devsecops-engine-tools 1.7.34__py3-none-any.whl → 1.7.36__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +6 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py +2 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/config_tool.py +1 -21
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py +1 -1
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py +36 -24
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py +186 -76
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py +9 -11
- devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_tool.py +2 -5
- devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py +0 -1
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py +0 -1
- devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py +0 -2
- devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/azure_devops_api.py +0 -1
- devsecops_engine_tools/engine_utilities/ssh/managment_private_key.py +2 -3
- devsecops_engine_tools/engine_utilities/utils/printers.py +1 -1
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/METADATA +16 -15
- {devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/RECORD +20 -20
- {devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/WHEEL +1 -1
- {devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/top_level.txt +0 -0
|
@@ -140,6 +140,11 @@ def get_inputs_from_cli(args):
|
|
|
140
140
|
required=False,
|
|
141
141
|
help="Token to execute engine_dependencies if is necessary. If using xray as engine_dependencies tool, the token is the base64 of artifactory server config that can be obtain from jfrog cli with 'jf config export <ServerID>' command.",
|
|
142
142
|
)
|
|
143
|
+
parser.add_argument(
|
|
144
|
+
"--token_external_checks",
|
|
145
|
+
required=False,
|
|
146
|
+
help="Token for downloading external checks from engine_iac if is necessary. Ej: github:token, ssh:privatekey:pass",
|
|
147
|
+
)
|
|
143
148
|
parser.add_argument(
|
|
144
149
|
"--xray_mode",
|
|
145
150
|
choices=["scan", "audit"],
|
|
@@ -161,6 +166,7 @@ def get_inputs_from_cli(args):
|
|
|
161
166
|
"token_vulnerability_management": args.token_vulnerability_management,
|
|
162
167
|
"token_engine_container": args.token_engine_container,
|
|
163
168
|
"token_engine_dependencies": args.token_engine_dependencies,
|
|
169
|
+
"token_external_checks": args.token_external_checks,
|
|
164
170
|
"xray_mode": args.xray_mode,
|
|
165
171
|
}
|
|
166
172
|
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import sys
|
|
1
2
|
from dataclasses import dataclass
|
|
2
3
|
from functools import reduce
|
|
3
4
|
|
|
@@ -52,6 +53,7 @@ class BreakBuild:
|
|
|
52
53
|
)
|
|
53
54
|
|
|
54
55
|
def process(self, findings_list: "list[Finding]", input_core: InputCore, args: any):
|
|
56
|
+
sys.stdout.reconfigure(encoding='utf-8')
|
|
55
57
|
devops_platform_gateway = self.devops_platform_gateway
|
|
56
58
|
printer_table_gateway = self.printer_table_gateway
|
|
57
59
|
threshold = input_core.threshold_defined
|
|
@@ -2,33 +2,13 @@ from devsecops_engine_tools.engine_core.src.domain.model.threshold import Thresh
|
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
class ConfigTool:
|
|
5
|
-
def __init__(self, json_data
|
|
6
|
-
self.version = json_data[tool]["VERSION"]
|
|
5
|
+
def __init__(self, json_data):
|
|
7
6
|
self.search_pattern = json_data["SEARCH_PATTERN"]
|
|
8
7
|
self.ignore_search_pattern = json_data["IGNORE_SEARCH_PATTERN"]
|
|
9
8
|
self.update_service_file_name_cft = json_data["UPDATE_SERVICE_WITH_FILE_NAME_CFT"]
|
|
10
|
-
self.use_external_checks_git = json_data[tool]["USE_EXTERNAL_CHECKS_GIT"]
|
|
11
|
-
self.external_checks_git = json_data[tool]["EXTERNAL_CHECKS_GIT"]
|
|
12
|
-
self.repository_ssh_host = json_data[tool]["EXTERNAL_GIT_SSH_HOST"]
|
|
13
|
-
self.repository_public_key_fp = json_data[tool]["EXTERNAL_GIT_PUBLIC_KEY_FINGERPRINT"]
|
|
14
|
-
self.use_external_checks_dir = json_data[tool]["USE_EXTERNAL_CHECKS_DIR"]
|
|
15
|
-
self.external_dir_owner = json_data[tool]["EXTERNAL_DIR_OWNER"]
|
|
16
|
-
self.external_dir_repository = json_data[tool]["EXTERNAL_DIR_REPOSITORY"]
|
|
17
9
|
self.message_info_engine_iac = json_data["MESSAGE_INFO_ENGINE_IAC"]
|
|
18
10
|
self.threshold = Threshold(json_data["THRESHOLD"])
|
|
19
|
-
self.rules_data_type = json_data[tool]["RULES"]
|
|
20
11
|
self.scope_pipeline = ""
|
|
21
12
|
self.exclusions = None
|
|
22
13
|
self.exclusions_all = None
|
|
23
14
|
self.exclusions_scope = None
|
|
24
|
-
self.rules_all = {}
|
|
25
|
-
if "KICS_LINUX" in json_data[tool]:
|
|
26
|
-
self.kics_linux = json_data[tool]["KICS_LINUX"]
|
|
27
|
-
if "KICS_WINDOWS" in json_data[tool]:
|
|
28
|
-
self.kics_windows = json_data[tool]["KICS_WINDOWS"]
|
|
29
|
-
if "KICS_MAC" in json_data[tool]:
|
|
30
|
-
self.kics_mac = json_data[tool]["KICS_MAC"]
