PyPI - regscale-cli - Versions diffs - 6.25.0.1__py3-none-any.whl → 6.26.0.0__py3-none-any.whl - Mend

regscale-cli 6.25.0.1py3-none-any.whl → 6.26.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (84) hide show

regscale/integrations/milestone_manager.py ADDED Viewed

@@ -0,0 +1,291 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+Milestone Manager for Issue Tracking
+Handles creation of milestones for issues based on status transitions (created, reopened, closed).
+Also handles backfilling of missing milestones for existing issues.
+"""
+import logging
+from typing import TYPE_CHECKING, List, Optional
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.integrations.variables import ScannerVariables
+from regscale.models import regscale_models
+if TYPE_CHECKING:
+    from regscale.integrations.scanner_integration import IntegrationFinding
+logger = logging.getLogger("regscale")
+class MilestoneManager:
+    """
+    Manages milestone creation for issues based on status transitions.
+    Milestones are created when:
+    - A new issue is created
+    - An existing issue is reopened (Closed -> Open)
+    - An existing issue is closed (Open -> Closed)
+    """
+    def __init__(self, integration_title: str, assessor_id: str, scan_date: str):
+        """
+        Initialize the milestone manager.
+        :param str integration_title: Name of the integration (used in milestone titles)
+        :param str assessor_id: ID of the assessor/responsible person for milestones
+        :param str scan_date: Date of the scan (used for new issue milestones)
+        """
+        self.integration_title = integration_title
+        self.assessor_id = assessor_id
+        self.scan_date = scan_date
+    def create_milestones_for_issue(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+        existing_issue: Optional[regscale_models.Issue] = None,
+    ) -> None:
+        """
+        Create appropriate milestones for an issue based on status transitions.
+        :param regscale_models.Issue issue: The issue to create milestones for
+        :param Optional[IntegrationFinding] finding: The finding data (for logging/context)
+        :param Optional[regscale_models.Issue] existing_issue: Previous state of issue for comparison
+        """
+        if not self._should_create_milestones(issue):
+            return
+        if self._should_create_reopened_milestone(existing_issue, issue):
+            self._create_reopened_milestone(issue, finding)
+        elif self._should_create_closed_milestone(existing_issue, issue):
+            self._create_closed_milestone(issue, finding)
+        elif not existing_issue:
+            self._create_new_issue_milestone(issue, finding)
+        else:
+            logger.debug(
+                "No milestone created for issue %s (no status transition detected)",
+                issue.id,
+            )
+    def _should_create_milestones(self, issue: regscale_models.Issue) -> bool:
+        """
+        Check if milestones should be created for this issue.
+        :param regscale_models.Issue issue: The issue to check
+        :return: True if milestones should be created
+        :rtype: bool
+        """
+        if not ScannerVariables.useMilestones:
+            logger.debug("Milestone creation disabled (useMilestones=False)")
+            return False
+        if not issue.id:
+            logger.debug("Cannot create milestone - issue has no ID")
+            return False
+        return True
+    def _should_create_reopened_milestone(
+        self, existing_issue: Optional[regscale_models.Issue], issue: regscale_models.Issue
+    ) -> bool:
+        """
+        Check if a reopened milestone should be created.
+        :param Optional[regscale_models.Issue] existing_issue: The existing issue
+        :param regscale_models.Issue issue: The current issue
+        :return: True if reopened milestone should be created
+        :rtype: bool
+        """
+        return (
+            existing_issue is not None
+            and existing_issue.status == regscale_models.IssueStatus.Closed
+            and issue.status == regscale_models.IssueStatus.Open
+        )
+    def _should_create_closed_milestone(
+        self, existing_issue: Optional[regscale_models.Issue], issue: regscale_models.Issue
+    ) -> bool:
+        """
+        Check if a closed milestone should be created.
+        :param Optional[regscale_models.Issue] existing_issue: The existing issue
+        :param regscale_models.Issue issue: The current issue
+        :return: True if closed milestone should be created
+        :rtype: bool
+        """
+        return (
+            existing_issue is not None
+            and existing_issue.status == regscale_models.IssueStatus.Open
+            and issue.status == regscale_models.IssueStatus.Closed
+        )
+    def _create_reopened_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a reopened issue.
+        :param regscale_models.Issue issue: The issue being reopened
