abide_dev_utils 0.17.1 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yaml +52 -0
- data/Gemfile.lock +14 -6
- data/Rakefile +22 -20
- data/abide_dev_utils.gemspec +2 -3
- data/lib/abide_dev_utils/cli/abstract.rb +18 -1
- data/lib/abide_dev_utils/cli/comply.rb +5 -2
- data/lib/abide_dev_utils/cli/jira.rb +7 -1
- data/lib/abide_dev_utils/cli/{cem.rb → sce.rb} +38 -35
- data/lib/abide_dev_utils/cli/test.rb +20 -9
- data/lib/abide_dev_utils/cli/xccdf.rb +9 -5
- data/lib/abide_dev_utils/cli.rb +5 -4
- data/lib/abide_dev_utils/comply.rb +7 -9
- data/lib/abide_dev_utils/errors.rb +1 -1
- data/lib/abide_dev_utils/jira.rb +36 -9
- data/lib/abide_dev_utils/output.rb +4 -0
- data/lib/abide_dev_utils/prompt.rb +13 -8
- data/lib/abide_dev_utils/{cem → sce}/benchmark.rb +43 -43
- data/lib/abide_dev_utils/{cem → sce}/generate/coverage_report.rb +15 -12
- data/lib/abide_dev_utils/{cem → sce}/generate/reference.rb +16 -14
- data/lib/abide_dev_utils/sce/generate.rb +11 -0
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/mapping_data/map_data.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/mapping_data/mixins.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/mapping_data.rb +12 -9
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/resource_data/control.rb +7 -7
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/resource_data/parameters.rb +3 -3
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/resource_data/resource.rb +11 -11
- data/lib/abide_dev_utils/{cem → sce}/hiera_data/resource_data.rb +11 -10
- data/lib/abide_dev_utils/{cem → sce}/hiera_data.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/mapping/mapper.rb +12 -9
- data/lib/abide_dev_utils/{cem → sce}/validate/resource_data.rb +3 -3
- data/lib/abide_dev_utils/{cem → sce}/validate/strings/base_validator.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/validate/strings/puppet_class_validator.rb +4 -3
- data/lib/abide_dev_utils/{cem → sce}/validate/strings/puppet_defined_type_validator.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/validate/strings/validation_finding.rb +1 -1
- data/lib/abide_dev_utils/{cem → sce}/validate/strings.rb +2 -2
- data/lib/abide_dev_utils/{cem → sce}/validate.rb +2 -2
- data/lib/abide_dev_utils/{cem.rb → sce.rb} +6 -6
- data/lib/abide_dev_utils/version.rb +1 -1
- data/lib/abide_dev_utils/xccdf.rb +10 -10
- data/lib/abide_dev_utils.rb +7 -6
- metadata +42 -26
- data/lib/abide_dev_utils/cem/generate.rb +0 -11
- /data/lib/abide_dev_utils/errors/{cem.rb → sce.rb} +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4c9b2c93e57d8e1ac68f08bc2d2135185591e0588e2403984e5d9eef6a6ff4e2
|
4
|
+
data.tar.gz: cd9e1a9a6b5020fe00e4390afde8b7717e28b1fb99eca9f868ea91ac03534c57
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7f0035231a3870d55f1e84f140eb315eb0169e2492d69debd0f5d469705bb5ea4848a0f2b753d4e933f9ccf9b1f18c9a7127d0c26bc2483fbbf21da91eb3982f
|
7
|
+
data.tar.gz: 6eb452f64cbfd4c58d3c37c3808b655c316d1f54adad53f246c0c9b86712a254162a06c0b452a9f94946056d177ee560afef50680c9967de826e826e25b86cf6
|
@@ -0,0 +1,52 @@
|
|
1
|
+
name: CI
|
2
|
+
|
3
|
+
on:
|
4
|
+
pull_request:
|
5
|
+
types:
|
6
|
+
- opened
|
7
|
+
- synchronize
|
8
|
+
branches:
|
9
|
+
- main
|
10
|
+
workflow_dispatch:
|
11
|
+
|
12
|
+
concurrency:
|
13
|
+
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
|
14
|
+
cancel-in-progress: true
|
15
|
+
|
16
|
+
jobs:
|
17
|
+
rspec:
|
18
|
+
runs-on: ubuntu-latest
|
19
|
+
strategy:
|
20
|
+
fail-fast: false
|
21
|
+
matrix:
|
22
|
+
ruby_version:
|
23
|
+
- '2.7'
|
24
|
+
- '3.2'
|
25
|
+
steps:
|
26
|
+
- name: Checkout
|
27
|
+
uses: actions/checkout@v4
|
28
|
+
|
29
|
+
- name: Set up Ruby
|
30
|
+
uses: ruby/setup-ruby@v1
|
31
|
+
with:
|
32
|
+
ruby-version: ${{ matrix.ruby_version }}
|
33
|
+
bundler-cache: true
|
34
|
+
|
35
|
+
- name: Print bundle environment
|
36
|
+
run: |
|
37
|
+
echo ::group::bundler environment
|
38
|
+
bundle env
|
39
|
+
echo ::endgroup::
|
40
|
+
|
41
|
+
- name: Set up SSH agent
|
42
|
+
uses: webfactory/ssh-agent@v0.9.0
|
43
|
+
with:
|
44
|
+
ssh-private-key: |
|
45
|
+
${{ secrets.LINUX_FIXTURE_KEY }}
|
46
|
+
${{ secrets.WINDOWS_FIXTURE_KEY }}
|
47
|
+
|
48
|
+
- name: Get fixtures
|
49
|
+
run: bundle exec rake 'sce:fixtures'
|
50
|
+
|
51
|
+
- name: Run RSpec
|
52
|
+
run: bundle exec rake spec
|
data/Gemfile.lock
CHANGED
@@ -1,12 +1,13 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
abide_dev_utils (0.
