abide_dev_utils 0.4.0 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.dockerignore +0 -0
- data/.gitignore +0 -0
- data/.rspec +0 -0
- data/.rubocop.yml +0 -0
- data/.rubocop_todo.yml +0 -0
- data/CHANGELOG.md +0 -0
- data/Dockerfile +0 -0
- data/Gemfile +0 -0
- data/LICENSE.txt +0 -0
- data/README.md +34 -0
- data/Rakefile +0 -0
- data/abide_dev_utils.gemspec +2 -0
- data/lib/abide_dev_utils/cli/abstract.rb +2 -0
- data/lib/abide_dev_utils/cli/comply.rb +97 -0
- data/lib/abide_dev_utils/cli/jira.rb +4 -2
- data/lib/abide_dev_utils/cli/puppet.rb +0 -0
- data/lib/abide_dev_utils/cli/test.rb +0 -0
- data/lib/abide_dev_utils/cli/xccdf.rb +7 -4
- data/lib/abide_dev_utils/cli.rb +2 -0
- data/lib/abide_dev_utils/comply.rb +130 -0
- data/lib/abide_dev_utils/config.rb +24 -1
- data/lib/abide_dev_utils/constants.rb +0 -0
- data/lib/abide_dev_utils/errors/base.rb +0 -0
- data/lib/abide_dev_utils/errors/general.rb +0 -0
- data/lib/abide_dev_utils/errors/jira.rb +0 -0
- data/lib/abide_dev_utils/errors/ppt.rb +0 -0
- data/lib/abide_dev_utils/errors/xccdf.rb +0 -0
- data/lib/abide_dev_utils/errors.rb +0 -0
- data/lib/abide_dev_utils/files.rb +0 -0
- data/lib/abide_dev_utils/jira.rb +17 -0
- data/lib/abide_dev_utils/output.rb +0 -0
- data/lib/abide_dev_utils/ppt/coverage.rb +0 -0
- data/lib/abide_dev_utils/ppt/new_obj.rb +0 -0
- data/lib/abide_dev_utils/ppt.rb +0 -0
- data/lib/abide_dev_utils/prompt.rb +0 -0
- data/lib/abide_dev_utils/resources/generic_spec.erb +0 -0
- data/lib/abide_dev_utils/utils/general.rb +0 -0
- data/lib/abide_dev_utils/validate.rb +0 -0
- data/lib/abide_dev_utils/version.rb +1 -1
- data/lib/abide_dev_utils/xccdf/cis/hiera.rb +10 -8
- data/lib/abide_dev_utils/xccdf/cis.rb +0 -0
- data/lib/abide_dev_utils/xccdf.rb +1 -1
- data/lib/abide_dev_utils.rb +0 -0
- metadata +36 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '03743386fed00b094d759cb20a53d25d807492fd98097564d140aa0cacfecce0'
|
4
|
+
data.tar.gz: be8082a88120f30f2754f79194a818c7640fd5f104c0c57dc07cd84d8bbc460f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1bcd5add724cc85cc95915d778a6320de028b351ea19920b712efe228a4e01efdb36bb2840f5b566f5cf8a3d9ebe90236138fdd0bc0d83e90fbe1f4a0cf67763
|
7
|
+
data.tar.gz: 91f71049317153abafaa32fd9bacdfbfa26b1ba2145ddd902238f6cbc8e31417540eee0812b67ecdb5b5b0c500f1b0ce02ee43b028c37ffb3d87753c75e1729e
|
data/.dockerignore
CHANGED
File without changes
|
data/.gitignore
CHANGED
File without changes
|
data/.rspec
CHANGED
File without changes
|
data/.rubocop.yml
CHANGED
File without changes
|
data/.rubocop_todo.yml
CHANGED
File without changes
|
data/CHANGELOG.md
CHANGED
File without changes
|
data/Dockerfile
CHANGED
File without changes
|
data/Gemfile
CHANGED
File without changes
|
data/LICENSE.txt
CHANGED
File without changes
|
data/README.md
CHANGED
@@ -29,6 +29,10 @@ Issues and pull requests are welcome!
