devsecops-engine-tools 1.8.15__py3-none-any.whl → 1.9.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devsecops-engine-tools might be problematic. Click here for more details.
- devsecops_engine_tools/engine_core/src/domain/model/custom_level_vulnerability.py +8 -0
- devsecops_engine_tools/engine_core/src/domain/model/threshold.py +4 -0
- devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py +4 -0
- devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py +7 -16
- devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan.py +1 -1
- devsecops_engine_tools/version.py +1 -1
- {devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/METADATA +1 -1
- {devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/RECORD +11 -10
- {devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/WHEEL +0 -0
- {devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/entry_points.txt +0 -0
- {devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/top_level.txt +0 -0
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
from devsecops_engine_tools.engine_core.src.domain.model.level_vulnerability import (
|
|
2
|
+
LevelVulnerability,
|
|
3
|
+
)
|
|
4
|
+
|
|
5
|
+
class CustomLevelVulnerability:
|
|
6
|
+
def __init__(self, data):
|
|
7
|
+
self.pattern_apps = data.get("PATTERN_APPS")
|
|
8
|
+
self.vulnerability = LevelVulnerability(data.get("VULNERABILITY"))
|
|
@@ -4,9 +4,13 @@ from devsecops_engine_tools.engine_core.src.domain.model.level_vulnerability imp
|
|
|
4
4
|
from devsecops_engine_tools.engine_core.src.domain.model.level_compliance import (
|
|
5
5
|
LevelCompliance,
|
|
6
6
|
)
|
|
7
|
+
from devsecops_engine_tools.engine_core.src.domain.model.custom_level_vulnerability import (
|
|
8
|
+
CustomLevelVulnerability,
|
|
9
|
+
)
|
|
7
10
|
|
|
8
11
|
class Threshold:
|
|
9
12
|
def __init__(self, data):
|
|
10
13
|
self.vulnerability = LevelVulnerability(data.get("VULNERABILITY"))
|
|
11
14
|
self.compliance = LevelCompliance(data.get("COMPLIANCE"))
|
|
12
15
|
self.cve = data.get("CVE",[])
|
|
16
|
+
self.custom_vulnerability = CustomLevelVulnerability(data.get("CUSTOM_VULNERABILITY")) if data.get("CUSTOM_VULNERABILITY") else None
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import sys
|
|
2
|
+
import re
|
|
2
3
|
from dataclasses import dataclass
|
|
3
4
|
from functools import reduce
|
|
4
5
|
|
|
@@ -66,6 +67,9 @@ class BreakBuild:
|
|
|
66
67
|
"compliances": {},
|
|
67
68
|
}
|
|
68
69
|
|
|
70
|
+
if threshold.custom_vulnerability and bool(re.match(threshold.custom_vulnerability.pattern_apps, input_core.scope_pipeline, re.IGNORECASE)):
|
|
71
|
+
threshold.vulnerability = threshold.custom_vulnerability.vulnerability
|
|
72
|
+
|
|
69
73
|
if len(findings_list) != 0:
|
|
70
74
|
self._apply_policie_exception_new_vulnerability_industry(
|
|
71
75
|
findings_list, exclusions, args
|
|
@@ -38,7 +38,7 @@ class IacScan:
|
|
|
38
38
|
)
|
|
39
39
|
|
|
40
40
|
findings_list, path_file_results = [], None
|
|
41
|
-
if skip_tool
|
|
41
|
+
