abide_dev_utils 0.6.0 → 0.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: abide_dev_utils
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.9.3
5
5
  platform: ruby
6
6
  authors:
7
- - Heston Snodgrass
7
+ - abide-team
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-24 00:00:00.000000000 Z
11
+ date: 2022-01-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -108,6 +108,20 @@ dependencies:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
110
  version: '1.34'
111
+ - !ruby/object:Gem::Dependency
112
+ name: hashdiff
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '1.0'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '1.0'
111
125
  - !ruby/object:Gem::Dependency
112
126
  name: bundler
113
127
  requirement: !ruby/object:Gem::Requirement
@@ -290,22 +304,23 @@ dependencies:
290
304
  - - "~>"
291
305
  - !ruby/object:Gem::Version
292
306
  version: '1.8'
293
- description: Provides a CLI with helpful utilities for developing Abide
307
+ description: Provides a CLI with helpful utilities for developing compliance Puppet
308
+ code
294
309
  email:
295
- - hsnodgrass3@gmail.com
310
+ - abide-team@puppet.com
296
311
  executables:
297
312
  - abide
298
313
  extensions: []
299
314
  extra_rdoc_files: []
300
315
  files:
301
- - ".dockerignore"
302
316
  - ".gitignore"
303
317
  - ".rspec"
304
318
  - ".rubocop.yml"
305
319
  - ".rubocop_todo.yml"
306
320
  - CHANGELOG.md
307
- - Dockerfile
321
+ - CODEOWNERS
308
322
  - Gemfile
323
+ - Gemfile.lock
309
324
  - LICENSE.txt
310
325
  - README.md
311
326
  - Rakefile
@@ -339,24 +354,23 @@ files:
339
354
  - lib/abide_dev_utils/mixins.rb
340
355
  - lib/abide_dev_utils/output.rb
341
356
  - lib/abide_dev_utils/ppt.rb
357
+ - lib/abide_dev_utils/ppt/api.rb
342
358
  - lib/abide_dev_utils/ppt/class_utils.rb
343
359
  - lib/abide_dev_utils/ppt/coverage.rb
344
360
  - lib/abide_dev_utils/ppt/new_obj.rb
361
+ - lib/abide_dev_utils/ppt/score_module.rb
345
362
  - lib/abide_dev_utils/prompt.rb
346
363
  - lib/abide_dev_utils/resources/generic_spec.erb
347
364
  - lib/abide_dev_utils/validate.rb
348
365
  - lib/abide_dev_utils/version.rb
349
366
  - lib/abide_dev_utils/xccdf.rb
350
- - lib/abide_dev_utils/xccdf/cis.rb
351
- - lib/abide_dev_utils/xccdf/cis/hiera.rb
352
- - lib/abide_dev_utils/xccdf/utils.rb
353
- homepage: https://github.com/hsnodgrass/abide_dev_utils
367
+ homepage: https://github.com/puppetlabs/abide_dev_utils
354
368
  licenses:
355
369
  - MIT
356
370
  metadata:
357
- homepage_uri: https://github.com/hsnodgrass/abide_dev_utils
358
- source_code_uri: https://github.com/hsnodgrass/abide_dev_utils
359
- changelog_uri: https://github.com/hsnodgrass/abide_dev_utils
371
+ homepage_uri: https://github.com/puppetlabs/abide_dev_utils
372
+ source_code_uri: https://github.com/puppetlabs/abide_dev_utils
373
+ changelog_uri: https://github.com/puppetlabs/abide_dev_utils
360
374
  post_install_message:
361
375
  rdoc_options: []
362
376
  require_paths:
@@ -365,7 +379,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
365
379
  requirements:
366
380
  - - ">="
367
381
  - !ruby/object:Gem::Version
368
- version: 2.5.0
382
+ version: 2.7.0
369
383
  required_rubygems_version: !ruby/object:Gem::Requirement
370
384
  requirements:
371
385
  - - ">="
@@ -375,5 +389,5 @@ requirements: []
375
389
  rubygems_version: 3.1.4
376
390
  signing_key:
377
391
  specification_version: 4
378
- summary: Helper utilities for developing Abide
392
+ summary: Helper utilities for developing compliance Puppet code
379
393
  test_files: []
data/.dockerignore DELETED
@@ -1 +0,0 @@
1
- Gemfile.lock
data/Dockerfile DELETED
@@ -1,23 +0,0 @@
1
- FROM ruby:2.7.3-alpine
2
-
3
- ARG version
4
-
5
- RUN mkdir /extvol && \
6
- apk update && \
7
- apk add git build-base
8
-
9
- VOLUME /extvol
10
-
11
- WORKDIR /usr/src/app
12
-
13
- RUN mkdir -p ./lib/abide_dev_utils/
14
- COPY Gemfile abide_dev_utils.gemspec ./
15
- COPY lib/abide_dev_utils/version.rb lib/abide_dev_utils
16
- RUN bundle install
17
-
18
- COPY . .
19
-
20
- RUN bundle exec rake build && \
21
- gem install pkg/abide_dev_utils-${version}.gem
22
-
23
- ENTRYPOINT [ "abide" ]
@@ -1,166 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'yaml'
4
- require 'nokogiri'
5
- require 'abide_dev_utils/errors'
6
- require 'abide_dev_utils/xccdf/utils'
7
-
8
- module AbideDevUtils
9
- module XCCDF
10
- module CIS
11
- # Creates a Hiera structure by parsing a CIS XCCDF benchmark
12
- # @!attribute [r] title
13
- # @!attribute [r] version
14
- # @!attribute [r] yaml_title
15
- class Hiera
16
- include AbideDevUtils::XCCDF::Utils
17
-
18
- # CONTROL_PREFIX = /^[\d.]+_/.freeze
19
- # UNDERSCORED = /(\s|\(|\)|-|\.)/.freeze
20
- # XPATHS = {
21
- # benchmark: {
22
- # all: 'xccdf:Benchmark',
23
- # title: 'xccdf:Benchmark/xccdf:title',
24
- # version: 'xccdf:Benchmark/xccdf:version'
25
- # },
26
- # profiles: {
27
- # all: 'xccdf:Benchmark/xccdf:Profile',
28
- # relative_title: './xccdf:title',
29
- # relative_select: './xccdf:select'
30
- # }
31
- # }.freeze
32
- # NEXT_GEN_WINDOWS = /(next_generation_windows_security)/.freeze
33
-
34
- attr_reader :title, :version
35
-
36
- # Creates a new Hiera object
37
- # @param xccdf_file [String] path to an XCCDF file
38
- # @param parent_key_prefix [String] a string to be prepended to the
39
- # top-level key in the Hiera structure. Useful for namespacing
40
- # the top-level key.
41
- def initialize(xccdf_file, parent_key_prefix: nil, num: false)
42
- @doc = parse(xccdf_file)
43
- @title = xpath(CIS_XPATHS[:benchmark][:title]).children.to_s
44
- @version = xpath(CIS_XPATHS[:benchmark][:version]).children.to_s
45
- @profiles = xpath(CIS_XPATHS[:profiles][:all])
46
- @parent_key = make_parent_key(@doc, parent_key_prefix)
47
- @hash = make_hash(@doc, number_format: num)
48
- end
49
-
50
- def yaml_title
51
- normalize_string(@title)
52
- end
53
-
54
- # Convert the Hiera object to a hash
55
- # @return [Hash]
56
- def to_h
57
- @hash
58
- end
59
-
60
- # Convert the Hiera object to a string
61
- # @return [String]
62
- def to_s
63
- @hash.inspect
64
- end
65
-
66
- # Convert the Hiera object to YAML string
67
- # @return [String] YAML-formatted string
68
- def to_yaml
69
- yh = @hash.transform_keys do |k|
70
- [@parent_key, k].join('::').strip
71
- end
72
- yh.to_yaml
73
- end
74
-
75
- # If a method gets called on the Hiera object which is not defined,
76
- # this sends that method call to hash, then doc, then super.
77
- def method_missing(method, *args, &block)
78
- return true if ['exist?', 'exists?'].include?(method.to_s)
79
-
80
- return @hash.send(method, *args, &block) if @hash.respond_to?(method)
81
-
82
- return @doc.send(method, *args, &block) if @doc.respond_to?(method)
83
-
84
- super(method, *args, &block)
85
- end
86
-
87
- # Checks the respond_to? of hash, doc, or super
88
- def respond_to_missing?(method_name, include_private = false)
89
- return true if ['exist?', 'exists?'].include?(method_name.to_s)
90
-
91
- @hash || @doc || super
92
- end
93
-
94
- private
95
-
96
- attr_accessor :doc, :hash, :parent_key, :profiles
97
-
98
- # # Accepts a path to an xccdf xml file and returns a parsed Nokogiri object of the file
99
- # # @param xccdf_file [String] path to an xccdf xml file
100
- # # @return [Nokogiri::Node] A Nokogiri node object of the XML document
101
- # def parse(xccdf_file)
102
- # raise AbideDevUtils::Errors::FileNotFoundError, xccdf_file unless File.file?(xccdf_file)
103
-
104
- # Nokogiri.XML(File.open(xccdf_file))
105
- # end
106
-
107
- def make_hash(doc, number_format: false)
108
- hash = { 'title' => @title, 'version' => @version }
109
- profiles = doc.xpath('xccdf:Benchmark/xccdf:Profile')
110
- profiles.each do |p|
111
- title = normalize_profile_name(p.xpath('./xccdf:title').children.to_s)
112
- hash[title.to_s] = []
113
- selects = p.xpath('./xccdf:select')
114
- selects.each do |s|
115
- hash[title.to_s] << normalize_control_name(s['idref'].to_s, number_format: number_format)
116
- end
117
- end
118
- hash
119
- end
120
-
121
- # def normalize_str(str)
122
- # nstr = str.downcase
123
- # nstr.gsub!(/[^a-z0-9]$/, '')
124
- # nstr.gsub!(/^[^a-z]/, '')
125
- # nstr.gsub!(/^(l1_|l2_|ng_)/, '')
126
- # nstr.delete!('(/|\\|\+)')
127
- # nstr.gsub!(UNDERSCORED, '_')
128
- # nstr.strip!
