regscale-cli 6.20.1.1__py3-none-any.whl → 6.20.2.0__py3-none-any.whl

regscale/integrations/commercial/opentext/commands.py

@@ -27,9 +27,10 @@ def web_inspect():
 
 @web_inspect.command(name="import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
-    prompt="File path for Grype files",
-    import_name="grype",
+    message="File path to the folder containing OpenText WebInspect .xml files to process to RegScale.",
+    prompt="File path for OpenText WebInspect files",
+    import_name="opentext",
+    support_component=True,
 )
 @click.option(
     "--destination",
@@ -41,7 +42,7 @@ def web_inspect():
 @click.option(
     "--file_pattern",
     "-fp",
-    help="[Optional] File pattern to match (e.g., '*.json')",
+    help="[Optional] File pattern to match (e.g., '*.xml')",
     required=False,
 )
 def import_scans(
@@ -49,6 +50,7 @@ def import_scans(
     file_pattern: str,
     folder_path: Path,
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -63,8 +65,15 @@ def import_scans(
     # Use the new WebInspectIntegration class to sync assets and findings
     if s3_bucket and not folder_path:
         folder_path = s3_bucket
+
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError(
+            "You must provide either a --regscale_ssp_id or a --component_id to import OpenText scans."
+        )
+
     wi = WebInspectIntegration(
-        plan_id=regscale_ssp_id,
+        plan_id=component_id if component_id else regscale_ssp_id,
+        is_component=True if component_id else False,
         file_path=str(folder_path) if folder_path else None,
         s3_bucket=s3_bucket,
         s3_prefix=s3_prefix,

regscale/integrations/commercial/opentext/scanner.py

@@ -48,6 +48,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
         kwargs["read_files_only"] = True
         self.disable_mapping = kwargs["disable_mapping"] = True
         self.set_scan_date(kwargs.get("scan_date"))
+        self.is_component = kwargs.get("is_component", False)
         # logger.debug(f"scan_date: {self.scan_date}"
         super().__init__(*args, **kwargs)
         logger.debug(f"WebInspectIntegration initialized with scan date: {self.scan_date}")
@@ -400,7 +401,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
                 asset_type="Other",
                 asset_category="Hardware",
                 parent_id=self.plan_id,
-                parent_module="securityplans",
+                parent_module="securityplans" if not self.is_component else "components",
             )
 
         # Get the host from the first issue
@@ -416,7 +417,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
             asset_type="Other",
             asset_category="Hardware",
             parent_id=self.plan_id,
-            parent_module="securityplans",
+            parent_module="securityplans" if not self.is_component else "components",
             fqdn=url,
         )
 

regscale/integrations/commercial/qualys/__init__.py

@@ -718,7 +718,7 @@ def export_past_scans(save_output_to: Path, days: int, export: bool = True):
 
 @qualys.command(name="import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing Aqua .csv files to process to RegScale.",
+    message="File path to the folder containing Qualys .csv files to process to RegScale.",
     prompt="File path for Qualys files",
     import_name="qualys",
 )
@@ -740,7 +740,7 @@ def import_scans(
     aws_profile: str,
     upload_file: bool,
 ):
-    """Import scans from Qualys"""
+    """Import .csv scans from Qualys"""
     import_qualys_scans(
         folder_path=folder_path,
         regscale_ssp_id=regscale_ssp_id,
@@ -801,7 +801,7 @@ def import_qualys_scans(
 
 @qualys.command(name="import_policy_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing policy .csv files to process to RegScale.",
+    message="File path to the folder containing Qualys policy .csv files to process to RegScale.",
     prompt="File path for Qualys files",
     import_name="qualys_policy_scan",
 )

regscale/integrations/commercial/stigv2/click_commands.py

@@ -7,7 +7,7 @@ RegScale STIG Integration
 import click
 
 from regscale.integrations.commercial.stigv2.stig_integration import StigIntegration
-from regscale.models.app_models.click import NotRequiredIf
+from regscale.models.app_models.click import ssp_or_component_id
 
 
 @click.group(name="stigv2")
@@ -16,24 +16,7 @@ def stigv2():
 
