devsecops-engine-tools 1.7.40__py3-none-any.whl → 1.8.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py +6 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py +2 -2
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py +9 -9
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py +14 -9
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py +3 -1
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py +2 -0
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/METADATA +2 -2
- {devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/RECORD +12 -12
- {devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/top_level.txt +0 -0
|
@@ -152,6 +152,11 @@ def get_inputs_from_cli(args):
|
|
|
152
152
|
default="scan",
|
|
153
153
|
help="Mode to execute xray, only apply engine_dependencies xray tool",
|
|
154
154
|
)
|
|
155
|
+
parser.add_argument(
|
|
156
|
+
"--image_to_scan",
|
|
157
|
+
required=False,
|
|
158
|
+
help="Name of image to scan for engine_container",
|
|
159
|
+
)
|
|
155
160
|
args = parser.parse_args()
|
|
156
161
|
return {
|
|
157
162
|
"platform_devops": args.platform_devops,
|
|
@@ -168,6 +173,7 @@ def get_inputs_from_cli(args):
|
|
|
168
173
|
"token_engine_dependencies": args.token_engine_dependencies,
|
|
169
174
|
"token_external_checks": args.token_external_checks,
|
|
170
175
|
"xray_mode": args.xray_mode,
|
|
176
|
+
"image_to_scan": args.image_to_scan
|
|
171
177
|
}
|
|
172
178
|
|
|
173
179
|
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py
CHANGED
|
@@ -20,6 +20,7 @@ class ContainerScaScan:
|
|
|
20
20
|
tool_deseralizator: DeseralizatorGateway,
|
|
21
21
|
build_id,
|
|
22
22
|
token,
|
|
23
|
+
image_to_scan,
|
|
23
24
|
):
|
|
24
25
|
self.tool_run = tool_run
|
|
25
26
|
self.remote_config = remote_config
|
|
@@ -27,15 +28,16 @@ class ContainerScaScan:
|
|
|
27
28
|
self.tool_deseralizator = tool_deseralizator
|
|
28
29
|
self.build_id = build_id
|
|
29
30
|
self.token = token
|
|
31
|
+
self.image_to_scan = image_to_scan
|
|
30
32
|
|
|
31
|
-
def
|
|
33
|
+
def get_image(self, image_to_scan):
|
|
32
34
|
"""
|
|
33
35
|
Process the list of images.
|
|
34
36
|
|
|
35
37
|
Returns:
|
|
36
38
|
list: List of processed images.
|
|
37
39
|
"""
|
|
38
|
-
return self.tool_images.list_images()
|
|
40
|
+
return self.tool_images.list_images(image_to_scan)
|
|
39
41
|
|
|
40
42
|
def get_images_already_scanned(self):
|
|
41
43
|
"""
|
|
@@ -62,11 +64,11 @@ class ContainerScaScan:
|
|
|
62
64
|
Returns:
|
|
63
65
|
string: file scanning results name.
|
|
64
66
|
"""
|
|
65
|
-
|
|
66
|
-
image_name = latest_image.tags[0]
|
|
67
|
+
matching_image = self.get_image(self.image_to_scan)
|
|
67
68
|
image_scanned = None
|
|
68
|
-
if
|
|
69
|
-
|
|
69
|
+
if matching_image:
|
|
70
|
+
image_name = matching_image.tags[0]
|
|
71
|
+
result_file = image_name.replace("/","_") + "_scan_result.json"
|
|
70
72
|
if result_file in self.get_images_already_scanned():
|
|
71
73
|
print(f"The image {image_name} has already been scanned previously.")
|
|
72
74
|
return image_scanned
|
|
@@ -75,9 +77,7 @@ class ContainerScaScan:
|
|
|
75
77
|
)
|
|
76
78
|
self.set_image_scanned(result_file)
|
|
77
79
|
else:
|
|
78
|
-
print(
|
|
79
|
-
f"'{image_name}' name does not contain build number '{self.build_id}'. Tool skipped."