|
4
|
+
abide_dev_utils (0.18.0)
|
5
5
|
cmdparse (~> 3.0)
|
6
6
|
facterdb (>= 1.21)
|
7
7
|
google-cloud-storage (~> 1.34)
|
8
8
|
hashdiff (~> 1.0)
|
9
9
|
jira-ruby (~> 2.2)
|
10
|
+
metadata-json-lint (~> 4.0)
|
10
11
|
nokogiri (~> 1.13)
|
11
12
|
puppet (>= 7.0.0)
|
12
13
|
puppet-strings (>= 2.7)
|
@@ -128,20 +129,26 @@ GEM
|
|
128
129
|
atlassian-jwt
|
129
130
|
multipart-post
|
130
131
|
oauth (~> 0.5, >= 0.5.0)
|
132
|
+
json-schema (4.1.1)
|
133
|
+
addressable (>= 2.8)
|
131
134
|
jwt (2.7.1)
|
132
135
|
locale (2.1.3)
|
133
136
|
memoist (0.16.2)
|
137
|
+
metadata-json-lint (4.0.0)
|
138
|
+
json-schema (>= 2.8, < 5.0)
|
139
|
+
semantic_puppet (~> 1.0)
|
140
|
+
spdx-licenses (~> 1.0)
|
134
141
|
method_source (1.0.0)
|
135
142
|
mini_mime (1.1.2)
|
136
143
|
minitest (5.19.0)
|
137
144
|
multi_json (1.15.0)
|
138
145
|
multipart-post (2.3.0)
|
139
146
|
nio4r (2.5.8)
|
140
|
-
nokogiri (1.15.
|
147
|
+
nokogiri (1.15.6-arm64-darwin)
|
141
148
|
racc (~> 1.4)
|
142
|
-
nokogiri (1.15.
|
149
|
+
nokogiri (1.15.6-x86_64-darwin)
|
143
150
|
racc (~> 1.4)
|
144
|
-
nokogiri (1.15.
|
151
|
+
nokogiri (1.15.6-x86_64-linux)
|
145
152
|
racc (~> 1.4)
|
146
153
|
oauth (0.6.2)
|
147
154
|
snaky_hash (~> 2.0)
|
@@ -192,7 +199,7 @@ GEM
|
|
192
199
|
puppet-strings (4.0.0)
|
193
200
|
rgen (~> 0.9)
|
194
201
|
yard (~> 0.9)
|
195
|
-
racc (1.
|
202
|
+
racc (1.7.3)
|
196
203
|
rainbow (3.1.1)
|
197
204
|
rake (13.0.6)
|
198
205
|
regexp_parser (2.5.0)
|
@@ -254,6 +261,7 @@ GEM
|
|
254
261
|
snaky_hash (2.0.1)
|
255
262
|
hashie
|
256
263
|
version_gem (~> 1.1, >= 1.1.1)
|
264
|
+
spdx-licenses (1.3.0)
|
257
265
|
thor (1.2.2)
|
258
266
|
timers (4.3.3)
|
259
267
|
traces (0.11.1)
|
@@ -264,7 +272,7 @@ GEM
|
|
264
272
|
unicode-display_width (2.1.0)
|
265
273
|
version_gem (1.1.2)
|
266
274
|
webrick (1.8.1)
|
267
|
-
yard (0.9.