 
 @stigv2.command(name="sync_findings")
-@click.option(
-    "-p",
-    "--regscale_ssp_id",
-    type=click.INT,
-    help="The ID number from RegScale of the System Security Plan",
-    prompt="Enter RegScale System Security Plan ID",
-    cls=NotRequiredIf,
-    not_required_if=["component_id"],
-)
-@click.option(
-    "-c",
-    "--component_id",
-    type=click.INT,
-    help="The ID number from RegScale of the Component",
-    prompt="Enter RegScale Component ID",
-    cls=NotRequiredIf,
-    not_required_if=["regscale_ssp_id"],
-)
+@ssp_or_component_id()
 @click.option(
     "-d",
     "--stig_directory",
@@ -46,28 +29,14 @@ def sync_findings(regscale_ssp_id, component_id, stig_directory):
     """Sync GCP Findings to RegScale."""
     if component_id:
         StigIntegration.sync_findings(plan_id=component_id, path=stig_directory, is_component=True)
-    else:
+    elif regscale_ssp_id:
         StigIntegration.sync_findings(plan_id=regscale_ssp_id, path=stig_directory, is_component=False)
+    else:
+        raise click.UsageError("Either --regscale_ssp_id or --component_id must be provided.")
 
 
 @stigv2.command(name="sync_assets")
-@click.option(
-    "-p",
-    "--regscale_ssp_id",
-    type=click.INT,
-    help="The ID number from RegScale of the System Security Plan to sync assets to.",
-    cls=NotRequiredIf,
-    not_required_if=["component_id"],
-)
-@click.option(
-    "-c",
-    "--component_id",
-    type=click.INT,
-    help="The ID number from RegScale of the Component to sync assets to.",
-    cls=NotRequiredIf,
-    not_required_if=["regscale_ssp_id"],
-    default=None,
-)
+@ssp_or_component_id()
 @click.option(
     "-d",
     "--stig_directory",

regscale/integrations/commercial/tenablev2/commands.py

@@ -30,7 +30,7 @@ from regscale.integrations.commercial.tenablev2.jsonl_scanner import TenableSCJs
 from regscale.integrations.commercial.tenablev2.sc_scanner import SCIntegration
 from regscale.integrations.commercial.tenablev2.variables import TenableVariables
 from regscale.models import regscale_id, regscale_ssp_id
-from regscale.models.app_models.click import file_types, hidden_file_path, save_output_to
+from regscale.models.app_models.click import file_types, hidden_file_path, save_output_to, ssp_or_component_id
 from regscale.models.regscale_models import SecurityPlan
 
 logger = logging.getLogger("regscale")
@@ -468,7 +468,7 @@ def get_queries() -> list:
     prompt="Enter Tenable query ID",
     required=True,
 )
-@regscale_ssp_id()
+@ssp_or_component_id()
 @click.option(
     "--scan_date",
     "-sd",
@@ -476,7 +476,7 @@ def get_queries() -> list:
     help="The scan date of the file.",
     required=False,
 )
-def query_vuln(query_id: int, regscale_ssp_id: int, scan_date: datetime = None):
+def query_vuln(query_id: int, regscale_ssp_id: int, component_id: int, scan_date: datetime = None):
     """Query Tenable SC vulnerabilities and sync assets to RegScale."""
     try:
         # Validate license
@@ -485,7 +485,15 @@ def query_vuln(query_id: int, regscale_ssp_id: int, scan_date: datetime = None):
         console.print("[bold]Starting Tenable SC vulnerability query...[/bold]")
 
         # Use the SCIntegration class method to fetch vulnerabilities by query ID
-        sc_integration = SCIntegration(plan_id=regscale_ssp_id, scan_date=scan_date)
+        if component_id:
+            sc_integration = SCIntegration(plan_id=component_id, scan_date=scan_date, is_component=True)
+        elif regscale_ssp_id:
+            sc_integration = SCIntegration(plan_id=regscale_ssp_id, scan_date=scan_date)
+        else:
+            raise click.UsageError(
+                "You must provide either a --regscale_ssp_id or a --component_id to query Tenable vulnerabilities."
+            )
+
         sc_integration.fetch_vulns_query(query_id=query_id)
 
         console.print("[bold green]Tenable SC vulnerability query complete.[/bold green]")

regscale/integrations/commercial/tenablev2/sc_scanner.py

@@ -61,9 +61,20 @@ class SCIntegration(ScannerIntegration):
         super().__init__(*args, **kwargs)
         self.scan_date = kwargs.get("scan_date")
         self.plan_id = kwargs.get("plan_id")
+        self.is_component = kwargs.get("is_component", False) is True
         self.client = None
         self.closed_count = 0
-        self.batch_size = kwargs.get("batch_size", 1000)  # Default to 1000 if not provided
+        self.batch_size = kwargs.get("batch_size", 1000)
+        if self.is_component:
+            from regscale.validation.record import validate_regscale_object
+
+            if validate_regscale_object(
+                parent_id=self.plan_id, parent_module=regscale_models.Component.get_module_string()
+            ):
+                component = regscale_models.Component.get_object(self.plan_id)
+                self.component_title = component.title
+        else:
+            self.component_title = None
 
