def create_slug(): ran_str = ''.join(random.sample(string.ascii_letters + string.digits, 8)) LOG.info(ran_str) if check_slug(ran_str): return create_slug() else: return ran_str
def create_policy( org_id, app_name, sources_dict, sinks_dict, methods_list, files_loc_list, policy_file, ): """Method to create a sample policy file for the app""" if os.path.exists(policy_file): LOG.info(f"WARNING: {policy_file} would be overwritten") with open(policy_file, mode="w") as fp: fp.write(POLICY_TEMPLATE) fp.write("#" * 79 + "\n") fp.write("# Sink methods #\n") fp.write("#" * 79 + "\n") for category, sinks_list in sinks_dict.items(): fp.write("\n") fp.write("#" * 79 + "\n") fp.write(f"# Category {category} #\n") fp.write("#" * 79 + "\n") for sink in sorted(sinks_list): fp.write(CHECK_METHOD_TEMPLATE % dict(method_name=sink)) fp.write("#" * 79 + "\n\n") fp.write("#" * 79 + "\n") fp.write("# All methods (Uncomment as needed) #\n") fp.write("#" * 79 + "\n") for method in sorted(methods_list): fp.write("# " + CHECK_METHOD_TEMPLATE % dict(method_name=method)) console.print( Panel( f"Sample policy file [bold]{policy_file}[/bold] created successfully.\nEdit this file and include only the required methods.\nThen, to use this policy perform the below steps as a ShiftLeft administrator", title="ShiftLeft Policy Generator", expand=False, )) policy_label = app_name.replace("-", "_") md = Markdown(f""" ``` sl policy validate {policy_file} sl policy push {policy_label} {policy_file} sl policy assignment set --project {app_name} {org_id}/{policy_label}:latest # Or to make the policy the default for your organization # sl policy assignment set {org_id}/{policy_label}:latest ``` """) console.print(md) console.print(f"Then perform sl analyze as normal\n") console.print( Panel( f"Using this policy file as-is would suppress all findings for {app_name}!", title="NOTE", expand=False, ))