devsecops-engine-tools 1.7.18__py3-none-any.whl → 1.7.20__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +1 -1
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py +3 -3
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/tool_gateway.py +1 -1
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py +3 -3
- devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/find_artifacts.py +6 -2
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py +8 -12
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py +13 -12
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/METADATA +1 -1
- {devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/RECORD +13 -13
- {devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/top_level.txt +0 -0
|
@@ -89,7 +89,7 @@ def get_inputs_from_cli(args):
|
|
|
89
89
|
parser.add_argument("--token_cmdb", required=False, help="Token to connect to the CMDB")
|
|
90
90
|
parser.add_argument("--token_vulnerability_management", required=False, help="Token to connect to the Vulnerability Management")
|
|
91
91
|
parser.add_argument("--token_engine_container", required=False, help="Token to execute engine_container if is necessary")
|
|
92
|
-
parser.add_argument("--token_engine_dependencies", required=False, help="Token to execute engine_dependencies if is necessary")
|
|
92
|
+
parser.add_argument("--token_engine_dependencies", required=False, help="Token to execute engine_dependencies if is necessary. If using xray as engine_dependencies tool, the token is the base64 of artifactory server config.")
|
|
93
93
|
args = parser.parse_args()
|
|
94
94
|
return {
|
|
95
95
|
"platform_devops": args.platform_devops,
|
|
@@ -46,11 +46,11 @@ class GitRun(GitGateway):
|
|
|
46
46
|
os.chdir(path_new_folder)
|
|
47
47
|
|
|
48
48
|
repository = git.Repo(path_new_folder)
|
|
49
|
-
|
|
50
49
|
source_branch = source_branch.replace("refs/heads/", "")
|
|
51
|
-
|
|
50
|
+
repository.git.checkout(source_branch)
|
|
51
|
+
repository.git.pull('-X', 'theirs', '--no-edit', 'origin', target_branch)
|
|
52
52
|
if source_branch != None:
|
|
53
|
-
diff = repository.git.diff(f"
|
|
53
|
+
diff = repository.git.diff(f"{source_branch}..{target_branch}", name_only=True)
|
|
54
54
|
if diff:
|
|
55
55
|
diff_files = diff.strip().split("\n")
|
|
56
56
|
print("Pull Requests Associated Files:",len(diff_files))
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/tool_gateway.py
CHANGED
|
@@ -4,6 +4,6 @@ from abc import ABCMeta, abstractmethod
|
|
|
4
4
|
class ToolGateway(metaclass=ABCMeta):
|
|
5
5
|
@abstractmethod
|
|
6
6
|
def run_tool_dependencies_sca(
|
|
7
|
-
self, remote_config,
|
|
7
|
+
self, remote_config, file_to_scan, bypass_limits_flag, token
|
|
8
8
|
) -> str:
|
|
9
9
|
"run tool dependencies sca"
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py
CHANGED
|
@@ -12,14 +12,14 @@ class DependenciesScan:
|
|
|
12
12
|
tool_run: ToolGateway,
|
|
13
13
|
tool_deserializator: DeserializatorGateway,
|
|
14
14
|
remote_config,
|
|
15
|
-
|
|
15
|
+
file_to_scan,
|
|
16
16
|
bypass_limits_flag,
|
|
17
17
|
token,
|
|
18
18
|
):
|
|
19
19
|
self.tool_run = tool_run
|
|
20
20
|
self.tool_deserializator = tool_deserializator
|
|
21
21
|
self.remote_config = remote_config
|
|
22
|
-
self.
|
|
22
|
+
self.file_to_scan = file_to_scan
|
|
23
23
|
self.bypass_limits_flag = bypass_limits_flag
|
|
24
24
|
self.token = token
|
|
25
25
|
|
|
@@ -31,7 +31,7 @@ class DependenciesScan:
|
|
|
31
31
|
"""
|
|
32
32
|
return self.tool_run.run_tool_dependencies_sca(
|
|
33
33
|
self.remote_config,
|
|
34
|
-
self.