|
|
31
|
-
if "PATH_KICS" in json_data[tool]:
|
|
32
|
-
self.path_kics = json_data[tool]["PATH_KICS"]
|
|
33
|
-
if "DOWNLOAD_KICS_ASSETS" in json_data[tool]:
|
|
34
|
-
self.download_kics_assets = json_data[tool]["DOWNLOAD_KICS_ASSETS"]
|
|
@@ -10,9 +10,7 @@ from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.config_tool
|
|
|
10
10
|
ConfigTool,
|
|
11
11
|
)
|
|
12
12
|
from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
|
|
13
|
-
from devsecops_engine_tools.engine_core.src.domain.model.input_core import
|
|
14
|
-
InputCore
|
|
15
|
-
)
|
|
13
|
+
from devsecops_engine_tools.engine_core.src.domain.model.input_core import InputCore
|
|
16
14
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
17
15
|
from devsecops_engine_tools.engine_utilities import settings
|
|
18
16
|
|
|
@@ -27,7 +25,7 @@ class IacScan:
|
|
|
27
25
|
self.devops_platform_gateway = devops_platform_gateway
|
|
28
26
|
|
|
29
27
|
def process(self, dict_args, secret_tool, tool, env):
|
|
30
|
-
|
|
28
|
+
config_tool_iac = self.devops_platform_gateway.get_remote_config(
|
|
31
29
|
dict_args["remote_config_repo"], "engine_sast/engine_iac/ConfigTool.json"
|
|
32
30
|
)
|
|
33
31
|
|
|
@@ -35,19 +33,19 @@ class IacScan:
|
|
|
35
33
|
dict_args["remote_config_repo"], "engine_sast/engine_iac/Exclusions.json"
|
|
36
34
|
)
|
|
37
35
|
|
|
38
|
-
|
|
39
|
-
|
|
36
|
+
config_tool_core, folders_to_scan, skip_tool = self.complete_config_tool(
|
|
37
|
+
config_tool_iac, exclusions, tool, dict_args
|
|
40
38
|
)
|
|
41
39
|
|
|
42
|
-
|
|
43
40
|
findings_list, path_file_results = [], None
|
|
44
41
|
if skip_tool == "false":
|
|
45
42
|
findings_list, path_file_results = self.tool_gateway.run_tool(
|
|
46
|
-
|
|
43
|
+
config_tool_iac,
|
|
47
44
|
folders_to_scan,
|
|
48
|
-
"pdn" if env not in ["dev","qa","pdn"] else env,
|
|
49
|
-
dict_args["platform"],
|
|
50
|
-
secret_tool,
|
|
45
|
+
environment="pdn" if env not in ["dev", "qa", "pdn"] else env,
|
|
46
|
+
platform_to_scan=dict_args["platform"],
|
|
47
|
+
secret_tool=secret_tool,
|
|
48
|
+
secret_external_checks=dict_args["token_external_checks"]
|
|
51
49
|
)
|
|
52
50
|
else:
|
|
53
51
|
print(f"Tool skipped by DevSecOps policy")
|
|
@@ -56,32 +54,34 @@ class IacScan:
|
|
|
56
54
|
totalized_exclusions = []
|
|
57
55
|
(
|
|
58
56
|
totalized_exclusions.extend(
|
|
59
|
-
map(lambda elem: Exclusions(**elem),
|
|
57
|
+
map(lambda elem: Exclusions(**elem), config_tool_core.exclusions_all)
|
|
60
58
|
)
|
|
61
|
-
if
|
|
59
|
+
if config_tool_core.exclusions_all is not None
|
|
62
60
|
else None
|
|
63
61
|
)
|
|
64
62
|
(
|
|
65
63
|
totalized_exclusions.extend(
|
|
66
|
-
map(lambda elem: Exclusions(**elem),
|
|
64
|
+
map(lambda elem: Exclusions(**elem), config_tool_core.exclusions_scope)
|
|
67
65
|
)
|
|
68
|
-
if
|
|
66
|
+
if config_tool_core.exclusions_scope is not None
|
|
69
67
|
else None
|
|
70
68
|
)
|
|
71
69
|
|
|
72
70
|
input_core = InputCore(
|
|
73
71
|
totalized_exclusions=totalized_exclusions,
|
|
74
|
-
threshold_defined=
|
|
72
|
+
threshold_defined=config_tool_core.threshold,
|
|
75
73
|
path_file_results=path_file_results,
|
|
76
|
-
custom_message_break_build=
|
|
77
|
-
scope_pipeline=
|
|
78
|
-
stage_pipeline=self.devops_platform_gateway.get_variable(
|
|
74
|
+
custom_message_break_build=config_tool_core.message_info_engine_iac,
|
|
75
|
+
scope_pipeline=config_tool_core.scope_pipeline,
|
|
76
|
+
stage_pipeline=self.devops_platform_gateway.get_variable(
|
|
77
|
+
"stage"
|
|
78
|
+
).capitalize(),
|
|
79
79
|
)
|
|
80
80
|
|
|
81
81
|
return findings_list, input_core
|
|
82
82
|
|
|
83
83
|
def complete_config_tool(self, data_file_tool, exclusions, tool, dict_args):
|
|
84
|
-
config_tool = ConfigTool(json_data=data_file_tool
|
|
84
|
+
config_tool = ConfigTool(json_data=data_file_tool)
|
|
85
85
|
skip_tool = "false"
|
|
86
86
|
|
|
87
87
|
config_tool.exclusions = exclusions
|
|
@@ -95,13 +95,25 @@ class IacScan:
|
|
|
95
95
|
config_tool.exclusions_scope = config_tool.exclusions.get(
|
|
96
96
|
config_tool.scope_pipeline
|
|
97
97
|
).get(tool)
|
|
98
|
-
skip_tool =
|
|
99
|
-
|
|
100
|
-
|
|
98
|
+
skip_tool = (
|
|
99
|
+
"true"
|
|
100
|
+
if config_tool.exclusions.get(config_tool.scope_pipeline).get(
|
|
101
|
+
"SKIP_TOOL"
|
|
102
|
+
)
|
|
103
|
+
else "false"
|
|
104
|
+
)
|
|
105
|
+
|
|
106
|
+
if dict_args["folder_path"]:
|
|
107
|
+
if (
|
|
108
|
+
config_tool.update_service_file_name_cft == "True"
|
|
109
|
+
and "cloudformation" in dict_args["platform"]
|
|
110
|
+
):
|
|
101
111
|
files = os.listdir(os.path.join(os.getcwd(), dict_args["folder_path"]))
|
|
102
112
|
if len(files) > 0:
|
|
103
113
|
name_file, _ = os.path.splitext(files[0])
|
|
104
|
-
config_tool.scope_pipeline =
|
|
114
|
+