|
|
29
29
|
|
30
30
|
* Create Jira issues in bulk from coverage reports
|
31
31
|
|
32
|
+
### Puppet Comply Report Generation
|
33
|
+
|
34
|
+
* Allows you ot programatically generate compliance reports from Puppet Comply
|
35
|
+
|
32
36
|
### Supports Configuration via Local YAML file
|
33
37
|
|
34
38
|
* Fully configurable via the `~/.abide_dev.yaml` file
|
@@ -84,6 +88,8 @@ Install the gem:
|
|
84
88
|
|
85
89
|
### Overview of Commands
|
86
90
|
|
91
|
+
* `abide comply` - Command namespace for Puppet Comply commands
|
92
|
+
* `abide comply report` - Creates a scan report in YAML format by scraping Puppet Comply
|
87
93
|
* `abide jira` - Command namespace for Jira commands
|
88
94
|
* `abide jira auth` - Authenticate with Jira. Only useful as a stand-alone command to test authentication
|
89
95
|
* `abide jira from_coverage` - Creates a parent issue with subtasks from a Puppet coverage report
|
@@ -96,6 +102,34 @@ Install the gem:
|
|
96
102
|
* `abide xccdf` - Command namespace for XCCDF commands
|
97
103
|
* `abide xccdf to_hiera` - Converts a benchmark XCCDF file to a Hiera yaml file
|
98
104
|
|
105
|
+
### Comply Command Reference
|
106
|
+
|
107
|
+
#### report
|
108
|
+
|
109
|
+
* Required positional parameters:
|
110
|
+
* `COMPLY_URL` - The URL of Puppet Comply
|
111
|
+
* `COMPLY_PASSWORD` - The password for the Puppet Comply user
|
112
|
+
* Options:
|
113
|
+
* `--out-file`, `-o` - The path to save the scan report. Defaults to `./comply_scan_report.yaml`
|
114
|
+
* `--username`, `-u` - The Puppet Comply username. Defaults to `comply`
|
115
|
+
* `--status`, `-s` - A comma-separated list of check statuses to ONLY include in the report. Valid statuses are: `pass`, `fail`, `error`, `notapplicable`, `notchecked`, `unknown`, `informational`
|
116
|
+
* `--only`, `-O` - A comma-separated list of node certnames to ONLY build reports for. No other nodes will have reports built for them except the ones specified. This option is mutually exclusive with `--ignore` and, if both are set, this options will take precedence over `--ignore`.
|
117
|
+
* `--ignore`, `-I` - A comma-separated list of node certnames to ignore building reports for. This options is mutually exclusive with `--only` and, if both are set, `--only` will take precedence over this option.
|
118
|
+
|
119
|
+
Examples:
|
120
|
+
|
121
|
+
Generating a report of all failed and err'd scan checks
|
122
|
+
|
123
|
+
```sh
|
124
|
+
abide comply report https://comply.my.instance 'my_comply_password!' -s fail,error
|
125
|
+
```
|
126
|
+
|
127
|
+
Generating a report for certain nodes only
|
128
|
+
|
129
|
+
```sh
|
130
|
+
abide comply report https://comply.my.instance 'my_comply_password!' -O specific-node.my.instance
|
131
|
+
```
|
132
|
+
|
99
133
|
### Jira Command Reference
|
100
134
|
|
101
135
|
#### from_coverage
|
data/Rakefile
CHANGED
File without changes
|
data/abide_dev_utils.gemspec
CHANGED
@@ -37,6 +37,7 @@ Gem::Specification.new do |spec|
|
|
37
37
|
spec.add_dependency 'puppet', '>= 6.19'
|
38
38
|
spec.add_dependency 'jira-ruby', '~> 2.1'
|
39
39
|
spec.add_dependency 'ruby-progressbar', '~> 1.11'
|
40
|
+
spec.add_dependency 'selenium-webdriver', '~> 4.0.0.beta4'
|
40
41
|
|
41
42
|
# Dev dependencies
|
42
43
|
spec.add_development_dependency 'bundler'
|
@@ -44,6 +45,7 @@ Gem::Specification.new do |spec|
|
|
44
45
|
spec.add_development_dependency 'console'
|
45
46
|
spec.add_development_dependency 'github_changelog_generator'
|
46
47
|
spec.add_development_dependency 'gem-release'
|
48
|
+
spec.add_development_dependency 'pry'
|
47
49
|
spec.add_development_dependency 'rspec', '~> 3.10'
|
48
50
|
spec.add_development_dependency 'rubocop', '~> 1.8'
|
49
51
|
spec.add_development_dependency 'rubocop-rspec', '~> 2.1'
|
@@ -0,0 +1,97 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'abide_dev_utils/comply'
|
4
|
+
require 'abide_dev_utils/cli/abstract'
|
5
|
+
|
6
|
+
module Abide
|
7
|
+
module CLI
|
8
|
+
class ComplyCommand < AbideCommand
|
9
|
+
CMD_NAME = 'comply'
|
10
|
+
CMD_SHORT = 'Commands related to Puppet Comply'
|
11
|
+
CMD_LONG = 'Namespace for commands related to Puppet Comply'
|
12
|
+
def initialize
|
13
|
+
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: true)
|
14
|
+
add_command(ComplyReportCommand.new)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
class ComplyReportCommand < AbideCommand
|
19
|
+
CMD_NAME = 'report'
|
20
|
+
CMD_SHORT = 'Generates a yaml report of Puppet Comply scan results'
|
21
|
+
CMD_LONG = <<~LONGCMD
|
22
|
+
Generates a yaml file that shows the scan results of all nodes in Puppet Comply.