if skip_tool is False:
|
|
42
42
|
findings_list, path_file_results = self.tool_gateway.run_tool(
|
|
43
43
|
config_tool_iac,
|
|
44
44
|
folders_to_scan,
|
|
@@ -82,26 +82,21 @@ class IacScan:
|
|
|
82
82
|
|
|
83
83
|
def complete_config_tool(self, data_file_tool, exclusions, tool, dict_args):
|
|
84
84
|
config_tool = ConfigTool(json_data=data_file_tool)
|
|
85
|
-
skip_tool = "false"
|
|
86
85
|
|
|
87
86
|
config_tool.exclusions = exclusions
|
|
88
87
|
config_tool.scope_pipeline = self.devops_platform_gateway.get_variable(
|
|
89
88
|
"pipeline_name"
|
|
90
89
|
)
|
|
91
90
|
|
|
91
|
+
skip_tool = bool(re.match(config_tool.ignore_search_pattern, config_tool.scope_pipeline, re.IGNORECASE))
|
|
92
|
+
|
|
92
93
|
if config_tool.exclusions.get("All") is not None:
|
|
93
94
|
config_tool.exclusions_all = config_tool.exclusions.get("All").get(tool)
|
|
94
95
|
if config_tool.exclusions.get(config_tool.scope_pipeline) is not None:
|
|
95
96
|
config_tool.exclusions_scope = config_tool.exclusions.get(
|
|
96
97
|
config_tool.scope_pipeline
|
|
97
98
|
).get(tool)
|
|
98
|
-
skip_tool = (
|
|
99
|
-
"true"
|
|
100
|
-
if config_tool.exclusions.get(config_tool.scope_pipeline).get(
|
|
101
|
-
"SKIP_TOOL"
|
|
102
|
-
)
|
|
103
|
-
else "false"
|
|
104
|
-
)
|
|
99
|
+
skip_tool = bool(config_tool.exclusions.get(config_tool.scope_pipeline).get("SKIP_TOOL"))
|
|
105
100
|
|
|
106
101
|
if dict_args["folder_path"]:
|
|
107
102
|
if (
|
|
@@ -117,9 +112,7 @@ class IacScan:
|
|
|
117
112
|
|
|
118
113
|
folders_to_scan = [dict_args["folder_path"]]
|
|
119
114
|
else:
|
|
120
|
-
folders_to_scan = self.search_folders(
|
|
121
|
-
config_tool.search_pattern, config_tool.ignore_search_pattern
|
|
122
|
-
)
|
|
115
|
+
folders_to_scan = self.search_folders(config_tool.search_pattern)
|
|
123
116
|
|
|
124
117
|
if len(folders_to_scan) == 0:
|
|
125
118
|
logger.warning(
|
|
@@ -129,12 +122,10 @@ class IacScan:
|
|
|
129
122
|
|
|
130
123
|
return config_tool, folders_to_scan, skip_tool
|
|
131
124
|
|
|
132
|
-
def search_folders(self, search_pattern
|
|
125
|
+
def search_folders(self, search_pattern):
|
|
133
126
|
current_directory = os.getcwd()
|
|
134
127
|
patron = (
|
|
135
|
-
"(?i)(
|
|
136
|
-
+ "|".join(ignore_pattern)
|
|
137
|
-
+ ")).*?("
|
|
128
|
+
"(?i).*?("
|
|
138
129
|
+ "|".join(search_pattern)
|
|
139
130
|
+ ").*$"
|
|
140
131
|
)
|
|
@@ -90,7 +90,7 @@ class ImportScanUserCase:
|
|
|
90
90
|
|
|
91
91
|
logger.debug(f"search Engagement name: {request.engagement_name}")
|
|
92
92
|
engagement = self.__rest_engagement.get_engagements(request.engagement_name)
|
|
93
|
-
if engagement.results == []:
|
|
93
|
+
if engagement.results == [] or any(engagement.name != request.engagement_name for engagement in engagement.results):
|
|
94
94
|
engagement = self.__rest_engagement.post_engagement(request.engagement_name, product_id)
|
|
95
95
|
logger.debug(f"Egagement created: {engagement.name}")
|
|
96
96
|
else:
|
|
@@ -1 +1 @@
|
|
|
1
|
-
version = '1.