config_tool.scope_pipeline = (
|
|
115
|
+
f"{config_tool.scope_pipeline}_{name_file}"
|
|
116
|
+
)
|
|
105
117
|
|
|
106
118
|
folders_to_scan = [dict_args["folder_path"]]
|
|
107
119
|
else:
|
|
@@ -1,28 +1,27 @@
|
|
|
1
1
|
import yaml
|
|
2
2
|
import subprocess
|
|
3
|
+
import time
|
|
3
4
|
import os
|
|
4
5
|
import platform
|
|
5
6
|
import queue
|
|
6
7
|
import threading
|
|
7
8
|
import json
|
|
9
|
+
import shutil
|
|
8
10
|
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.gateways.tool_gateway import (
|
|
9
11
|
ToolGateway,
|
|
10
12
|
)
|
|
11
|
-
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.config_tool import (
|
|
12
|
-
ConfigTool,
|
|
13
|
-
)
|
|
14
|
-
|
|
15
13
|
from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.driven_adapters.checkov.checkov_deserealizator import (
|
|
16
14
|
CheckovDeserealizator,
|
|
17
15
|
)
|
|
18
16
|
from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.driven_adapters.checkov.checkov_config import (
|
|
19
|
-
CheckovConfig
|
|
17
|
+
CheckovConfig,
|
|
20
18
|
)
|
|
21
19
|
from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.helpers.file_generator_tool import (
|
|
22
20
|
generate_file_from_tool,
|
|
23
21
|
)
|
|
24
|
-
|
|
25
|
-
|
|
22
|
+
from devsecops_engine_tools.engine_utilities.github.infrastructure.github_api import (
|
|
23
|
+
GithubApi,
|
|
24
|
+
)
|
|
26
25
|
from devsecops_engine_tools.engine_utilities.ssh.managment_private_key import (
|
|
27
26
|
create_ssh_private_file,
|
|
28
27
|
add_ssh_private_key,
|
|
@@ -34,12 +33,22 @@ from devsecops_engine_tools.engine_utilities import settings
|
|
|
34
33
|
|
|
35
34
|
logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
36
35
|
|
|
36
|
+
|
|
37
37
|
class CheckovTool(ToolGateway):
|
|
38
38
|
CHECKOV_CONFIG_FILE = "checkov_config.yaml"
|
|
39
|
-
|
|
40
|
-
framework_mapping = {
|
|
41
|
-
|
|
42
|
-
|
|
39
|
+
TOOL_CHECKOV = "CHECKOV"
|
|
40
|
+
framework_mapping = {
|
|
41
|
+
"RULES_DOCKER": "dockerfile",
|
|
42
|
+
"RULES_K8S": "kubernetes",
|
|
43
|
+
"RULES_CLOUDFORMATION": "cloudformation",
|
|
44
|
+
"RULES_OPENAPI": "openapi",
|
|
45
|
+
}
|
|
46
|
+
framework_external_checks = [
|
|
47
|
+
"RULES_K8S",
|
|
48
|
+
"RULES_CLOUDFORMATION",
|
|
49
|
+
"RULES_DOCKER",
|
|
50
|
+
"RULES_OPENAPI",
|
|
51
|
+
]
|
|
43
52
|
|
|
44
53
|
def create_config_file(self, checkov_config: CheckovConfig):
|
|
45
54
|
with open(
|
|
@@ -51,47 +60,97 @@ class CheckovTool(ToolGateway):
|
|
|
51
60
|
yaml.dump(checkov_config.dict_confg_file, file)
|
|
52
61
|
file.close()
|
|
53
62
|
|
|
54
|
-
def configurate_external_checks(self, config_tool
|
|
63
|
+
def configurate_external_checks(self, config_tool, secret):
|
|
55
64
|
agent_env = None
|
|
56
65
|
try:
|
|
57
|
-
if
|
|
58
|
-
logger.warning("
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
config_tool.external_dir_repository,
|
|
88
|
-
"/tmp",
|
|
89
|
-
)
|
|
66
|
+
if secret is None:
|
|
67
|
+
logger.warning("The secret is not configured for external controls")
|
|
68
|
+
|
|
69
|
+
# Create configuration git external checks
|
|
70
|
+
elif config_tool[self.TOOL_CHECKOV][
|
|
71
|
+
"USE_EXTERNAL_CHECKS_GIT"
|
|
72
|
+
] == "True" and platform.system() in (
|
|
73
|
+
"Linux",
|
|
74
|
+
"Darwin",
|
|
75
|
+
):
|
|
76
|
+
config_knowns_hosts(
|
|
77
|
+
config_tool[self.TOOL_CHECKOV]["EXTERNAL_GIT_SSH_HOST"],
|
|
78
|
+
config_tool[self.TOOL_CHECKOV][
|
|
79
|
+
"EXTERNAL_GIT_PUBLIC_KEY_FINGERPRINT"
|
|
80
|
+
],
|
|
81
|
+
)
|
|
82
|
+
ssh_key_content = decode_base64(secret["repository_ssh_private_key"])
|
|
83
|
+
ssh_key_file_path = "/tmp/ssh_key_file"
|
|
84
|
+
create_ssh_private_file(ssh_key_file_path, ssh_key_content)
|
|
85
|
+
ssh_key_password = decode_base64(secret["repository_ssh_password"])
|
|
86
|
+
agent_env = add_ssh_private_key(ssh_key_file_path, ssh_key_password)
|
|
87
|
+
|
|
88
|
+
# Create configuration dir external checks
|
|
89
|
+
elif config_tool[self.TOOL_CHECKOV]["USE_EXTERNAL_CHECKS_DIR"] == "True":
|
|
90
|
+
github_api = GithubApi(secret["github_token"])
|
|
91
|
+
github_api.download_latest_release_assets(
|
|
92
|
+
config_tool[self.TOOL_CHECKOV]["EXTERNAL_DIR_OWNER"],
|
|
93
|
+
config_tool[self.TOOL_CHECKOV]["EXTERNAL_DIR_REPOSITORY"],
|
|
94
|
+
"/tmp",
|
|
95
|
+
)
|
|
90
96
|
|
|
91
97
|
except Exception as ex:
|
|
92
98
|
logger.error(f"An error ocurred configuring external checks {ex}")
|
|
93
99
|
return agent_env
|
|
94
100
|
|
|
101
|
+
def retryable_install_package(self, package: str, version: str) -> bool:
|
|
102
|
+
MAX_RETRIES = 3
|
|
103
|
+
RETRY_DELAY = 1 # in seconds
|
|
104
|
+
INSTALL_SUCCESS_MSG = f"Installation of {package} successful"
|
|
105
|
+
INSTALL_RETRY_MSG = (
|
|
106
|
+
f"Retrying installation of {package} in {RETRY_DELAY} seconds..."
