fix: address suggestions from SonarCloud (#55)

* add devsecops_pipeline.py * add devsecops-pipeline workflow * replace sonarqube with bandit * edit cron job * add comment for the cron job * add Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit Git Guardian workflow * edit README file * edit DevSecOps pipeline * edit release badge * add .gitignore file * add PR Title Linter * add status badge for PR Linter * add SonarCloud implementation * edit sonar-project.properties * add SonarCloud badge * address suggestions from SonarCloud * add secrets module in strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit strong_passgen_for_prod.py * edit crypto_passgen_for_prod.py script
meleksabit · Nov 29, 2024 · 30ffc64 · 30ffc64
1 parent 305cb4a
commit 30ffc64
Show file tree

Hide file tree

Showing 5 changed files with 76 additions and 67 deletions.
diff --git a/Tesla.py b/Tesla.py
@@ -1,5 +1,5 @@
 # Parameters and Arguments example
-def checkDriverAge(age=0):
+def check_driver_age(age=0):
     if int(age) < 18:
         print("Sorry, you are too young to drive this car. Powering off 😟")
     elif int(age) > 18:
@@ -8,4 +8,4 @@ def checkDriverAge(age=0):
         print("Congratulations on your first year of driving. Enjoy the ride! 🚀")
 
 
-checkDriverAge()
+check_driver_age()
diff --git a/crypto_passgen_for_prod.py b/crypto_passgen_for_prod.py
@@ -0,0 +1,66 @@
+import string
+import secrets
+from cryptography.fernet import Fernet
+import os
+
+# Step 1: Generate or retrieve a secure encryption key
+key = os.environ.get('FERNET_KEY')
+if not key:
+    print("Encryption key is missing. Please set the 'FERNET_KEY' environment variable.")
+    exit(1)
+cipher_suite = Fernet(key)
+
+# Step 2: Define all character sets for password generation
+s1 = list(string.ascii_lowercase)  # Lowercase letters
+s2 = list(string.ascii_uppercase)  # Uppercase letters
+s3 = list(string.digits)          # Digits
+s4 = list(string.punctuation)     # Special characters
+
+# Step 3: Ask user for password length
+while True:
+    try:
+        characters_number = int(input("How many characters do you want in your password? "))
+        if 8 <= characters_number <= 128:
+            break
+        print("Please choose a number between 8 and 128.")
+    except ValueError:
+        print("Invalid input. Please enter a valid number.")
+
+# Step 4: Securely shuffle the character lists using secrets.SystemRandom()
+secure_random = secrets.SystemRandom()
+s1 = secure_random.sample(s1, len(s1))  # Securely shuffle lowercase letters
+s2 = secure_random.sample(s2, len(s2))  # Securely shuffle uppercase letters
+s3 = secure_random.sample(s3, len(s3))  # Securely shuffle digits
+s4 = secure_random.sample(s4, len(s4))  # Securely shuffle punctuation
+
+# Step 5: Create the password
+# Ensure at least one character from each set is included
+result = [
+    secrets.choice(s1),
+    secrets.choice(s2),
+    secrets.choice(s3),
+    secrets.choice(s4)
+]
+
+# Fill the remaining slots randomly
+remaining_characters = characters_number - len(result)
+result.extend(secrets.choice(s1 + s2 + s3 + s4) for _ in range(remaining_characters))
+
+# Secure final shuffle
+result = secure_random.sample(result, len(result))
+
+# Step 6: Join and encrypt the password
+password = "".join(result)
+encrypted_password = cipher_suite.encrypt(password.encode())
+
+# Step 7: Store the encrypted password securely
+try:
+    with open("password_storage.txt", "wb") as file:
+        file.write(encrypted_password)
+    print("Your password has been securely generated and encrypted.")
+    print("The encrypted password has been saved in 'password_storage.txt'.")
+    print("Ensure your encryption key is securely stored to decrypt the password.")
+except IOError as e:
+    print(f"File operation failed: {e}")
+except Exception as e:
+    print(f"An unexpected error occurred: {e}")
diff --git a/find_duplicates.py b/find_duplicates.py
@@ -1,10 +1,7 @@
 # Shows the duplicate strings
 my_list = ['a', 'b', 'c', 'd', 'd', 'm', 'm', 'n', 'o', 'z', 'z']
-
 duplicates = []
 for value in my_list:
-    if my_list.count(value) > 1:
-        if value not in duplicates:
-            duplicates.append(value)
-
+    if my_list.count(value) > 1 and value not in duplicates:
+        duplicates.append(value)
 print(duplicates)
diff --git a/performance_decorator.py b/performance_decorator.py
@@ -1,21 +1,20 @@
-# Performance decorator
 from time import time
 
-
+# Decorator to measure performance
 def performance(fn):
     def wrapper(*args, **kwargs):
         t1 = time()
         result = fn(*args, **kwargs)
         t2 = time()
-        print(f'took {t2-t1} seconds')
+        print(f'took {t2 - t1} seconds')
         return result
     return wrapper
 
-
 @performance
 def long_time():
-    for i in range(10000000):
-        i*5
-
+    """Benchmarking function to test performance."""
+    for _ in range(10_000_000):
+        pass  # Empty loop for benchmarking the decorator
 
+# Execute the benchmark
 long_time()
diff --git a/strong_passgen_for_prod.py b/strong_passgen_for_prod.py