     def authenticate(self) -> None:
         """Authenticate to Tenable SC."""
@@ -255,6 +266,13 @@ class SCIntegration(ScannerIntegration):
             status="Active (On Network)" if asset.family.type else "Off-Network",
             asset_type="Other",
             asset_category="Hardware",
+            parent_id=self.plan_id,
+            parent_module=(
+                regscale_models.Component.get_module_string()
+                if self.is_component
+                else regscale_models.SecurityPlan.get_module_string()
+            ),
+            component_names=[self.component_title],
         )
 
     def is_empty(self, file_path: Path) -> bool:
@@ -337,6 +355,7 @@ class SCIntegration(ScannerIntegration):
                 plan_id=self.plan_id,
                 integration_assets=(asset for sublist in iterables[0] for asset in sublist),
                 asset_count=assets_count,
+                is_component=self.is_component,
             )
 
             # Sync findings
@@ -344,6 +363,7 @@ class SCIntegration(ScannerIntegration):
                 plan_id=self.plan_id,
                 integration_findings=(finding for sublist in iterables[1] for finding in sublist),
                 finding_count=findings_count,
+                is_component=self.is_component,
             )
 
             logger.info(f"Successfully synced {assets_count} assets and {findings_count} findings")

regscale/integrations/commercial/tenablev2/sync_compliance.py

@@ -55,6 +55,9 @@ def sync_compliance_data(ssp_id: int, catalog_id: int, framework: str, offline:
     failing_controls: Dict = dict()
     for findings in compliance_data:
         asset_check = AssetCheck(**findings)
+        if not asset_check.reference:
+            logger.warning(f"Asset check {asset_check.check_name} has no references, skipping.")
+            continue
         for ref in asset_check.reference:
             if ref.framework not in framework_controls:
                 framework_controls[ref.framework] = []

regscale/integrations/commercial/trivy/commands.py

@@ -19,9 +19,10 @@ def trivy():
 
 @trivy.command("import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
-    prompt="File path for Grype files",
-    import_name="grype",
+    message="File path to the folder containing Trivy .json files to process to RegScale.",
+    prompt="File path for Trivy files",
+    import_name="trivy",
+    support_component=True,
 )
 @click.option(
     "--destination",
@@ -41,6 +42,7 @@ def import_scans(
     file_pattern: str,
     folder_path: Path,
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -56,8 +58,13 @@ def import_scans(
 
     if s3_bucket and not folder_path:
         folder_path = s3_bucket
+
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError("You must provide either a --regscale_ssp_id or a --component_id to import Trivy scans.")
+
     ti = TrivyIntegration(
-        plan_id=regscale_ssp_id,
+        plan_id=component_id if component_id else regscale_ssp_id,
+        is_component=True if component_id else False,
         file_path=str(folder_path) if folder_path else None,
         s3_bucket=s3_bucket,
         s3_prefix=s3_prefix,

regscale/integrations/commercial/trivy/scanner.py

@@ -53,6 +53,7 @@ class TrivyIntegration(JSONLScannerIntegration):
         self.scan_date = kwargs.get("scan_date") if "scan_date" in kwargs else None
         if self.scan_date:
             self.scan_date = self.clean_scan_date(self.scan_date)
+        self.is_component = kwargs.get("is_component", False)
         super().__init__(*args, **kwargs)
 
     def is_valid_file(self, data: Any, file_path: Union[Path, str]) -> Tuple[bool, Optional[Dict[str, Any]]]:
@@ -128,7 +129,7 @@ class TrivyIntegration(JSONLScannerIntegration):
             notes=f"{os.path.basename(file_path_str)}",
             other_tracking_number=artifact_name,
             parent_id=self.plan_id,
-            parent_module="securityplans",
+            parent_module="securityplans" if not self.is_component else "components",
             fqdn=artifact_name,
         )
 

regscale/integrations/jsonl_scanner_integration.py

@@ -61,6 +61,7 @@ class JSONLScannerIntegration(ScannerIntegration):
 