|
275
|
+
yard (0.9.36)
|
268
276
|
|
269
277
|
PLATFORMS
|
270
278
|
arm64-darwin-22
|
data/Rakefile
CHANGED
@@ -4,7 +4,8 @@ require 'rake'
|
|
4
4
|
require "bundler/gem_tasks"
|
5
5
|
require "rspec/core/rake_task"
|
6
6
|
|
7
|
-
RSpec::Core::RakeTask.new(:spec)
|
7
|
+
spec_task = RSpec::Core::RakeTask.new(:spec)
|
8
|
+
spec_task.pattern = 'spec/abide_dev_utils_spec.rb,spec/abide_dev_utils/**/*_spec.rb'
|
8
9
|
|
9
10
|
require "rubocop/rake_task"
|
10
11
|
|
@@ -12,29 +13,30 @@ RuboCop::RakeTask.new
|
|
12
13
|
|
13
14
|
task default: %i[spec rubocop]
|
14
15
|
|
15
|
-
|
16
|
-
directory 'spec/fixtures'
|
16
|
+
MODULES = %w[puppetlabs-cem_linux puppetlabs-sce_linux puppetlabs-cem_windows puppetlabs-sce_windows].freeze
|
17
17
|
|
18
|
-
|
19
|
-
|
18
|
+
def modules_with_repos
|
19
|
+
@modules_with_repos ||= MODULES.select do |mod|
|
20
|
+
system("git ls-remote git@github.com:puppetlabs/#{mod}.git HEAD")
|
20
21
|
end
|
21
|
-
|
22
|
+
end
|
22
23
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
task :fixture, [:cem_mod] do |_, args|
|
29
|
-
case args.cem_mod
|
30
|
-
when /linux/
|
31
|
-
Rake::Task['spec/fixtures/puppetlabs-cem_linux'].invoke
|
32
|
-
when /windows/
|
33
|
-
Rake::Task['spec/fixtures/puppetlabs-cem_windows'].invoke
|
34
|
-
else
|
35
|
-
raise "Unknown CEM module #{args.cem_mod}"
|
24
|
+
namespace 'sce' do
|
25
|
+
directory 'spec/fixtures'
|
26
|
+
MODULES.each do |mod|
|
27
|
+
directory "spec/fixtures/#{mod}" do
|
28
|
+
sh "git clone git@github.com:puppetlabs/#{mod}.git spec/fixtures/#{mod}"
|
36
29
|
end
|
37
30
|
end
|
38
31
|
|
39
|
-
|
32
|
+
task :fixture, [:sce_mod] do |_, args|
|
33
|
+
mod_name = MODULES.find { |m| m.match?(/#{args.sce_mod}/) }
|
34
|
+
raise "No fixture found matching #{args.sce_mod}" unless mod_name
|
35
|
+
|
36
|
+
Rake::Task[mod_name].invoke
|
37
|
+
end
|
38
|
+
|
39
|
+
multitask fixtures: modules_with_repos.map { |m| "spec/fixtures/#{m}" } do
|
40
|
+
puts "All fixtures are ready"
|
41
|
+
end
|
40
42
|
end
|
data/abide_dev_utils.gemspec
CHANGED
@@ -21,6 +21,7 @@ Gem::Specification.new do |spec|
|
|
21
21
|
spec.metadata["homepage_uri"] = spec.homepage
|
22
22
|
spec.metadata["source_code_uri"] = spec.homepage
|
23
23
|
spec.metadata["changelog_uri"] = spec.homepage
|
24
|
+
spec.metadata['rubygems_mfa_required'] = 'true'
|
24
25
|
|
25
26
|
# Specify which files should be added to the gem when it is released.
|
26
27
|
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
@@ -42,6 +43,7 @@ Gem::Specification.new do |spec|
|
|
42
43
|
spec.add_dependency 'google-cloud-storage', '~> 1.34'
|
43
44
|
spec.add_dependency 'hashdiff', '~> 1.0'
|
44
45
|
spec.add_dependency 'facterdb', '>= 1.21'
|
46
|
+
spec.add_dependency 'metadata-json-lint', '~> 4.0'
|
45
47
|
|
46
48
|
# Dev dependencies
|
47
49
|
spec.add_development_dependency 'bundler'
|
@@ -57,7 +59,4 @@ Gem::Specification.new do |spec|
|
|
57
59
|
spec.add_development_dependency 'rubocop-performance', '~> 1.9'
|
58
60
|
spec.add_development_dependency 'rubocop-i18n', '~> 3.0'
|
59
61
|
spec.add_development_dependency 'fast_gettext', '>= 2.0'
|
60
|
-
|
61
|
-
# For more information and examples about making a new gem, checkout our
|
62
|
-
# guide at: https://bundler.io/guides/creating_gem.html
|
63
62
|
end
|
@@ -7,12 +7,29 @@ module Abide
|
|
7
7
|
# @abstract
|
8
8
|
class AbideCommand < CmdParse::Command
|
9
9
|
include AbideDevUtils::Config
|
10
|
+
|
10
11
|
def initialize(cmd_name, cmd_short, cmd_long, **opts)
|
11
|
-
super(cmd_name,
|
12
|
+
super(cmd_name, takes_commands: opts.fetch(:takes_commands, false))
|
13
|
+
@deprecated = opts.fetch(:deprecated, false)
|
14
|
+
if @deprecated
|
15
|
+
cmd_short = "[DEPRECATED] #{cmd_short}"
|
16
|
+
cmd_long = "[DEPRECATED] #{cmd_long}"
|
17
|
+
end
|
12
18
|
short_desc(cmd_short)
|
13
19
|
long_desc(cmd_long)
|
14
20
|
add_command(CmdParse::HelpCommand.new, default: true) if opts[:takes_commands]
|
15
21
|
end
|
22
|
+
|
23
|
+
def on_after_add
|
24
|
+
return unless super_command.respond_to?(:deprecated?) && super_command.deprecated?
