regscale-cli 6.25.1.0__py3-none-any.whl → 6.27.0.0__py3-none-any.whl

regscale/integrations/milestone_manager.py

@@ -0,0 +1,291 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+Milestone Manager for Issue Tracking
+
+Handles creation of milestones for issues based on status transitions (created, reopened, closed).
+Also handles backfilling of missing milestones for existing issues.
+"""
+import logging
+from typing import TYPE_CHECKING, List, Optional
+
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.integrations.variables import ScannerVariables
+from regscale.models import regscale_models
+
+if TYPE_CHECKING:
+    from regscale.integrations.scanner_integration import IntegrationFinding
+
+logger = logging.getLogger("regscale")
+
+
+class MilestoneManager:
+    """
+    Manages milestone creation for issues based on status transitions.
+
+    Milestones are created when:
+    - A new issue is created
+    - An existing issue is reopened (Closed -> Open)
+    - An existing issue is closed (Open -> Closed)
+    """
+
+    def __init__(self, integration_title: str, assessor_id: str, scan_date: str):
+        """
+        Initialize the milestone manager.
+
+        :param str integration_title: Name of the integration (used in milestone titles)
+        :param str assessor_id: ID of the assessor/responsible person for milestones
+        :param str scan_date: Date of the scan (used for new issue milestones)
+        """
+        self.integration_title = integration_title
+        self.assessor_id = assessor_id
+        self.scan_date = scan_date
+
+    def create_milestones_for_issue(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+        existing_issue: Optional[regscale_models.Issue] = None,
+    ) -> None:
+        """
+        Create appropriate milestones for an issue based on status transitions.
+
+        :param regscale_models.Issue issue: The issue to create milestones for
+        :param Optional[IntegrationFinding] finding: The finding data (for logging/context)
+        :param Optional[regscale_models.Issue] existing_issue: Previous state of issue for comparison
+        """
+        if not self._should_create_milestones(issue):
+            return
+
+        if self._should_create_reopened_milestone(existing_issue, issue):
+            self._create_reopened_milestone(issue, finding)
+        elif self._should_create_closed_milestone(existing_issue, issue):
+            self._create_closed_milestone(issue, finding)
+        elif not existing_issue:
+            self._create_new_issue_milestone(issue, finding)
+        else:
+            logger.debug(
+                "No milestone created for issue %s (no status transition detected)",
+                issue.id,
+            )
+
+    def _should_create_milestones(self, issue: regscale_models.Issue) -> bool:
+        """
+        Check if milestones should be created for this issue.
+
+        :param regscale_models.Issue issue: The issue to check
+        :return: True if milestones should be created
+        :rtype: bool
+        """
+        if not ScannerVariables.useMilestones:
+            logger.debug("Milestone creation disabled (useMilestones=False)")
+            return False
+
+        if not issue.id:
+            logger.debug("Cannot create milestone - issue has no ID")
+            return False
+
+        return True
+
+    def _should_create_reopened_milestone(
+        self, existing_issue: Optional[regscale_models.Issue], issue: regscale_models.Issue
+    ) -> bool:
+        """
+        Check if a reopened milestone should be created.
+
+        :param Optional[regscale_models.Issue] existing_issue: The existing issue
+        :param regscale_models.Issue issue: The current issue
+        :return: True if reopened milestone should be created
+        :rtype: bool
+        """
+        return (
+            existing_issue is not None
+            and existing_issue.status == regscale_models.IssueStatus.Closed
+            and issue.status == regscale_models.IssueStatus.Open
+        )
+
+    def _should_create_closed_milestone(
+        self, existing_issue: Optional[regscale_models.Issue], issue: regscale_models.Issue
+    ) -> bool:
+        """
+        Check if a closed milestone should be created.
+
+        :param Optional[regscale_models.Issue] existing_issue: The existing issue
+        :param regscale_models.Issue issue: The current issue
+        :return: True if closed milestone should be created
+        :rtype: bool
+        """
+        return (
+            existing_issue is not None
+            and existing_issue.status == regscale_models.IssueStatus.Open
+            and issue.status == regscale_models.IssueStatus.Closed
+        )
+
+    def _create_reopened_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a reopened issue.
+
+        :param regscale_models.Issue issue: The issue being reopened
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        milestone_date = get_current_datetime()
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue reopened from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="reopened",
