PyPI - regscale-cli - Versions diffs - 6.21.2.1__py3-none-any.whl → 6.22.0.0__py3-none-any.whl - Mend

regscale-cli 6.21.2.1py3-none-any.whl → 6.22.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (30) hide show

regscale/_version.py CHANGED Viewed

@@ -33,7 +33,7 @@ def get_version_from_pyproject() -> str:
                     return match.group(1)
     except Exception:
         pass
-    return "6.21.2.1"  # fallback version
+    return "6.22.0.0"  # fallback version
 __version__ = get_version_from_pyproject()

regscale/core/app/application.py CHANGED Viewed

@@ -81,6 +81,9 @@ class Application(metaclass=Singleton):
             "crowdstrikeClientId": DEFAULT_CLIENT,
             "crowdstrikeClientSecret": DEFAULT_SECRET,
             "crowdstrikeBaseUrl": "<crowdstrikeApiUrl>",
+            "csamToken": DEFAULT_SECRET,
+            "csamURL": "<myCSAMURLgoeshere>",
+            "csamFilter": {},
             "dependabotId": "<myGithubUserIdGoesHere>",
             "dependabotOwner": "<myGithubRepoOwnerGoesHere>",
             "dependabotRepo": "<myGithubRepoNameGoesHere>",

regscale/core/app/utils/app_utils.py CHANGED Viewed

@@ -1108,3 +1108,34 @@ def extract_vuln_id_from_strings(text: str) -> Union[list, str]:
     if res:
         return res  # no need to save spaces
     return text
+def filter_list(input_list: list, input_filter: Optional[dict]) -> list:
+    """
+    Filter an input list based on the filter
+    Implicit "and" between all keys
+    Implicit "or" between values within a key
+    :param list filter_list: List of data to be filtered
+    :param dict input_filter: Filter criteria
+    :return: Filtered list
+    :return_type: list
+    """
+    if not input_filter:
+        return input_list
+    filtered_results = []
+    for item in input_list:
+        match = True
+        for key, value in input_filter.items():
+            if isinstance(value, list):
+                if item.get(key) not in value:
+                    match = False
+                    break
+            elif item.get(key) != value:
+                match = False
+                break
+        if match:
+            filtered_results.append(item)
+    return filtered_results

regscale/integrations/commercial/jira.py CHANGED Viewed

@@ -98,6 +98,12 @@ def jira():
     is_flag=True,
     help="Use token authentication for Jira API instead of basic auth, defaults to False.",
 )
+@click.option(
+    "--jql",
+    type=click.STRING,
+    help="Custom JQL query for filtering Jira issues.",
+    required=False,
+)
 def issues(
     regscale_id: int,
     regscale_module: str,
@@ -105,6 +111,7 @@ def issues(
     jira_issue_type: str,
     sync_attachments: bool = True,
     token_auth: bool = False,
+    jql: Optional[str] = None,
 ):
     """Sync issues from Jira into RegScale."""
     sync_regscale_and_jira(
@@ -114,6 +121,7 @@ def issues(
         jira_issue_type=jira_issue_type,
         sync_attachments=sync_attachments,
         token_auth=token_auth,
+        jql=jql,
     )
@@ -143,12 +151,19 @@ def issues(
     is_flag=True,
     help="Use token authentication for Jira API instead of basic auth, defaults to False.",
 )
+@click.option(
+    "--jql",
+    type=click.STRING,
+    help="Custom JQL query for filtering Jira tasks.",
+    required=False,
+)
 def tasks(
     regscale_id: int,
     regscale_module: str,
     jira_project: str,
     sync_attachments: bool = True,
     token_auth: bool = False,
+    jql: Optional[str] = None,
 ):
     """Sync tasks from Jira into RegScale."""
     sync_regscale_and_jira(
@@ -159,6 +174,7 @@ def tasks(
         sync_attachments=sync_attachments,
         sync_tasks_only=True,
         token_auth=token_auth,
+        jql=jql,
     )
@@ -202,6 +218,7 @@ def sync_regscale_and_jira(
     sync_attachments: bool = True,
     sync_tasks_only: bool = False,
     token_auth: bool = False,
+    jql: Optional[str] = None,
 ) -> None:
     """
     Sync issues, bidirectionally, from Jira into RegScale as issues
@@ -213,6 +230,7 @@ def sync_regscale_and_jira(
     :param bool sync_attachments: Whether to sync attachments in RegScale & Jira, defaults to True
     :param bool sync_tasks_only: Whether to sync only tasks from Jira, defaults to False
     :param bool token_auth: Use token authentication for Jira API, defaults to False
+    :param Optional[str] jql: Custom JQL query for filtering Jira issues/tasks, defaults to None
     :rtype: None
     """
     app = check_license()
@@ -225,11 +243,15 @@ def sync_regscale_and_jira(
     # create Jira client
     jira_client = create_jira_client(config, token_auth)
-    jql_str = (
-        f"project = {jira_project} AND issueType = {jira_issue_type}"
-        if sync_tasks_only
-        else f"project = {jira_project}"
-    )
+    # Use custom JQL if provided, otherwise build default JQL
+    if jql:
+        jql_str = jql
+    else:
+        jql_str = (
+            f"project = {jira_project} AND issueType = {jira_issue_type}"
+            if sync_tasks_only
+            else f"project = {jira_project}"
+        )
     regscale_objects, regscale_attachments = get_regscale_data_and_attachments(
         parent_id=parent_id,
         parent_module=parent_module,

