Tool for DevSecOps strategy
Project description
DevSecOps Engine Tools
Objective
Tool that unifies the evaluation of the different devsecops practices being agnostic to the devops platform, using both open source and market tools.
Component
📦 tools: DevSecOps Practice Modules
Communications channel
Here are the channels we use to communicate about the project:
1. Mailing list: You can join our mailing list to always be informed at the following link: CommunityDevsecopsEngine
2. Email: You can write to us by email: MaintainersDevsecopsEngine@googlegroups.com
Getting started
Requirements
- Python >= 3.8
Installation
pip3 install devsecops-engine-tools
Scan running - flags (CLI)
devsecops-engine-tools --platform_devops ["local","azure"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container"] --folder_path ["Folder path scan engine_iac"] --platform ["eks","openshift"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"]
Structure Remote Config
📦Remote_Config
┣ 📂engine_core
┃ ┗ 📜ConfigTool.json
┣ 📂engine_sast
┃ ┗ 📂engine_iac
┃ ┗ 📜ConfigTool.json
┃ ┗ 📜Exclusions.json
┃ ┗ 📂engine_secret
┃ ┗ 📜ConfigTool.json
┣ 📂engine_sca
┃ ┗ 📂engine_container
┃ ┗ 📜ConfigTool.json
┃ ┗ 📜Exclusions.json
┃ ┗ 📂engine_dependencies
┃ ┗ 📜ConfigTool.json
┃ ┗ 📜Exclusions.json
Scan running sample (CLI) - Local
Complete the value in .envdetlocal file a set in execution environment
$ set -a
$ source .envdetlocal
$ set +a
devsecops-engine-tools --platform_devops local --remote_config_repo DevSecOps_Remote_Config --tool engine_iac
Scan result sample (CLI)
Metrics
With the flag --send_metrics true and the configuration of the AWS-METRICS_MANAGER driven adapter in ConfigTool.json of the engine_core the tool will send the report to bucket s3. In the metrics folder you will find the base of the cloud formation template to deploy the infra and dashboard in grafana.
How can I help?
Review the issues, we hear new ideas. Read more Contributing
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for devsecops_engine_tools-1.7.17.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | eb00f6f560848f5c199a8bf3c1c8bc3ca3635254b7a8f21960c7a28f69087ed9 |
|
MD5 | 545cc9ae1f199048d849d8a1553b557e |
|
BLAKE2b-256 | fcc03c24e09f657c940ed311248ba23169033c7f625db260dce4dcc58c6f844e |
Hashes for devsecops_engine_tools-1.7.17-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6996dfb9bcaef75d14c32a64366ca81859543ff2fb76db1c77319a1d58eef8a8 |
|
MD5 | fa5edf689f70bfe5d92893b1b54ad8af |
|
BLAKE2b-256 | 181faa7bb6fc9f02b43cf66f49ad2fa73725a4cd7c3dce0c688582c6cd70755f |