|
25
|
+
|
26
|
+
short_desc("[DEPRECATED BY PARENT] #{@short_desc}")
|
27
|
+
long_desc("[DEPRECATED BY PARENT] #{@long_desc}")
|
28
|
+
end
|
29
|
+
|
30
|
+
def deprecated?
|
31
|
+
@deprecated
|
32
|
+
end
|
16
33
|
end
|
17
34
|
end
|
18
35
|
end
|
@@ -10,7 +10,7 @@ module Abide
|
|
10
10
|
CMD_SHORT = 'Commands related to Puppet Comply'
|
11
11
|
CMD_LONG = 'Namespace for commands related to Puppet Comply'
|
12
12
|
def initialize
|
13
|
-
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
13
|
+
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true, deprecated: true)
|
14
14
|
add_command(ComplyReportCommand.new)
|
15
15
|
add_command(ComplyCompareReportCommand.new)
|
16
16
|
end
|
@@ -106,7 +106,10 @@ module Abide
|
|
106
106
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: false)
|
107
107
|
argument_desc(REPORT_A: CMD_REPORT_A, REPORT_B: CMD_REPORT_B)
|
108
108
|
options.on('-u', '--upload-new', 'If you want to upload the new scan report') { @data[:upload] = true }
|
109
|
-
options.on('-s [STORAGE]', '--remote-storage [STORAGE]',
|
109
|
+
options.on('-s [STORAGE]', '--remote-storage [STORAGE]',
|
110
|
+
'Remote storage to upload the report to. (Only supports "gcloud")') do |x|
|
111
|
+
@data[:remote_storage] = x
|
112
|
+
end
|
110
113
|
options.on('-r [NAME]', '--name [NAME]', 'The name to upload the report as') { |x| @data[:report_name] = x }
|
111
114
|
end
|
112
115
|
|
@@ -163,6 +163,11 @@ module Abide
|
|
163
163
|
long_desc(CMD_LONG)
|
164
164
|
argument_desc(PATH1: 'An XCCDF file', PATH2: 'An XCCDF file', PROJECT: 'A Jira project')
|
165
165
|
options.on('-d', '--dry-run', 'Print to console instead of saving objects') { |_| @data[:dry_run] = true }
|
166
|
+
options.on('-z', '--print-only', 'Prints a list of issues that would be created. Implies dry-run, and auto-approve, but less verbose than --dry-run.') do
|
167
|
+
@data[:print_only] = true
|
168
|
+
@data[:dry_run] = true
|
169
|
+
@data[:auto_approve] = true
|
170
|
+
end
|
166
171
|
options.on('-y', '--yes', 'Automatically approve all yes / no prompts') { |_| @data[:auto_approve] = true }
|
167
172
|
options.on('-e [EPIC]', '--epic [EPIC]', 'If given, tasks will be created and assigned to this epic. Takes form <PROJECT>-<NUM>') { |e| @data[:epic] = e }
|
168
173
|
options.on('-p [PROFILE]', '--profile', 'Only diff rules belonging to the matching profile. Takes a string that is treated as RegExp') do |x|
|
@@ -188,8 +193,9 @@ module Abide
|
|
188
193
|
path2,
|
189
194
|
epic: @data[:epic],
|
190
195
|
dry_run: @data[:dry_run],
|
196
|
+
print_only: @data[:print_only],
|
191
197
|
auto_approve: @data[:auto_approve],
|
192
|
-
diff_opts: @data[:diff_opts],
|
198
|
+
diff_opts: @data[:diff_opts] || {},
|
193
199
|
)
|
194
200
|
end
|
195
201
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'abide_dev_utils/
|
3
|
+
require 'abide_dev_utils/sce'
|
4
4
|
require 'abide_dev_utils/files'
|
5
5
|
require 'abide_dev_utils/output'
|
6
6
|
require 'abide_dev_utils/validate'
|
@@ -9,30 +9,30 @@ require 'abide_dev_utils/cli/abstract'
|
|
9
9
|
|
10
10
|
module Abide
|
11
11
|
module CLI
|
12
|
-
class
|
13
|
-
CMD_NAME = '
|
14
|
-
CMD_SHORT = 'Commands related to Puppet
|
15
|
-
CMD_LONG = 'Namespace for commands related to Puppet
|
12
|
+
class SceCommand < AbideCommand
|
13
|
+
CMD_NAME = 'sce'
|
14
|
+
CMD_SHORT = 'Commands related to Puppet SCE'
|
15
|
+
CMD_LONG = 'Namespace for commands related to Puppet SCE'
|
16
16
|
def initialize
|
17
17
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
18
|
-
add_command(
|
19
|
-
add_command(
|
20
|
-
add_command(
|
18
|
+
add_command(SceGenerate.new)
|
19
|
+