regscale/integrations/commercial/qualys/__init__.py CHANGED Viewed

@@ -280,7 +280,7 @@ class FindingProgressTracker:
         try:
             finding = next(self.findings_iter)
             self.count += 1
-            if finding and hasattr(finding, "external_id"):
+            if finding and hasattr(finding, "external_id") and finding.external_id is not None:
                 self.finding_ids.append(finding.external_id)
             self.progress.update(self.finding_task, advance=1)
             return finding
@@ -378,6 +378,11 @@ def import_total_cloud(
     if exclude_tags and not include_tags:
         error_and_exit("You must provide --include_tags when using --exclude_tags to import Qualys Total Cloud data.")
+    # Ensure vulnerability creation is properly set
+    if not vulnerability_creation:
+        vulnerability_creation = "IssueCreation"  # Default to IssueCreation for Qualys
+        logger.info("No vulnerability creation setting provided, defaulting to IssueCreation for Qualys Total Cloud")
     containers_lst = []
     try:
         # Configure scanner variables and fetch data
@@ -1631,26 +1636,12 @@ def sync_assets(
     """
     parent_module = "components" if is_component else "securityplans"
     update_assets = []
-    for qualys_asset in qualys_assets:  # you can list as many input dicts as you want here
-        logger.debug("qualys_asset: %s", qualys_asset)
-        if not isinstance(qualys_asset, dict):
-            logger.error("Expected dict, got %s: %s", type(qualys_asset), qualys_asset)
-            continue
-        # Update parent id to SSP or Component on insert
-        if lookup_assets := lookup_asset(reg_assets, qualys_asset["ASSET_ID"]):
-            for asset in set(lookup_assets):
-                asset.parentId = ssp_id
-                asset.parentModule = parent_module
-                asset.otherTrackingNumber = qualys_asset["ID"]
-                asset.ipAddress = qualys_asset["IP"]
-                asset.qualysId = qualys_asset["ASSET_ID"]
-                try:
-                    assert asset.id
-                    # avoid duplication
-                    if asset.qualysId not in [v["qualysId"] for v in update_assets]:
-                        update_assets.append(asset)
-                except AssertionError as aex:
-                    logger.error("Asset does not have an id, unable to update!\n%s", aex)
+    for qualys_asset in qualys_assets:
+        processed_asset = _process_single_qualys_asset(qualys_asset, reg_assets, ssp_id, parent_module)
+        if processed_asset:
+            update_assets.append(processed_asset)
     update_and_insert_assets(
         qualys_assets=qualys_assets,
         reg_assets=reg_assets,
@@ -1661,6 +1652,57 @@ def sync_assets(
     )
+def _process_single_qualys_asset(
+    qualys_asset: dict, reg_assets: list[Asset], ssp_id: int, parent_module: str
+) -> Optional[Asset]:
+    """
+    Process a single Qualys asset and return the updated RegScale asset if found.
+    :param dict qualys_asset: Single Qualys asset dictionary
+    :param list[Asset] reg_assets: List of RegScale assets
+    :param int ssp_id: RegScale System Security Plan or Component ID
+    :param str parent_module: Parent module name
+    :return: Updated RegScale asset or None if not found
+    :rtype: Optional[Asset]
+    """
+    logger.debug("qualys_asset: %s", qualys_asset)
+    if not isinstance(qualys_asset, dict):
+        logger.error("Expected dict, got %s: %s", type(qualys_asset), qualys_asset)