|
|
107
|
+
)
|
|
108
|
+
|
|
109
|
+
installed = subprocess.run(
|
|
110
|
+
["which", package],
|
|
111
|
+
stdout=subprocess.PIPE,
|
|
112
|
+
stderr=subprocess.PIPE,
|
|
113
|
+
)
|
|
114
|
+
|
|
115
|
+
if installed.returncode == 0:
|
|
116
|
+
return True
|
|
117
|
+
|
|
118
|
+
python_path = shutil.which("python3")
|
|
119
|
+
if python_path is None:
|
|
120
|
+
logger.error("Python3 not found on the system.")
|
|
121
|
+
return False
|
|
122
|
+
|
|
123
|
+
def retry(attempt):
|
|
124
|
+
if attempt < MAX_RETRIES:
|
|
125
|
+
logger.warning(INSTALL_RETRY_MSG)
|
|
126
|
+
time.sleep(RETRY_DELAY)
|
|
127
|
+
|
|
128
|
+
for attempt in range(1, MAX_RETRIES + 1):
|
|
129
|
+
install_cmd = [
|
|
130
|
+
python_path,
|
|
131
|
+
"-m",
|
|
132
|
+
"pip",
|
|
133
|
+
"install",
|
|
134
|
+
"-q",
|
|
135
|
+
f"{package}=={version}",
|
|
136
|
+
"--retries",
|
|
137
|
+
str(MAX_RETRIES),
|
|
138
|
+
"--timeout",
|
|
139
|
+
str(RETRY_DELAY),
|
|
140
|
+
]
|
|
141
|
+
|
|
142
|
+
try:
|
|
143
|
+
result = subprocess.run(install_cmd, capture_output=True)
|
|
144
|
+
if result.returncode == 0:
|
|
145
|
+
logger.debug(INSTALL_SUCCESS_MSG)
|
|
146
|
+
return True
|
|
147
|
+
except Exception as e:
|
|
148
|
+
logger.error(f"Error during installation: {e}")
|
|
149
|
+
|
|
150
|
+
retry(attempt)
|
|
151
|
+
|
|
152
|
+
return False
|
|
153
|
+
|
|
95
154
|
def execute(self, checkov_config: CheckovConfig):
|
|
96
155
|
command = (
|
|
97
156
|
"checkov --config-file "
|
|
@@ -114,44 +173,60 @@ class CheckovTool(ToolGateway):
|
|
|
114
173
|
output = self.execute(checkov_config)
|
|
115
174
|
result.append(json.loads(output))
|
|
116
175
|
queue.put(result)
|
|
117
|
-
|
|
176
|
+
|
|
118
177
|
def scan_folders(
|
|
119
|
-
self,
|
|
178
|
+
self,
|
|
179
|
+
folders_to_scan,
|
|
180
|
+
config_tool,
|
|
181
|
+
agent_env,
|
|
182
|
+
environment,
|
|
183
|
+
platform_to_scan,
|
|
120
184
|
):
|
|
121
185
|
output_queue = queue.Queue()
|
|
122
186
|
# Crea una lista para almacenar los hilos
|
|
123
|
-
threads = []
|
|
187
|
+
threads = []
|
|
188
|
+
rules_run = {}
|
|
124
189
|
for folder in folders_to_scan:
|
|
125
|
-
for rule in config_tool.
|
|
126
|
-
if "all" in platform_to_scan or any(
|
|
190
|
+
for rule in config_tool[self.TOOL_CHECKOV]["RULES"]:
|
|
191
|
+
if "all" in platform_to_scan or any(
|
|
192
|
+
elem.upper() in rule for elem in platform_to_scan
|
|
193
|
+
):
|
|
127
194
|
checkov_config = CheckovConfig(
|
|
128
195
|
path_config_file="",
|
|
129
196
|
config_file_name=rule,
|
|
130
197
|
framework=self.framework_mapping[rule],
|
|
131
198
|
checks=[
|
|
132
199
|
key
|
|
133
|
-
for key, value in config_tool.