+            finding=finding,
+        )
+
+    def _create_closed_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a closed issue.
+
+        :param regscale_models.Issue issue: The issue being closed
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        milestone_date = issue.dateCompleted or get_current_datetime()
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue closed from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="closed",
+            finding=finding,
+        )
+
+    def _create_new_issue_milestone(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone for a newly created issue.
+
+        :param regscale_models.Issue issue: The newly created issue
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue created from {self.integration_title} scan",
+            milestone_date=self.scan_date,
+            milestone_type="new",
+            finding=finding,
+        )
+
+    def _create_milestone(
+        self,
+        issue: regscale_models.Issue,
+        title: str,
+        milestone_date: str,
+        milestone_type: str,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Create a milestone with error handling.
+
+        :param regscale_models.Issue issue: The issue to create milestone for
+        :param str title: Title of the milestone
+        :param str milestone_date: Date for the milestone
+        :param str milestone_type: Type of milestone (for logging: new, reopened, closed)
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        try:
+            regscale_models.Milestone(
+                title=title,
+                milestoneDate=milestone_date,
+                dateCompleted=get_current_datetime(),
+                responsiblePersonId=self.assessor_id,
+                parentID=issue.id,
+                parentModule="issues",
+            ).create_or_update()
+
+            logger.debug(f"Created {milestone_type} milestone for issue {issue.id}")
+
+        except Exception as e:
+            logger.warning(f"Failed to create {milestone_type} milestone for issue {issue.id}: {e}")
+
+    def get_existing_milestones(self, issue: regscale_models.Issue) -> List[regscale_models.Milestone]:
+        """
+        Get all existing milestones for an issue.
+
+        :param regscale_models.Issue issue: The issue to check
+        :return: List of existing milestones
+        :rtype: List[regscale_models.Milestone]
+        """
+        if not issue.id:
+            return []
+
+        try:
+            milestones = regscale_models.Milestone.get_by_parent(parent_id=issue.id, parent_module="issues")
+            return milestones if milestones else []
+        except Exception as e:
+            logger.debug(f"Could not retrieve milestones for issue {issue.id}: {e}")
+            return []
+
+    def has_creation_milestone(self, issue: regscale_models.Issue) -> bool:
+        """
+        Check if an issue has a creation milestone.
+
+        :param regscale_models.Issue issue: The issue to check
+        :return: True if creation milestone exists
+        :rtype: bool
+        """
+        milestones = self.get_existing_milestones(issue)
+
+        # Check for creation milestone patterns
+        creation_patterns = [
+            "Issue created from",
+            "created from",
+        ]
+
+        for milestone in milestones:
+            milestone_title = milestone.title.lower() if milestone.title else ""
+            if any(pattern.lower() in milestone_title for pattern in creation_patterns):
+                logger.debug(f"Found existing creation milestone for issue {issue.id}: {milestone.title}")
+                return True
+
+        return False
+
+    def ensure_creation_milestone_exists(
+        self,
+        issue: regscale_models.Issue,
+        finding: Optional["IntegrationFinding"] = None,
+    ) -> None:
+        """
+        Ensure an issue has a creation milestone, backfilling if necessary.
+
+        This method checks if an issue has a creation milestone. If not, it creates one
+        based on the issue's dateCreated field to backfill missing milestones.
+
+        :param regscale_models.Issue issue: The issue to check
+        :param Optional[IntegrationFinding] finding: The finding data (for logging)
+        """
+        if not self._should_create_milestones(issue):
+            return
+
+        # Check if creation milestone already exists
+        if self.has_creation_milestone(issue):
+            logger.debug(f"Issue {issue.id} already has creation milestone, skipping backfill")
+            return
+
+        # Backfill missing creation milestone
+        logger.debug(f"Backfilling missing creation milestone for issue {issue.id}")
+
+        # Use issue's dateCreated if available, otherwise use scan_date
+        milestone_date = issue.dateCreated if issue.dateCreated else self.scan_date
+
+        self._create_milestone(
+            issue=issue,
+            title=f"Issue created from {self.integration_title} scan",
+            milestone_date=milestone_date,
+            milestone_type="backfilled",
+            finding=finding,
+        )