|
23
|
+
This command utilizes Selenium WebDriver and the Google Chrome browser to automate
|
24
|
+
clicking through the Comply UI and building a report. In order to use this command,
|
25
|
+
you MUST have Google Chrome installed and you MUST install the chromedriver binary.
|
26
|
+
More info and instructions can be found here:
|
27
|
+
https://www.selenium.dev/documentation/en/getting_started_with_webdriver/.
|
28
|
+
LONGCMD
|
29
|
+
CMD_COMPLY_URL = 'The URL (including https://) of Puppet Comply'
|
30
|
+
CMD_COMPLY_PASSWORD = 'The password for Puppet Comply'
|
31
|
+
OPT_STATUS_DESC = <<~EODESC
|
32
|
+
A comma-separated list of check statuses to ONLY include in the report.
|
33
|
+
Valid statuses are: pass, fail, error, notapplicable, notchecked, unknown, informational
|
34
|
+
EODESC
|
35
|
+
OPT_IGNORE_NODES = <<~EOIGN
|
36
|
+
A comma-separated list of node certnames to ignore building reports for. This
|
37
|
+
options is mutually exclusive with --only and, if both are set, --only will take precedence
|
38
|
+
over this option.
|
39
|
+
EOIGN
|
40
|
+
OPT_ONLY_NODES = <<~EOONLY
|
41
|
+
A comma-separated list of node certnames to ONLY build reports for. No other
|
42
|
+
nodes will have reports built for them except the ones specified. This option
|
43
|
+
is mutually exclusive with --ignore and, if both are set, this options will
|
44
|
+
take precedence over --ignore.
|
45
|
+
EOONLY
|
46
|
+
def initialize
|
47
|
+
super(CMD_NAME, CMD_SHORT, CMD_LONG, takes_commands: false)
|
48
|
+
argument_desc(COMPLY_URL: CMD_COMPLY_URL, COMPLY_PASSWORD: CMD_COMPLY_PASSWORD)
|
49
|
+
options.on('-o [FILE]', '--out-file [FILE]', 'Path to save the report') { |f| @data[:file] = f }
|
50
|
+
options.on('-u [USERNAME]', '--username [USERNAME]', 'The username for Comply (defaults to comply)') do |u|
|
51
|
+
@data[:username] = u
|
52
|
+
end
|
53
|
+
options.on('-s [STATUS]', '--status [STATUS]', OPT_STATUS_DESC) do |s|
|
54
|
+
status_array = s.nil? ? nil : s.split(',').map(&:downcase)
|
55
|
+
status_array&.map! { |i| i == 'notchecked' ? 'not checked' : i }
|
56
|
+
@data[:status] = status_array
|
57
|
+
end
|
58
|
+
options.on('-O [CERTNAME]', '--only [CERTNAME]', OPT_ONLY_NODES) do |o|
|
59
|
+
only_array = o.nil? ? nil : s.split(',').map(&:downcase)
|
60
|
+
@data[:only] = only_array
|
61
|
+
end
|
62
|
+
options.on('-I [CERTNAME]', '--ignore [CERTNAME]', OPT_IGNORE_NODES) do |i|
|
63
|
+
ignore_array = i.nil? ? nil : i.split(',').map(&:downcase)
|
64
|
+
@data[:ignore] = ignore_array
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
def help_arguments
|
69
|
+
<<~ARGHELP
|
70
|
+
Arguments:
|
71
|
+
COMPLY_URL #{CMD_COMPLY_URL}
|
72
|
+
COMPLY_PASSWORD #{CMD_COMPLY_PASSWORD}
|
73
|
+
|
74
|
+
ARGHELP
|
75
|
+
end
|
76
|
+
|
77
|
+
def execute(comply_url = nil, comply_password = nil)
|
78
|
+
Abide::CLI::VALIDATE.filesystem_path(`command -v chromedriver`.strip)
|
79
|
+
conf = config_section('comply')
|
80
|
+
comply_url = conf.fetch(:url) if comply_url.nil?