|
|
34
|
+
self.file_to_scan,
|
|
35
35
|
self.bypass_limits_flag,
|
|
36
36
|
self.token,
|
|
37
37
|
)
|
|
@@ -47,7 +47,6 @@ class FindArtifacts:
|
|
|
47
47
|
arcname=os.path.basename(package),
|
|
48
48
|
filter=lambda x: None if "/.bin/" in x.name else x,
|
|
49
49
|
)
|
|
50
|
-
logger.debug(f"File to scan: {tar_path}")
|
|
51
50
|
|
|
52
51
|
except subprocess.CalledProcessError as e:
|
|
53
52
|
logger.error(f"Error during {package} compression: {e}")
|
|
@@ -88,9 +87,14 @@ class FindArtifacts:
|
|
|
88
87
|
for file in files
|
|
89
88
|
if os.path.isfile(os.path.join(dir_to_scan_path, file))
|
|
90
89
|
]
|
|
90
|
+
file_to_scan = None
|
|
91
91
|
if files:
|
|
92
|
+
file_to_scan = os.path.join(dir_to_scan_path, "file_to_scan.tar")
|
|
93
|
+
self.compress_and_mv(file_to_scan, dir_to_scan_path)
|
|
92
94
|
files_string = ", ".join(files)
|
|
93
95
|
logger.debug(f"Files to scan: {files_string}")
|
|
94
96
|
print(f"Files to scan: {files_string}")
|
|
97
|
+
else:
|
|
98
|
+
logger.warning("No artifacts found")
|
|
95
99
|
|
|
96
|
-
return
|
|
100
|
+
return file_to_scan
|
|
@@ -95,7 +95,7 @@ class XrayScan(ToolGateway):
|
|
|
95
95
|
except subprocess.CalledProcessError as error:
|
|
96
96
|
logger.error(f"Error during Xray Server configuration: {error}")
|
|
97
97
|
|
|
98
|
-
def scan_dependencies(self, prefix,
|
|
98
|
+
def scan_dependencies(self, prefix, file_to_scan, bypass_limits_flag):
|
|
99
99
|
try:
|
|
100
100
|
if bypass_limits_flag:
|
|
101
101
|
command = [
|
|
@@ -103,15 +103,15 @@ class XrayScan(ToolGateway):
|
|
|
103
103
|
"scan",
|
|
104
104
|
"--format=json",
|
|
105
105
|
"--bypass-archive-limits",
|
|
106
|
-
f"{
|
|
106
|
+
f"{file_to_scan}",
|
|
107
107
|
]
|
|
108
108
|
else:
|
|
109
|
-
command = [prefix, "scan", "--format=json", f"{
|
|
109
|
+
command = [prefix, "scan", "--format=json", f"{file_to_scan}"]
|
|
110
110
|
result = subprocess.run(
|
|
111
111
|
command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True
|
|
112
112
|
)
|
|
113
113
|
scan_result = json.loads(result.stdout)
|
|
114
|
-
file_result = os.path.join(
|
|
114
|
+
file_result = os.path.join(os.getcwd(), "scan_result.json")
|
|
115
115
|
with open(file_result, "w") as file:
|
|
116
116
|
json.dump(scan_result, file, indent=4)
|
|
117
117
|
return file_result
|
|
@@ -121,7 +121,7 @@ class XrayScan(ToolGateway):
|
|
|
121
121
|
def run_tool_dependencies_sca(
|
|
122
122
|
self,
|
|
123
123
|
remote_config,
|
|
124
|
-
|
|
124
|
+
file_to_scan,
|
|
125
125
|
bypass_limits_flag,
|
|
126
126
|
token,
|
|
127
127
|
):
|
|
@@ -143,12 +143,8 @@ class XrayScan(ToolGateway):
|
|
|
143
143
|
|
|
144
144
|
self.config_server(command_prefix, token)
|
|
145
145
|
|
|
146
|
-
results_file =
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
else:
|
|
150
|
-
results_file = self.scan_dependencies(
|
|
151
|
-
command_prefix, dir_to_scan_path, bypass_limits_flag
|
|
152
|
-
)
|
|
146
|
+
results_file = self.scan_dependencies(
|
|
147
|
+
command_prefix, file_to_scan, bypass_limits_flag
|
|
148
|
+
)
|
|
153
149
|
|
|
154
150
|
return results_file
|
|
@@ -49,19 +49,20 @@ def init_engine_dependencies(
|
|
|
49
49
|
bypass_limits_flag = handle_remote_config_patterns.bypass_archive_limits()
|
|
50
50
|
pattern = handle_remote_config_patterns.excluded_files()
|
|
51
51
|
|
|
52
|
-
find_artifacts = FindArtifacts(
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
dependencies_sca_scan = DependenciesScan(
|
|
56
|
-
tool_run,
|
|
57
|
-
tool_deserializator,
|
|
58
|
-
remote_config,
|
|
59
|
-
dir_to_scan_path,
|
|
60
|
-
bypass_limits_flag,
|
|
61
|
-
token,
|
|
52
|
+
find_artifacts = FindArtifacts(
|
|
53
|
+
os.getcwd(), pattern, remote_config["PACKAGES_TO_SCAN"]
|
|
62
54
|
)
|
|
63
|
-
|
|
64
|
-
if
|
|
55
|
+
file_to_scan = find_artifacts.find_artifacts()
|
|
56
|
+
if file_to_scan:
|
|
57
|
+
dependencies_sca_scan = DependenciesScan(
|
|
58
|
+
tool_run,
|
|
59
|
+
tool_deserializator,
|
|
60
|
+
remote_config,
|
|
61
|
+
file_to_scan,
|
|
62
|
+
bypass_limits_flag,
|
|
63
|
+
token,
|
|
64
|
+
)
|
|
65
|
+
dependencies_scanned = dependencies_sca_scan.process()
|
|
65
66
|
deserialized = dependencies_sca_scan.deserializator(dependencies_scanned)
|
|
66
67
|
else:
|
|
67
68
|
print(f"Tool skipped by DevSecOps policy")
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.7.