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        milestone_date = get_current_datetime()
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue reopened from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="reopened",
+            finding=finding,
+        )
+    def _create_closed_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a closed issue.
+        :param regscale_models.Issue issue: The issue being closed
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        milestone_date = issue.dateCompleted or get_current_datetime()
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue closed from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="closed",
+            finding=finding,
+        )
+    def _create_new_issue_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a newly created issue.
+        :param regscale_models.Issue issue: The newly created issue
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue created from {self.integration_title} scan",
+            milestone_date=self.scan_date,
+            milestone_type="new",
+            finding=finding,
+        )
+    def _create_milestone(
+        self,
+        issue: regscale_models.Issue,
+        title: str,
+        milestone_date: str,
+        milestone_type: str,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone with error handling.
+        :param regscale_models.Issue issue: The issue to create milestone for
+        :param str title: Title of the milestone
+        :param str milestone_date: Date for the milestone
+        :param str milestone_type: Type of milestone (for logging: new, reopened, closed)
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        try:
+            regscale_models.Milestone(
+                title=title,
+                milestoneDate=milestone_date,
+                dateCompleted=get_current_datetime(),
+                responsiblePersonId=self.assessor_id,
+                parentID=issue.id,
+                parentModule="issues",
+            ).create_or_update()
+            logger.debug(f"Created {milestone_type} milestone for issue {issue.id}")
+        except Exception as e:
+            logger.warning(f"Failed to create {milestone_type} milestone for issue {issue.id}: {e}")
+    def get_existing_milestones(self, issue: regscale_models.Issue) -> List[regscale_models.Milestone]:
+        """
+        Get all existing milestones for an issue.
+        :param regscale_models.Issue issue: The issue to check
+        :return: List of existing milestones
+        :rtype: List[regscale_models.Milestone]
+        """
+        if not issue.id:
+            return []
+        try:
+            milestones = regscale_models.Milestone.get_by_parent(parent_id=issue.id, parent_module="issues")
+            return milestones if milestones else []
+        except Exception as e:
+            logger.debug(f"Could not retrieve milestones for issue {issue.id}: {e}")
+            return []
+    def has_creation_milestone(self, issue: regscale_models.Issue) -> bool:
+        """
+        Check if an issue has a creation milestone.
+        :param regscale_models.Issue issue: The issue to check
+        :return: True if creation milestone exists
+        :rtype: bool
+        """
+        milestones = self.get_existing_milestones(issue)
+        # Check for creation milestone patterns
+        creation_patterns = [
+            "Issue created from",
+            "created from",
+        ]
+        for milestone in milestones:
+            milestone_title = milestone.title.lower() if milestone.title else ""
+            if any(pattern.lower() in milestone_title for pattern in creation_patterns):
+                logger.debug(f"Found existing creation milestone for issue {issue.id}: {milestone.title}")
+                return True
+        return False
+    def ensure_creation_milestone_exists(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Ensure an issue has a creation milestone, backfilling if necessary.
+        This method checks if an issue has a creation milestone. If not, it creates one
+        based on the issue's dateCreated field to backfill missing milestones.
+        :param regscale_models.Issue issue: The issue to check
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        if not self._should_create_milestones(issue):
+            return
+        # Check if creation milestone already exists
+        if self.has_creation_milestone(issue):
+            logger.debug(f"Issue {issue.id} already has creation milestone, skipping backfill")
+            return
+        # Backfill missing creation milestone
+        logger.debug(f"Backfilling missing creation milestone for issue {issue.id}")
+        # Use issue's dateCreated if available, otherwise use scan_date
+        milestone_date = issue.dateCreated if issue.dateCreated else self.scan_date
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue created from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="backfilled",
+            finding=finding,
+        )

regscale/integrations/public/__init__.py CHANGED Viewed

@@ -17,6 +17,7 @@ from regscale.core.lazy_group import LazyGroup
         "import_poam": "regscale.integrations.public.fedramp.click.import_fedramp_poam_template",
         "import_drf": "regscale.integrations.public.fedramp.click.import_drf",
         "import_cis_crm": "regscale.integrations.public.fedramp.click.import_ciscrm",
+        "export_poam_v5": "regscale.integrations.public.fedramp.click.export_poam_v5",
     },
     name="fedramp",
 )

regscale/integrations/public/cci_importer.py CHANGED Viewed

@@ -8,7 +8,7 @@ from typing import Dict, List, Optional, Tuple
 import click
 from regscale.core.app.application import Application
-from regscale.core.app.utils.app_utils import error_and_exit
+from regscale.core.app.utils.app_utils import create_progress_object, error_and_exit
 from regscale.models.regscale_models import Catalog, SecurityControl, CCI
 logger = logging.getLogger("regscale")
@@ -109,7 +109,7 @@ class CCIImporter:
         :rtype: None
         """
         if self.verbose:
-            click.echo("Parsing CCI items from XML...")
+            logger.info("Parsing CCI items from XML...")
         for cci_item in self.xml_data.findall(".//{http://iase.disa.mil/cci}cci_item"):
             cci_id, definition = self._extract_cci_data(cci_item)
@@ -291,7 +291,7 @@ class CCIImporter:
         :rtype: Dict[str, int]
         """
         if self.verbose:
-            click.echo("Mapping CCI data to security controls...")
+            logger.info("Mapping CCI data to security controls...")
         catalog = self._get_catalog(catalog_id)
         security_controls: List[SecurityControl] = SecurityControl.get_all_by_parent(parent_id=catalog.id)
@@ -303,24 +303,28 @@ class CCIImporter:
         updated_count = 0
         skipped_count = 0
-        for main_control, cci_list in self.normalized_cci.items():
-            if main_control in control_map:
-                control_id = control_map[main_control]
-                control_created, control_updated = self._process_cci_for_control(
-                    control_id, cci_list, user_id, tenant_id
-                )
-                created_count += control_created
-                updated_count += control_updated
-            else:
-                skipped_count += len(cci_list)
-                if self.verbose:
-                    click.echo(f"Warning: Control not found for key: {main_control}", err=True)
+        with create_progress_object() as progress:
+            logger.info(f"Parsing and mapping {len(self.normalized_cci)} normalized CCI entries...")
+            main_task = progress.add_task("Parsing and mapping CCIs...", total=len(self.normalized_cci))
+            for main_control, cci_list in self.normalized_cci.items():
+                if main_control in control_map:
+                    control_id = control_map[main_control]
+                    control_created, control_updated = self._process_cci_for_control(
+                        control_id, cci_list, user_id, tenant_id
+                    )
+                    created_count += control_created
+                    updated_count += control_updated
+                else:
+                    skipped_count += len(cci_list)
+                    if self.verbose:
+                        logger.warning(f"Warning: Control not found for key: {main_control}")
+                progress.update(main_task, advance=1)
         return {
             "created": created_count,
             "updated": updated_count,
             "skipped": skipped_count,
-            "total_processed": len(self.normalized_cci),
+            "total_processed": sum(created_count + updated_count + skipped_count),
         }
     def get_normalized_cci(self) -> Dict[str, List[Dict]]:
@@ -343,11 +347,10 @@ def _load_xml_file(xml_file: str) -> ET.Element:
     :raises click.ClickException: If XML parsing fails
     """
     try:
-        click.echo(f"Loading XML file: {xml_file}")
+        logger.info(f"Loading XML file: {xml_file}")
         tree = ET.parse(xml_file)
         return tree.getroot()
     except ET.ParseError as e:
-        click.echo(click.style(f"Failed to parse XML file: {e}", fg="red"), err=True)
         error_and_exit(f"Failed to parse XML file: {e}")
@@ -358,12 +361,12 @@ def _display_verbose_output(normalized_data: Dict[str, List[Dict]]) -> None:
     :param Dict[str, List[Dict]] normalized_data: Dictionary of normalized CCI data
     :rtype: None
     """
-    click.echo("\nNormalized CCI Data:")
+    logger.info("\nNormalized CCI Data:")
     for key, value in normalized_data.items():
-        click.echo(f"  {key}: {len(value)} CCI items")
+        logger.info(f"  {key}: {len(value)} CCI items")
         for cci in value:
             definition_preview = cci["definition"][:100] + "..." if len(cci["definition"]) > 100 else cci["definition"]
-            click.echo(f"    - {cci['cci_id']}: {definition_preview}")
+            logger.info(f"    - {cci['cci_id']}: {definition_preview}")
 def _display_results(stats: Dict[str, int]) -> None:
@@ -373,15 +376,12 @@ def _display_results(stats: Dict[str, int]) -> None:
     :param Dict[str, int] stats: Dictionary with operation statistics
     :rtype: None
     """
-    click.echo(
-        click.style(
-            f"\nDatabase operations completed:"
-            f"\n  - Created: {stats['created']}"
-            f"\n  - Updated: {stats['updated']}"
-            f"\n  - Skipped: {stats['skipped']}"
-            f"\n  - Total processed: {stats['total_processed']}",
-            fg="green",
-        )
+    logger.info(
+        f"[green]\nDatabase operations completed:"
+        f"[green]\n  - Created: {stats['created']}"
+        f"[green]\n  - Updated: {stats['updated']}"
+        f"[green]\n  - Skipped: {stats['skipped']}"
+        f"[green]\n  - Total processed: {stats['total_processed']}",
     )
@@ -398,7 +398,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
     importer.parse_cci()
     normalized_data = importer.get_normalized_cci()
-    click.echo(click.style(f"Successfully parsed {len(normalized_data)} normalized CCI entries", fg="green"))
+    logger.info(f"[green]Successfully parsed {len(normalized_data)} normalized CCI entries[/green]")
     if verbose:
         _display_verbose_output(normalized_data)
@@ -407,7 +407,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
         stats = importer.map_to_security_controls(catalog_id)
         _display_results(stats)
     else:
-        click.echo(click.style("\nDRY RUN MODE: No database changes were made", fg="yellow"))
+        logger.info("\n[yellow]DRY RUN MODE: No database changes were made[/yellow]")
 @click.command(name="cci_importer")
@@ -431,14 +431,13 @@ def cci_importer(xml_file: str, dry_run: bool, verbose: bool, nist_version: str,
     try:
         if not xml_file:
             import importlib.resources as pkg_resources
+            from regscale.models import integration_models
-            xml_file = pkg_resources.path("regscale.models.integration_models", "CCI_List.xml")
+            files = pkg_resources.files(integration_models)
+            cci_path = files / "CCI_List.xml"
+            xml_file = str(cci_path)
         root = _load_xml_file(xml_file)
         importer = CCIImporter(root, version=nist_version, verbose=verbose)
         _process_cci_import(importer, dry_run, verbose, catalog_id)
-    except click.ClickException:
-        raise
     except Exception as e:
-        click.echo(click.style(f"Unexpected error: {e}", fg="red"), err=True)
-        raise click.ClickException(f"Unexpected error: {e}")
+        error_and_exit(f"Unexpected error: {e}")