regscale/integrations/public/__init__.py

@@ -17,6 +17,7 @@ from regscale.core.lazy_group import LazyGroup
         "import_poam": "regscale.integrations.public.fedramp.click.import_fedramp_poam_template",
         "import_drf": "regscale.integrations.public.fedramp.click.import_drf",
         "import_cis_crm": "regscale.integrations.public.fedramp.click.import_ciscrm",
+        "export_poam_v5": "regscale.integrations.public.fedramp.click.export_poam_v5",
     },
     name="fedramp",
 )

regscale/integrations/public/cci_importer.py

@@ -8,7 +8,7 @@ from typing import Dict, List, Optional, Tuple
 import click
 
 from regscale.core.app.application import Application
-from regscale.core.app.utils.app_utils import error_and_exit
+from regscale.core.app.utils.app_utils import create_progress_object, error_and_exit
 from regscale.models.regscale_models import Catalog, SecurityControl, CCI
 
 logger = logging.getLogger("regscale")
@@ -109,7 +109,7 @@ class CCIImporter:
         :rtype: None
         """
         if self.verbose:
-            click.echo("Parsing CCI items from XML...")
+            logger.info("Parsing CCI items from XML...")
 
         for cci_item in self.xml_data.findall(".//{http://iase.disa.mil/cci}cci_item"):
             cci_id, definition = self._extract_cci_data(cci_item)
@@ -291,7 +291,7 @@ class CCIImporter:
         :rtype: Dict[str, int]
         """
         if self.verbose:
-            click.echo("Mapping CCI data to security controls...")
+            logger.info("Mapping CCI data to security controls...")
 
         catalog = self._get_catalog(catalog_id)
         security_controls: List[SecurityControl] = SecurityControl.get_all_by_parent(parent_id=catalog.id)
@@ -303,24 +303,28 @@ class CCIImporter:
         updated_count = 0
         skipped_count = 0
 
-        for main_control, cci_list in self.normalized_cci.items():
-            if main_control in control_map:
-                control_id = control_map[main_control]
-                control_created, control_updated = self._process_cci_for_control(
-                    control_id, cci_list, user_id, tenant_id
-                )
-                created_count += control_created
-                updated_count += control_updated
-            else:
-                skipped_count += len(cci_list)
-                if self.verbose:
-                    click.echo(f"Warning: Control not found for key: {main_control}", err=True)
+        with create_progress_object() as progress:
+            logger.info(f"Parsing and mapping {len(self.normalized_cci)} normalized CCI entries...")
+            main_task = progress.add_task("Parsing and mapping CCIs...", total=len(self.normalized_cci))
+            for main_control, cci_list in self.normalized_cci.items():
+                if main_control in control_map:
+                    control_id = control_map[main_control]
+                    control_created, control_updated = self._process_cci_for_control(
+                        control_id, cci_list, user_id, tenant_id
+                    )
+                    created_count += control_created
+                    updated_count += control_updated
+                else:
+                    skipped_count += len(cci_list)
+                    if self.verbose:
+                        logger.warning(f"Warning: Control not found for key: {main_control}")
+                progress.update(main_task, advance=1)
 
         return {
             "created": created_count,
             "updated": updated_count,
             "skipped": skipped_count,
-            "total_processed": len(self.normalized_cci),
+            "total_processed": sum(created_count + updated_count + skipped_count),
         }
 
     def get_normalized_cci(self) -> Dict[str, List[Dict]]:
@@ -343,11 +347,10 @@ def _load_xml_file(xml_file: str) -> ET.Element:
     :raises click.ClickException: If XML parsing fails
     """
     try:
-        click.echo(f"Loading XML file: {xml_file}")
+        logger.info(f"Loading XML file: {xml_file}")
         tree = ET.parse(xml_file)
         return tree.getroot()
     except ET.ParseError as e:
-        click.echo(click.style(f"Failed to parse XML file: {e}", fg="red"), err=True)
         error_and_exit(f"Failed to parse XML file: {e}")
 