129
- # nstr
130
- # end
131
-
132
- # def normalize_profile_name(prof)
133
- # prof_name = normalize_str("profile_#{prof}")
134
- # prof_name.gsub!(NEXT_GEN_WINDOWS, 'ngws')
135
- # prof_name.strip!
136
- # prof_name
137
- # end
138
-
139
- # def normalize_ctrl_name(ctrl, num)
140
- # return num_normalize_ctrl(ctrl) if num
141
-
142
- # name_normalize_ctrl(ctrl)
143
- # end
144
-
145
- # def name_normalize_ctrl(ctrl)
146
- # new_ctrl = ctrl.split('benchmarks_rule_')[-1].gsub(CONTROL_PREFIX, '')
147
- # normalize_str(new_ctrl)
148
- # end
149
-
150
- # def num_normalize_ctrl(ctrl)
151
- # part = ctrl.split('benchmarks_rule_')[-1]
152
- # numpart = CONTROL_PREFIX.match(part).to_s.chop.gsub(UNDERSCORED, '_')
153
- # "c#{numpart}"
154
- # end
155
-
156
- def make_parent_key(doc, prefix)
157
- doc_title = normalize_string(doc.xpath(CIS_XPATHS[:benchmark][:title]).children.to_s)
158
- return doc_title if prefix.nil?
159
-
160
- sepped_prefix = prefix.end_with?('::') ? prefix : "#{prefix}::"
161
- "#{sepped_prefix.chomp}#{doc_title}"
162
- end
163
- end
164
- end
165
- end
166
- end
@@ -1,3 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'abide_dev_utils/xccdf/cis/hiera'
@@ -1,85 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'nokogiri'
4
- require 'abide_dev_utils/validate'
5
- require 'pry'
6
-
7
- module AbideDevUtils
8
- module XCCDF
9
- module Utils
10
- CONTROL_PREFIX = /^[\d.]+_/.freeze
11
- UNDERSCORED = /(\s|\(|\)|-|\.)/.freeze
12
- CIS_NEXT_GEN_WINDOWS = /(next_generation_windows_security)/.freeze
13
- CIS_XPATHS = {
14
- benchmark: {
15
- all: 'xccdf:Benchmark',
16
- title: 'xccdf:Benchmark/xccdf:title',
17
- version: 'xccdf:Benchmark/xccdf:version'
18
- },
19
- profiles: {
20
- all: 'xccdf:Benchmark/xccdf:Profile',
21
- relative_title: './xccdf:title',
22
- relative_select: './xccdf:select'
23
- }
24
- }.freeze
25
-
26
- def parse(xccdf_file)
27
- AbideDevUtils::Validate.file(xccdf_file)
28
- File.open(xccdf_file) { |f| Nokogiri::XML(f) }
29
- end
30
-
31
- def normalize_string(str)
32
- nstr = str.downcase
33
- nstr.gsub!(/[^a-z0-9]$/, '')
34
- nstr.gsub!(/^[^a-z]/, '')
35
- nstr.gsub!(/^(l1_|l2_|ng_)/, '')
36
- nstr.delete!('(/|\\|\+)')
37
- nstr.gsub!(UNDERSCORED, '_')
38
- nstr.strip!
39
- nstr
40
- end
41
-
42
- def normalize_profile_name(prof)
43
- prof_name = normalize_string("profile_#{prof}")
44
- prof_name.gsub!(NEXT_GEN_WINDOWS, 'ngws')
45
- prof_name.strip!
46
- prof_name
47
- end
48
-
49
- def normalize_control_name(control, number_format: false)
50
- return number_normalize_control(control) if number_format
51
-
52
- name_normalize_control(control)
53
- end
54
-
55
- def name_normalize_control(control)
56
- new_ctrl = control.split('benchmarks_rule_')[-1].gsub(CONTROL_PREFIX, '')
57
- normalize_string(new_ctrl)
58
- end
59
-
60
- def number_normalize_control(control)
61
- part = control.split('benchmarks_rule_')[-1]
62
- numpart = CONTROL_PREFIX.match(part).to_s.chop.gsub(UNDERSCORED, '_')
63
- "c#{numpart}"
64
- end
65
-
66
- def text_normalize_control(control)
67
- control = control['idref'].to_s unless control.respond_to?(:split)
68
-
69
- control.split('benchmarks_rule_')[-1].tr('_', ' ')
70
- end
71
-
72
- def all_cis_recommendations(parsed_xccdf)
73
- parsed_xccdf.xpath('//xccdf:select').uniq
74
- end
75
-
76
- def find_cis_recommendation(name, recommendations, number_format: false)
77
- recommendations.each do |reco|
78
- if normalize_control_name(reco['idref'].to_s, number_format: number_format) == name
79
- return text_normalize_control(reco['idref'].to_s)
80
- end
81
- end
82
- end
83
- end
84
- end
85
- end