def create_slug():
ran_str = ''.join(random.sample(string.ascii_letters + string.digits, 8))
LOG.info(ran_str)
if check_slug(ran_str):
return create_slug()
else:
return ran_str
def create_policy(
org_id,
app_name,
sources_dict,
sinks_dict,
methods_list,
files_loc_list,
policy_file,
):
"""Method to create a sample policy file for the app"""
if os.path.exists(policy_file):
LOG.info(f"WARNING: {policy_file} would be overwritten")
with open(policy_file, mode="w") as fp:
fp.write(POLICY_TEMPLATE)
fp.write("#" * 79 + "\n")
fp.write("# Sink methods #\n")
fp.write("#" * 79 + "\n")
for category, sinks_list in sinks_dict.items():
fp.write("\n")
fp.write("#" * 79 + "\n")
fp.write(f"# Category {category} #\n")
fp.write("#" * 79 + "\n")
for sink in sorted(sinks_list):
fp.write(CHECK_METHOD_TEMPLATE % dict(method_name=sink))
fp.write("#" * 79 + "\n\n")
fp.write("#" * 79 + "\n")
fp.write("# All methods (Uncomment as needed) #\n")
fp.write("#" * 79 + "\n")
for method in sorted(methods_list):
fp.write("# " + CHECK_METHOD_TEMPLATE % dict(method_name=method))
console.print(
Panel(
f"Sample policy file [bold]{policy_file}[/bold] created successfully.\nEdit this file and include only the required methods.\nThen, to use this policy perform the below steps as a ShiftLeft administrator",
title="ShiftLeft Policy Generator",
expand=False,
))
policy_label = app_name.replace("-", "_")
md = Markdown(f"""
```
sl policy validate {policy_file}
sl policy push {policy_label} {policy_file}
sl policy assignment set --project {app_name} {org_id}/{policy_label}:latest
# Or to make the policy the default for your organization
# sl policy assignment set {org_id}/{policy_label}:latest
```
""")
console.print(md)
console.print(f"Then perform sl analyze as normal\n")
console.print(
Panel(
f"Using this policy file as-is would suppress all findings for {app_name}!",
title="NOTE",
expand=False,
))
