devsecops-engine-tools 1.7.29__py3-none-any.whl → 1.7.30__py3-none-any.whl

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py

@@ -11,12 +11,12 @@ from devsecops_engine_tools.engine_utilities.github.models.GithubPredefinedVaria
 from devsecops_engine_tools.engine_utilities.github.infrastructure.github_api import (
     GithubApi,
 )
-import os
 
 
 @dataclass
 class GithubActions(DevopsPlatformGateway):
     OKGREEN = "\033[92m"
+    WARNING = "\033[93m"
     FAIL = "\033[91m"
     ENDC = "\033[0m"
     ICON_FAIL = "\u2718"
@@ -49,7 +49,8 @@ class GithubActions(DevopsPlatformGateway):
     def result_pipeline(self, type):
         results = {
             "failed": f"{self.FAIL}{self.ICON_FAIL}Failed{self.ENDC}",
-            "succeeded": f"{self.OKGREEN}{self.ICON_SUCCESS}Succeeded{self.ENDC}"
+            "succeeded": f"{self.OKGREEN}{self.ICON_SUCCESS}Succeeded{self.ENDC}",
+            "succeeded_with_issues": f"{self.WARNING}{self.ICON_SUCCESS}Succeeded with issues{self.ENDC}"
         }
         return results.get(type)
 
@@ -77,10 +78,10 @@ class GithubActions(DevopsPlatformGateway):
             "repository": BuildVariables.github_repository,
             "pipeline_name": (
                 BuildVariables.github_workflow
-                if SystemVariables.build.value() == "build"
+                if SystemVariables.github_job.value() == "build"
                 else ReleaseVariables.github_workflow
             ),
-            "stage": SystemVariables.build,
+            "stage": SystemVariables.github_job,
             "path_directory": SystemVariables.github_workspace,
             "os": AgentVariables.runner_os,
             "work_folder": AgentVariables.github_workspace,

devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py

@@ -24,7 +24,7 @@ class BaseEnum(Enum):
 class SystemVariables(BaseEnum):
     github_access_token = "github.access.token"
     github_workspace = "github.workspace"
-    build = "build"
+    github_job = "github.job"
     github_server_url = "github.server.url"
     github_repository = "github.repository"
     github_event_number = "github.event.number"

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.7.29'
+version = '1.7.30'

{devsecops_engine_tools-1.7.29.dist-info → devsecops_engine_tools-1.7.30.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.7.29
+Version: 1.7.30
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team
@@ -150,6 +150,57 @@ devsecops-engine-tools --platform_devops local --remote_config_repo DevSecOps_Re
 
 ![Dashboard Grafana](docs/demo_session.svg)
 
+### Scan running sample - Github Actions
+
+The remote config should be in a GitHub repository, either public or private.
+
+**If the repository is public:** 
+
+1. The yml file containing the workflow should be configured using the default secret **GITHUB_TOKEN**. 
+For more information, refer to [Automatic token authentication](https://docs.github.com/en/actions/security-guides/automatic-token-authentication).
+
+**If the repository is private:** 
+
+1. Create a personal access token with the necessary permissions to access the repository.
+2. Add the token as a secret in the GitHub repository.
+    ![Dashboard Grafana](docs/secret_token.png)
+
+3. Configure the yml file containing the workflow using the created secret.
+
+**Example of the workflow yml:**
+
+```yaml
+name: DevSecOps Engine Tools
+on:
+  push:
+    branches:
+      - feature/*
+env:
+  GITHUB_ACCESS_TOKEN: ${{ secrets.GH_ACCESSTOKEN }} #In this case, the remote config repository is private
+  # When the remote config repository is public, the secret should be like this: ${{ secrets.GITHUB_TOKEN }}
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Set up Python
+        run: |
+          # Install devsecops-engine-tools
+          pip3 install -q devsecops-engine-tools
+          output=$(devsecops-engine-tools --platform_devops github --remote_config_repo remote_config --tool engine_iac)
+          echo "$output"
+          if [[ $output == *"✘Failed"* ]]; then
+            exit 1
+          fi
+```
+
 # Metrics
 
 With the flag **--send_metrics true** and the configuration of the AWS-METRICS_MANAGER driven adapter in ConfigTool.json of the engine_core the tool will send the report to bucket s3. In the [metrics](https://github.com/bancolombia/devsecops-engine-tools/blob/trunk/metrics/) folder you will find the base of the cloud formation template to deploy the infra and dashboard in grafana.