|
|
1
|
+
version = '1.7.20'
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=GvBxjroEWgfwRvNx_7oeG4Y1Nw3zSEtJ4PCbRmM3ZcA,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
6
|
-
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=
|
|
6
|
+
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=CbLdGjyZkgpSYPe-7Q3Xus83BHq5wWwwMaFB29VaILA,5748
|
|
7
7
|
devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -118,7 +118,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_c
|
|
|
118
118
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
119
119
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
120
120
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
121
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=
|
|
121
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=eMHZn72BdpEqYF_r-hyKkdDNaRkDjRYJ5Pn5YD-HCG0,2657
|
|
122
122
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
123
123
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=HZcNUa9VvK1InsDY94HiuDQuEH_R6pJIeAN3Zwi8CBA,1825
|
|
124
124
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
|
|
@@ -164,19 +164,19 @@ devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/__init__.py,sha
|
|
|
164
164
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
165
165
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
166
166
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/deserializator_gateway.py,sha256=WOJbKbeFIbQ0IR6lic2JheTPUJPPzAYsGykU1DiMmHw,286
|
|
167
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/tool_gateway.py,sha256=
|
|
167
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/model/gateways/tool_gateway.py,sha256=h84C_RWeSBPaeExEJbyz6aFv8q_W3PSMLH9DY1yJHyY,254
|
|
168
168
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
169
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py,sha256=
|
|
170
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/find_artifacts.py,sha256=
|
|
169
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/dependencies_sca_scan.py,sha256=a-TDJG5PvdlfAMN7IdwyDPRKicqIDp2m0SsXQpKKYR0,1333
|
|
170
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/find_artifacts.py,sha256=t6PjrwE94nG1CQfZdqwYmZLBgi1NxlB2GxyHXXKBPvQ,3364
|
|
171
171
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/handle_remote_config_patterns.py,sha256=ct_TinG3-UnHmG0Ic2fgPAc6mvWjiyq1bxU7RqFIZXA,2203
|
|
172
172
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/domain/usecases/set_input_core.py,sha256=ZMr9l1h9-JdoT7QlLN8K9VTP2VP0B_5TZGMUQ6KyIYo,2525
|
|
173
173
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
174
174
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
175
175
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
176
176
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_deserialize_output.py,sha256=Vm0pj1i6a34xXouXUU95Y04hzR--9tcMQuycR7IMUnQ,2221
|
|
177
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py,sha256=
|
|
177
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py,sha256=fvlT7yP9ALA7hR1NTlDQpjygJbmTzRGdJx5Pbp1cySc,5603
|
|
178
178
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
179
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py,sha256=
|
|
179
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py,sha256=GWFwZQsNx_4U8AlZIyXWmyWtM7MzyF5EQLLcJTPg9pk,2691
|
|
180
180
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
181
181
|
devsecops_engine_tools/engine_utilities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
182
182
|
devsecops_engine_tools/engine_utilities/settings.py,sha256=CPnDndwVeRgQNml3HVzvytVruDd8dTd1ICHbkMDSgTM,2144
|
|
@@ -241,8 +241,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
|
|
|
241
241
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
242
242
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=GAslbWaBpwP3mP6fBsgVl07TTBgcCggQTy8h2M9ibeo,612
|
|
243
243
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
244
|
-
devsecops_engine_tools-1.7.
|
|
245
|
-
devsecops_engine_tools-1.7.
|
|
246
|
-
devsecops_engine_tools-1.7.
|
|
247
|
-
devsecops_engine_tools-1.7.
|
|
248
|
-
devsecops_engine_tools-1.7.
|
|
244
|
+
devsecops_engine_tools-1.7.20.dist-info/METADATA,sha256=eZScUwrzESga1POkrszd1cySxZkQb0ibhhP2u61ZyqE,4840
|
|
245
|
+
devsecops_engine_tools-1.7.20.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
246
|
+
devsecops_engine_tools-1.7.20.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
247
|
+
devsecops_engine_tools-1.7.20.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
248
|
+
devsecops_engine_tools-1.7.20.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.7.18.dist-info → devsecops_engine_tools-1.7.20.dist-info}/top_level.txt
RENAMED
|
File without changes
|