add_command(SceUpdateConfig.new)
|
20
|
+
add_command(SceValidate.new)
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
-
class
|
24
|
+
class SceGenerate < AbideCommand
|
25
25
|
CMD_NAME = 'generate'
|
26
26
|
CMD_SHORT = 'Holds subcommands for generating objects / files'
|
27
27
|
CMD_LONG = 'Holds subcommands for generating objects / files'
|
28
28
|
def initialize
|
29
29
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
30
|
-
add_command(
|
31
|
-
add_command(
|
30
|
+
add_command(SceGenerateCoverageReport.new)
|
31
|
+
add_command(SceGenerateReference.new)
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
class
|
35
|
+
class SceGenerateCoverageReport < AbideCommand
|
36
36
|
CMD_NAME = 'coverage-report'
|
37
37
|
CMD_SHORT = 'Generates control coverage report'
|
38
38
|
CMD_LONG = <<-EOLC.chomp
|
@@ -52,12 +52,13 @@ module Abide
|
|
52
52
|
@data[:profile] = x
|
53
53
|
end
|
54
54
|
options.on('-L [LEVEL]', '--level [LEVEL]', 'Specify the level to show coverage for') do |l|
|
55
|
-
@data[:
|
55
|
+
@data[:level] = l
|
56
56
|
end
|
57
57
|
options.on('-I', '--ignore-benchmark-errors', 'Ignores errors while generating benchmark reports') do
|
58
58
|
@data[:ignore_all] = true
|
59
59
|
end
|
60
|
-
options.on('-X [XCCDF_DIR]', '--xccdf-dir [XCCDF_DIR]',
|
60
|
+
options.on('-X [XCCDF_DIR]', '--xccdf-dir [XCCDF_DIR]',
|
61
|
+
'If specified, the coverage report will be correlated with info from the benchmark XCCDF files') do |d|
|
61
62
|
@data[:xccdf_dir] = d
|
62
63
|
end
|
63
64
|
options.on('-v', '--verbose', 'Will output the report to the console') { @data[:verbose] = true }
|
@@ -74,10 +75,10 @@ module Abide
|
|
74
75
|
profile: @data[:profile],
|
75
76
|
level: @data[:level],
|
76
77
|
ignore_benchmark_errors: @data.fetch(:ignore_all, false),
|
77
|
-
xccdf_dir: @data[:xccdf_dir]
|
78
|
+
xccdf_dir: @data[:xccdf_dir]
|
78
79
|
}
|
79
80
|
AbideDevUtils::Output.simple('Generating coverage report...') unless quiet
|
80
|
-
coverage = AbideDevUtils::
|
81
|
+
coverage = AbideDevUtils::Sce::Generate::CoverageReport.generate(format_func: :to_h, opts: generate_opts)
|
81
82
|
AbideDevUtils::Output.simple("Saving coverage report to #{file_name}...")
|
82
83
|
case out_format
|
83
84
|
when /yaml/i
|
@@ -92,7 +93,7 @@ module Abide
|
|
92
93
|
end
|
93
94
|
end
|
94
95
|
|
95
|
-
class
|
96
|
+
class SceGenerateReference < AbideCommand
|
96
97
|
CMD_NAME = 'reference'
|
97
98
|
CMD_SHORT = 'Generates a reference doc for the module'
|
98
99
|
CMD_LONG = 'Generates a reference doc for the module'
|
@@ -113,35 +114,37 @@ module Abide
|
|
113
114
|
options.on('-s', '--strict', 'Fails if there are any errors') do
|
114
115
|
@data[:strict] = true
|
115
116
|
end
|
116
|
-
options.on('-p [PROFILE]', '--select-profile [PROFILE]',
|
117
|
+
options.on('-p [PROFILE]', '--select-profile [PROFILE]',
|
118
|
+
'The list of profiles that the reference.md will use separated by commas') do |pr|
|
117
119
|
@data[:select_profile] = pr.split(',')
|
118
120
|
end
|
119
|
-
options.on('-l [LEVEL]', '--select-level [LEVEL]',
|
121
|
+
options.on('-l [LEVEL]', '--select-level [LEVEL]',
|
122
|
+
'The list of level that the reference.md will use separated by commas') do |l|
|
120
123
|
@data[:select_level] = l.split(',')
|
121
124
|
end
|
122
125
|
end
|
123
126
|
|
124
127
|
def execute
|
125
128
|
AbideDevUtils::Validate.puppet_module_directory
|
126
|
-
AbideDevUtils::
|
129
|
+
AbideDevUtils::Sce::Generate::Reference.generate(@data)
|
127
130
|
end
|
128
131
|
end
|
129
132
|
|
130
|
-
class
|
133
|
+
class SceUpdateConfig < AbideCommand
|
131
134
|
CMD_NAME = 'update-config'
|
132
|
-
CMD_SHORT = 'Updates the Puppet
