emasser 1.0.6 → 3.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/.dockerignore +8 -8
  3. data/.env-example +12 -12
  4. data/.github/release-drafter.yml +15 -15
  5. data/.github/workflows/codeql-analysis.yml +70 -70
  6. data/.github/workflows/draft-release.yml +15 -15
  7. data/.github/workflows/gh-pages.yml +32 -32
  8. data/.github/workflows/push-to-docker-mail.yml +28 -28
  9. data/.github/workflows/push-to-docker.yml +35 -35
  10. data/.github/workflows/release.yml +42 -42
  11. data/.github/workflows/rubocop.yml +23 -23
  12. data/.github/workflows/test-cli.yml +72 -72
  13. data/.gitignore +19 -19
  14. data/.mergify.yml +25 -25
  15. data/.rubocop.yml +80 -80
  16. data/.rubocop_todo.yml +27 -27
  17. data/CHANGELOG.md +16 -16
  18. data/Dockerfile +44 -44
  19. data/Gemfile +8 -8
  20. data/Gemfile.lock +104 -104
  21. data/LICENSE.md +15 -15
  22. data/README.md +178 -178
  23. data/Rakefile +18 -18
  24. data/_config.yml +1 -1
  25. data/docs/features.md +1436 -1330
  26. data/docs/redoc/index.html +1230 -1230
  27. data/emasser.gemspec +44 -44
  28. data/exe/emasser +5 -5
  29. data/lib/emasser/cli.rb +37 -37
  30. data/lib/emasser/configuration.rb +49 -49
  31. data/lib/emasser/constants.rb +26 -26
  32. data/lib/emasser/delete.rb +148 -148
  33. data/lib/emasser/errors.rb +14 -14
  34. data/lib/emasser/get.rb +949 -670
  35. data/lib/emasser/help/approvalCac_post_mapper.md +20 -20
  36. data/lib/emasser/help/approvalPac_post_mapper.md +20 -20
  37. data/lib/emasser/help/artifacts_del_mapper.md +9 -9
  38. data/lib/emasser/help/artifacts_post_mapper.md +59 -59
  39. data/lib/emasser/help/artifacts_put_mapper.md +34 -34
  40. data/lib/emasser/help/cloudresource_post_mapper.md +62 -62
  41. data/lib/emasser/help/cmmc_get_mapper.md +4 -4
  42. data/lib/emasser/help/container_post_mapper.md +44 -44
  43. data/lib/emasser/help/controls_put_mapper.md +74 -74
  44. data/lib/emasser/help/milestone_del_mapper.md +11 -11
  45. data/lib/emasser/help/milestone_post_mapper.md +14 -14
  46. data/lib/emasser/help/milestone_put_mapper.md +23 -23
  47. data/lib/emasser/help/poam_del_mapper.md +5 -5
  48. data/lib/emasser/help/poam_post_mapper.md +93 -93
  49. data/lib/emasser/help/poam_put_mapper.md +107 -107
  50. data/lib/emasser/help/staticcode_clear_mapper.md +16 -16
  51. data/lib/emasser/help/staticcode_post_mapper.md +21 -21
  52. data/lib/emasser/help/testresults_post_mapper.md +21 -21
  53. data/lib/emasser/help.rb +11 -11
  54. data/lib/emasser/input_converters.rb +21 -21
  55. data/lib/emasser/options_parser.rb +20 -20
  56. data/lib/emasser/output_converters.rb +111 -111
  57. data/lib/emasser/post.rb +830 -802
  58. data/lib/emasser/put.rb +588 -588
  59. data/lib/emasser/version.rb +5 -5
  60. data/lib/emasser.rb +19 -19
  61. metadata +10 -16
data/Gemfile.lock CHANGED
@@ -1,104 +1,104 @@
1
- PATH
2
- remote: .
3
- specs:
4
- emasser (1.0.6)
5
- activesupport (~> 6.1.4)
6
- colorize (~> 0.8.1)
7
- dotenv (~> 2.7.6)
8
- emass_client (~> 1.0, != 1.0.3)
9
- rubyzip (~> 2.3.2)
10
- thor (~> 1.1.0)
11
-
12
- GEM
13
- remote: https://rubygems.org/
14
- specs:
15
- activesupport (6.1.6)
16
- concurrent-ruby (~> 1.0, >= 1.0.2)
17
- i18n (>= 1.6, < 2)
18
- minitest (>= 5.1)
19
- tzinfo (~> 2.0)
20
- zeitwerk (~> 2.3)
21
- ast (2.4.2)
22
- bundler-audit (0.9.1)
23
- bundler (>= 1.2.0, < 3)
24
- thor (~> 1.0)
25
- byebug (11.1.3)
26
- colorize (0.8.1)
27
- concurrent-ruby (1.1.10)
28
- diff-lcs (1.5.0)
29
- dotenv (2.7.6)
30
- emass_client (1.0.6)
31
- typhoeus (~> 1.0, >= 1.0.1)
32
- ethon (0.15.0)
33
- ffi (>= 1.15.0)
34
- ffi (1.15.5-x64-mingw32)
35
- i18n (1.10.0)
36
- concurrent-ruby (~> 1.0)
37
- minitest (5.15.0)
38
- parallel (1.22.1)
39
- parser (3.1.2.0)
40
- ast (~> 2.4.1)
41
- rainbow (3.1.1)
42
- rake (13.0.6)
43
- regexp_parser (2.5.0)
44
- rexml (3.2.5)
45
- rspec (3.10.0)
46
- rspec-core (~> 3.10.0)
47
- rspec-expectations (~> 3.10.0)
48
- rspec-mocks (~> 3.10.0)
49
- rspec-core (3.10.2)
50
- rspec-support (~> 3.10.0)
51
- rspec-expectations (3.10.2)
52
- diff-lcs (>= 1.2.0, < 2.0)
53
- rspec-support (~> 3.10.0)
54
- rspec-mocks (3.10.3)
55
- diff-lcs (>= 1.2.0, < 2.0)
56
- rspec-support (~> 3.10.0)
57
- rspec-support (3.10.3)
58
- rubocop (1.30.0)
59
- parallel (~> 1.10)
60
- parser (>= 3.1.0.0)
61
- rainbow (>= 2.2.2, < 4.0)
62
- regexp_parser (>= 1.8, < 3.0)
63
- rexml (>= 3.2.5, < 4.0)
64
- rubocop-ast (>= 1.18.0, < 2.0)
65
- ruby-progressbar (~> 1.7)
66
- unicode-display_width (>= 1.4.0, < 3.0)
67
- rubocop-ast (1.18.0)
68
- parser (>= 3.1.1.0)
69
- rubocop-minitest (0.20.0)
70
- rubocop (>= 0.90, < 2.0)
71
- rubocop-performance (1.14.0)
72
- rubocop (>= 1.7.0, < 2.0)
73
- rubocop-ast (>= 0.4.0)
74
- rubocop-rake (0.6.0)
75
- rubocop (~> 1.0)
76
- ruby-progressbar (1.11.0)
77
- rubyzip (2.3.2)
78
- thor (1.1.0)
79
- typhoeus (1.4.0)
80
- ethon (>= 0.9.0)
81
- tzinfo (2.0.4)
82
- concurrent-ruby (~> 1.0)
83
- unicode-display_width (2.1.0)
84
- yaml (0.2.0)
85
- zeitwerk (2.5.4)
86
-
87
- PLATFORMS
88
- x64-mingw32
89
-
90
- DEPENDENCIES
91
- bundler (~> 2.3)
92
- bundler-audit (~> 0.7)
93
- byebug (~> 11.1.3)
94
- emasser!
95
- rake (~> 13.0)
96
- rspec (~> 3.10.0)
97
- rubocop (~> 1.7)
98
- rubocop-minitest (~> 0.10)
99
- rubocop-performance (~> 1.11)
100
- rubocop-rake (~> 0.5)
101
- yaml (~> 0.2.0)
102
-
103
- BUNDLED WITH
104
- 2.3.5
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ emasser (3.4.0)
5
+ activesupport (~> 6.1.4)
6
+ colorize (~> 0.8.1)
7
+ dotenv (~> 2.7.6)
8
+ emass_client (~> 3.0)
9
+ rubyzip (~> 2.3.2)
10
+ thor (~> 1.1.0)
11
+
12
+ GEM
13
+ remote: https://rubygems.org/
14
+ specs:
15
+ activesupport (6.1.7)
16
+ concurrent-ruby (~> 1.0, >= 1.0.2)
17
+ i18n (>= 1.6, < 2)
18
+ minitest (>= 5.1)
19
+ tzinfo (~> 2.0)
20
+ zeitwerk (~> 2.3)
21
+ ast (2.4.2)
22
+ bundler-audit (0.9.1)
23
+ bundler (>= 1.2.0, < 3)
24
+ thor (~> 1.0)
25
+ byebug (11.1.3)
26
+ colorize (0.8.1)
27
+ concurrent-ruby (1.1.10)
28
+ diff-lcs (1.5.0)
29
+ dotenv (2.7.6)
30
+ emass_client (3.4.0)
31
+ typhoeus (~> 1.0, >= 1.0.1)
32
+ ethon (0.15.0)
33
+ ffi (>= 1.15.0)
34
+ ffi (1.15.5-x64-mingw32)
35
+ i18n (1.12.0)
36
+ concurrent-ruby (~> 1.0)
37
+ minitest (5.16.3)
38
+ parallel (1.22.1)
39
+ parser (3.1.2.0)
40
+ ast (~> 2.4.1)
41
+ rainbow (3.1.1)
42
+ rake (13.0.6)
43
+ regexp_parser (2.5.0)
44
+ rexml (3.2.5)
45
+ rspec (3.10.0)
46
+ rspec-core (~> 3.10.0)
47
+ rspec-expectations (~> 3.10.0)
48
+ rspec-mocks (~> 3.10.0)
49
+ rspec-core (3.10.2)
50
+ rspec-support (~> 3.10.0)
51
+ rspec-expectations (3.10.2)
52
+ diff-lcs (>= 1.2.0, < 2.0)
53
+ rspec-support (~> 3.10.0)
54
+ rspec-mocks (3.10.3)
55
+ diff-lcs (>= 1.2.0, < 2.0)
56
+ rspec-support (~> 3.10.0)
57
+ rspec-support (3.10.3)
58
+ rubocop (1.30.0)
59
+ parallel (~> 1.10)
60
+ parser (>= 3.1.0.0)
61
+ rainbow (>= 2.2.2, < 4.0)
62
+ regexp_parser (>= 1.8, < 3.0)
63
+ rexml (>= 3.2.5, < 4.0)
64
+ rubocop-ast (>= 1.18.0, < 2.0)
65
+ ruby-progressbar (~> 1.7)
66
+ unicode-display_width (>= 1.4.0, < 3.0)
67
+ rubocop-ast (1.18.0)
68
+ parser (>= 3.1.1.0)
69
+ rubocop-minitest (0.20.0)
70
+ rubocop (>= 0.90, < 2.0)
71
+ rubocop-performance (1.14.0)
72
+ rubocop (>= 1.7.0, < 2.0)
73
+ rubocop-ast (>= 0.4.0)
74
+ rubocop-rake (0.6.0)
75
+ rubocop (~> 1.0)
76
+ ruby-progressbar (1.11.0)
77
+ rubyzip (2.3.2)
78
+ thor (1.1.0)
79
+ typhoeus (1.4.0)
80
+ ethon (>= 0.9.0)
81
+ tzinfo (2.0.5)
82
+ concurrent-ruby (~> 1.0)
83
+ unicode-display_width (2.1.0)
84
+ yaml (0.2.0)
85
+ zeitwerk (2.6.0)
86
+
87
+ PLATFORMS
88
+ x64-mingw32
89
+
90
+ DEPENDENCIES
91
+ bundler (~> 2.3)
92
+ bundler-audit (~> 0.7)
93
+ byebug (~> 11.1.3)
94
+ emasser!
95
+ rake (~> 13.0)
96
+ rspec (~> 3.10.0)
97
+ rubocop (~> 1.7)
98
+ rubocop-minitest (~> 0.10)
99
+ rubocop-performance (~> 1.11)
100
+ rubocop-rake (~> 0.5)
101
+ yaml (~> 0.2.0)
102
+
103
+ BUNDLED WITH
104
+ 2.3.5
data/LICENSE.md CHANGED
@@ -1,15 +1,15 @@
1
- Licensed under the apache-2.0 license, except as noted below.
2
-
3
- Redistribution and use in source and binary forms, with or without modification,
4
- are permitted provided that the following conditions are met:
5
-
6
- * Redistributions of source code must retain the above copyright/ digital rights
7
- legend, this list of conditions and the following Notice.
8
-
9
- * Redistributions in binary form must reproduce the above copyright copyright/digital
10
- rights legend, this list of conditions and the following Notice in the documentation
11
- and/or other materials provided with the distribution.
12
-
13
- * Neither the name of The MITRE Corporation nor the names of its contributors may be
14
- used to endorse or promote products derived from this software without specific prior
15
- written permission.
1
+ Licensed under the apache-2.0 license, except as noted below.
2
+
3
+ Redistribution and use in source and binary forms, with or without modification,
4
+ are permitted provided that the following conditions are met:
5
+
6
+ * Redistributions of source code must retain the above copyright/ digital rights
7
+ legend, this list of conditions and the following Notice.
8
+
9
+ * Redistributions in binary form must reproduce the above copyright copyright/digital
10
+ rights legend, this list of conditions and the following Notice in the documentation
11
+ and/or other materials provided with the distribution.
12
+
13
+ * Neither the name of The MITRE Corporation nor the names of its contributors may be
14
+ used to endorse or promote products derived from this software without specific prior
15
+ written permission.
data/README.md CHANGED
@@ -1,178 +1,178 @@
1
- # emasser
2
- ![GitHub Release Date](https://img.shields.io/github/release-date/mitre/emasser?label=Release%20Date&logo=github&color=blue)
3
- ![GitHub release (latest by date)](https://img.shields.io/github/v/release/mitre/emasser?label=Release%20Version&logo=github) ![Gem](https://img.shields.io/gem/v/emasser?label=gem%20version&logo=ruby&logoColor=red) ![Docker Version](https://img.shields.io/docker/v/mitre/emasser?label=docker%20version&logo=docker&sort=semver)
4
-
5
- ![emasser Testing](https://github.com/mitre/emasser/actions/workflows/test-cli.yml/badge.svg)
6
- ![CodeQL Vulnerabilities and Errors](https://github.com/mitre/emasser/actions/workflows/codeql-analysis.yml/badge.svg)
7
- [![GitHub Pages](https://github.com/mitre/emasser/actions/workflows/gh-pages.yml/badge.svg)](https://github.com/mitre/emasser/actions/workflows/gh-pages.yml)
8
- ![Code Linter](https://github.com/mitre/emasser/actions/workflows/rubocop.yml/badge.svg)
9
-
10
- ## About
11
-
12
- `emasser` is a Command Line Interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its Representational State Transfer (REST) Application Programming Interface (API).
13
-
14
- ***NOTE***: The `emasser` CLI utilizes the [emass_client](https://github.com/mitre/emass_client) RubyGem executable package to access the eMASS API endpoints.
15
-
16
- ---
17
- ## Documentation
18
- For detail content information about the `eMASS` API references the [**eMASS API Specification**](https://mitre.github.io/emass_client/docs/redoc/) page.
19
-
20
- For detail features provided by the `emasser` CLI references the [**emasser CLI Features**](docs/features.md) page.
21
-
22
- The `emasser` CLI [**Architecture**](#emasser-cli-architecture) depicts the `emasser` structure, and provides an explanation of how it behaves.
23
-
24
- ---
25
- ## Installation Options
26
-
27
- `emasser` is a Ruby CLI distributed via GitHub (this repository), [RubyGems](https://rubygems.org/gems/emass_client/versions/), or [Docker](https://hub.docker.com/r/mitre/emasser/tags).
28
-
29
- ### Installation Dependencies
30
- * git
31
- * Ruby version 2.7 or greater
32
-
33
- ### Runtime Dependencies
34
- * Ruby version 2.7 or greater.
35
- * `rubyzip (latest version)`
36
- * `emass_client (latest version)`
37
- * On Windows the `cURL` binary is required (libcurl.dll). To install cURL:
38
- - Download cURL for windows from [curl x.x.x for Windows](https://curl.se/windows/)
39
- - Go into the archive and browse to the /bin directory
40
- - Locate libcurl_x64.dll (it may be named just libcurl.dll)
41
- - Extract the file into the Ruby installation /bin directory
42
- - Rename the file to `libcurl.dll` if it has the `_x64` suffix
43
- - Install [cURL for windows](https://community.chocolatey.org/packages/curl) and add the installation directory to the PATH.
44
-
45
-
46
- ## Install via GitHub
47
- - [Clone](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository) the repository
48
- ```bash
49
- git clone <path to emasser repository> emasser
50
- cd emasser
51
- ```
52
- - Build the emasser gem*
53
- ```bash
54
- gem build *.gemspec
55
- gem install *.gem
56
- ```
57
-
58
- ***Note:** To run in development mode there isn't a need to build the gem, simply clone from the emasser repository and use:
59
-
60
- ```
61
- bundle install
62
-
63
- bundle exec exe/emasser [command]
64
- ```
65
-
66
- ## Install via published RubyGems
67
- - Install the `emasser` gem from the [RubyGems](https://rubygems.org/gems/emass_client/versions/) registry
68
- ```bash
69
- gem install emasser
70
- ```
71
- - Update the `emasser` gem to the latest version
72
- ```bash
73
- gem update emasser
74
- ```
75
-
76
- - To run (execute a command) create a `.env*` file in the directory where you want to invoke the `emmaser` and use:
77
-
78
- ```
79
- emasser [command]
80
- ```
81
- ***Note:** See [Setting Environment Variables Configuration](https://github.com/mitre/emasser/wiki/Editing-Environment-Variables-Configuration) for detailed information on required and optional variables.
82
-
83
- ## Using Docker
84
- Ensure that docker engine is running and start the emasser Docker Container.
85
- ### Install
86
- - On Linux or Mac:
87
- ```
88
- docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest
89
- ```
90
- - On Windows:
91
- ```
92
- docker run --rm -v %cd%/path-to-secrets:/data mitre/emasser:latest
93
- ```
94
- - Update via Docker
95
- ```bash
96
- docker pull mitre/emasser:latest
97
- ```
98
-
99
- **Docker Notes:**
100
- - Docker Options
101
- - `--rm` Automatically remove the container when it exits
102
- - `-v` Bind mount a volume
103
- - path-to-secrets
104
- - Is the path to the `.env` file and the appropriate eMASS certificates (key.pem and client.pem).
105
- - For example, if the `.env` is located in the same directory where the `docker run` is executed, running the command in a Windows platform would look like this:
106
-
107
- ```
108
- docker run --rm -v %cd%/.:/data mitre/emasser:latest
109
- ```
110
- - See [Editing Environment Variables Configuration](https://github.com/mitre/emasser/wiki/Editing-Environment-Variables-Configuration)
111
-
112
- ### Run emasser API client commands
113
- - To list all available GET, POST, PUT, or DELETE commands use:
114
- ```
115
- docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest get help
116
- ```
117
- ```
118
- docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest post help
119
- ```
120
- ```
121
- docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest put help
122
- ```
123
- ```
124
- docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest delete help
125
- ```
126
- Example commands are for Linux or Mac, replace the `$PWD` with `%cd%` for Windows
127
-
128
- ### Delete (remove) the Docker Container
129
- ```
130
- docker rmi -f mitre/emasser
131
- ```
132
- ---
133
- ## Roadmap
134
-
135
- The `emasser` implements all endpoints provided by the `eMASS` API, there is, all of the functions available from the `eMASS GUI` that are exposed by the API. If additional functions are useful (accessible via the CLI), please submit a request to [eMass Tier III Support](mailto:disa.meade.id.mbx.emass-tier-iii-support@mail.mil) for possible inclusion into the API.
136
-
137
- The Road Map seeks to add any useful features that facilitates organization that utilizes `eMASS` instances and have a need to automate their cybersecurity management process.
138
-
139
- For additional capability create an [issue](https://github.com/mitre/emasser/issues), and email it to the [SAF Team](mailto:saf@groups.mitre.org) citing the issue link so we can help.
140
-
141
- Some proposed capabilities (looking for a sponsor) are:
142
- * Update a system's record with met/not met NIST 800-53 Security and Privacy controls and/or common control indicators (CCI) based on scan results expressed in [Heimdall Data Format (HDF)](https://saf.mitre.org/#/normalize).