|
|
80
|
-
)
|
|
80
|
+
print(f"'Not image found for {self.image_to_scan}'. Tool skipped.")
|
|
81
81
|
return image_scanned
|
|
82
82
|
|
|
83
83
|
def deseralizator(self, image_scanned):
|
|
@@ -10,18 +10,23 @@ logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
|
|
|
10
10
|
|
|
11
11
|
|
|
12
12
|
class DockerImages(ImagesGateway):
|
|
13
|
-
def list_images(self):
|
|
13
|
+
def list_images(self, image_to_scan):
|
|
14
14
|
try:
|
|
15
15
|
client = docker.from_env()
|
|
16
16
|
images = client.images.list()
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
17
|
+
|
|
18
|
+
matching_image = None
|
|
19
|
+
for image in images:
|
|
20
|
+
if image_to_scan in image.tags:
|
|
21
|
+
matching_image = image
|
|
22
|
+
break
|
|
23
|
+
|
|
24
|
+
if matching_image:
|
|
25
|
+
print("ID matching image:", matching_image.id)
|
|
26
|
+
print("Tag matching image:", matching_image.tags)
|
|
27
|
+
print("Created date matching image:", matching_image.attrs["Created"])
|
|
28
|
+
return matching_image
|
|
29
|
+
|
|
25
30
|
except Exception as e:
|
|
26
31
|
logger.error(
|
|
27
32
|
f"Error listing images, docker must be running and added to PATH: {e}"
|
|
@@ -49,7 +49,9 @@ class PrismaDeserealizator(DeseralizatorGateway):
|
|
|
49
49
|
identification_date=datetime.strptime(
|
|
50
50
|
vul.get("discoveredDate", ""), "%Y-%m-%dT%H:%M:%S%z"
|
|
51
51
|
),
|
|
52
|
-
published_date_cve=vul.get("publishedDate", "").replace(
|
|
52
|
+
published_date_cve=vul.get("publishedDate", "").replace(
|
|
53
|
+
"Z", "+00:00"
|
|
54
|
+
),
|
|
53
55
|
module="engine_container",
|
|
54
56
|
category=Category.VULNERABILITY,
|
|
55
57
|
requirements=vul.get("status", ""),
|
|
@@ -36,6 +36,7 @@ def init_engine_sca_rm(
|
|
|
36
36
|
scan_flag = handle_remote_config_patterns.ignore_analysis_pattern()
|
|
37
37
|
build_id = tool_remote.get_variable("build_id")
|
|
38
38
|
stage = tool_remote.get_variable("stage")
|
|
39
|
+
image_to_scan = dict_args["image_to_scan"]
|
|
39
40
|
image_scanned = None
|
|
40
41
|
deseralized = []
|
|
41
42
|
input_core = SetInputCore(remote_config, exclusions, pipeline_name, tool, stage)
|
|
@@ -47,6 +48,7 @@ def init_engine_sca_rm(
|
|
|
47
48
|
tool_deseralizator,
|
|
48
49
|
build_id,
|
|
49
50
|
token,
|
|
51
|
+
image_to_scan,
|
|
50
52
|
)
|
|
51
53
|
image_scanned = container_sca_scan.process()
|
|
52
54
|
if image_scanned:
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.8.0'
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: devsecops-engine-tools
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.8.0
|
|
4
4
|
Summary: Tool for DevSecOps strategy
|
|
5
5
|
Home-page: https://github.com/bancolombia/devsecops-engine-tools
|
|
6
6
|
Author: Bancolombia DevSecOps Team
|
|
@@ -65,7 +65,7 @@ pip3 install devsecops-engine-tools
|
|
|
65
65
|
### Scan running - flags (CLI)
|
|
66
66
|
|
|
67
67
|
```bash
|
|
68
|
-
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container"] --folder_path ["Folder path scan engine_iac"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --xray_mode ["scan", "audit"]
|
|
68
|
+
devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container"] --folder_path ["Folder path scan engine_iac"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
|
|
69
69
|
```
|
|
70
70
|
|
|
71
71
|
### Structure Remote Config
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=mJLRLo01PvxrvDMry-rtLzursyCz7B6QEGM8RTX4L4w,18
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
6
|
-
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=
|
|
6
|
+
devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py,sha256=aUlH8Tf-sNOdAhw_2rRfGt0v8T01x6PyPhLdLHtPVnA,7139
|
|
7
7
|
devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -143,24 +143,24 @@ devsecops_engine_tools/engine_sca/engine_container/src/domain/__init__.py,sha256