|
|
200
|
+
for key, value in config_tool[self.TOOL_CHECKOV]["RULES"][
|
|
201
|
+
rule
|
|
202
|
+
].items()
|
|
134
203
|
if value["environment"].get(environment)
|
|
135
204
|
],
|
|
136
205
|
soft_fail=False,
|
|
137
206
|
directories=folder,
|
|
138
|
-
external_checks_git=
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
207
|
+
external_checks_git=(
|
|
208
|
+
[
|
|
209
|
+
f"{config_tool[self.TOOL_CHECKOV]['EXTERNAL_CHECKS_GIT']}/{self.framework_mapping[rule]}"
|
|
210
|
+
]
|
|
211
|
+
if config_tool[self.TOOL_CHECKOV]["USE_EXTERNAL_CHECKS_GIT"]
|
|
212
|
+
== "True"
|
|
213
|
+
and agent_env is not None
|
|
214
|
+
and rule in self.framework_external_checks
|
|
215
|
+
else []
|
|
216
|
+
),
|
|
145
217
|
env=agent_env,
|
|
146
|
-
external_checks_dir=
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
218
|
+
external_checks_dir=(
|
|
219
|
+
f"/tmp/rules/{self.framework_mapping[rule]}"
|
|
220
|
+
if config_tool[self.TOOL_CHECKOV]["USE_EXTERNAL_CHECKS_DIR"]
|
|
221
|
+
== "True"
|
|
222
|
+
and rule in self.framework_external_checks
|
|
223
|
+
else []
|
|
224
|
+
),
|
|
150
225
|
)
|
|
151
226
|
|
|
152
227
|
checkov_config.create_config_dict()
|
|
153
228
|
self.create_config_file(checkov_config)
|
|
154
|
-
|
|
229
|
+
rules_run.update(config_tool[self.TOOL_CHECKOV]["RULES"][rule])
|
|
155
230
|
t = threading.Thread(
|
|
156
231
|
target=self.async_scan,
|
|
157
232
|
args=(output_queue, checkov_config),
|
|
@@ -166,23 +241,58 @@ class CheckovTool(ToolGateway):
|
|
|
166
241
|
while not output_queue.empty():
|
|
167
242
|
result = output_queue.get()
|
|
168
243
|
result_scans.extend(result)
|
|
169
|
-
return result_scans
|
|
244
|
+
return result_scans, rules_run
|
|
170
245
|
|
|
171
246
|
def run_tool(
|
|
172
|
-
self,
|
|
247
|
+
self,
|
|
248
|
+
config_tool,
|
|
249
|
+
folders_to_scan,
|
|
250
|
+
environment,
|
|
251
|
+
platform_to_scan,
|
|
252
|
+
secret_tool,
|
|
253
|
+
secret_external_checks,
|
|
173
254
|
):
|
|
174
|
-
|
|
255
|
+
secret = None
|
|
256
|
+
if secret_tool is not None:
|
|
257
|
+
secret = secret_tool
|
|
258
|
+
elif secret_external_checks is not None:
|
|
259
|
+
secret = {
|
|
260
|
+
"github_token": (
|
|
261
|
+
secret_external_checks.split("github:")[1]
|
|
262
|
+
if "github" in secret_external_checks
|
|
263
|
+
else None
|
|
264
|
+
),
|
|
265
|
+
"repository_ssh_private_key": (
|
|
266
|
+
secret_external_checks.split("ssh:")[1].split(":")[0]
|
|
267
|
+
if "ssh" in secret_external_checks
|
|
268
|
+
else None
|
|
269
|
+
),
|
|
270
|
+
"repository_ssh_password": (
|
|
271
|
+
secret_external_checks.split("ssh:")[1].split(":")[1]
|
|
272
|
+
if "ssh" in secret_external_checks
|
|
273
|
+
else None
|
|
274
|
+
),
|
|
275
|
+
}
|
|
175
276
|
|
|
176
|
-
|
|
177
|
-
folders_to_scan, config_tool, agent_env, environment, platform_to_scan
|
|
178
|
-
)
|
|
277
|
+
agent_env = self.configurate_external_checks(config_tool, secret)
|
|
179
278
|
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
result_scans, config_tool.rules_all
|
|
279
|
+
checkov_install = self.retryable_install_package(
|
|
280
|
+
"checkov", config_tool[self.TOOL_CHECKOV]["VERSION"]
|
|
183
281
|
)
|
|
184
282
|
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
283
|
+
if checkov_install:
|
|
284
|
+
result_scans, rules_run = self.scan_folders(
|
|
285
|
+
folders_to_scan, config_tool, agent_env, environment, platform_to_scan
|
|
286
|
+
)
|
|
287
|
+
|
|
288
|
+
checkov_deserealizator = CheckovDeserealizator()
|
|
289
|
+
findings_list = checkov_deserealizator.get_list_finding(
|
|
290
|
+
result_scans, rules_run
|
|
291
|
+
)
|
|
292
|
+
|
|
293
|
+
return (
|
|
294
|
+
findings_list,
|
|
295
|
+
generate_file_from_tool(self.TOOL_CHECKOV, result_scans, rules_run),
|
|
296
|
+
)
|
|
297
|
+
else:
|
|
298
|
+
return [], None
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py
CHANGED
|
@@ -6,9 +6,6 @@ import os
|
|
|
6
6
|
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.gateways.tool_gateway import (
|
|
7
7
|
ToolGateway,
|
|
8
8
|
)
|
|
9
|
-
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.config_tool import (
|
|
10
|
-
ConfigTool,
|
|
11
|
-
)
|
|
12
9
|
from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.driven_adapters.kics.kics_deserealizator import (
|
|
13
10
|
KicsDeserealizator
|
|
14
11
|
)
|
|
@@ -20,6 +17,7 @@ logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
|
20
17
|
|
|
21
18
|
|
|
22
19
|
class KicsTool(ToolGateway):
|
|
20
|
+
TOOL_KICS = "KICS"
|
|
23
21
|
|
|
24
22
|
def download(self, file, url):
|
|
25
23
|
try:
|
|
@@ -83,19 +81,19 @@ class KicsTool(ToolGateway):
|
|
|
83
81
|
logger.error(f"An error ocurred loading KICS results {ex}")
|
|
84
82
|
return None
|
|
85
83
|
|
|
86
|
-
def select_operative_system(self, os_platform, folders_to_scan, config_tool
|
|
84
|
+
def select_operative_system(self, os_platform, folders_to_scan, config_tool, path_kics):
|
|
87
85
|
command_prefix = path_kics
|
|
88
86
|
if os_platform == "Linux":
|
|
89
87
|
kics_zip = "kics_linux.zip"
|
|
90
|
-
url_kics = config_tool.
|
|
88
|
+
url_kics = config_tool[self.TOOL_KICS]["KICS_LINUX"]
|
|
91
89
|
command_prefix = self.install_tool(kics_zip, url_kics, command_prefix)
|
|
92
90
|
elif os_platform == "Windows":
|
|
93
91
|
kics_zip = "kics_windows.zip"
|
|
94
|
-
url_kics = config_tool.
|
|
92
|
+
url_kics = config_tool[self.TOOL_KICS]["KICS_WINDOWS"]
|
|
95
93
|
command_prefix = self.install_tool_windows(kics_zip, url_kics, command_prefix)
|
|
96
94
|
elif os_platform == "Darwin":
|
|
97
95
|
kics_zip = "kics_macos.zip"
|
|
98
|
-
url_kics = config_tool.
