regscale-cli 6.20.1.1__py3-none-any.whl → 6.20.3.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.20.1.1"
+__version__ = "6.20.3.0"

regscale/core/app/utils/variables.py

@@ -193,10 +193,12 @@ class RsVariablesMeta(type):
                 logger.debug(f"Using default value for '{attr_name}': {processed_value}")
         try:
             if config_type.type == dict:
-                # Handle dictionary values - assume the input is a string representation of a dict
-                import ast
+                if isinstance(processed_value, str):
+                    import ast
 
-                typed_value = ast.literal_eval(processed_value) if processed_value else {}
+                    typed_value = ast.literal_eval(processed_value) if processed_value else {}
+                else:
+                    typed_value = processed_value if processed_value else {}
             elif config_type.type == bool:
                 if isinstance(processed_value, str):
                     typed_value = processed_value.lower() in ["true", "1", "yes"]

regscale/integrations/commercial/__init__.py

@@ -57,6 +57,19 @@ def aws():
 show_mapping(aws, "aws_inspector")
 
 
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={
+        "sync_assets": "regscale.integrations.commercial.axonius.axonius_integration.sync_assets",
+        "sync_findings": "regscale.integrations.commercial.axonius.axonius_integration.sync_findings",
+    },
+    name="axonius",
+)
+def axonius():
+    """Axonius Integration"""
+    pass
+
+
 @click.group(
     cls=LazyGroup,
     lazy_subcommands={
@@ -430,6 +443,8 @@ def stig():
         "io": "regscale.integrations.commercial.tenablev2.commands.io",
         "sc": "regscale.integrations.commercial.tenablev2.commands.sc",
         "nessus": "regscale.integrations.commercial.tenablev2.commands.nessus",
+        "sync_jsonl": "regscale.integrations.commercial.tenablev2.commands.sync_jsonl",
+        "sync_vulns": "regscale.integrations.commercial.tenablev2.commands.sync_vulns",
     },
     name="tenable",
 )

regscale/integrations/commercial/axonius/axonius_integration.py

@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Axonius integration for RegScale CLI to sync assets"""
+
+# Standard python imports
+import click
+from regscale.core.app.utils.parser_utils import safe_datetime_str
+from regscale.core.app.api import Api
+from regscale.core.app.logz import create_logger
+from regscale.core.app.utils.app_utils import (
+    check_file_path,
+    check_license,
+    compute_hashes_in_directory,
+    convert_datetime_to_regscale_string,
+    create_progress_object,
+    error_and_exit,
+    get_current_datetime,
+    save_data_to,
+)
+from regscale.core.app.utils.regscale_utils import verify_provided_module
+from regscale.models import regscale_id, regscale_module
+from regscale.models.regscale_models.file import File
+from regscale.models.regscale_models.issue import Issue
+from regscale.models.regscale_models.task import Task
+from regscale.utils.threading.threadhandler import create_threads, thread_assignment
+from regscale.models import regscale_ssp_id
+
+import pandas as pd
+import requests
+import datetime
+from datetime import date
+import warnings
+import json
+from urllib.parse import urljoin
+
+warnings.filterwarnings("ignore")
+
+
+####################################################################################################
+#
+# SYNC ASSETS WITH AXONIUS
+# AXONIUS API Docs: https://developer.axonius.com/docs/overview
+#
+####################################################################################################
+
+
+# Create group to handle Axonius integration
+@click.group()
+def axonius():
+    """Sync assets between Axonius and RegScale."""
+
+
+@axonius.command(name="sync_assets")
+@regscale_ssp_id()
+def sync_assets(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius into RegScale."""
+    from regscale.models.integration_models.axonius_models.connectors.assets import AxoniusIntegration
+
+    scanner = AxoniusIntegration(plan_id=regscale_ssp_id)
+    scanner.sync_assets(plan_id=regscale_ssp_id)
+
+
+@axonius.command(name="sync_findings")
+@regscale_ssp_id()
+def sync_findings(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius into RegScale."""
+    from regscale.models.integration_models.axonius_models.connectors.assets import AxoniusIntegration
+
+    scanner = AxoniusIntegration(plan_id=regscale_ssp_id)
+    scanner.sync_findings(plan_id=regscale_ssp_id)

regscale/integrations/commercial/burp.py

@@ -1,7 +1,9 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 """Burp Scanner RegScale integration"""
+from datetime import datetime
 from pathlib import Path
+from typing import Optional
 
 import click
 
@@ -54,6 +56,18 @@ def import_burp(
     """
     Import Burp scans, vulnerabilities and assets to RegScale from burp files
 
+    """
+    import_burp_scan(folder_path, regscale_ssp_id, scan_date, upload_file)
+
+
+def import_burp_scan(folder_path: Path, regscale_ssp_id: int, scan_date: datetime, upload_file: Optional[bool] = True):
+    """
+    Import Burp scans, vulnerabilities and assets to RegScale from burp files
+
+    :param folder_path: Path to burp scan files
+    :param regscale_ssp_id: RegScale Security Plan ID
+    :param scan_date: Scan date
+    :param upload_file: Whether to upload the file to RegScale after processing. Default is True.
     """
     app = Application()
     if not validate_regscale_object(regscale_ssp_id, "securityplans"):

regscale/integrations/commercial/grype/commands.py

@@ -22,6 +22,7 @@ def grype():
     message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
     prompt="File path for Grype files",
     import_name="grype",
+    support_component=True,
 )
 @click.option(
     "--destination",
@@ -41,6 +42,7 @@ def import_scans(
     file_pattern: str,
     folder_path: Path,
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -56,8 +58,13 @@ def import_scans(
 
     if s3_bucket and not folder_path:
         folder_path = s3_bucket
+
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError("You must provide either a --regscale_ssp_id or a --component_id to import Grype scans.")
+
     gi = GrypeIntegration(
-        plan_id=regscale_ssp_id,
+        plan_id=component_id if component_id else regscale_ssp_id,
+        is_component=True if component_id else False,
         file_path=str(folder_path) if folder_path else None,
         s3_bucket=s3_bucket,
         s3_prefix=s3_prefix,

regscale/integrations/commercial/grype/scanner.py

@@ -54,6 +54,7 @@ class GrypeIntegration(JSONLScannerIntegration):
         kwargs["read_files_only"] = True
         kwargs["file_pattern"] = "*.json"
         self.disable_mapping = kwargs["disable_mapping"] = True
+        self.is_component = kwargs.get("is_component", False)
         super().__init__(*args, **kwargs)
 
     def is_valid_file(self, data: Any, file_path: Union[Path, str]) -> Tuple[bool, Optional[Dict[str, Any]]]:
@@ -125,7 +126,7 @@ class GrypeIntegration(JSONLScannerIntegration):
             other_tracking_number=source_target_data.get("userInput", source_target_data.get("UserInput", "Unknown")),
             fqdn=source_target_data.get("userInput", source_target_data.get("UserInput", "Unknown")),
             parent_id=self.plan_id,
-            parent_module="securityplans",
+            parent_module="securityplans" if not self.is_component else "components",
         )
 
     def parse_finding(self, asset_identifier: str, data: Dict[str, Any], item: Dict[str, Any]) -> IntegrationFinding: