["remote_config_repo"], "engine_sca/engine_container/Exclusions.json"
+    )
+    pipeline_name = tool_remote.get_variable("pipeline_name")
+    handle_remote_config_patterns = HandleRemoteConfigPatterns(
+        remote_config, exclusions, pipeline_name
+    )
+    skip_flag = handle_remote_config_patterns.skip_from_exclusion()
+    scan_flag = handle_remote_config_patterns.ignore_analysis_pattern()
+    build_id = tool_remote.get_variable("build_id")
+    stage = tool_remote.get_variable("stage")
     images_scanned = []
     deseralized = []
-    if flag:
+    input_core = SetInputCore(remote_config, exclusions, pipeline_name, tool, stage)
+    if scan_flag and not (skip_flag):
         container_sca_scan = ContainerScaScan(
             tool_run,
-            tool_remote,
+            remote_config,
             tool_images,
             tool_deseralizator,
-            dict_args,
+            build_id,
             token,
-            handle_remote_config_patterns.process_handle_skip_tool(),
         )
         images_scanned = container_sca_scan.process()
         deseralized = container_sca_scan.deseralizator(images_scanned)
-    input_core = SetInputCore(tool_remote, dict_args, config_tool)
-    
-    return deseralized, input_core.set_input_core(images_scanned
-    )
+    else:
+        print("Tool skipped by DevSecOps policy")
+        logger.info("Tool skipped by DevSecOps policy")
+    core_input = input_core.set_input_core(images_scanned)
+
+    return deseralized, core_input

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.7.11'
+version = '1.7.13'

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.13.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.7.11
+Version: 1.7.13
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.7.11.dist-info → devsecops_engine_tools-1.7.13.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=kch8pLRhOVDYQb0GPok1AQuGCWQQYxcJ0g6aeebrt9Q,19
+devsecops_engine_tools/version.py,sha256=Uh22o-ohmw70__1bozvtr1yrWudbnqwNgHxwHKM-Qbg,18
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -26,7 +26,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_manage
 devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=z6lcd-tnb-3QfZ1yf2ZlaRbovwF0YE6nUmS5V92aszc,15534
 devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=EBLEzm-p_lEeB7T8iarn2Fc4_6hY0XAIT1AJATd2JUM,2473
-devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=CBk6KR2lpZ_ayitIdZERjJ0yasg1_dICHA0Tw97s-eo,6410
+devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=ee9ULqKGYfaxBUO8RNq-Znh4dbojghIauH4YIjYx9QU,6730
 devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
 devsecops_engine_tools/engine_core/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -36,7 +36,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=Ot1j5my-iEpU-ZYy9yNXkwmwLOmJ3f95JyyAUcpFN5g,4967
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=YxW1Otev5V7REBr9yCW36XCmk9e_v5Y-blXrmRX_rZU,10748
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=fnyexfnIfFyP4iCLTeMwWa6OaEP_VYcnPg8roANIKGs,10864
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py,sha256=Tz056qYuIKrdYGKyoPo7xFdOpfN3A0YMd3cCSAGVrYQ,3828
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -113,22 +113,22 @@ devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gatewa
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py,sha256=x6LFK8wZuVix-ZCBdBQTzvjQi59nZYVrSOTatCOQbxc,638
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=juharYjy__KyB0fFCbU30k_aLd_9cQgsoCMeodq9ebA,593
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=AppRyQD1vTkK46BPTLc6mCqGp9gE4YA0fxkg_pPoR2U,3621
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=AR8bVAyrWEwyeJEJwXCQlsZKZMb790918OJPpxkmwyA,2747
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=VSeZorNjc98TTqGxD1NKm1ox__DRlCBqLCrA2heTxtM,3907
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=k0LZd9PJpqEDns6DLYRGu9DzpRZeFsxAnowcjP5Rml4,2838
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=xKIUAnNK4u0pTHgo5tFrzmnquBegBQgN2-3jU6V6vxQ,2642
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=HZcNUa9VvK1InsDY94HiuDQuEH_R6pJIeAN3Zwi8CBA,1825
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=BYbYBdC_DWWxpaxoLWXYdIHiKXDbUJ_zOyExt0coJwA,4544
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=cSCDXXDptaIDeBn-u9y_j5UbtjEY3AYK1zNXyKi9Ilw,693
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=g3DNFlvt6NEYG-g0CjSAQAUUh6spWpnkU64Pvi3cjqM,1028
 devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/applications/runner_container_scan.py,sha256=-ExUAX2SCr4FM61mHmm0ezla8u0-FCbw59yEiW4YMUk,1802
+devsecops_engine_tools/engine_sca/engine_container/src/applications/runner_container_scan.py,sha256=tu7FU4taXp9XQFNkNv8jzHIS16pqy6zLDjYBGax4tWU,1718
 devsecops_engine_tools/engine_sca/engine_container/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -138,21 +138,21 @@ devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/des
 devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py,sha256=szx-9iO1eSDedr3rw605Mx3jYBEFwRKBM0ts5zImgx0,158
 devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/tool_gateway.py,sha256=ADZjrl8u8CQ0hWoVhbnHFcjvyUmUeleffwmhtlg8s30,224
 devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=eu8Sk2F_YLZ5fQ915ms-ebjHmmZrgg5XgQY53lbPHaU,2442
-devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py,sha256=SuoYbbJkFIzOY71-ALIxMPnHEM6P4h_nu5F-EH7oXj0,1921
-devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py,sha256=luo4pi7PtiH_cUue5DhrnqqABuciwz2w7UWpN-J6e50,2843
+devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=zwlYQSmtn7_ms9x5-Dhr3WTilLM5cXdAyslgWRh5xdc,1635
+devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py,sha256=4wgBTQSDE-C5v01C3Vxzeq0DJKZUSqQ5TVLG7yPZPKs,926
+devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py,sha256=Jw2sjrgRS8kjIFLt2nEBXQpF2-Ncm_ltgc6Q7ZIZKw0,1840
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=gnDC8wnG99D3p6K_ph2a9bMtoYGu_5BdGacVOD8swH8,815
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=tdZeW5KbZcLxSMM37-GdmkLItpRDUlR0eAyew6bI2ts,816
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=J92AIpPzIwAO37RFRN7H9x-9QLWatpL7v7bbGadRY6c,4532
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=InUFpFj1LO_rY_8oiKaAXUZ3NP_uASL1wofyd7WPLeQ,2450
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=3KyqbuLSFHMAUO5n9ruLMU8nhiP9BuGeXchN9PHW3M0,4369
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=k6j6ajlHFVfKdxIdvWVak0eryhIknT0IyTvyI2e3gz0,2514
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py,sha256=U5FFZsJCCADpH0-VbweeRqZi0aVM8RQqIijv17BWnY0,2114
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py,sha256=v0XU-KJfnt4BFmoLbpc3IE0RxDVsYN5dzftfJiWR2Fs,2169
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_manager_scan.py,sha256=IBd3fOQmHPDeVud54DQtw0x2o4jm31iwRoiBDTpkqdc,4284
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py,sha256=goSKzTRwVbuwMuEkYVy7eoR-OkljFhB3Jj2BD7U5ggg,1334
+devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py,sha256=BM8XJI_tlFxurdhBz2N5R33z4WGNLN_mkaG2npYBTiM,2212
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/helpers/images_scanned.py,sha256=V_wE9maXdGlQbYIe6qVgOqEtiWrh-icd8V4dpWDQrXg,590
 devsecops_engine_tools/engine_sca/engine_dependencies/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -242,8 +242,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
 devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=GAslbWaBpwP3mP6fBsgVl07TTBgcCggQTy8h2M9ibeo,612
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
-devsecops_engine_tools-1.7.11.dist-info/METADATA,sha256=CvJMZOvY8BNEkXrKzS99fzgz-8jNTZDn6GcOZp8oPsg,9927
-devsecops_engine_tools-1.7.11.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-devsecops_engine_tools-1.7.11.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
-devsecops_engine_tools-1.7.11.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.7.11.dist-info/RECORD,,
+devsecops_engine_tools-1.7.13.dist-info/METADATA,sha256=dmkfv5Qf-s9SoAKRGVC0fYKI3u-Ie-IRHl5E9gsfJrQ,9927
+devsecops_engine_tools-1.7.13.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+devsecops_engine_tools-1.7.13.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
+devsecops_engine_tools-1.7.13.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.7.13.dist-info/RECORD,,