 
@@ -358,12 +361,12 @@ def _display_verbose_output(normalized_data: Dict[str, List[Dict]]) -> None:
     :param Dict[str, List[Dict]] normalized_data: Dictionary of normalized CCI data
     :rtype: None
     """
-    click.echo("\nNormalized CCI Data:")
+    logger.info("\nNormalized CCI Data:")
     for key, value in normalized_data.items():
-        click.echo(f"  {key}: {len(value)} CCI items")
+        logger.info(f"  {key}: {len(value)} CCI items")
         for cci in value:
             definition_preview = cci["definition"][:100] + "..." if len(cci["definition"]) > 100 else cci["definition"]
-            click.echo(f"    - {cci['cci_id']}: {definition_preview}")
+            logger.info(f"    - {cci['cci_id']}: {definition_preview}")
 
 
 def _display_results(stats: Dict[str, int]) -> None:
@@ -373,15 +376,12 @@ def _display_results(stats: Dict[str, int]) -> None:
     :param Dict[str, int] stats: Dictionary with operation statistics
     :rtype: None
     """
-    click.echo(
-        click.style(
-            f"\nDatabase operations completed:"
-            f"\n  - Created: {stats['created']}"
-            f"\n  - Updated: {stats['updated']}"
-            f"\n  - Skipped: {stats['skipped']}"
-            f"\n  - Total processed: {stats['total_processed']}",
-            fg="green",
-        )
+    logger.info(
+        f"[green]\nDatabase operations completed:"
+        f"[green]\n  - Created: {stats['created']}"
+        f"[green]\n  - Updated: {stats['updated']}"
+        f"[green]\n  - Skipped: {stats['skipped']}"
+        f"[green]\n  - Total processed: {stats['total_processed']}",
     )
 
 
@@ -398,7 +398,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
     importer.parse_cci()
     normalized_data = importer.get_normalized_cci()
 
-    click.echo(click.style(f"Successfully parsed {len(normalized_data)} normalized CCI entries", fg="green"))
+    logger.info(f"[green]Successfully parsed {len(normalized_data)} normalized CCI entries[/green]")
 
     if verbose:
         _display_verbose_output(normalized_data)
@@ -407,7 +407,7 @@ def _process_cci_import(importer: CCIImporter, dry_run: bool, verbose: bool, cat
         stats = importer.map_to_security_controls(catalog_id)
         _display_results(stats)
     else:
-        click.echo(click.style("\nDRY RUN MODE: No database changes were made", fg="yellow"))
+        logger.info("\n[yellow]DRY RUN MODE: No database changes were made[/yellow]")
 
 
 @click.command(name="cci_importer")
@@ -431,14 +431,13 @@ def cci_importer(xml_file: str, dry_run: bool, verbose: bool, nist_version: str,
     try:
         if not xml_file:
             import importlib.resources as pkg_resources
+            from regscale.models import integration_models
 
-            xml_file = pkg_resources.path("regscale.models.integration_models", "CCI_List.xml")
+            files = pkg_resources.files(integration_models)
+            cci_path = files / "CCI_List.xml"
+            xml_file = str(cci_path)
         root = _load_xml_file(xml_file)
         importer = CCIImporter(root, version=nist_version, verbose=verbose)
         _process_cci_import(importer, dry_run, verbose, catalog_id)
-
-    except click.ClickException:
-        raise
     except Exception as e:
-        click.echo(click.style(f"Unexpected error: {e}", fg="red"), err=True)
-        raise click.ClickException(f"Unexpected error: {e}")
+        error_and_exit(f"Unexpected error: {e}")

regscale/integrations/public/fedramp/click.py

@@ -20,6 +20,59 @@ def fedramp():
     """Performs bulk processing of FedRAMP files (Upload trusted data only)."""
 