|
|
96
|
+
url_kics = config_tool[self.TOOL_KICS]["KICS_MAC"]
|
|
99
97
|
command_prefix = self.install_tool(kics_zip, url_kics, command_prefix)
|
|
100
98
|
else:
|
|
101
99
|
logger.warning(f"{os_platform} is not supported.")
|
|
@@ -113,11 +111,11 @@ class KicsTool(ToolGateway):
|
|
|
113
111
|
github_api.unzip_file(name_zip, directory_assets)
|
|
114
112
|
|
|
115
113
|
def run_tool(
|
|
116
|
-
self, config_tool
|
|
114
|
+
self, config_tool, folders_to_scan, **kwargs
|
|
117
115
|
):
|
|
118
|
-
kics_version = config_tool.
|
|
119
|
-
path_kics = config_tool.
|
|
120
|
-
download_kics_assets = config_tool.
|
|
116
|
+
kics_version = config_tool[self.TOOL_KICS]["VERSION"]
|
|
117
|
+
path_kics = config_tool[self.TOOL_KICS]["PATH_KICS"]
|
|
118
|
+
download_kics_assets = config_tool[self.TOOL_KICS]["DOWNLOAD_KICS_ASSETS"]
|
|
121
119
|
if download_kics_assets:
|
|
122
120
|
self.get_assets(kics_version)
|
|
123
121
|
|
|
@@ -7,9 +7,6 @@ import os
|
|
|
7
7
|
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.gateways.tool_gateway import (
|
|
8
8
|
ToolGateway,
|
|
9
9
|
)
|
|
10
|
-
from devsecops_engine_tools.engine_sast.engine_iac.src.domain.model.config_tool import (
|
|
11
|
-
ConfigTool,
|
|
12
|
-
)
|
|
13
10
|
from devsecops_engine_tools.engine_sast.engine_iac.src.infrastructure.driven_adapters.kubescape.kubescape_deserealizator import (
|
|
14
11
|
KubescapeDeserealizator,
|
|
15
12
|
)
|
|
@@ -99,11 +96,11 @@ class KubescapeTool(ToolGateway):
|
|
|
99
96
|
|
|
100
97
|
self.execute_kubescape(folders_to_scan, command_prefix)
|
|
101
98
|
|
|
102
|
-
def run_tool(self, config_tool
|
|
99
|
+
def run_tool(self, config_tool, folders_to_scan, platform_to_scan, **kwargs):
|
|
103
100
|
|
|
104
101
|
if folders_to_scan and "k8s" in platform_to_scan:
|
|
105
102
|
|
|
106
|
-
kubescape_version = config_tool
|
|
103
|
+
kubescape_version = config_tool["KUBESCAPE"]["VERSION"]
|
|
107
104
|
os_platform = platform.system()
|
|
108
105
|
base_url = f"https://github.com/kubescape/kubescape/releases/download/v{kubescape_version}/"
|
|
109
106
|
self.select_operative_system(os_platform, folders_to_scan, base_url)
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py
CHANGED
|
@@ -5,7 +5,6 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.domain.usecases.set_in
|
|
|
5
5
|
)
|
|
6
6
|
|
|
7
7
|
def engine_secret_scan(devops_platform_gateway, tool_gateway, dict_args, tool, tool_deserealizator, git_gateway):
|
|
8
|
-
sys.stdout.reconfigure(encoding='utf-8')
|
|
9
8
|
exclusions = devops_platform_gateway.get_remote_config(
|
|
10
9
|
dict_args["remote_config_repo"], "engine_sast/engine_secret/Exclusions.json"
|
|
11
10
|
)
|
|
@@ -20,8 +20,6 @@ logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
|
20
20
|
def init_engine_dependencies(
|
|
21
21
|
tool_run, tool_remote, tool_deserializator, dict_args, token, tool
|
|
22
22
|
):
|
|
23
|
-
sys.stdout.reconfigure(encoding="utf-8")
|
|
24
|
-
|
|
25
23
|
remote_config = tool_remote.get_remote_config(
|
|
26
24
|
dict_args["remote_config_repo"],
|
|
27
25
|
"engine_sca/engine_dependencies/ConfigTool.json",
|
|
@@ -5,7 +5,6 @@ from azure.devops.connection import Connection
|
|
|
5
5
|
from msrest.authentication import BasicAuthentication
|
|
6
6
|
from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
|
|
7
7
|
from devsecops_engine_tools.engine_utilities.settings import SETTING_LOGGER
|
|
8
|
-
from azure.devops.v7_1.git.models import GitVersionDescriptor
|
|
9
8
|
|
|
10
9
|
logger = MyLogger.__call__(**SETTING_LOGGER).get_logger()
|
|
11
10
|
|
|
@@ -3,9 +3,8 @@ import pexpect
|
|
|
3
3
|
import base64
|
|
4
4
|
|
|
5
5
|
|
|
6
|
-
def decode_base64(secret_data
|
|
7
|
-
|
|
8
|
-
return base64.b64decode(key_name_secret).decode("utf-8")
|
|
6
|
+
def decode_base64(secret_data):
|
|
7
|
+
return base64.b64decode(secret_data).decode("utf-8")
|
|
9
8
|
|
|
10
9
|
|
|
11
10
|
def config_knowns_hosts(host, ssh_key):
|
|
@@ -10,7 +10,7 @@ logging.basicConfig(format="%(message)s", level=logging.INFO)
|
|
|
10
10
|
class Printers:
|
|
11
11
|
@staticmethod
|
|
12
12
|
def print_logo_tool(banner: str):
|
|
13
|
-
print(pyfiglet.figlet_format(banner, font="slant"))
|
|
13
|
+
print(pyfiglet.figlet_format(banner, font="slant", width=200))
|
|
14
14
|
|
|
15
15
|
@staticmethod
|
|
16
16
|
def print_title(title: str):
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.7.
|
|
1
|
+
version = '1.7.36'
|
{devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: devsecops-engine-tools
|
|
3
|
-
Version: 1.7.