|
133
|
-
CMD_LONG = 'Updates the Puppet
|
135
|
+
CMD_SHORT = 'Updates the Puppet SCE config'
|
136
|
+
CMD_LONG = 'Updates the Puppet SCE config'
|
134
137
|
def initialize
|
135
138
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
136
|
-
add_command(
|
139
|
+
add_command(SceUpdateConfigFromDiff.new)
|
137
140
|
end
|
138
141
|
end
|
139
142
|
|
140
|
-
class
|
143
|
+
class SceUpdateConfigFromDiff < AbideCommand
|
141
144
|
CMD_NAME = 'from-diff'
|
142
145
|
CMD_SHORT = 'Update by diffing two XCCDF files'
|
143
146
|
CMD_LONG = 'Update by diffing two XCCDF files'
|
144
|
-
CMD_CONFIG_FILE = 'Path to the Puppet
|
147
|
+
CMD_CONFIG_FILE = 'Path to the Puppet SCE config file'
|
145
148
|
CMD_CURRENT_XCCDF = 'Path to the current XCCDF file'
|
146
149
|
CMD_NEW_XCCDF = 'Path to the new XCCDF file'
|
147
150
|
def initialize
|
@@ -167,29 +170,29 @@ module Abide
|
|
167
170
|
ARGHELP
|
168
171
|
end
|
169
172
|
|
170
|
-
def execute(
|
173
|
+
def execute(_config_file, _cur_xccdf, _new_xccdf)
|
171
174
|
warn 'This command is currently non-functional'
|
172
175
|
# AbideDevUtils::Validate.file(config_file, extension: 'yaml')
|
173
176
|
# AbideDevUtils::Validate.file(cur_xccdf, extension: 'xml')
|
174
177
|
# config_hiera = AbideDevUtils::Files::Reader.read(config_file, safe: true)
|
175
178
|
# diff = AbideDevUtils::XCCDF::Diff::BenchmarkDiff.new(cur_xccdf, new_xccdf).diff[:diff][:number_title]
|
176
|
-
# new_config_hiera, change_report = AbideDevUtils::
|
179
|
+
# new_config_hiera, change_report = AbideDevUtils::Sce.update_legacy_config_from_diff(config_hiera, diff)
|
177
180
|
# AbideDevUtils::Output.yaml(new_config_hiera, console: @data[:verbose], file: @data[:out_file])
|
178
181
|
# AbideDevUtils::Output.simple(change_report) unless @data[:quiet]
|
179
182
|
end
|
180
183
|
end
|
181
184
|
|
182
|
-
class
|
185
|
+
class SceValidate < AbideCommand
|
183
186
|
CMD_NAME = 'validate'
|
184
|
-
CMD_SHORT = 'Validation commands for
|
185
|
-
CMD_LONG = 'Validation commands for
|
187
|
+
CMD_SHORT = 'Validation commands for SCE modules'
|
188
|
+
CMD_LONG = 'Validation commands for SCE modules'
|
186
189
|
def initialize
|
187
190
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
188
|
-
add_command(
|
191
|
+
add_command(SceValidatePuppetStrings.new)
|
189
192
|
end
|
190
193
|
end
|
191
194
|
|
192
|
-
class
|
195
|
+
class SceValidatePuppetStrings < AbideCommand
|
193
196
|
CMD_NAME = 'puppet-strings'
|
194
197
|
CMD_SHORT = 'Validates the Puppet Strings documentation'
|
195
198
|
CMD_LONG = 'Validates the Puppet Strings documentation'
|
@@ -215,7 +218,7 @@ module Abide
|
|
215
218
|
def execute
|
216
219
|
@data[:format] ||= 'text'
|
217
220
|
AbideDevUtils::Validate.puppet_module_directory
|
218
|
-
output = AbideDevUtils::
|
221
|
+
output = AbideDevUtils::Sce::Validate::Strings.validate(**@data)
|
219
222
|
has_errors = false
|
220
223
|
has_warnings = false
|
221
224
|
output.each do |_, i|
|
@@ -227,7 +230,7 @@ module Abide
|
|
227
230
|
output,
|
228
231
|
console: !@data[:quiet],
|
229
232
|
file: @data[:out_file],
|
230
|
-
stringify: true
|
233
|
+
stringify: true
|
231
234
|
)
|
232
235
|
exit 1 if has_errors || (has_warnings && @data[:strict])
|
233
236
|
end
|
@@ -1,8 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require 'abide_dev_utils/cli/abstract'
|
4
|
+
|
3
5
|
module Abide
|
4
6
|
module CLI
|
5
|
-
class TestCommand <
|
7
|
+
class TestCommand < AbideCommand
|
6
8
|
CMD_NAME = 'test'
|
7
9
|
CMD_SHORT = 'Run test suites against a Puppet module'
|
8
10
|
CMD_LONG = 'Run various test suites against a Puppet module. Requires PDK to be installed.'
