Feat/capten integration

.github/workflows/build.yml

@@ -5,9 +5,9 @@ name: scsctl build
 
 on:
   push:
-    branches: [ "main" ]
+    branches: [ "main","feat/capten_integration" ]
   pull_request:
-    branches: [ "main" ]
+    branches: [ "main", "feat/capten_integration" ]
   workflow_dispatch:
 
 permissions:
@@ -36,21 +36,21 @@ jobs:
     - name: Install cosign
       uses: sigstore/[email protected]
       with:
-        inputs: dist/scsctl-0.0.3-py3-none-any.whl
+        inputs: dist/scsctl-0.0.6.6-py3-none-any.whl
     - name: Sign with sigstore using GitHub App credentials
       run: |
-          sigstore sign --overwrite dist/scsctl-0.0.3-py3-none-any.whl
+          sigstore sign --overwrite dist/scsctl-0.0.6.6-py3-none-any.whl
     - name: Archive production artifacts
       uses: actions/upload-artifact@v3
       with:
         name: dist
         path: |
           dist
-    - name: Copy dist/scsctl-0.0.3.tar.gz dist/scsctl-0.0.3-py3-none-any.whl to release directory
+    - name: Copy dist/scsctl-0.0.6.6.tar.gz dist/scsctl-0.0.6.6-py3-none-any.whl to release directory
       run: |
         mkdir -p release
-        cp dist/scsctl-0.0.3.tar.gz release/scsctl-0.0.3.tar.gz
-        cp dist/scsctl-0.0.3-py3-none-any.whl release/scsctl-0.0.3-py3-none-any.whl
+        cp dist/scsctl-0.0.6.6.tar.gz release/scsctl-0.0.6.6.tar.gz
+        cp dist/scsctl-0.0.6.6-py3-none-any.whl release/scsctl-0.0.6.6-py3-none-any.whl
 
     - name: Publish distribution 📦 to Test PyPI
       uses: pypa/gh-action-pypi-publish@release/v1

.github/workflows/dev-build.yml

@@ -0,0 +1,60 @@
+# This workflow will install Python dependencies, run tests and lint with a single version of Python
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
+
+name: scsctl build
+
+on:
+  push:
+    branches: [ "dev" ]
+  pull_request:
+    branches: [ "dev" ]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v3
+      with:
+        python-version: "3.10"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        python -m pip install --upgrade build
+        if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+    - name: Build with hachling
+      run: |
+        python -m build
+        ls
+    - name: Install cosign
+      uses: sigstore/[email protected]
+      with:
+        inputs: dist/scsctl-0.0.4-py3-none-any.whl
+    - name: Sign with sigstore using GitHub App credentials
+      run: |
+          sigstore sign --overwrite dist/scsctl-0.0.4-py3-none-any.whl
+    - name: Archive production artifacts
+      uses: actions/upload-artifact@v3
+      with:
+        name: dist
+        path: |
+          dist
+    - name: Copy dist/scsctl-0.0.4.tar.gz dist/scsctl-0.0.4-py3-none-any.whl to release directory
+      run: |
+        mkdir -p release
+        cp dist/scsctl-0.0.4.tar.gz release/scsctl-0.0.4.tar.gz
+        cp dist/scsctl-0.0.4-py3-none-any.whl release/scsctl-0.0.4-py3-none-any.whl
+
+    - name: Publish distribution 📦 to Test PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        password: ${{ secrets.TEST_PYPI_API_TOKEN }}
+        repository-url: https://test.pypi.org/legacy/
+        packages-dir: release

.gitignore

@@ -5,4 +5,5 @@ dist
 *.egg-info
 __pycache__
 test.py
-testbed.ipynb
+testbed.ipynb
+values.yaml

Dockerfile

@@ -11,8 +11,10 @@ RUN apt-get install -y ca-certificates curl gnupg
 RUN mkdir -p /etc/apt/keyrings
 RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
 RUN echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
-RUN apt-get update -y
-RUN apt-get install nodejs -y
+
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y nodejs               
+# RUN apt-get install nodejs -y
 
 RUN npm install -g renovate -y
 
@@ -36,6 +38,9 @@ WORKDIR /usr/app
 COPY --chown=python:python --from=build /usr/app/venv ./venv
 COPY --chown=python:python . .
 
+RUN apt-get -y update; apt-get -y install curl
+RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
+
 
 USER 999
 
@@ -50,6 +55,9 @@ RUN python -m build
 #Find the wheel file name and install the wheel
 RUN pip install $(find dist -name "*.whl")
 
+# RUN apt-get -y update; apt-get -y install curl
+
+
 EXPOSE 5000
 
 RUN chmod 755 ./run.sh

Makefile

@@ -0,0 +1,11 @@
+install:
+	pip uninstall -y scsctl
+	python -m build
+	pip install dist/scsctl-0.0.6.6-py3-none-any.whl
+	clear
+	echo "scsctl has been installed"
+
+push:
+	docker build -t scsctl .
+	docker tag scsctl:latest ghcr.io/jegathintelops/scsctl:rebuild_test
+	docker push ghcr.io/jegathintelops/scsctl:rebuild_test

README.md

@@ -152,7 +152,6 @@ docker_file_folder_path: /home/jegath/Documents/intelops/sps/dagflow/app/
 ```
 
 ### Running the tool in ci/cd environment
-
 To run scsctl in ci/cd environment,
 1. Install scsctl from pypi
 2. Run the tool
@@ -185,3 +184,28 @@ jobs:
       run: |
         scsctl scan --pyroscope_app_name pyroscope.server --docker_image_name pyroscope/pyroscope:latest --pyroscope_url https://369d-111-92-44-131.ngrok-free.app --non_interactive
 ```
+
+### Work Status
+
+Tools & Platforms | Status
+--------- | -----------
+Trivy | `Done`
+Pyroscope | `Done`
+Falco Security | `Done`
+Docker Build tool | `Done`
+Renovate | `Done`
+Grype | `Not yet started`
+Syft | `Not yet started`
+CycloneDX & SPDX | `Not yet started`
+openSSF Scorecard scode | `Not yet started`
+[Snyk](https://snyk.io/) | `Not yet started`
+[Tenable](https://www.tenable.com/products)  | `Not yet started`
+Parca | `Not yet started`
+KubViz | `Not yet started`
+Dive | `Not yet started`
+Skopeo | `Not yet started`
+SlimToolKit | `Not yet started`
+Buildah | `Not yet started`
+Podman | `Not yet started`
+[Dependency-Track ](https://github.com/DependencyTrack/dependency-track) | `Not yet started`
+[openVEX](https://github.com/openvex/spec)  | `Not yet started`

pyproject.toml

@@ -4,11 +4,11 @@ build-backend = "hatchling.build"
 
 [project]
 name = "scsctl"
-version = "0.0.3"
+version = "0.0.6.6"
 authors = [{name="Jegath S", email="[email protected]" }]
 description = "Tool for automating Vulnerability Risk Management and Software Supply Chain Security Measures"
 readme = "README.md"
-dependencies = ['click==8.1.3', 'clickhouse-driver==0.2.6', 'numpy==1.25.0', 'requests==2.31.0','questionary==1.10.0','tabulate==0.9.0','kubernetes==27.2.0']
+dependencies = ['click==8.1.3', 'clickhouse-driver==0.2.6', 'numpy==1.25.0', 'requests==2.31.0','questionary==1.10.0','tabulate==0.9.0','hvac==1.2.1','fastapi==0.103.1','uvicorn==0.23.2','kubernetes==27.2.0','pydgraph==23.0.2','SQLAlchemy==2.0.24','psycopg2-binary==2.9.9']
 requires-python = ">=3.9"
 
 [project.scripts]

requirements.txt

@@ -4,6 +4,9 @@ clickhouse-driver==0.2.6
 requests==2.31.0
 questionary==1.10.0
 tabulate==0.9.0
-kubernetes==27.2.0
 uvicorn==0.23.2
-fastapi==0.103.1
+fastapi==0.103.1
+pydgraph==23.0.2
+SQLAlchemy==2.0.24
+psycopg2-binary==2.9.9
+kubernetes==27.2.0