+        return None
+    lookup_assets = lookup_asset(reg_assets, qualys_asset["ASSET_ID"])
+    if not lookup_assets:
+        return None
+    return _update_regscale_asset(lookup_assets[0], qualys_asset, ssp_id, parent_module)
+def _update_regscale_asset(asset: Asset, qualys_asset: dict, ssp_id: int, parent_module: str) -> Optional[Asset]:
+    """
+    Update a RegScale asset with Qualys asset data.
+    :param Asset asset: RegScale asset to update
+    :param dict qualys_asset: Qualys asset data
+    :param int ssp_id: RegScale System Security Plan or Component ID
+    :param str parent_module: Parent module name
+    :return: Updated asset or None if update failed
+    :rtype: Optional[Asset]
+    """
+    try:
+        asset.parentId = ssp_id
+        asset.parentModule = parent_module
+        asset.otherTrackingNumber = qualys_asset["ID"]
+        asset.ipAddress = qualys_asset["IP"]
+        asset.qualysId = qualys_asset["ASSET_ID"]
+        assert asset.id
+        return asset
+    except AssertionError as aex:
+        logger.error("Asset does not have an id, unable to update!\n%s", aex)
+        return None
 def update_and_insert_assets(
     qualys_assets: list[dict],
     reg_assets: list[Asset],
@@ -1681,48 +1723,106 @@ def update_and_insert_assets(
     :rtype: None
     """
     parent_module = "components" if is_component else "securityplans"
-    insert_assets = []
-    if assets_to_be_inserted := [
+    # Handle asset insertion
+    insert_assets = _prepare_assets_for_insertion(qualys_assets, reg_assets, ssp_id, parent_module, config)
+    if insert_assets:
+        _create_assets_in_batch(insert_assets)
+    # Handle asset updates
+    if update_assets:
+        _update_assets_in_batch(update_assets)
+def _prepare_assets_for_insertion(
+    qualys_assets: list[dict], reg_assets: list[Asset], ssp_id: int, parent_module: str, config: dict
+) -> list[Asset]:
+    """
+    Prepare new assets for insertion into RegScale.
+    :param list[dict] qualys_assets: List of Qualys assets
+    :param list[Asset] reg_assets: List of RegScale assets
+    :param int ssp_id: RegScale System Security Plan or Component ID
+    :param str parent_module: Parent module name
+    :param dict config: Configuration dictionary
+    :return: List of assets to insert
+    :rtype: list[Asset]
+    """
+    assets_to_be_inserted = [
         qualys_asset
         for qualys_asset in qualys_assets
         if qualys_asset["ASSET_ID"] not in [asset["ASSET_ID"] for asset in inner_join(reg_assets, qualys_assets)]
-    ]:
-        for qualys_asset in assets_to_be_inserted:
-            # Do Insert
-            r_asset = Asset(
-                name=f'Qualys Asset #{qualys_asset["ASSET_ID"]} IP: {qualys_asset["IP"]}',
-                otherTrackingNumber=qualys_asset["ID"],
-                parentId=ssp_id,
-                parentModule=parent_module,
-                ipAddress=qualys_asset["IP"],
-                assetOwnerId=config["userId"],
-                assetType="Other",
-                assetCategory=regscale_models.AssetCategory.Hardware,
-                status="Off-Network",
-                qualysId=qualys_asset["ASSET_ID"],
-            )
-            # avoid duplication
-            if r_asset.qualysId not in {v["qualysId"] for v in insert_assets}:
-                insert_assets.append(r_asset)
-        try:
-            created_assets = Asset.batch_create(insert_assets, job_progress)