|
@@ -10,16 +12,25 @@ module Abide
|
|
10
12
|
CMD_LIT_BASE = 'bundle exec rake'
|
11
13
|
|
12
14
|
def initialize
|
13
|
-
super(CMD_NAME, takes_commands: false)
|
14
|
-
short_desc(CMD_SHORT)
|
15
|
-
long_desc(CMD_LONG)
|
15
|
+
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: false, deprecated: true)
|
16
16
|
argument_desc(SUITE: 'Test suite to run [all, validate, unit, limus]')
|
17
|
-
options.on('-p', '--puppet-version', 'Set Puppet version for unit tests. Takes SemVer string')
|
17
|
+
options.on('-p', '--puppet-version', 'Set Puppet version for unit tests. Takes SemVer string') do |p|
|
18
|
+
@data[:puppet] = p
|
19
|
+
end
|
18
20
|
options.on('-e', '--pe-version', 'Set PE version for unit tests. Takes SemVer String') { |e| @data[:pe] = e }
|
19
|
-
options.on('-n', '--no-teardown', 'Do not tear down Litmus machines after tests')
|
20
|
-
|
21
|
-
|
22
|
-
options.on('-
|
21
|
+
options.on('-n', '--no-teardown', 'Do not tear down Litmus machines after tests') do |_|
|
22
|
+
@data[:no_teardown] = true
|
23
|
+
end
|
24
|
+
options.on('-c [puppet[67]]', '--collection [puppet[67]]', 'Puppet collection to use with litmus tests') do |c|
|
25
|
+
@data[:collection] = c
|
26
|
+
end
|
27
|
+
options.on('-l [LIST]', '--provision-list [LIST]', 'Set the provision list for Litmus') do |l|
|
28
|
+
@data[:provision_list] = l
|
29
|
+
end
|
30
|
+
options.on('-M [PATH]', '--module-dir [PATH]',
|
31
|
+
'Set a different directory as the module dir (defaults to current dir)') do |m|
|
32
|
+
@data[:module_dir] = m
|
33
|
+
end
|
23
34
|
# Declare and setup commands
|
24
35
|
@validate = ['validate', '--parallel']
|
25
36
|
@unit = ['test', 'unit', '--parallel']
|
@@ -23,7 +23,7 @@ module Abide
|
|
23
23
|
class XccdfGenMapCommand < AbideCommand
|
24
24
|
CMD_NAME = 'gen-map'
|
25
25
|
CMD_SHORT = 'Generates mappings from XCCDF files'
|
26
|
-
CMD_LONG = 'Generates mappings for
|
26
|
+
CMD_LONG = 'Generates mappings for SCE modules from 1 or more XCCDF files as YAML'
|
27
27
|
CMD_XCCDF_FILES_ARG = 'One or more paths to XCCDF files'
|
28
28
|
def initialize
|
29
29
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: false)
|
@@ -31,7 +31,8 @@ module Abide
|
|
31
31
|
options.on('-b [TYPE]', '--benchmark-type [TYPE]', 'XCCDF Benchmark type CIS by default') do |b|
|
32
32
|
@data[:type] = b
|
33
33
|
end
|
34
|
-
options.on('-d [DIR]', '--files-output-directory [DIR]',
|
34
|
+
options.on('-d [DIR]', '--files-output-directory [DIR]',
|
35
|
+
'Directory to save files data/mappings by default') do |d|
|
35
36
|
@data[:dir] = d
|
36
37
|
end
|
37
38
|
options.on('-V', '--version-output-dir', 'If saving to a directory, version the output directory') do
|
@@ -104,13 +105,16 @@ module Abide
|
|
104
105
|
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: false)
|
105
106
|
argument_desc(FILE1: CMD_FILE1_ARG, FILE2: CMD_FILE2_ARG)
|
106
107
|
options.on('-o [PATH]', '--out-file', 'Save the report as a yaml file') { |x| @data[:outfile] = x }
|
107
|
-
options.on('-p [PROFILE]', '--profile',
|
108
|
+
options.on('-p [PROFILE]', '--profile',
|
109
|
+
'Only diff rules belonging to the matching profile. Takes a string that is treated as RegExp') do |x|
|
108
110
|
@data[:profile] = x
|
109
111
|
end
|
110
|
-
options.on('-l [LEVEL]', '--level',
|
112
|
+
options.on('-l [LEVEL]', '--level',
|
113
|
+
'Only diff rules belonging to the matching level. Takes a string that is treated as RegExp') do |x|
|
111
114
|
@data[:level] = x
|
112
115
|
end
|
113
|
-
options.on('-i [PROPS]', '--ignore-changed-properties',
|
116
|
+
options.on('-i [PROPS]', '--ignore-changed-properties',
|
117
|
+
'Ignore changes to specified properties. Takes a comma-separated list.') do |x|
|
114
118
|
@data[:ignore_changed_properties] = x.split(',')
|
115
119
|
end
|
116
120
|
options.on('-r', '--raw', 'Output the diff in raw format') { @data[:raw] = true }
|
data/lib/abide_dev_utils/cli.rb
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
require 'cmdparse'
|
4
4
|
require 'abide_dev_utils/version'
|
5
|
-
require 'abide_dev_utils/cli/
|
5
|
+
require 'abide_dev_utils/cli/sce'
|
6
6
|
require 'abide_dev_utils/constants'
|
7
7
|
require 'abide_dev_utils/cli/comply'
|
8
8
|
require 'abide_dev_utils/cli/puppet'
|
@@ -15,6 +15,7 @@ module Abide
|
|
15
15
|
include AbideDevUtils::CliConstants
|
16
16
|
ROOT_CMD_NAME = 'abide'
|
17
17
|
ROOT_CMD_BANNER = 'Developer tools for Abide'
|
18
|
+
DEPRECATED_COMMANDS = %w[comply test].freeze
|
18
19
|
|
19
20
|
def self.new_parser
|
20
21
|
parser = CmdParse::CommandParser.new(handle_exceptions: true)
|
@@ -23,7 +24,7 @@ module Abide
|
|
23
24
|
parser.main_options.banner = ROOT_CMD_BANNER
|
24
25
|
parser.add_command(CmdParse::HelpCommand.new, default: true)
|
25
26
|
parser.add_command(CmdParse::VersionCommand.new(add_switches: true))
|
26
|
-
parser.add_command(
|
27
|
+
parser.add_command(SceCommand.new)
|
27
28
|
parser.add_command(ComplyCommand.new)
|
28
29
|
parser.add_command(PuppetCommand.new)
|
29
30
|
parser.add_command(XccdfCommand.new)
|
@@ -32,9 +33,9 @@ module Abide
|
|
32
33
|
parser
|
33
34
|
end
|
34
35
|
|
35
|
-
def self.execute
|
36
|
+
def self.execute(argv = ARGV)
|
36
37
|
parser = new_parser
|
37
|
-
parser.parse
|
38
|
+
parser.parse(argv)
|
38
39
|
end
|
39
40
|
end
|
40
41
|
end
|
@@ -1,5 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
### THIS CODE IS CURRENTLY UNSUPPORTED ###
|
4
|
+
|
3
5
|
require 'json'
|
4
6
|
require 'yaml'
|
5
7
|
require 'selenium-webdriver'
|
@@ -208,15 +210,13 @@ module AbideDevUtils
|
|
208
210
|
end
|
209
211
|
|
210
212
|
def page_source
|
211
|
-
File.
|
213
|
+
File.write(File.join(file_dir, "comply_error_#{Time.now.to_i}.txt"), driver.page_source)
|
212
214
|
rescue Errno::ENOENT
|
213
215
|
save_default = prompt.yes_no(
|
214
216
|
"Directory #{file_dir} does not exist. Save page source to current directory?"
|
215
217
|
)
|
216
218
|
if save_default
|
217
|
-
File.
|
218
|
-
f.write(driver.page_source)
|
219
|
-
end
|
219
|
+
File.write(File.join(File.expand_path('.'), "comply_error_#{Time.now.to_i}.html"), driver.page_source)
|
220
220
|
end
|
221
221
|
end
|
222
222
|
|
@@ -352,9 +352,7 @@ module AbideDevUtils
|
|
352
352
|
if status.nil? || status.include?(chk_objs[1].downcase)
|
353
353
|
name_parts = chk_objs[0].match(/^([0-9.]+) (.+)$/)
|
354
354
|
key = normalize_cis_rec_name(name_parts[2])
|
355
|
-
unless report['scan_results'].key?(chk_objs[1])
|
356
|
-
report['scan_results'][chk_objs[1]] = {}
|
357
|
-
end
|
355
|
+
report['scan_results'][chk_objs[1]] = {} unless report['scan_results'].key?(chk_objs[1])
|
358
356
|
report['scan_results'][chk_objs[1]][key] = {
|
359
357
|
'name' => name_parts[2].chomp,
|
360
358
|
'number' => name_parts[1].chomp
|
@@ -481,7 +479,7 @@ module AbideDevUtils
|
|
481
479
|
def diff(other)
|
482
480
|
diff = {}
|
483
481
|
DIFF_PROPERTIES.each do |prop|
|
484
|
-
diff[prop] = send("#{prop
|
482
|
+
diff[prop] = send("#{prop}_equal?".to_sym, other.send(prop)) ? {} : property_diff(prop, other)
|
485
483
|
end
|
486
484
|
diff
|
487
485
|
end
|
@@ -490,7 +488,7 @@ module AbideDevUtils
|
|
490
488
|
|
491
489
|
def create_equality_methods
|
492
490
|
DIFF_PROPERTIES.each do |prop|
|
493
|
-
meth_name = "#{prop
|
491
|
+
meth_name = "#{prop}_equal?"
|
494
492
|
self.class.define_method(meth_name) do |other|
|
495
493
|
property_equal?(prop, other)
|
496
494
|
end
|