|
81
|
+
comply_password = comply_password.nil? ? conf.fetch(:password, Abide::CLI::PROMPT.password) : comply_password
|
82
|
+
username = @data.fetch(:username, nil).nil? ? conf.fetch(:username, 'comply') : @data[:username]
|
83
|
+
status = @data.fetch(:status, nil).nil? ? conf.fetch(:status, nil) : @data[:status]
|
84
|
+
ignorelist = @data.fetch(:ignore, nil).nil? ? conf.fetch(:ignore, nil) : @data[:ignore]
|
85
|
+
onlylist = @data.fetch(:only, nil).nil? ? conf.fetch(:only, nil) : @data[:only]
|
86
|
+
report = AbideDevUtils::Comply.scan_report(comply_url,
|
87
|
+
comply_password,
|
88
|
+
username: username,
|
89
|
+
status: status,
|
90
|
+
ignorelist: ignorelist,
|
91
|
+
onlylist: onlylist)
|
92
|
+
outfile = @data.fetch(:file, nil).nil? ? conf.fetch(:report_path, 'comply_scan_report.yaml') : @data[:file]
|
93
|
+
Abide::CLI::OUTPUT.yaml(report, file: outfile)
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
@@ -1,10 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'json'
|
4
|
+
require 'abide_dev_utils/config'
|
4
5
|
require 'abide_dev_utils/jira'
|
5
6
|
|
6
7
|
module Abide
|
7
8
|
module CLI
|
9
|
+
CONFIG = AbideDevUtils::Config
|
8
10
|
JIRA = AbideDevUtils::Jira
|
9
11
|
|
10
12
|
class JiraCommand < CmdParse::Command
|
@@ -57,8 +59,8 @@ module Abide
|
|
57
59
|
def execute(issue)
|
58
60
|
client = JIRA.client(options: {})
|
59
61
|
issue = client.Issue.find(issue)
|
60
|
-
console = @data[:file].nil?
|
61
|
-
out_json = issue.attrs.select { |_,v| !v.nil? || !v.empty? }
|
62
|
+
console = @data[:file].nil?
|
63
|
+
out_json = issue.attrs.select { |_, v| !v.nil? || !v.empty? }
|
62
64
|
Abide::CLI::OUTPUT.json(out_json, console: console, file: @data[:file])
|
63
65
|
end
|
64
66
|
end
|
File without changes
|
File without changes
|
@@ -27,8 +27,12 @@ module Abide
|
|
27
27
|
long_desc(CMD_LONG)
|
28
28
|
options.on('-b [TYPE]', '--benchmark-type [TYPE]', 'XCCDF Benchmark type') { |b| @data[:type] = b }
|
29
29
|
options.on('-o [FILE]', '--out-file [FILE]', 'Path to save file') { |f| @data[:file] = f }
|
30
|
-
options.on('-p [PREFIX]', '--parent-key-prefix [PREFIX]', 'A prefix to append to the parent key')
|
31
|
-
|
30
|
+
options.on('-p [PREFIX]', '--parent-key-prefix [PREFIX]', 'A prefix to append to the parent key') do |p|
|
31
|
+
@data[:parent_key_prefix] = p
|
32
|
+
end
|
33
|
+
options.on('-N', '--number-fmt', 'Format Hiera control names based off of control number instead of name.') do
|
34
|
+
@data[:num] = true
|
35
|
+
end
|
32
36
|
end
|
33
37
|
|
34
38
|
def execute(xccdf_file)
|
@@ -41,8 +45,7 @@ module Abide
|
|
41
45
|
|
42
46
|
def to_hiera(xccdf_file)
|
43
47
|
xfile = AbideDevUtils::XCCDF.to_hiera(xccdf_file, @data)
|
44
|
-
console
|
45
|
-
Abide::CLI::OUTPUT.yaml(xfile, console: console, file: @data[:file])
|
48
|
+
Abide::CLI::OUTPUT.yaml(xfile, console: @data[:file].nil?, file: @data[:file])
|
46
49
|
end
|
47
50
|
end
|
48
51
|
end
|
data/lib/abide_dev_utils/cli.rb
CHANGED
@@ -3,6 +3,7 @@
|
|
3
3
|
require 'cmdparse'
|
4
4
|
require 'abide_dev_utils/version'
|
5
5
|
require 'abide_dev_utils/constants'
|
6
|
+
require 'abide_dev_utils/cli/comply'
|
6
7
|
require 'abide_dev_utils/cli/puppet'
|
7
8
|
require 'abide_dev_utils/cli/xccdf'
|
8
9
|
require 'abide_dev_utils/cli/test'
|
@@ -21,6 +22,7 @@ module Abide
|
|
21
22
|
parser.main_options.banner = ROOT_CMD_BANNER
|
22
23
|
parser.add_command(CmdParse::HelpCommand.new, default: true)
|
23
24
|
parser.add_command(CmdParse::VersionCommand.new(add_switches: true))
|
25
|
+
parser.add_command(ComplyCommand.new)
|
24
26
|
parser.add_command(PuppetCommand.new)
|
25
27
|
parser.add_command(XccdfCommand.new)
|
26
28
|
parser.add_command(TestCommand.new)
|
@@ -0,0 +1,130 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yaml'
|
4
|
+
require 'selenium-webdriver'
|
5
|
+
require 'abide_dev_utils/output'
|
6
|
+
|
7
|
+
module AbideDevUtils
|
8
|
+
module Comply
|
9
|
+
def self.scan_report(url, password, username: 'comply', status: nil, ignorelist: nil, onlylist: nil)
|
10
|
+
begin
|
11
|
+
AbideDevUtils::Output.simple 'Starting headless Chrome...'
