devsecops-engine-tools 1.79.0__py3-none-any.whl → 1.81.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py +4 -0
- devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py +18 -1
- devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py +11 -0
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/METADATA +1 -1
- {devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/RECORD +9 -9
- {devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/top_level.txt +0 -0
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py
CHANGED
|
@@ -12,4 +12,8 @@ class ImagesGateway(metaclass=ABCMeta):
|
|
|
12
12
|
|
|
13
13
|
@abstractmethod
|
|
14
14
|
def validate_base_image_date(self, image_to_scan, referenced_date) -> str:
|
|
15
|
+
"validate base image date"
|
|
16
|
+
|
|
17
|
+
@abstractmethod
|
|
18
|
+
def validate_black_list_base_image(self, base_image, black_list) -> str:
|
|
15
19
|
"validate base image date"
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py
CHANGED
|
@@ -38,7 +38,6 @@ class ContainerScaScan:
|
|
|
38
38
|
self.pipeline_name = pipeline_name
|
|
39
39
|
self.context = context
|
|
40
40
|
|
|
41
|
-
|
|
42
41
|
def process(self):
|
|
43
42
|
"""
|
|
44
43
|
Process SCA scanning.
|
|
@@ -60,6 +59,15 @@ class ContainerScaScan:
|
|
|
60
59
|
matching_image,
|
|
61
60
|
self.remote_config["VALIDATE_BASE_IMAGE_DATE"]["REFERENCE_IMAGE_DATE"],
|
|
62
61
|
)
|
|
62
|
+
if self.remote_config["BLACK_LIST_BASE_IMAGE"][
|
|
63
|
+
"ENABLED"
|
|
64
|
+
] and not self.exclusions.get(self.pipeline_name, {}).get(
|
|
65
|
+
"BLACK_LIST_BASE_IMAGE"
|
|
66
|
+
):
|
|
67
|
+
self._validate_black_list_base_image(
|
|
68
|
+
base_image, self.remote_config["BLACK_LIST_BASE_IMAGE"]["BLACK_LIST"]
|
|
69
|
+
)
|
|
70
|
+
|
|
63
71
|
sbom_components = None
|
|
64
72
|
generate_sbom = self.remote_config["SBOM"]["ENABLED"] and any(
|
|
65
73
|
branch in str(self.branch)
|
|
@@ -128,6 +136,15 @@ class ContainerScaScan:
|
|
|
128
136
|
matching_image, referenced_date
|
|
129
137
|
)
|
|
130
138
|
|
|
139
|
+
def _validate_black_list_base_image(self, base_image, black_list):
|
|
140
|
+
"""
|
|
141
|
+
Process the black list image base validation.
|
|
142
|
+
|
|
143
|
+
Returns:
|
|
144
|
+
string: blacklist.
|
|
145
|
+
"""
|
|
146
|
+
return self.tool_images.validate_black_list_base_image(base_image, black_list)
|
|
147
|
+
|
|
131
148
|
def _get_images_already_scanned(self):
|
|
132
149
|
"""
|
|
133
150
|
Create images scanned file if it does not exist and get the images that have already been scanned.
|
|
@@ -124,3 +124,14 @@ class DockerImages(ImagesGateway):
|
|
|
124
124
|
f"Compliance issue: the source base image date ({date.strftime('%Y-%m-%d')}) is older than the referenced date ({reference_date.strftime('%Y-%m-%d')})."
|
|
125
125
|
)
|
|
126
126
|
return True
|
|
127
|
+
|
|
128
|
+
def validate_black_list_base_image(self, base_image, black_list):
|
|
129
|
+
if not isinstance(base_image, str) or not isinstance(black_list, list):
|
|
130
|
+
logger.error("Invalid input types: expected a string and a list of strings.")
|
|
131
|
+
return False
|
|
132
|
+
for black in black_list:
|
|
133
|
+
if black in base_image:
|
|
134
|
+
raise ValueError(
|
|
135
|
+
f"Compliance issue: the image: {base_image} is blacklisted for {black}"
|
|
136
|
+
)
|
|
137
|
+
return True
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.81.0'
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=u072QCaCtS931pJYi48X385PnfpT9oB1ysIyygRVXh4,19
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -200,16 +200,16 @@ devsecops_engine_tools/engine_sca/engine_container/src/domain/model/__init__.py,
|
|
|
200
200
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/context_container.py,sha256=_BSNeHSWJHS-G1pdkOvrO2fA2UTUlI8N3KYEUI3Uh-c,602
|
|
201
201
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
202
202
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/deserealizator_gateway.py,sha256=AVPZvwwhV-Vns7cM58vHzd4_no2xSdzHUKiI6-2lpNM,576
|
|
203
|
-
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py,sha256=
|
|
203
|
+
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/images_gateway.py,sha256=AG9FrEXrs_FJliURwmzPEa354Ec5EEsFs_QDLIOGxbI,548
|
|
204
204
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/model/gateways/tool_gateway.py,sha256=2fT2DFb4IPqQczCrAI0qEuWQUb3XsqFhI5M0OzNYalo,286
|
|
205
205
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
206
|
-
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=
|
|
206
|
+
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/container_sca_scan.py,sha256=lRDEPPQgU3MTBLnQKK_TM5CwSm8m3FQaSxfs4MrKqTg,5778
|
|
207
207
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/handle_remote_config_patterns.py,sha256=4wgBTQSDE-C5v01C3Vxzeq0DJKZUSqQ5TVLG7yPZPKs,926
|
|
208
208
|
devsecops_engine_tools/engine_sca/engine_container/src/domain/usecases/set_input_core.py,sha256=_JolwotLLrrac1EdO0D86ZduO6XQROhGpsIXC7eyOgs,2666
|
|
209
209
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
210
210
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
211
211
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
212
|
-
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=
|
|
212
|
+
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/docker/docker_images.py,sha256=W5OTPL_t1Go7BVooHAubunrHIH5W1j5zFB7TrJI8D0g,5481
|
|
213
213
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
214
214
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_cloud_manager_scan.py,sha256=Qjp5oswbH8y7yVoJ1g6CZjbUybS5XNf0LSOB1pUzSnE,7286
|
|
215
215
|
devsecops_engine_tools/engine_sca/engine_container/src/infrastructure/driven_adapters/prisma_cloud/prisma_deserialize_output.py,sha256=Eb7eRLyKQizPvaeX9uH8E1wxIKXCaAyNKUpmldw_iL8,2680
|
|
@@ -352,8 +352,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
|
|
|
352
352
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
353
353
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
|
|
354
354
|
devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
|
|
355
|
-
devsecops_engine_tools-1.
|
|
356
|
-
devsecops_engine_tools-1.
|
|
357
|
-
devsecops_engine_tools-1.
|
|
358
|
-
devsecops_engine_tools-1.
|
|
359
|
-
devsecops_engine_tools-1.
|
|
355
|
+
devsecops_engine_tools-1.81.0.dist-info/METADATA,sha256=6xNDWSnPe_SKjQIOTdgEWgWNEdYC1FLN22XgK_vwHuI,12093
|
|
356
|
+
devsecops_engine_tools-1.81.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
|
|
357
|
+
devsecops_engine_tools-1.81.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
|
|
358
|
+
devsecops_engine_tools-1.81.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
359
|
+
devsecops_engine_tools-1.81.0.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.79.0.dist-info → devsecops_engine_tools-1.81.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|