PyPI - regscale-cli - Versions diffs - 6.25.1.0__py3-none-any.whl → 6.26.0.0__py3-none-any.whl - Mend - Supply Chain Defender

regscale-cli 6.25.1.0py3-none-any.whl → 6.26.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (80) hide show

regscale/integrations/public/cci_importer.py CHANGED Viewed

@@ -8,7 +8,7 @@ from typing import Dict, List, Optional, Tuple
 import click
 from regscale.core.app.application import Application
-from regscale.core.app.utils.app_utils import error_and_exit
+from regscale.core.app.utils.app_utils import create_progress_object, error_and_exit
 from regscale.models.regscale_models import Catalog, SecurityControl, CCI
 logger = logging.getLogger("regscale")
@@ -109,7 +109,7 @@ class CCIImporter:
         :rtype: None
         """
         if self.verbose:
-            click.echo("Parsing CCI items from XML...")
+            logger.info("Parsing CCI items from XML...")
         for cci_item in self.xml_data.findall(".//{http://iase.disa.mil/cci}cci_item"):
             cci_id, definition = self._extract_cci_data(cci_item)
@@ -291,7 +291,7 @@ class CCIImporter:
         :rtype: Dict[str, int]
         """
         if self.verbose:
-            click.echo("Mapping CCI data to security controls...")
+            logger.info("Mapping CCI data to security controls...")
         catalog = self._get_catalog(catalog_id)
         security_controls: List[SecurityControl] = SecurityControl.get_all_by_parent(parent_id=catalog.id)
@@ -303,24 +303,28 @@ class CCIImporter:
         updated_count = 0
         skipped_count = 0
-        for main_control, cci_list in self.normalized_cci.items():
-            if main_control in control_map:
-                control_id = control_map[main_control]
-                control_created, control_updated = self._process_cci_for_control(
-                    control_id, cci_list, user_id, tenant_id
-                )
-                created_count += control_created
-                updated_count += control_updated
-            else:
-                skipped_count += len(cci_list)
-                if self.verbose:
-                    click.echo(f"Warning: Control not found for key: {main_control}", err=True)
+        with create_progress_object() as progress:
+            logger.info(f"Parsing and mapping {len(self.normalized_cci)} normalized CCI entries...")
+            main_task = progress.add_task("Parsing and mapping CCIs...", total=len(self.normalized_cci))
+            for main_control, cci_list in self.normalized_cci.items():
+                if main_control in control_map:
+                    control_id = control_map[main_control]
+                    control_created, control_updated = self._process_cci_for_control(
+                        control_id, cci_list, user_id, tenant_id
+                    )
+                    created_count += control_created
+                    updated_count += control_updated
+                else:
+                    skipped_count += len(cci_list)
+                    if self.verbose:
+                        logger.warning(f"Warning: Control not found for key: {main_control}")
+                progress.update(main_task, advance=1)
         return {
             "created": created_count,
             "updated": updated_count,
             "skipped": skipped_count,
-            "total_processed": len(self.normalized_cci),
+            "total_processed": sum(created_count + updated_count + skipped_count),
         }
     def get_normalized_cci(self) -> Dict[str, List[Dict]]:
@@ -343,11 +347,10 @@ def _load_xml_file(xml_file: str) -> ET.Element:
     :raises click.ClickException: If XML parsing fails
     """
     try:
-        click.echo(f"Loading XML file: {xml_file}")
+        logger.info(f"Loading XML file: {xml_file}")
         tree = ET.parse(xml_file)
         return tree.getroot()
     except ET.ParseError as e:
-        click.echo(click.style(f"Failed to parse XML file: {e}", fg="red"), err=True)
         error_and_exit(f"Failed to parse XML file: {e}")
@@ -358,12 +361,12 @@ def _display_verbose_output(normalized_data: Dict[str, List[Dict]]) -> None:
     :param Dict[str, List[Dict]] normalized_data: Dictionary of normalized CCI data
     :rtype: None
     """
-    click.echo("\nNormalized CCI Data:")
+    logger.info("\nNormalized CCI Data:")
     for key, value in normalized_data.items():
-        click.echo(f"  {key}: {len(value)} CCI items")
+        logger.info(f"  {key}: {len(value)} CCI items")
         for cci in value:
             definition_preview = cci["definition"][:100] + "..." if len(cci["definition"]) > 100 else cci["definition"]
-            click.echo(f"    - {cci['cci_id']}: {definition_preview}")
+            logger.info(f"    - {cci['cci_id']}: {definition_preview}")
 def _display_results(stats: Dict[str, int]) -> None:
@@ -373,15 +376,12 @@ def _display_results(stats: Dict[str, int]) -> None:
     :param Dict[str, int] stats: Dictionary with operation statistics
     :rtype: None
     """
-    click.echo(
-        click.style(
-            f"\nDatabase operations completed:"
-            f"\n  - Created: {stats['created']}"
-            f"\n  - Updated: {stats['updated']}"
-            f"\n  - Skipped: {stats['skipped']}"
-            f"\n  - Total processed: {stats['total_processed']}",
-            fg="green",
-        )
+    logger.info(
+        f"[green]\nDatabase operations completed:"
+        f"[green]\n  - Created: {stats['created']}"
+        f"[green]\n  - Updated: {stats['updated']}"
+        f"[green]\n  - Skipped: {stats['skipped']}"
+        f"[green]\n  - Total processed: {stats['total_processed']}",
     )
@@ -398,7 +398,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
     importer.parse_cci()
     normalized_data = importer.get_normalized_cci()
-    click.echo(click.style(f"Successfully parsed {len(normalized_data)} normalized CCI entries", fg="green"))
+    logger.info(f"[green]Successfully parsed {len(normalized_data)} normalized CCI entries[/green]")
     if verbose:
         _display_verbose_output(normalized_data)
@@ -407,7 +407,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
         stats = importer.map_to_security_controls(catalog_id)
         _display_results(stats)
     else:
-        click.echo(click.style("\nDRY RUN MODE: No database changes were made", fg="yellow"))
+        logger.info("\n[yellow]DRY RUN MODE: No database changes were made[/yellow]")
 @click.command(name="cci_importer")
@@ -431,14 +431,13 @@ def cci_importer(xml_file: str, dry_run: bool, verbose: bool, nist_version: str,
     try:
         if not xml_file:
             import importlib.resources as pkg_resources
+            from regscale.models import integration_models
-            xml_file = pkg_resources.path("regscale.models.integration_models", "CCI_List.xml")
+            files = pkg_resources.files(integration_models)
+            cci_path = files / "CCI_List.xml"
+            xml_file = str(cci_path)
         root = _load_xml_file(xml_file)
         importer = CCIImporter(root, version=nist_version, verbose=verbose)
         _process_cci_import(importer, dry_run, verbose, catalog_id)
-    except click.ClickException:
-        raise
     except Exception as e:
-        click.echo(click.style(f"Unexpected error: {e}", fg="red"), err=True)
-        raise click.ClickException(f"Unexpected error: {e}")
+        error_and_exit(f"Unexpected error: {e}")

