Merge pull request #2 from tenable/chore/pipeline

Added Snyk to Pipelines

.actrc

@@ -0,0 +1,3 @@
+--container-architecture linux/amd64
+-P ubuntu-latest=catthehacker/ubuntu:act-latest
+--rm

.github/workflows/deploy.yml

@@ -8,20 +8,28 @@ jobs:
   deploy:
     runs-on: ubuntu-latest
     steps:
-      - name: Pull package data
-        uses: actions/checkout@v4
-
-      - name: Setup Python
-        uses: actions/setup-python@v5
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: "3.12"
-
-      - name: Setup up uv
-        run: curl -LsSf https://astral.sh/uv/0.4.5/install.sh | sh
+      - uses: yezz123/setup-uv@v4
+      - uses: snyk/actions/setup@master
 
       - name: Build package
         run: uv build
 
+      - name: Export requirements file for Snyk
+        run: |
+          uv pip compile pyproject.toml -o requirements.txt
+          pip3 install -r requirements.txt
+
+      - name: Run Snyk
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: monitor --command=python3 --skip-unresolved=true
+
       - name: Publish to PyPI
         uses: pypa/[email protected]
         with:

.github/workflows/testing.yml

@@ -29,14 +29,8 @@ jobs:
         run: uv run ruff check tenint --exit-zero
 
       - name: Run unit tests
-        run: uv run pytest tests --cov-report xml:cov/coverage.xml
+        run: uv run pytest tests --cov-report term-missing
 
-      - name: Save Coverage Report
-        uses: actions/upload-artifact@v4
-        with:
-          name: coverage_report
-          path: cov
-          retention-days: 1
 
   security_tests:
     runs-on: ubuntu-latest
@@ -48,12 +42,15 @@ jobs:
         uses: actions/setup-python@v5
         with:
           python-version: "3.8"
-      - name: Setup up uv
-        run: curl -LsSf https://astral.sh/uv/0.4.5/install.sh | sh
-
-      - name: Run pip-audit
+      - uses: yezz123/setup-uv@v4
+      - uses: snyk/actions/setup@master
+      - name: Export a requirements file for Snyk
         run: |
-          uv export --format requirements-txt | uv tool run pip-audit
-          
-      - name: Run Bandit code auditor
-        run: uv tool run --with "bandit[toml,baseline,sarif]" bandit -c pyproject.toml -r . -ll
+          uv pip compile pyproject.toml -o requirements.txt
+          pip3 install -r requirements.txt
+      - name: Snyk Scan
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: test --command=python3 --skip-unresolved=true

.gitignore

@@ -1,4 +1,9 @@
 .DS_Store
 __pycache__
 *.pyc
+.*_cache
 .coverage
+.env
+.vars
+.secrets
+requirements.txt

tenint/models/credentials.py

@@ -41,7 +41,11 @@ class TenableVMCredential(Credential):
         'Tenable Vulnerability Management'
     )
     slug: Literal['tvm'] = 'tvm'
+<<<<<<< HEAD
     description: str = 'Tenable Vulnerability Management Credential'
+=======
+    definition: str = 'Tenable Vulnerability Management Credential'
+>>>>>>> fe11665 (Updated Credentials to include description)
     url: AnyHttpUrl = 'https://cloud.tenable.com'
     access_key: str
     secret_key: str
@@ -55,7 +59,11 @@ class TenableSCCredential(Credential):
     prefix: Literal['tio'] = 'tsc'
     name: Literal['Tenable Security Center'] = 'Tenable Security Center'
     slug: Literal['tvm'] = 'tsc'
+<<<<<<< HEAD
     description: str = 'Tenable Security Center Credential'
+=======
+    definition: str = 'Tenable Security Center Credential'
+>>>>>>> fe11665 (Updated Credentials to include description)
     url: AnyHttpUrl
     access_key: str
     secret_key: str