|
12
|
+
options = Selenium::WebDriver::Chrome::Options.new
|
13
|
+
options.args = %w[
|
14
|
+
--headless
|
15
|
+
--test-type
|
16
|
+
--disable-gpu
|
17
|
+
--no-first-run
|
18
|
+
--no-default-browser-check
|
19
|
+
--ignore-certificate-errors
|
20
|
+
--start-maximized
|
21
|
+
]
|
22
|
+
driver = Selenium::WebDriver.for :chrome, options: options
|
23
|
+
driver.get(url)
|
24
|
+
bypass_ssl_warning_page(driver)
|
25
|
+
AbideDevUtils::Output.simple "Logging into Comply at #{url}..."
|
26
|
+
login_to_comply(driver, username: username, password: password)
|
27
|
+
AbideDevUtils::Output.simple 'Finding nodes with scan reports...'
|
28
|
+
links = find_node_report_links(driver)
|
29
|
+
AbideDevUtils::Output.simple 'Building scan reports, this may take a while...'
|
30
|
+
build_report(driver, links, status: status, ignorelist: ignorelist, onlylist: onlylist)
|
31
|
+
ensure
|
32
|
+
driver.quit
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.ignore_no_such_element
|
37
|
+
begin
|
38
|
+
yield
|
39
|
+
rescue Selenium::WebDriver::Error::NoSuchElementError => e
|
40
|
+
AbideDevUtils::Output.simple "Ignored exception #{e}", stream: $stderr
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def self.wait_on(timeout = 10)
|
45
|
+
Selenium::WebDriver::Wait.new(timeout: timeout).until do
|
46
|
+
yield
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.bypass_ssl_warning_page(driver)
|
51
|
+
ignore_no_such_element do
|
52
|
+
driver.find_element(id: 'details-button').click
|
53
|
+
driver.find_element(id: 'proceed-link').click
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def self.login_to_comply(driver, username: 'comply', password: 'compliance')
|
58
|
+
wait_on { driver.find_element(id: 'username') }
|
59
|
+
driver.find_element(id: 'username').send_keys username
|
60
|
+
driver.find_element(id: 'password').send_keys password
|
61
|
+
driver.find_element(id: 'kc-login').click
|
62
|
+
end
|
63
|
+
|
64
|
+
def self.find_node_report_links(driver)
|
65
|
+
wait_on { driver.find_element(class: 'metric-containers-failed-hosts-count') }
|
66
|
+
hosts = driver.find_element(class: 'metric-containers-failed-hosts-count')
|
67
|
+
table = hosts.find_element(class: 'rc-table')
|
68
|
+
table_body = table.find_element(tag_name: 'tbody')
|
69
|
+
wait_on { table_body.find_element(tag_name: 'a') }
|
70
|
+
table_body.find_elements(tag_name: 'a')
|
71
|
+
end
|
72
|
+
|
73
|
+
def self.build_report(driver, links, status: nil, ignorelist: nil, onlylist: nil)
|
74
|
+
all_checks = {}
|
75
|
+
original_window = driver.window_handle
|
76
|
+
links.each do |link|
|
77
|
+
if !onlylist.nil? && !onlylist.empty?
|
78
|
+
next unless onlylist.include?(link.text)
|
79
|
+
elsif !ignorelist.nil? && !ignorelist.empty?