|
|
3
|
+
Version: 1.7.36
|
|
4
4
|
Summary: Tool for DevSecOps strategy
|
|
5
5
|
Home-page: https://github.com/bancolombia/devsecops-engine-tools
|
|
6
6
|
Author: Bancolombia DevSecOps Team
|
|
@@ -10,20 +10,21 @@ Classifier: License :: OSI Approved :: GNU Affero General Public License v3 or l
|
|
|
10
10
|
Classifier: Operating System :: OS Independent
|
|
11
11
|
Requires-Python: >=3.8
|
|
12
12
|
Description-Content-Type: text/markdown
|
|
13
|
-
Requires-Dist: requests
|
|
14
|
-
Requires-Dist:
|
|
15
|
-
Requires-Dist:
|
|
16
|
-
Requires-Dist:
|
|
17
|
-
Requires-Dist:
|
|
18
|
-
Requires-Dist:
|
|
19
|
-
Requires-Dist:
|
|
20
|
-
Requires-Dist:
|
|
21
|
-
Requires-Dist:
|
|
22
|
-
Requires-Dist:
|
|
23
|
-
Requires-Dist:
|
|
24
|
-
Requires-Dist:
|
|
25
|
-
Requires-Dist:
|
|
26
|
-
Requires-Dist:
|
|
13
|
+
Requires-Dist: requests==2.32.3
|
|
14
|
+
Requires-Dist: PyYAML==6.0.2
|
|
15
|
+
Requires-Dist: pyfiglet==0.8.post1
|
|
16
|
+
Requires-Dist: prettytable==3.10.2
|
|
17
|
+
Requires-Dist: azure-devops==7.1.0b4
|
|
18
|
+
Requires-Dist: marshmallow==3.21.3
|
|
19
|
+
Requires-Dist: pytz==2024.1
|
|
20
|
+
Requires-Dist: python-decouple==3.8
|
|
21
|
+
Requires-Dist: requests-toolbelt==1.0.0
|
|
22
|
+
Requires-Dist: pexpect==4.9.0
|
|
23
|
+
Requires-Dist: PyGithub==2.3.0
|
|
24
|
+
Requires-Dist: distro==1.9.0
|
|
25
|
+
Requires-Dist: boto3==1.34.157
|
|
26
|
+
Requires-Dist: docker==7.1.0
|
|
27
|
+
Requires-Dist: setuptools==72.1.0
|
|
27
28
|
|
|
28
29
|
# DevSecOps Engine Tools
|
|
29
30
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=aZVmUx_FFvbwmwulgaTVmrr-bFOD1f0717g-mRfoI9k,18
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
6
|
-
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=
|
|
6
|
+
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=FvtVet0KnoxI12ED9HWrYyhe5dWrDHurySTZlqOltLc,6954
|
|
7
7
|
devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -24,7 +24,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/printer_table_gatewa
|
|
|
24
24
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/secrets_manager_gateway.py,sha256=CTwUIvUWF0NSSzdCqASUFst6KUysW53NV9eatjLGdl8,170
|
|
25
25
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_management_gateway.py,sha256=sn9bEDfaNtRmHHtn49eSVg_JO7Zr2OVyj350KzyGiXo,667
|
|
26
26
|
devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
27
|
-
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=
|
|
27
|
+
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=63O0eOM-dg0OHk7sBWQ36-13Uq-mEEyZ19N61XOBm04,15793
|
|
28
28
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=EBLEzm-p_lEeB7T8iarn2Fc4_6hY0XAIT1AJATd2JUM,2473
|
|
29
29
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=ee9ULqKGYfaxBUO8RNq-Znh4dbojghIauH4YIjYx9QU,6730
|
|
30
30
|
devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
|
|
@@ -86,23 +86,23 @@ devsecops_engine_tools/engine_sast/engine_iac/src/deployment/__init__.py,sha256=
|
|
|
86
86
|
devsecops_engine_tools/engine_sast/engine_iac/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
87
87
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
88
88
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
89
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/config_tool.py,sha256=
|
|
89
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/config_tool.py,sha256=XmEy3jo2Dg0g1KN3yRQ33JAGJrHhABl_YYjW2w2CGOY,631
|
|
90
90
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
91
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py,sha256=
|
|
91
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py,sha256=ClElxyHbwfDCW0fgcehaNfQLq00zozhO71EnyCjzt-U,182
|
|
92
92
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
93
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py,sha256=
|
|
93
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py,sha256=VieJzkkJDtnSdrnEymKV3XFZC9cp7xF91PnzpjmeFuQ,5754
|
|
94
94
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
95
95
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
96
96
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
97
97
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_config.py,sha256=qbE6wUO5_WFXF_QolL0JYelaRGEOUakPEZR_6HAKzzI,4355
|
|
98
98
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_deserealizator.py,sha256=gBwnQ20QExHTrN1nvErUUqb_IMHvYKJijqc55XwZHQk,1404
|
|
99
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py,sha256=
|
|
99
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py,sha256=B7M8NoGSfrWaQCjQIvc9zZ0GLWNWpK9mGqhsC5gepow,10822
|
|
100
100
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
101
101
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_deserealizator.py,sha256=b1X5GWz2snJtsKZcGEsILNc178hv9p-lg-el0Jc-_Eo,2084
|
|
102
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py,sha256=
|
|
102
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py,sha256=B-jjLEbpLnKlxvDhXPWXPwCKAqAjMy7uGqX8qkt-cNs,5317
|
|
103
103
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
104
104
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_deserealizator.py,sha256=i-hKFmR-OriwiiBg-3E3RKc7hjI1E8jv8Z7dQ8_Q0qE,2885
|
|
105
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_tool.py,sha256=
|
|
105
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_tool.py,sha256=88c44Vg_kzyMiCH68rBC_Zrs7HzytCGhwBDIXLhA1Fw,4588
|
|
106
106
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
107
107
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/entry_points/entry_point_tool.py,sha256=60iaHYZZp5uTngD7a8vsQaQYsTfBzP_kp0xflfPNnk4,305
|
|
108
108
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -131,7 +131,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapt
|
|
|
131
131