|
|
|
143
143
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
144
144
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
145
145
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/deserealizator_gateway.py,sha256=sE7-GnNSNLWbA1H0mvTwXmxcOJXl8uvw-0hxMyX4oMc,290
|
|
146
|
-
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py,sha256=
|
|
146
|
+
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py,sha256=4I0x7qT97mT1kuyIYMWHz7KH_XEMwNm9_eB0SUcEKrE,179
|
|
147
147
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/tool_gateway.py,sha256=ADZjrl8u8CQ0hWoVhbnHFcjvyUmUeleffwmhtlg8s30,224
|
|
148
148
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
149
|
-
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=
|
|
149
|
+
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=52K5KM_FivJYFP10td-XPmF-vqvaA4_vQPTddMgSmJ4,3104
|
|
150
150
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py,sha256=4wgBTQSDE-C5v01C3Vxzeq0DJKZUSqQ5TVLG7yPZPKs,926
|
|
151
151
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py,sha256=DdKyKnLzqswHt619B3s1GTB5u_RyUixCambDkBuu7y4,1806
|
|
152
152
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
153
153
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
154
154
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
155
|
-
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=
|
|
155
|
+
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=zC-A7bXudtur-big_m0NNDfmMUCg6p-72N4vfTqvt5o,1153
|
|
156
156
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
157
157
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=DUq-cs3DuKpwfKVcu_zCiydLD-OZihbtRiQhVw0Dl1M,3213
|
|
158
|
-
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=
|
|
158
|
+
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=si7hhhqHT7evewtYVjwFN104xAFy8BFGp_Bq6Qo2Sh4,2421
|
|
159
159
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
160
160
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_deserialize_output.py,sha256=LGqnO10Zt-0-TxUW6F1S46jVktlIwxWSYATKSVblCWI,2535
|
|
161
161
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/trivy_tool/trivy_manager_scan.py,sha256=dAjnif-4CVYWrEpsMeAP97p-vsqtcZooxTBKeW8dzOY,3611
|
|
162
162
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
163
|
-
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py,sha256=
|
|
163
|
+
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/entry_points/entry_point_tool.py,sha256=WydFpx1jD1vx6plT9wbnR1z7ZPBdbyGi3RFWPYeDVO8,2317
|
|
164
164
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
165
165
|
devsecops_engine_tools/engine_sca/engine_dependencies/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
166
166
|
devsecops_engine_tools/engine_sca/engine_dependencies/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -249,8 +249,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
|
|
|
249
249
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
250
250
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
251
251
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
252
|
-
devsecops_engine_tools-1.
|
|
253
|
-
devsecops_engine_tools-1.
|
|
254
|
-
devsecops_engine_tools-1.
|
|
255
|
-
devsecops_engine_tools-1.
|
|
256
|
-
devsecops_engine_tools-1.
|
|
252
|
+
devsecops_engine_tools-1.8.0.dist-info/METADATA,sha256=kzdX50Zz6i4jOKhgWWeQQpFGAJtQbHtxoiCHezimivE,9177
|
|
253
|
+
devsecops_engine_tools-1.8.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
254
|
+
devsecops_engine_tools-1.8.0.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
255
|
+
devsecops_engine_tools-1.8.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
256
|
+
devsecops_engine_tools-1.8.0.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.7.40.dist-info → devsecops_engine_tools-1.8.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|