|
80
|
+
next if ignorelist.include?(link.text)
|
81
|
+
end
|
82
|
+
begin
|
83
|
+
node_name = link.text
|
84
|
+
progress = AbideDevUtils::Output.progress title: "Builingd report for #{node_name}", total: nil
|
85
|
+
link_url = link.attribute('href')
|
86
|
+
driver.manage.new_window(:tab)
|
87
|
+
wait_on { driver.window_handles.length == 2 }
|
88
|
+
progress.increment
|
89
|
+
driver.switch_to.window driver.window_handles[1]
|
90
|
+
driver.get(link_url)
|
91
|
+
wait_on { driver.find_element(class: 'details-scan-info') }
|
92
|
+
progress.increment
|
93
|
+
wait_on { driver.find_element(class: 'details-table') }
|
94
|
+
progress.increment
|
95
|
+
report = {}
|
96
|
+
report['scan_results'] = {}
|
97
|
+
scan_info_table = driver.find_element(class: 'details-scan-info')
|
98
|
+
scan_info_table_rows = scan_info_table.find_elements(tag_name: 'tr')
|
99
|
+
progress.increment
|
100
|
+
check_table_body = driver.find_element(tag_name: 'tbody')
|
101
|
+
check_table_rows = check_table_body.find_elements(tag_name: 'tr')
|
102
|
+
progress.increment
|
103
|
+
scan_info_table_rows.each do |row|
|
104
|
+
key = row.find_element(tag_name: 'h5').text
|
105
|
+
value = row.find_element(tag_name: 'strong').text
|
106
|
+
report[key.downcase.gsub(/:/, '').gsub(/ /, '_')] = value
|
107
|
+
progress.increment
|
108
|
+
end
|
109
|
+
check_table_rows.each do |row|
|
110
|
+
chk_objs = row.find_elements(tag_name: 'td')
|
111
|
+
chk_objs.map!(&:text)
|
112
|
+
if status.nil? || status.include?(chk_objs[1].downcase)
|
113
|
+
report['scan_results'][chk_objs[0][/^[0-9.]+/, 0]] = {
|
114
|
+
'name' => chk_objs[0].gsub(/\n/, ' '),
|
115
|
+
'status' => chk_objs[1]
|
116
|
+
}
|
117
|
+
end
|
118
|
+
progress.increment
|
119
|
+
end
|
120
|
+
all_checks[node_name] = report
|
121
|
+
driver.close
|
122
|
+
AbideDevUtils::Output.simple "Created report for #{node_name}"
|
123
|
+
ensure
|
124
|
+
driver.switch_to.window original_window
|
125
|
+
end
|
126
|
+
end
|
127
|
+
all_checks
|
128
|
+
end
|
129
|
+
end
|
130
|
+
end
|
@@ -7,18 +7,41 @@ module AbideDevUtils
|
|
7
7
|
DEFAULT_PATH = "#{File.expand_path('~')}/.abide_dev.yaml"
|
8
8
|
|
9
9
|
def self.to_h(path = DEFAULT_PATH)
|
10
|
+
return {} unless File.file?(path)
|
11
|
+
|
12
|
+
h = YAML.safe_load(File.open(path), [Symbol])
|
13
|
+
h.transform_keys(&:to_sym)
|
14
|
+
end
|
15
|
+
|
16
|
+
def to_h(path = DEFAULT_PATH)
|
17
|
+
return {} unless File.file?(path)
|
18
|
+
|
10
19
|
h = YAML.safe_load(File.open(path), [Symbol])
|
11
20
|
h.transform_keys(&:to_sym)
|
12
21
|
end
|
13
22
|
|
14
23
|
def self.config_section(section, path = DEFAULT_PATH)
|
15
24
|
h = to_h(path)
|
16
|
-
s = h
|
25
|
+
s = h.fetch(section.to_sym, nil)
|
26
|
+
return {} if s.nil?
|
27
|
+
|
28
|
+
s.transform_keys(&:to_sym)
|
29
|
+
end
|
30
|
+
|
31
|
+
def config_section(section, path = DEFAULT_PATH)
|
32
|
+
h = to_h(path)
|
33
|
+
s = h.fetch(section.to_sym, nil)
|
34
|
+
return {} if s.nil?
|
35
|
+
|
17
36
|
s.transform_keys(&:to_sym)
|
18
37
|
end
|
19
38
|
|
20
39
|
def self.fetch(key, default = nil, path = DEFAULT_PATH)
|
21
40
|
to_h(path).fetch(key, default)
|
22
41
|
end
|
42
|
+
|
43
|
+
def fetch(key, default = nil, path = DEFAULT_PATH)
|
44
|
+
to_h(path).fetch(key, default)
|
45
|
+
end
|
23
46
|
end
|
24
47
|
end
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
data/lib/abide_dev_utils/jira.rb
CHANGED
@@ -86,6 +86,8 @@ module AbideDevUtils
|
|
86
86
|
|
87
87
|
def self.client(options: {})
|
88
88
|
opts = merge_options(options)
|
89
|
+
return client_from_prompts if opts.empty?