-            logger.info(
-                "RegScale Asset(s) successfully created: %i/%i",
-                len(created_assets),
-                len(insert_assets),
-            )
-        except requests.exceptions.RequestException as rex:
-            logger.error("Unable to create Qualys Assets in RegScale\n%s", rex)
-    if update_assets:
-        try:
-            updated_assets = Asset.batch_update(update_assets, job_progress)
-            logger.info(
-                "RegScale Asset(s) successfully updated: %i/%i",
-                len(updated_assets),
-                len(update_assets),
-            )
-        except requests.RequestException as rex:
-            logger.error("Unable to Update Qualys Assets to RegScale\n%s", rex)
+    ]
+    insert_assets = []
+    for qualys_asset in assets_to_be_inserted:
+        r_asset = _create_regscale_asset_from_qualys(qualys_asset, ssp_id, parent_module, config)
+        # avoid duplication
+        if r_asset.qualysId not in {v["qualysId"] for v in insert_assets}:
+            insert_assets.append(r_asset)
+    return insert_assets
+def _create_regscale_asset_from_qualys(qualys_asset: dict, ssp_id: int, parent_module: str, config: dict) -> Asset:
+    """
+    Create a RegScale asset from Qualys asset data.
+    :param dict qualys_asset: Qualys asset data
+    :param int ssp_id: RegScale System Security Plan or Component ID
+    :param str parent_module: Parent module name
+    :param dict config: Configuration dictionary
+    :return: New RegScale asset
+    :rtype: Asset
+    """
+    return Asset(
+        name=f'Qualys Asset #{qualys_asset["ASSET_ID"]} IP: {qualys_asset["IP"]}',
+        otherTrackingNumber=qualys_asset["ID"],
+        parentId=ssp_id,
+        parentModule=parent_module,
+        ipAddress=qualys_asset["IP"],
+        assetOwnerId=config["userId"],
+        assetType="Other",
+        assetCategory=regscale_models.AssetCategory.Hardware,
+        status="Off-Network",
+        qualysId=qualys_asset["ASSET_ID"],
+    )
+def _create_assets_in_batch(insert_assets: list[Asset]) -> None:
+    """
+    Create assets in batch and handle any errors.
+    :param list[Asset] insert_assets: List of assets to create
+    :rtype: None
+    """
+    try:
+        created_assets = Asset.batch_create(insert_assets, job_progress)
+        logger.info(
+            "RegScale Asset(s) successfully created: %i/%i",
+            len(created_assets),
+            len(insert_assets),
+        )
+    except requests.exceptions.RequestException as rex:
+        logger.error("Unable to create Qualys Assets in RegScale\n%s", rex)
+def _update_assets_in_batch(update_assets: list[Asset]) -> None:
+    """
+    Update assets in batch and handle any errors.
+    :param list[Asset] update_assets: List of assets to update
+    :rtype: None
+    """
+    try:
+        updated_assets = Asset.batch_update(update_assets, job_progress)
+        logger.info(
+            "RegScale Asset(s) successfully updated: %i/%i",
+            len(updated_assets),
+            len(update_assets),
+        )
+    except requests.RequestException as rex:
+        logger.error("Unable to Update Qualys Assets to RegScale\n%s", rex)
 def sync_issues(ssp_id: int, qualys_assets_and_issues: list[dict], is_component: bool = False) -> None:

regscale-cli 6.21.2.1__py3-none-any.whl → 6.22.0.0__py3-none-any.whl

Potentially problematic release.

regscale-cli 6.21.2.1py3-none-any.whl → 6.22.0.0py3-none-any.whl