|
|
1
|
+
version = '1.9.0'
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
devsecops_engine_tools/version.py,sha256=
|
|
2
|
+
devsecops_engine_tools/version.py,sha256=epYFYtLY297r-WVn6lwK7t7lL3CoDLxM1G7fU4pINtA,17
|
|
3
3
|
devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
4
4
|
devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
5
|
devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -8,6 +8,7 @@ devsecops_engine_tools/engine_core/src/deployment/__init__.py,sha256=47DEQpj8HBS
|
|
|
8
8
|
devsecops_engine_tools/engine_core/src/deployment/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
devsecops_engine_tools/engine_core/src/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
10
10
|
devsecops_engine_tools/engine_core/src/domain/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
11
|
+
devsecops_engine_tools/engine_core/src/domain/model/custom_level_vulnerability.py,sha256=eO9m76WVslcwhYbF9IAXqhI_iYK6zKLiOVt_3AxsOLY,302
|
|
11
12
|
devsecops_engine_tools/engine_core/src/domain/model/customs_exceptions.py,sha256=YLeOj4O7kNsUx8RD6pwBQdFLYbkm7Eh-F-ohZ3jFGbs,599
|
|
12
13
|
devsecops_engine_tools/engine_core/src/domain/model/exclusions.py,sha256=4Cn65ARrCw2xMAYEwoNlPUYVo5NVO0IPd6tj0wGDZig,498
|
|
13
14
|
devsecops_engine_tools/engine_core/src/domain/model/finding.py,sha256=MntDksQuPt1L-1Ww3nK7NbMLfVwRjxPGCN_oHYXbbWk,383
|
|
@@ -15,7 +16,7 @@ devsecops_engine_tools/engine_core/src/domain/model/input_core.py,sha256=hc1WMzC
|
|
|
15
16
|
devsecops_engine_tools/engine_core/src/domain/model/level_compliance.py,sha256=ntn_UWqHc6sT5g_LozBdjdewTQxFsp7Kt8M0xqw-k_o,98
|
|
16
17
|
devsecops_engine_tools/engine_core/src/domain/model/level_vulnerability.py,sha256=0sySEnFNkS2Y8uF5GUVAYehXw-i2OglUClkVobnSTPc,257
|
|
17
18
|
devsecops_engine_tools/engine_core/src/domain/model/report.py,sha256=SGo9bxNGVO5ymjjuFlG3Tz1X9uh2JawNaQYyHHN_NL8,1640
|
|
18
|
-
devsecops_engine_tools/engine_core/src/domain/model/threshold.py,sha256=
|
|
19
|
+
devsecops_engine_tools/engine_core/src/domain/model/threshold.py,sha256=jWgmla7_2kqCRD1TDUHLKZ8NS2A5_qEkQ1i3kjCiY94,711
|
|
19
20
|
devsecops_engine_tools/engine_core/src/domain/model/vulnerability_management.py,sha256=5RcMHpeqznrTOpkjLuqekA_Bqf2Qr-w6OZ5Eoi3b-bs,465
|
|
20
21
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
21
22
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/devops_platform_gateway.py,sha256=ufAe6jd91IX-vKsFtlad2K-WliyY7TiN8wPTNmeHZD0,676
|
|
@@ -24,7 +25,7 @@ devsecops_engine_tools/engine_core/src/domain/model/gateway/printer_table_gatewa
|
|
|
24
25
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/secrets_manager_gateway.py,sha256=CTwUIvUWF0NSSzdCqASUFst6KUysW53NV9eatjLGdl8,170
|
|
25
26
|
devsecops_engine_tools/engine_core/src/domain/model/gateway/vulnerability_management_gateway.py,sha256=c98JSdYYPyr82VZR4MRy49xSBVxueERbAS1mWwKqV6g,878
|
|
26
27
|
devsecops_engine_tools/engine_core/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
27
|
-
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=
|
|
28
|
+
devsecops_engine_tools/engine_core/src/domain/usecases/break_build.py,sha256=JP-i5SFaMN7Yi4uDCe_AE1kJ197g1IJGcwQdq-RYbk4,16198
|
|
28
29
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_risk.py,sha256=Au_ZXqwDi3CbVpQWAd29oruDAcZ1RX4e7OABSa_aRyA,7093