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=WpFFswOmP38cLvfZHCrPDiRtdwH86n1CqVNS3K4s6uA,1968
|
|
132
132
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
|
|
133
133
|
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
134
|
-
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=
|
|
134
|
+
devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=WJJVGqE0PJMoATi8ubTGsqyrx4KqEQluXCg9Hk-NiOw,982
|
|
135
135
|
devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
136
136
|
devsecops_engine_tools/engine_sca/engine_container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
137
137
|
devsecops_engine_tools/engine_sca/engine_container/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -152,7 +152,7 @@ devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input
|
|
|
152
152
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
153
153
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
154
154
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
155
|
-
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=
|
|
155
|
+
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=2f2iS37s2bu0H2SlM9vhTgzSjhNCkPEXi8wMXoGur18,1049
|
|
156
156
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
157
157
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=DUq-cs3DuKpwfKVcu_zCiydLD-OZihbtRiQhVw0Dl1M,3213
|
|
158
158
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=Q6jPGjAO-oY0YeHZYmmD_in-nA8R6oa4_cBGbNs1oy8,2375
|
|
@@ -183,13 +183,13 @@ devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_
|
|
|
183
183
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_deserialize_output.py,sha256=Vm0pj1i6a34xXouXUU95Y04hzR--9tcMQuycR7IMUnQ,2221
|
|
184
184
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/driven_adapters/xray_tool/xray_manager_scan.py,sha256=aY3Gfl1ALK5XZaFb3PGOSVRXNzPiBni2y_WOO2tubnY,10061
|
|
185
185
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
186
|
-
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py,sha256=
|
|
186
|
+
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/entry_points/entry_point_tool.py,sha256=NBzg9VoGIqHeXuhDR4vBgwPMFnkjzJssBddPo1R23R0,2524
|
|
187
187
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
188
188
|
devsecops_engine_tools/engine_utilities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
189
189
|
devsecops_engine_tools/engine_utilities/settings.py,sha256=CPnDndwVeRgQNml3HVzvytVruDd8dTd1ICHbkMDSgTM,2144
|
|
190
190
|
devsecops_engine_tools/engine_utilities/azuredevops/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
191
191
|
devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
192
|
-
devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/azure_devops_api.py,sha256=
|
|
192
|
+
devsecops_engine_tools/engine_utilities/azuredevops/infrastructure/azure_devops_api.py,sha256=0r_hIh1bpgt6wAAxoAkOPYmoou8V80a9lqK0vyGDXb8,2680
|
|
193
193
|
devsecops_engine_tools/engine_utilities/azuredevops/models/AzureMessageLoggingPipeline.py,sha256=pCwlPDDl-hgvZ9gvceuC8GsKbsMhRm3ykhFFVByVqcI,664
|
|
194
194
|
devsecops_engine_tools/engine_utilities/azuredevops/models/AzurePredefinedVariables.py,sha256=r-PpcKlyuXzKHx6ao4SuVI9dOKMVnjL1U_b-yfJK0o4,2387
|
|
195
195
|
devsecops_engine_tools/engine_utilities/azuredevops/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -240,17 +240,17 @@ devsecops_engine_tools/engine_utilities/input_validations/__init__.py,sha256=47D
|
|
|
240
240
|
devsecops_engine_tools/engine_utilities/input_validations/env_utils.py,sha256=nHp9YIuG1k-IvxssQslrE9ny62juJMovmBTzcM7PPk0,258
|
|
241
241
|
devsecops_engine_tools/engine_utilities/input_validations/validate_input_with_regex_letters_number_and_only.py,sha256=uIevSfVC2Qyzc4bqR13Z7_JNr5JyiqwYYxORYW33F1s,255
|
|
242
242
|
devsecops_engine_tools/engine_utilities/ssh/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
243
|
-
devsecops_engine_tools/engine_utilities/ssh/managment_private_key.py,sha256=
|
|
243
|
+
devsecops_engine_tools/engine_utilities/ssh/managment_private_key.py,sha256=Vvrro2e_YyvtKY9WzPUVOFTd-fiibohcG6wWHjLHAWg,2369
|
|
244
244
|
devsecops_engine_tools/engine_utilities/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
245
245
|
devsecops_engine_tools/engine_utilities/utils/api_error.py,sha256=yRbad5gNUHh5nALBKkRDi-d98JPmqAhw-QJEGW4psrw,528
|
|
246
246
|
devsecops_engine_tools/engine_utilities/utils/dataclass_classmethod.py,sha256=S-w6pybVKlyVBhV3HE3IGDvO4ByXxiVePP1JaMnISgM,4302
|
|
247
247
|
devsecops_engine_tools/engine_utilities/utils/datetime_parsing.py,sha256=2891pkh01dfW8E5CW2eTpsUF1t6k0rgbQf8BgkdrSEk,224
|
|
248
248
|
devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9MkufkBR6JVZWFum6-nrUYUKj6gfq-eFWgg,3575
|
|
249
249
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
250
|
-
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=
|
|
250
|
+
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
251
251
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
252
|
-
devsecops_engine_tools-1.7.
|
|
253
|
-
devsecops_engine_tools-1.7.
|
|
254
|
-
devsecops_engine_tools-1.7.
|
|
255
|
-
devsecops_engine_tools-1.7.
|
|
256
|
-
devsecops_engine_tools-1.7.
|
|
252
|
+
devsecops_engine_tools-1.7.36.dist-info/METADATA,sha256=GBF2iCk0p0Pbi63tVjl1_5ueDlXjizTtLnzBlj1BHgU,8635
|
|
253
|
+
devsecops_engine_tools-1.7.36.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
254
|
+
devsecops_engine_tools-1.7.36.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
255
|
+
devsecops_engine_tools-1.7.36.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
256
|
+
devsecops_engine_tools-1.7.36.dist-info/RECORD,,
|
{devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.7.34.dist-info → devsecops_engine_tools-1.7.36.dist-info}/top_level.txt
RENAMED
|
File without changes
|