         # plan_id is required for all integrations
         super().__init__(**kwargs)
+        self.is_component = kwargs.get("is_component", False)
         # Extract S3-related kwargs
         self.s3_bucket = kwargs.get("s3_bucket", None)
         self.s3_prefix = kwargs.get("s3_prefix", "")
@@ -127,7 +128,11 @@ class JSONLScannerIntegration(ScannerIntegration):
         logger.info(f"Creating ScanHistory with scan_date: {scan_date}")
         scan_history = regscale_models.ScanHistory(
             parentId=self.plan_id,
-            parentModule=regscale_models.SecurityPlan.get_module_string(),
+            parentModule=(
+                regscale_models.Component.get_module_string()
+                if self.is_component
+                else regscale_models.SecurityPlan.get_module_string()
+            ),
             scanningTool=self.title,
             scanDate=scan_date,
             createdById=self.assessor_id,
@@ -1255,6 +1260,7 @@ class JSONLScannerIntegration(ScannerIntegration):
             use_jsonl_file=True,
             asset_count=total_assets,
             scan_date=self.scan_date,
+            is_component=self.is_component,
         )
 
         logger.info("Syncing %d findings to RegScale", total_findings)
@@ -1264,6 +1270,7 @@ class JSONLScannerIntegration(ScannerIntegration):
             use_jsonl_file=True,
             finding_count=total_findings,
             scan_date=self.scan_date,
+            is_component=self.is_component,
         )
 
         logger.info("Assets and findings sync complete")

regscale/integrations/public/cisa.py

@@ -7,7 +7,7 @@ import logging
 import re
 from concurrent.futures import ALL_COMPLETED, ThreadPoolExecutor, wait
 from datetime import date, datetime
-from typing import List, Optional, Tuple, Any, Dict
+from typing import List, Optional, Tuple, Any, Dict, Union
 from urllib.error import URLError
 from urllib.parse import urlparse
 
@@ -23,6 +23,7 @@ from regscale.core.app.application import Application
 from regscale.core.app.internal.login import is_valid
 from regscale.models import Link, Threat
 from regscale.core.app.utils.app_utils import error_and_exit
+from regscale.utils.string import extract_url
 
 logger = logging.getLogger("regscale")
 console = Console()
@@ -71,22 +72,9 @@ def update_regscale_links(threats: List[Threat]) -> None:
     :rtype: None
     """
 
-    # extract url from html string using regex
-    def extract_url(html: str) -> str:
-        """
-        Extract URL from HTML string
-
-        :param str html: HTML string
-        :return: URL
-        :rtype: str
-        """
-        url = re.findall(r"(?P<url>https?://[^\s]+)", html)
-        return url[0].replace('"', "") if url else None
-
     links = []
     for threat in threats:
-        url = extract_url(threat.description)
-        if threat.description:
+        if url := extract_url(threat.description):
             link = Link(
                 parentID=threat.id,
                 parentModule="threats",
@@ -115,9 +103,8 @@ def process_threats(threats: list[Threat], unique_threats: set[str], reg_threats
             update_dict = threat.dict()
             update_dict = merge_old(update_dict, old_dict)
             update_threats.append(update_dict)  # Update
-        else:
-            if threat:
-                insert_threats.append(threat.dict())  # Post
+        elif threat:
+            insert_threats.append(threat.dict())  # Post
     return insert_threats, update_threats
 
 
@@ -218,29 +205,29 @@ def build_threat(app: Application, detailed_link: str, short_description: str, t
     :rtype: Threat
     """
     dat = parse_details(detailed_link)
-    threat = None
-    if dat:
-        date_created = dat[0]
-        vulnerability = dat[1]
-        mitigation = dat[2]
-        notes = dat[3]
-
-        threat = Threat(
-            uuid=Threat.xstr(None),
-            title=title,
-            threatType="Specific",
-            threatOwnerId=app.config["userId"],
-            dateIdentified=date_created,
-            targetType="Other",
-            source="Open Source",
-            description=short_description or f"""<p><a href="{detailed_link}" title="">{detailed_link}</a></p>""",
-            vulnerabilityAnalysis="".join(vulnerability),
-            mitigations="".join(mitigation),
-            notes="".join(notes),
-            dateCreated=date_created,
-            status="Initial Report/Notification",
-        )
-    return threat
+    if not dat:
+        return None
+
+    date_created = dat[0]
+    vulnerability = dat[1]
+    mitigation = dat[2]
+    notes = dat[3]
+
+    return Threat(
+        uuid=Threat.xstr(None),
+        title=title,
+        threatType="Specific",
+        threatOwnerId=app.config["userId"],
+        dateIdentified=date_created,
+        targetType="Other",
+        source="Open Source",
+        description=short_description or f"""<p><a href="{detailed_link}" title="">{detailed_link}</a></p>""",
+        vulnerabilityAnalysis="".join(vulnerability),
+        mitigations="".join(mitigation),
+        notes="".join(notes),
+        dateCreated=date_created,
+        status="Initial Report/Notification",
+    )
 