|
90
|
+
|
89
91
|
opts[:username] = AbideDevUtils::Prompt.username if opts[:username].nil?
|
90
92
|
opts[:password] = AbideDevUtils::Prompt.password if opts[:password].nil?
|
91
93
|
opts[:site] = AbideDevUtils::Prompt.single_line('Jira URL') if opts[:site].nil?
|
@@ -133,6 +135,16 @@ module AbideDevUtils
|
|
133
135
|
end
|
134
136
|
end
|
135
137
|
|
138
|
+
# def self.new_issues_from_comply_report(client, project, report, dry_run: false)
|
139
|
+
# dr_prefix = dry_run ? 'DRY RUN: ' : ''
|
140
|
+
# i_attrs = all_project_issues_attrs(project)
|
141
|
+
# rep_sums = summaries_from_coverage_report(report)
|
142
|
+
# rep_sums.each do |k, v|
|
143
|
+
# next if summary_exist?(k, i_attrs)
|
144
|
+
|
145
|
+
# progress = AbideDevUtils::Output.progress(title: "#{dr_prefix}Creating Tasks", total: nil)
|
146
|
+
# v.each do |s|
|
147
|
+
|
136
148
|
def self.merge_options(options)
|
137
149
|
config.merge(options)
|
138
150
|
end
|
@@ -165,6 +177,11 @@ module AbideDevUtils
|
|
165
177
|
summaries.transform_keys { |k| "#{COV_PARENT_SUMMARY_PREFIX}#{benchmark}-#{k}"}
|
166
178
|
end
|
167
179
|
|
180
|
+
# def self.summaries_from_comply_report(report)
|
181
|
+
# summaries = {}
|
182
|
+
# report.each do |_, v|
|
183
|
+
# end
|
184
|
+
|
168
185
|
class Dummy
|
169
186
|
def attrs
|
170
187
|
{ 'fields' => {
|
File without changes
|
File without changes
|
File without changes
|
data/lib/abide_dev_utils/ppt.rb
CHANGED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -41,7 +41,7 @@ module AbideDevUtils
|
|
41
41
|
@version = xpath(XPATHS[:benchmark][:version]).children.to_s
|
42
42
|
@profiles = xpath(XPATHS[:profiles][:all])
|
43
43
|
@parent_key = make_parent_key(@doc, parent_key_prefix)
|
44
|
-
@hash = make_hash(@doc,
|
44
|
+
@hash = make_hash(@doc, num)
|
45
45
|
end
|
46
46
|
|
47
47
|
def yaml_title
|
@@ -63,8 +63,8 @@ module AbideDevUtils
|
|
63
63
|
# Convert the Hiera object to YAML string
|
64
64
|
# @return [String] YAML-formatted string
|
65
65
|
def to_yaml
|
66
|
-
yh = @hash
|
67
|
-
|
66
|
+
yh = @hash.transform_keys do |k|
|
67
|
+
[@parent_key, k].join('::').strip
|
68
68
|
end
|
69
69
|
yh.to_yaml
|
70
70
|
end
|
@@ -101,15 +101,15 @@ module AbideDevUtils
|
|
101
101
|
Nokogiri.XML(File.open(xccdf_file))
|
102
102
|
end
|
103
103
|
|
104
|
-
def make_hash(doc,
|
105
|
-
hash = {
|
104
|
+
def make_hash(doc, num)
|
105
|
+
hash = { 'title' => @title, 'version' => @version }
|
106
106
|
profiles = doc.xpath('xccdf:Benchmark/xccdf:Profile')
|
107
107
|
profiles.each do |p|
|
108
108
|
title = normalize_profile_name(p.xpath('./xccdf:title').children.to_s)
|
109
|
-
hash[
|
109
|
+
hash[title.to_s] = []
|
110
110
|
selects = p.xpath('./xccdf:select')
|
111
111
|
selects.each do |s|
|
112
|
-
hash[
|
112
|
+
hash[title.to_s] << normalize_ctrl_name(s['idref'].to_s, num)
|
113
113
|
end
|
114
114
|
end
|
115
115
|
hash
|
@@ -120,14 +120,16 @@ module AbideDevUtils
|
|
120
120
|
nstr.gsub!(/[^a-z0-9]$/, '')
|
121
121
|
nstr.gsub!(/^[^a-z]/, '')
|
122
122
|
nstr.gsub!(/^(l1_|l2_|ng_)/, '')
|
123
|
-
nstr.delete!('(
|
123
|
+
nstr.delete!('(/|\\|\+)')
|
124
124
|
nstr.gsub!(UNDERSCORED, '_')
|
125
|
+
nstr.strip!
|
125
126
|
nstr
|
126
127
|
end
|
127
128
|
|
128
129
|
def normalize_profile_name(prof)
|
129
130
|
prof_name = normalize_str("profile_#{prof}")
|
130
131
|
prof_name.gsub!(NEXT_GEN_WINDOWS, 'ngws')
|
132
|
+
prof_name.strip!
|
131
133
|
prof_name
|
132
134
|
end
|
133
135
|
|
File without changes
|
@@ -15,7 +15,7 @@ module AbideDevUtils
|
|
15
15
|
type = opts.fetch(:type, 'cis')
|
16
16
|
case type.downcase
|
17
17
|
when 'cis'
|
18
|
-
AbideDevUtils::XCCDF::CIS::Hiera.new(xccdf_file, parent_key_prefix: opts[:parent_key_prefix],
|
18
|
+
AbideDevUtils::XCCDF::CIS::Hiera.new(xccdf_file, parent_key_prefix: opts[:parent_key_prefix], num: opts[:num])
|
19
19
|
else
|
20
20
|
AbideDevUtils::Output.simple("XCCDF type #{type} is unsupported!")
|
21
21
|
end
|
data/lib/abide_dev_utils.rb
CHANGED
File without changes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: abide_dev_utils
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Heston Snodgrass
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-09-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|
@@ -80,6 +80,20 @@ dependencies:
|
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '1.11'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: selenium-webdriver
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: 4.0.0.beta4
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 4.0.0.beta4
|
83
97
|
- !ruby/object:Gem::Dependency
|
84
98
|
name: bundler
|
85
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -150,6 +164,20 @@ dependencies:
|
|
150
164
|
- - ">="
|
151
165
|
- !ruby/object:Gem::Version
|
152
166
|
version: '0'
|
167
|
+
- !ruby/object:Gem::Dependency
|
168
|
+
name: pry
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - ">="
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: '0'
|
174
|
+
type: :development
|
175
|
+
prerelease: false
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - ">="
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: '0'
|
153
181
|
- !ruby/object:Gem::Dependency
|
154
182
|
name: rspec
|
155
183
|
requirement: !ruby/object:Gem::Requirement
|
@@ -275,10 +303,12 @@ files:
|
|
275
303
|
- lib/abide_dev_utils.rb
|
276
304
|
- lib/abide_dev_utils/cli.rb
|
277
305
|
- lib/abide_dev_utils/cli/abstract.rb
|
306
|
+
- lib/abide_dev_utils/cli/comply.rb
|
278
307
|
- lib/abide_dev_utils/cli/jira.rb
|
279
308
|
- lib/abide_dev_utils/cli/puppet.rb
|
280
309
|
- lib/abide_dev_utils/cli/test.rb
|
281
310
|
- lib/abide_dev_utils/cli/xccdf.rb
|
311
|
+
- lib/abide_dev_utils/comply.rb
|
282
312
|
- lib/abide_dev_utils/config.rb
|
283
313
|
- lib/abide_dev_utils/constants.rb
|
284
314
|
- lib/abide_dev_utils/errors.rb
|
@@ -308,7 +338,7 @@ metadata:
|
|
308
338
|
homepage_uri: https://github.com/hsnodgrass/abide_dev_utils
|
309
339
|
source_code_uri: https://github.com/hsnodgrass/abide_dev_utils
|
310
340
|
changelog_uri: https://github.com/hsnodgrass/abide_dev_utils
|
311
|
-
post_install_message:
|
341
|
+
post_install_message:
|
312
342
|
rdoc_options: []
|
313
343
|
require_paths:
|
314
344
|
- lib
|
@@ -323,8 +353,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
323
353
|
- !ruby/object:Gem::Version
|
324
354
|
version: '0'
|
325
355
|
requirements: []
|
326
|
-
rubygems_version: 3.1.
|
327
|
-
signing_key:
|
356
|
+
rubygems_version: 3.1.4
|
357
|
+
signing_key:
|
328
358
|
specification_version: 4
|
329
359
|
summary: Helper utilities for developing Abide
|
330
360
|
test_files: []
|