regscale/integrations/public/fedramp/click.py CHANGED Viewed

@@ -20,6 +20,59 @@ def fedramp():
     """Performs bulk processing of FedRAMP files (Upload trusted data only)."""
+@fedramp.command(context_settings={"show_default": True})
+@click.option(
+    "--ssp_id",
+    "-s",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the SSP ID to export POAMs from",
+    help="The RegScale SSP ID to export POAMs from",
+)
+@click.option(
+    "--output_file",
+    "-o",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the output file path (xlsx)",
+    help="The output file path for the POAM export (xlsx format)",
+)
+@click.option(
+    "--template_path",
+    "-t",
+    type=click.Path(exists=True, dir_okay=False, file_okay=True),
+    required=False,
+    help="Path to the FedRAMP POAM template Excel file (defaults to ./templates/FedRAMP-POAM-Template.xlsx)",
+)
+@click.option(
+    "--point_of_contact",
+    "-p",
+    type=click.STRING,
+    required=False,
+    default="",
+    help="Point of Contact name for POAMs (defaults to empty string)",
+)
+def export_poam_v5(ssp_id: str, output_file: str, template_path: Optional[click.Path], point_of_contact: str):
+    """
+    Export FedRAMP Rev 5 POAM Excel file with advanced formatting.
+    This export includes:
+    - Dynamic POAM ID generation based on source file paths
+    - KEV date determination from CISA KEV catalog
+    - Deviation status mapping (Approved/Pending/Rejected)
+    - Custom milestone and comment generation
+    - Excel formatting for Rev 5 template
+    - Configurable Point of Contact
+    """
+    from pathlib import Path
+    from regscale.integrations.public.fedramp.poam_export_v5 import export_poam_v5 as export_func
+    logger.info(f"Exporting FedRAMP Rev 5 POAM for SSP {ssp_id}")
+    template = Path(template_path) if template_path else None
+    export_func(ssp_id=ssp_id, output_file=output_file, template_path=template, point_of_contact=point_of_contact)
 # FedRAMP Docx Support
 @fedramp.command(context_settings={"show_default": True})
 @click.option(
@@ -108,7 +161,9 @@ def load_fedramp_docx(
                     "by using the -p flag."
                 )
-        process_fedramp_docx_v5(file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path)  # type: ignore
+        process_fedramp_docx_v5(
+            file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path
+        )  # type: ignore
 @fedramp.command()
@@ -435,7 +490,10 @@ def import_drf(file_path: click.Path, regscale_id: int, regscale_module: str) ->
     "--profile_id",
     "-p",
     type=click.INT,
-    help="The ID number from RegScale of the Profile.  (This will generate the control implementations for a new Security Plan)",
+    help=(
+        "The ID number from RegScale of the Profile.  (This will generate the control implementations "
+        "for a new Security Plan)"
+    ),
     prompt="Enter RegScale Profile ID",
     required=True,
 )

regscale-cli 6.25.0.1__py3-none-any.whl → 6.26.0.0__py3-none-any.whl

Potentially problematic release.

regscale-cli 6.25.0.1py3-none-any.whl → 6.26.0.0py3-none-any.whl