 
 def filter_elements(element: Tag) -> Optional[Tag]:
@@ -332,7 +319,8 @@ def parse_details(link: str) -> Optional[Tuple[str, list, list, list]]:
     mitigation = []
     notes = []
     detailed_soup = gen_soup(link)
-    date_created = fuzzy_find_date(detailed_soup)
+    if not (date_created := fuzzy_find_date(detailed_soup)):
+        return None
     last_header = None
     last_h3 = None
     nav_string = ""
@@ -357,9 +345,8 @@ def parse_details(link: str) -> Optional[Tuple[str, list, list, list]]:
         notes.append(DEFAULT_STR)
     if len(mitigation) == 0:
         mitigation.append(DEFAULT_STR)
-    if date_created and vulnerability and mitigation and notes:
-        return date_created, unique(vulnerability), unique(mitigation), unique(notes)
-    return None
+
+    return date_created, unique(vulnerability), unique(mitigation), unique(notes)
 
 
 def fuzzy_find_date(detailed_soup: BeautifulSoup, location: int = 2, attempts: int = 0) -> str:
@@ -396,7 +383,7 @@ def fuzzy_find_date(detailed_soup: BeautifulSoup, location: int = 2, attempts: i
     return fuzzy_dt
 
 
-def gen_soup(url: str) -> BeautifulSoup:
+def gen_soup(url: Union[str, Tuple[str, ...]]) -> BeautifulSoup:
     """
     Generate a BeautifulSoup instance for the given URL
 
@@ -404,7 +391,7 @@ def gen_soup(url: str) -> BeautifulSoup:
     :raises: URLError if URL is invalid
     :rtype: BeautifulSoup
     """
-    if isinstance(url, Tuple):
+    if isinstance(url, tuple):
         url = url[0]
     if is_url(url):
         req = Api().get(url)
@@ -445,7 +432,7 @@ def pull_cisa_kev() -> Dict[Any, Any]:
         result = []
 
         # Get URL from config or use default
-        if "cisa_kev" in config:
+        if "cisaKev" in config:
             cisa_url = config["cisaKev"]
         else:
             cisa_url = CISA_KEV_URL
@@ -504,7 +491,7 @@ def update_regscale(data: dict) -> None:
     threats_updated = []
     new_threats = [dat for dat in data["vulnerabilities"] if dat not in matching_threats]
     console.print(f"Found {len(new_threats)} new threats from CISA")
-    if [dat for dat in data["vulnerabilities"] if dat not in matching_threats]:
+    if new_threats:
         for rec in new_threats:
             threat = Threat(
                 uuid=Threat.xstr(None),
@@ -558,20 +545,28 @@ def merge_old(update_vuln: dict, old_vuln: dict) -> dict:
     :return: A merged vulnerability dictionary
     :rtype: dict
     """
-    update_vuln["id"] = old_vuln["id"]
-    update_vuln["uuid"] = old_vuln["uuid"]
-    update_vuln["status"] = old_vuln["status"]
-    update_vuln["source"] = old_vuln["source"]
-    update_vuln["threatType"] = old_vuln["threatType"]
-    update_vuln["threatOwnerId"] = old_vuln["threatOwnerId"]
-    update_vuln["notes"] = old_vuln["notes"]
-    update_vuln["targetType"] = old_vuln["targetType"]
-    update_vuln["dateCreated"] = old_vuln["dateCreated"]
-    update_vuln["isPublic"] = old_vuln["isPublic"]
-    update_vuln["investigated"] = old_vuln["investigated"]
-    if "investigationResults" in old_vuln.keys():
-        update_vuln["investigationResults"] = old_vuln["investigationResults"]
-    return update_vuln
+    fields_to_preserve = [
+        "id",
+        "uuid",
+        "status",
+        "source",
+        "threatType",
+        "threatOwnerId",
+        "notes",
+        "targetType",
+        "dateCreated",
+        "isPublic",
+        "investigated",
+        "investigationResults",
+    ]
+    merged = update_vuln.copy()
+
+    # Preserve specified fields from old dictionary if they exist
+    for field in fields_to_preserve:
+        if field in old_vuln:
+            merged[field] = old_vuln[field]
+
+    return merged
 
 
 def insert_or_upd_threat(threat: dict, app: Application, threat_id: int = None) -> requests.Response: