devsecops-engine-tools 1.8.11__py3-none-any.whl → 1.8.12__py3-none-any.whl

devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py

@@ -5,11 +5,7 @@ class GitGateway(metaclass=ABCMeta):
     @abstractmethod
     def get_files_pull_request(self, sys_working_dir: str,
                                target_branch: str,
-                               config_target_branch: dict,
                                source_branch: str,
-                               access_token: str,
-                               collection_uri: str,
-                               team_project: str,
-                               repository_name: str,
-                               repository_provider: str) -> dict:
+                               message_info_engine_secret: str
+                               ) -> dict:
         "get_files_pull_request"

devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py

@@ -11,6 +11,5 @@ class ToolGateway(metaclass=ABCMeta):
                             exclude_path: dict,
                             agent_os: str,
                             agent_work_folder: str,
-                            num_threads: int,
-                            repository_name: str) -> str:
+                            num_threads: int) -> str:
         "run tool secret scan"

devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py

@@ -36,20 +36,14 @@ class SecretScan:
             files_pullrequest = self.git_gateway.get_files_pull_request(
                 self.devops_platform_gateway.get_variable("path_directory"),
                 self.devops_platform_gateway.get_variable("target_branch"),
-                config_tool.target_branches,
                 self.devops_platform_gateway.get_variable("source_branch"),
-                self.devops_platform_gateway.get_variable("access_token"),
-                self.devops_platform_gateway.get_variable("organization"),
-                self.devops_platform_gateway.get_variable("project_name"),
-                self.devops_platform_gateway.get_variable("repository"),
-                self.devops_platform_gateway.get_variable("repository_provider"))
+                config_tool.message_info_engine_secret)
             findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
                     files_pullrequest,
                     config_tool.exclude_path,
                     self.devops_platform_gateway.get_variable("os"),
                     self.devops_platform_gateway.get_variable("path_directory"),
-                    config_tool.number_threads,
-                    self.devops_platform_gateway.get_variable("repository")
+                    config_tool.number_threads
                     )
             finding_list = self.tool_deserialize.get_list_vulnerability(
                 findings,

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py

@@ -1,7 +1,6 @@
 from dataclasses import dataclass
 import os
 import subprocess
-from urllib.parse import quote
 from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.git_gateway import GitGateway
 
 from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
@@ -15,61 +14,28 @@ class GitRun(GitGateway):
     def get_files_pull_request(self,
                                sys_working_dir,
                                target_branch,
-                               config_target_branch,
                                source_branch,
-                               access_token,
-                               collection_uri,
-                               team_project,
-                               repository_name,
-                               repository_provider):
+                               message_info_engine_secret
+                               ):
         try:
-            if repository_provider == 'GitHub' or target_branch not in config_target_branch:
-                os.chdir(sys_working_dir)
-                subprocess.run(['git', 'checkout', '-b', source_branch, f'origin/{source_branch}'], capture_output=True, text=True)
-                env = os.environ.copy()
-                env["GIT_COMMITTER_NAME"] = "Your Name"
-                env["GIT_COMMITTER_EMAIL"] = "your.email@example.com"
-                env["GIT_AUTHOR_NAME"] = "Your Name"
-                env["GIT_AUTHOR_EMAIL"] = "your.email@example.com"
-                command = ["git", "rebase", f"origin/{target_branch}", "-X", "theirs"]
-                subprocess.run(command, env=env, capture_output=True, text=True)
-
-                diff = subprocess.run(['git', 'diff', f'origin/{target_branch}..{source_branch}', '--name-only'], capture_output=True, text=True)
-                if diff.returncode == 0:
-                    diff_files = diff.stdout.strip().split("\n")
-                    print("Pull Requests Associated Files:",diff_files)
-                    return diff_files
-                return []
-            base_compact_url = (
-            f"https://{collection_uri.rstrip('/').split('/')[-1].replace('.visualstudio.com','')}"
-            f".visualstudio.com/{quote(team_project)}/_git/"
-            f"{repository_name}"
-            )
-            
-            url_without_https = base_compact_url.replace("https://", "")
-            url_with_token = f"https://x-access-token:{access_token}@{url_without_https}"
-
-            path_new_folder = sys_working_dir + '/' + repository_name
-            
-            if os.path.exists(path_new_folder):
-                logger.warning(f"Error: folder {repository_name} already exist")
-                return []
-            os.makedirs(path_new_folder)
-            os.chdir(sys_working_dir)
-            subprocess.run(["git", "clone", "--branch", target_branch, url_with_token, path_new_folder], capture_output=True, text=True)
-            os.chdir(path_new_folder)
- 
             source_branch = source_branch.replace("refs/heads/", "")
-            subprocess.run(["git", "checkout", "-b", source_branch], capture_output=True, text=True)
-            command = ["git","-c","user.email=you@example.com","-c","user.name=Your Name","pull","--rebase","-X", "theirs","--no-edit","origin",source_branch]
-            subprocess.run(command, capture_output=True, text=True)
+            os.chdir(sys_working_dir)
+            subprocess.run(['git', 'checkout', '-b', source_branch, f'origin/{source_branch}'], text=True, capture_output=True, check=True)    
+            env = os.environ.copy()
+            env["GIT_COMMITTER_NAME"] = "Your Name"
+            env["GIT_COMMITTER_EMAIL"] = "your.email@example.com"
+            env["GIT_AUTHOR_NAME"] = "Your Name"
+            env["GIT_AUTHOR_EMAIL"] = "your.email@example.com"
+            command = ["git", "rebase", f"origin/{target_branch}", "-X", "theirs"]
+            subprocess.run(command, env=env, text=True, capture_output=True)
 
-            if source_branch != None:
-                diff = subprocess.run(['git', 'diff', '--name-only', f'{source_branch}..{target_branch}'], capture_output=True, text=True)
-                if diff:
-                    diff_files = diff.stdout.strip().split("\n")
-                print("Pull Requests Associated Files:",len(diff_files))
+            diff = subprocess.run(['git', 'diff', f'origin/{target_branch}..{source_branch}', '--name-only'], capture_output=True, text=True)
+            if diff.returncode == 0:
+                diff_files = diff.stdout.strip().split("\n")
+                print("Pull Requests Associated Files:",diff_files)
                 return diff_files
+        except subprocess.CalledProcessError as e:
+            raise Exception(f"Error in pipeline configuration, {message_info_engine_secret}") from e
         except Exception as e:
             logger.warning(f"Error getting files PullRequest: {e}")
             return []

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py

@@ -43,8 +43,7 @@ class TrufflehogRun(ToolGateway):
         exclude_paths,
         agent_os,
         agent_work_folder,
-        num_threads,
-        repository_name,
+        num_threads
     ):
         trufflehog_command = "trufflehog"
         if "Windows" in agent_os:
@@ -60,7 +59,6 @@ class TrufflehogRun(ToolGateway):
                 [agent_work_folder] * len(include_paths),
                 [exclude_path] * len(include_paths),
                 include_paths,
-                [repository_name] * len(include_paths),
             )
         findings, file_findings = self.create_file(self.decode_output(results), agent_work_folder)
         return  findings, file_findings
@@ -88,10 +86,9 @@ class TrufflehogRun(ToolGateway):
         trufflehog_command,
         agent_work_folder,
         exclude_path,
-        include_path,
-        repository_name,
+        include_path
     ):
-        command = f"{trufflehog_command} filesystem {agent_work_folder + '/' + repository_name} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --json"
+        command = f"{trufflehog_command} filesystem {agent_work_folder} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --json"
         result = subprocess.run(command, capture_output=True, shell=True, text=True)
         return result.stdout.strip()
 

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.8.11'
+version = '1.8.12'

{devsecops_engine_tools-1.8.11.dist-info → devsecops_engine_tools-1.8.12.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.8.11
+Version: 1.8.12
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.8.11.dist-info → devsecops_engine_tools-1.8.12.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=QINaXfXDoD1Uuf648DtGP8UCoV9DzGlQZO8UPxKpqxI,18
+devsecops_engine_tools/version.py,sha256=BBgNCLLOuHVu2DQAn0GV0vn4CrHoHNR_BwugcH29gfQ,18
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -123,18 +123,18 @@ devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/DeserializeCon
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/gateway_deserealizator.py,sha256=4fYPengHW3K0uVP6wHgOiNu-gRb08m78E7QZayZ2LC4,441
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py,sha256=x6LFK8wZuVix-ZCBdBQTzvjQi59nZYVrSOTatCOQbxc,638
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=juharYjy__KyB0fFCbU30k_aLd_9cQgsoCMeodq9ebA,593
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/git_gateway.py,sha256=d6hT4AAyRCqckbEGKEzXRAgT8766tOyxAeUn0foJvpc,409
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/model/gateway/tool_gateway.py,sha256=2kHgUus04M2kpFfVvwcRrhglN8JI3w3JfB-qjfJvoKk,542
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=9DAX-3cJB5JmK7ZV3s0NQlGLMaPBiP7UbCOJ8OYlH3A,3916
+devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py,sha256=I8YKSw5rsKimBukCC3eoN8TACwZFgD42okvYNeG115Y,3464
 devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/set_input_core.py,sha256=k0LZd9PJpqEDns6DLYRGu9DzpRZeFsxAnowcjP5Rml4,2838
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=ZCPsII6lkUutRJ3MdjD2vTc1lq6DgvHHMtXoaiIadk4,3844
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli/git_run.py,sha256=DzdBmwA2-3b5OBkjdOmiF9UcHwD8b7HJNboCdmSxJ7Q,1993
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=WpFFswOmP38cLvfZHCrPDiRtdwH86n1CqVNS3K4s6uA,1968
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=cvCSKTDN-4oL9H5EZF_-WrP5bNamFt0WfeCwaMO_Nfo,5345
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=1TvGYg65KX3Af-AxH73UNlUr0BnxmvFha0r3AZeqBYg,5210
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=WJJVGqE0PJMoATi8ubTGsqyrx4KqEQluXCg9Hk-NiOw,982
 devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -256,8 +256,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
 devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
-devsecops_engine_tools-1.8.11.dist-info/METADATA,sha256=3FKECyn44sXgZhMzpeadfIq9fNv2WHlTy800kbrQrOE,10444
-devsecops_engine_tools-1.8.11.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-devsecops_engine_tools-1.8.11.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
-devsecops_engine_tools-1.8.11.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.8.11.dist-info/RECORD,,
+devsecops_engine_tools-1.8.12.dist-info/METADATA,sha256=tunV5N0EWwVUs0Q662ShzxxG4eZBV5NTr0G4fP5gbsA,10444
+devsecops_engine_tools-1.8.12.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+devsecops_engine_tools-1.8.12.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
+devsecops_engine_tools-1.8.12.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.8.12.dist-info/RECORD,,