{devsecops_engine_tools-1.7.29.dist-info → devsecops_engine_tools-1.7.30.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=1ZRQMXakbKgdqgC-xNRAgwTBDcQ7kv9IvKeDbDzIzfw,19
+devsecops_engine_tools/version.py,sha256=2bo_22qNwsnrNeWcMU7gzJpKzTs2yNbEKUnDuc_CBeU,19
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -38,7 +38,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azur
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=qOqipt7P6THEjoaBwpIPO8OEN9OKpW6u_X_c4DeGhx8,10903
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=PsDCUfVHgUJL9AKwB2FyQ6VdUtgawyYTtvRcSscX_9A,3723
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/github_actions.py,sha256=JhTfHCR4G29VByrS7ntKZwXbfCHpO0C3D8vIQlBD4rQ,3855
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/printer_pretty_table/printer_pretty_table.py,sha256=O1waYz_6ElcOkU3Nb4suJs2ZJIo0YLoFuNXi9-j-wSs,3811
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/runtime_local/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -232,7 +232,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/repository/_
 devsecops_engine_tools/engine_utilities/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/github/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/github/infrastructure/github_api.py,sha256=AURk8GGAkNuHCqTEsiS6UxClL_YYJoqtBrWGBSYgWO4,2436
-devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py,sha256=uPoiBRo0tlxQ69cqob40hmIdNk1BSbKqF1hpjsvhXdQ,1579
+devsecops_engine_tools/engine_utilities/github/models/GithubPredefinedVariables.py,sha256=LmIvCVDyszInElu_-Pt034q1Zaajp-QA3ge-RtimxHg,1589
 devsecops_engine_tools/engine_utilities/github/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/input_validations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_utilities/input_validations/env_utils.py,sha256=nHp9YIuG1k-IvxssQslrE9ny62juJMovmBTzcM7PPk0,258
@@ -247,8 +247,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
 devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=GAslbWaBpwP3mP6fBsgVl07TTBgcCggQTy8h2M9ibeo,612
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
-devsecops_engine_tools-1.7.29.dist-info/METADATA,sha256=vUeXrSsQrFqqYsv9W4qKTyf9l6-sBll7JOd-yHDG2E0,5969
-devsecops_engine_tools-1.7.29.dist-info/WHEEL,sha256=y4mX-SOX4fYIkonsAGA5N0Oy-8_gI4FXw5HNI1xqvWg,91
-devsecops_engine_tools-1.7.29.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
-devsecops_engine_tools-1.7.29.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.7.29.dist-info/RECORD,,
+devsecops_engine_tools-1.7.30.dist-info/METADATA,sha256=Lu8_dE2_ssmQOfaTIzsip95UrGa1F2ptMWzYR2uS5UM,7605
+devsecops_engine_tools-1.7.30.dist-info/WHEEL,sha256=Z4pYXqR_rTB7OWNDYFOm1qRk0RX6GFP2o8LgvP453Hk,91
+devsecops_engine_tools-1.7.30.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
+devsecops_engine_tools-1.7.30.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.7.30.dist-info/RECORD,,

{devsecops_engine_tools-1.7.29.dist-info → devsecops_engine_tools-1.7.30.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (70.2.0)
+Generator: setuptools (70.3.0)
 Root-Is-Purelib: true
 Tag: py3-none-any