Skip to content

Commit d0e1f49

Browse files
cajlopezorcajlopezor
committed
deploy dev
1 parent 6e155c6 commit d0e1f49

File tree

2 files changed

+43
-39
lines changed

2 files changed

+43
-39
lines changed

tools/devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py

Lines changed: 42 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
import re
2+
from venv import logger
23

34
from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.tool_gateway import (
45
ToolGateway,
@@ -27,45 +28,48 @@ def __init__(
2728
self.git_gateway = git_gateway
2829

2930
def process(self, skip_tool, config_tool, secret_tool, dict_args, tool):
30-
tool = str(tool).lower()
31-
finding_list = []
32-
file_path_findings = ""
33-
secret_external_checks=dict_args["token_external_checks"]
34-
files_to_scan = None if dict_args["folder_path"] is None else [dict_args["folder_path"]]
35-
if skip_tool == False:
36-
self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"), config_tool[tool]["VERSION"])
37-
if files_to_scan is None:
38-
files_to_scan = self.git_gateway.get_files_pull_request(
39-
self.devops_platform_gateway.get_variable("path_directory"),
40-
self.devops_platform_gateway.get_variable("target_branch"),
41-
config_tool["TARGET_BRANCHES"],
42-
self.devops_platform_gateway.get_variable("source_branch"),
43-
self.devops_platform_gateway.get_variable("access_token"),
44-
self.devops_platform_gateway.get_variable("organization"),
45-
self.devops_platform_gateway.get_variable("project_name"),
46-
self.devops_platform_gateway.get_variable("repository"),
47-
self.devops_platform_gateway.get_variable("repository_provider"))
48-
findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
49-
files_to_scan,
31+
try:
32+
tool = str(tool).lower()
33+
finding_list = []
34+
file_path_findings = ""
35+
secret_external_checks=dict_args["token_external_checks"]
36+
files_to_scan = None if dict_args["folder_path"] is None else [dict_args["folder_path"]]
37+
if skip_tool == False:
38+
self.tool_gateway.install_tool(self.devops_platform_gateway.get_variable("os"), self.devops_platform_gateway.get_variable("temp_directory"), config_tool[tool]["VERSION"])
39+
if files_to_scan is None:
40+
files_to_scan = self.git_gateway.get_files_pull_request(
41+
self.devops_platform_gateway.get_variable("path_directory"),
42+
self.devops_platform_gateway.get_variable("target_branch"),
43+
config_tool["TARGET_BRANCHES"],
44+
self.devops_platform_gateway.get_variable("source_branch"),
45+
self.devops_platform_gateway.get_variable("access_token"),
46+
self.devops_platform_gateway.get_variable("organization"),
47+
self.devops_platform_gateway.get_variable("project_name"),
48+
self.devops_platform_gateway.get_variable("repository"),
49+
self.devops_platform_gateway.get_variable("repository_provider"))
50+
findings, file_path_findings = self.tool_gateway.run_tool_secret_scan(
51+
files_to_scan,
52+
self.devops_platform_gateway.get_variable("os"),
53+
self.devops_platform_gateway.get_variable("path_directory"),
54+
self.devops_platform_gateway.get_variable("repository"),
55+
config_tool,
56+
secret_tool,
57+
secret_external_checks,
58+
self.devops_platform_gateway.get_variable("temp_directory"),
59+
tool,
60+
self.devops_platform_gateway.get_variable("repository_provider"))
61+
finding_list = self.tool_deserialize.get_list_vulnerability(
62+
findings,
5063
self.devops_platform_gateway.get_variable("os"),
51-
self.devops_platform_gateway.get_variable("path_directory"),
52-
self.devops_platform_gateway.get_variable("repository"),
53-
config_tool,
54-
secret_tool,
55-
secret_external_checks,
56-
self.devops_platform_gateway.get_variable("temp_directory"),
57-
tool,
58-
self.devops_platform_gateway.get_variable("repository_provider"))
59-
finding_list = self.tool_deserialize.get_list_vulnerability(
60-
findings,
61-
self.devops_platform_gateway.get_variable("os"),
62-
self.devops_platform_gateway.get_variable("path_directory")
63-
)
64-
else:
65-
print("Tool skipped by DevSecOps policy")
66-
dict_args["send_metrics"] = "false"
67-
return finding_list, file_path_findings
68-
64+
self.devops_platform_gateway.get_variable("path_directory")
65+
)
66+
else:
67+
print("Tool skipped by DevSecOps policy")
68+
dict_args["send_metrics"] = "false"
69+
return finding_list, file_path_findings
70+
except Exception as e:
71+
logger.warning(f"Error secret scan: {e}")
72+
6973
def complete_config_tool(self, dict_args, tool):
7074
tool = str(tool).lower()
7175
init_config_tool = self.devops_platform_gateway.get_remote_config(

tools/devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ def run_trufflehog(
135135
result = subprocess.run(command, capture_output=True, shell=True, text=True, encoding='utf-8')
136136
return result.stdout.strip()
137137
except Exception as e:
138-
logger.warning(f"Error getting files PullRequest: {e}")
138+
logger.warning(f"Error executing engine secret tool: {e}")
139139

140140
def decode_output(self, results):
141141
for decode_output in results:

0 commit comments

Comments
 (0)