regscale/integrations/public/fedramp/click.py CHANGED Viewed

@@ -20,6 +20,59 @@ def fedramp():
     """Performs bulk processing of FedRAMP files (Upload trusted data only)."""
+@fedramp.command(context_settings={"show_default": True})
+@click.option(
+    "--ssp_id",
+    "-s",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the SSP ID to export POAMs from",
+    help="The RegScale SSP ID to export POAMs from",
+)
+@click.option(
+    "--output_file",
+    "-o",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the output file path (xlsx)",
+    help="The output file path for the POAM export (xlsx format)",
+)
+@click.option(
+    "--template_path",
+    "-t",
+    type=click.Path(exists=True, dir_okay=False, file_okay=True),
+    required=False,
+    help="Path to the FedRAMP POAM template Excel file (defaults to ./templates/FedRAMP-POAM-Template.xlsx)",
+)
+@click.option(
+    "--point_of_contact",
+    "-p",
+    type=click.STRING,
+    required=False,
+    default="",
+    help="Point of Contact name for POAMs (defaults to empty string)",
+)
+def export_poam_v5(ssp_id: str, output_file: str, template_path: Optional[click.Path], point_of_contact: str):
+    """
+    Export FedRAMP Rev 5 POAM Excel file with advanced formatting.
+    This export includes:
+    - Dynamic POAM ID generation based on source file paths
+    - KEV date determination from CISA KEV catalog
+    - Deviation status mapping (Approved/Pending/Rejected)
+    - Custom milestone and comment generation
+    - Excel formatting for Rev 5 template
+    - Configurable Point of Contact
+    """
+    from pathlib import Path
+    from regscale.integrations.public.fedramp.poam_export_v5 import export_poam_v5 as export_func
+    logger.info(f"Exporting FedRAMP Rev 5 POAM for SSP {ssp_id}")
+    template = Path(template_path) if template_path else None
+    export_func(ssp_id=ssp_id, output_file=output_file, template_path=template, point_of_contact=point_of_contact)
 # FedRAMP Docx Support
 @fedramp.command(context_settings={"show_default": True})
 @click.option(
@@ -108,7 +161,9 @@ def load_fedramp_docx(
                     "by using the -p flag."
                 )
-        process_fedramp_docx_v5(file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path)  # type: ignore
+        process_fedramp_docx_v5(
+            file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path
+        )  # type: ignore
 @fedramp.command()
@@ -435,7 +490,10 @@ def import_drf(file_path: click.Path, regscale_id: int, regscale_module: str) ->
     "--profile_id",
     "-p",
     type=click.INT,
-    help="The ID number from RegScale of the Profile.  (This will generate the control implementations for a new Security Plan)",
+    help=(
+        "The ID number from RegScale of the Profile.  (This will generate the control implementations "
+        "for a new Security Plan)"
+    ),
     prompt="Enter RegScale Profile ID",
     required=True,
 )