|
|
29
30
|
devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py,sha256=aaVK0InUKPIPiWMofTPSOWvJU07WUXyDl14MVO8Y9t8,6337
|
|
30
31
|
devsecops_engine_tools/engine_core/src/domain/usecases/metrics_manager.py,sha256=Xi0iNnPrFgqd2cBdAA5E_tgouhxs-BTo016aolnGgv8,2413
|
|
@@ -95,7 +96,7 @@ devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/config_tool.py,sh
|
|
|
95
96
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
96
97
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/model/gateways/tool_gateway.py,sha256=ClElxyHbwfDCW0fgcehaNfQLq00zozhO71EnyCjzt-U,182
|
|
97
98
|
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
98
|
-
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py,sha256=
|
|
99
|
+
devsecops_engine_tools/engine_sast/engine_iac/src/domain/usecases/iac_scan.py,sha256=qD7FCugZpG_6A24_ZgXFxCvQRrcyZssNfyHixPh6eaM,5572
|
|
99
100
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
100
101
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
101
102
|
devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -225,7 +226,7 @@ devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py
|
|
|
225
226
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/cmdb.py,sha256=BUOdvP39bEMQ6Unr2hB28eljVGU2Uv8dDEkzRyEJgyQ,2650
|
|
226
227
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/engagement.py,sha256=SVX-weFRPT3DK7w6IBrLuWS4L6vboMuZtwXAQmIHfEE,406
|
|
227
228
|
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/finding.py,sha256=TjfpdJtaBwQvT8XNJKBf6tuOASOAw7ZiOxJbqsKadaA,1689
|
|
228
|
-
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan.py,sha256=
|
|
229
|
+
devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/import_scan.py,sha256=kIH3XSKUMkz6hcrc2IXR_GkPQL2IdwY0Vd0IAXw8oNI,6882
|
|
229
230
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
230
231
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
231
232
|
devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/cmdb.py,sha256=Mx1_ed_-91s6u7roO27g6n5mv1IwniXP9AQdmj7HE-g,2630
|
|
@@ -256,8 +257,8 @@ devsecops_engine_tools/engine_utilities/utils/logger_info.py,sha256=4Mz8Bwlm9Mku
|
|
|
256
257
|
devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGaxYSDe0ZRh6VHRf53H4sXPcb-vNP_i81PUn3I,307
|
|
257
258
|
devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
|
|
258
259
|
devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=yNtlT-8Legz1sHbGPH8LNYjL-LgDUE0zXG2rYjiab7U,290
|
|
259
|
-
devsecops_engine_tools-1.
|
|
260
|
-
devsecops_engine_tools-1.
|
|
261
|
-
devsecops_engine_tools-1.
|
|
262
|
-
devsecops_engine_tools-1.
|
|
263
|
-
devsecops_engine_tools-1.
|
|
260
|
+
devsecops_engine_tools-1.9.0.dist-info/METADATA,sha256=iLUz_nGisWTUc9HSC_m7m1LUey5d3qwoWS50H3nvEpg,10443
|
|
261
|
+
devsecops_engine_tools-1.9.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
262
|
+
devsecops_engine_tools-1.9.0.dist-info/entry_points.txt,sha256=9IjXF_7Zpgowq_SY6OSmsA9vZze18a8_AeHwkQVrgKk,131
|
|
263
|
+
devsecops_engine_tools-1.9.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
|
|
264
|
+
devsecops_engine_tools-1.9.0.dist-info/RECORD,,
|
|
File without changes
|
{devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{devsecops_engine_tools-1.8.15.dist-info → devsecops_engine_tools-1.9.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|