 
+@fedramp.command(context_settings={"show_default": True})
+@click.option(
+    "--ssp_id",
+    "-s",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the SSP ID to export POAMs from",
+    help="The RegScale SSP ID to export POAMs from",
+)
+@click.option(
+    "--output_file",
+    "-o",
+    type=click.STRING,
+    required=True,
+    prompt="Enter the output file path (xlsx)",
+    help="The output file path for the POAM export (xlsx format)",
+)
+@click.option(
+    "--template_path",
+    "-t",
+    type=click.Path(exists=True, dir_okay=False, file_okay=True),
+    required=False,
+    help="Path to the FedRAMP POAM template Excel file (defaults to ./templates/FedRAMP-POAM-Template.xlsx)",
+)
+@click.option(
+    "--point_of_contact",
+    "-p",
+    type=click.STRING,
+    required=False,
+    default="",
+    help="Point of Contact name for POAMs (defaults to empty string)",
+)
+def export_poam_v5(ssp_id: str, output_file: str, template_path: Optional[click.Path], point_of_contact: str):
+    """
+    Export FedRAMP Rev 5 POAM Excel file with advanced formatting.
+
+    This export includes:
+    - Dynamic POAM ID generation based on source file paths
+    - KEV date determination from CISA KEV catalog
+    - Deviation status mapping (Approved/Pending/Rejected)
+    - Custom milestone and comment generation
+    - Excel formatting for Rev 5 template
+    - Configurable Point of Contact
+    """
+    from pathlib import Path
+    from regscale.integrations.public.fedramp.poam_export_v5 import export_poam_v5 as export_func
+
+    logger.info(f"Exporting FedRAMP Rev 5 POAM for SSP {ssp_id}")
+
+    template = Path(template_path) if template_path else None
+    export_func(ssp_id=ssp_id, output_file=output_file, template_path=template, point_of_contact=point_of_contact)
+
+
 # FedRAMP Docx Support
 @fedramp.command(context_settings={"show_default": True})
 @click.option(
@@ -108,7 +161,9 @@ def load_fedramp_docx(
                     "by using the -p flag."
                 )
 
-        process_fedramp_docx_v5(file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path)  # type: ignore
+        process_fedramp_docx_v5(
+            file_path, base_fedramp_profile_id, save_data, add_missing, appendix_a_file_path
+        )  # type: ignore
 
 
 @fedramp.command()
@@ -435,7 +490,10 @@ def import_drf(file_path: click.Path, regscale_id: int, regscale_module: str) ->
     "--profile_id",
     "-p",
     type=click.INT,
-    help="The ID number from RegScale of the Profile.  (This will generate the control implementations for a new Security Plan)",
+    help=(
+        "The ID number from RegScale of the Profile.  (This will generate the control implementations "
+        "for a new Security Plan)"
+    ),
     prompt="Enter RegScale Profile ID",
     required=True,
 )

regscale/integrations/public/fedramp/docx_parser.py

@@ -246,7 +246,16 @@ class SSPDocParser:
             headers = self.extract_table_headers(table, namespaces)
             table_data = []
             tables_dicts_list["preceding_text"] = preceding_text[i] if i < len(preceding_text) else ""
-            if len(headers) == 1 and headers[0].lower() in vertical_tables:
+            # Check if this is a vertical table:
+            is_vertical = False
+            # - Single header that matches vertical_tables list
+            first_option = len(headers) == 1 and headers[0].lower() in vertical_tables
+            # - OR two headers where first matches and second is empty/whitespace
+            second_option = len(headers) == 2 and headers[0].lower() in vertical_tables and not headers[1].strip()
+            if first_option or second_option:
+                is_vertical = True
+
+            if is_vertical:
                 table_data = self.extract_vertical_row_data(table, namespaces)
                 tables_dicts_list["table_data"] = table_data
                 # tables_dicts_list.append({headers[0].lower(): table_data})