143
- * Resolve a particular plan of action and milestone (POA&M) based on scan results or git-ops workflow.
144
- * PKCS11 support to run in an attended mode.
145
-
146
-
147
- ## Design
148
-
149
- ### Interactions with eMASS API
150
- The `emasser` CLI leverages the [emass_client](https://github.com/mitre/emass_client), which provides a REST API client developed by MITRE based on the [OpenAPI V3](https://www.openapis.org/) standards for the official [eMASS API specification](https://mitre.github.io/emass_client/docs/redoc). This design enables REST API clients to be generated in [any supported programming language](https://openapi-generator.tech/docs/generators/). The design enables the `emass_client` to be generated independently of the emasser CLI. Currently, a Ruby and a Typescript eMASS client API are provided. The TypeScript client is used with the [Security Automation Framework CLI (SAF) CLI](https://github.com/mitre/saf).
151
-
152
- ### Business Logic
153
- Because interactions with the API are handled by a dependency, the bulk of `emasser` business logic is for accepting user input/output, reading data from eMASS or from input, transforming data, and routing data to the appropriate eMASS API endpoint. This business logic is organized into Ruby Classes and Modules based on the command or subcommand requested by the user.
154
-
155
- ## Emasser CLI Architecture
156
- The `emasser` CLI makes use of the `emass_client` ruby gem to communicate with an `eMASS` instance via the `eMASS API` as depicted in the diagram below:
157
-
158
- <div align="center">
159
- <img src="images/emasser_architecture.jpg" alt="emasser CLI Architecture" title="emasser CLI Architecture">
160
- </div>
161
-
162
- ### NOTICE
163
-
164
- © 2020 The MITRE Corporation.
165
-
166
- Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
167
-
168
- ### NOTICE
169
-
170
- MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
171
-
172
- ### NOTICE
173
-
174
- This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
175
-
176
- No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
177
-
178
- For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.
1
+ # emasser
2
+ ![GitHub Release Date](https://img.shields.io/github/release-date/mitre/emasser?label=Release%20Date&logo=github&color=blue)
3
+ ![GitHub release (latest by date)](https://img.shields.io/github/v/release/mitre/emasser?label=Release%20Version&logo=github) ![Gem](https://img.shields.io/gem/v/emasser?label=gem%20version&logo=ruby&logoColor=red) ![Docker Version](https://img.shields.io/docker/v/mitre/emasser?label=docker%20version&logo=docker&sort=semver)
4
+
5
+ ![emasser Testing](https://github.com/mitre/emasser/actions/workflows/test-cli.yml/badge.svg)
6
+ ![CodeQL Vulnerabilities and Errors](https://github.com/mitre/emasser/actions/workflows/codeql-analysis.yml/badge.svg)
7
+ [![GitHub Pages](https://github.com/mitre/emasser/actions/workflows/gh-pages.yml/badge.svg)](https://github.com/mitre/emasser/actions/workflows/gh-pages.yml)
8
+ ![Code Linter](https://github.com/mitre/emasser/actions/workflows/rubocop.yml/badge.svg)
9
+
10
+ ## About
11
+
12
+ `emasser` is a Command Line Interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its Representational State Transfer (REST) Application Programming Interface (API).
13
+
14
+ ***NOTE***: The `emasser` CLI utilizes the [emass_client](https://github.com/mitre/emass_client) RubyGem executable package to access the eMASS API endpoints.
15
+
16
+ ---
17
+ ## Documentation
18
+ For detail content information about the `eMASS` API references the [**eMASS API Specification**](https://mitre.github.io/emass_client/docs/redoc/) page.
19
+
20
+ For detail features provided by the `emasser` CLI references the [**emasser CLI Features**](docs/features.md) page.
21
+
22
+ The `emasser` CLI [**Architecture**](#emasser-cli-architecture) depicts the `emasser` structure, and provides an explanation of how it behaves.
23
+
24
+ ---
25
+ ## Installation Options
26
+
27
+ `emasser` is a Ruby CLI distributed via GitHub (this repository), [RubyGems](https://rubygems.org/gems/emass_client/versions/), or [Docker](https://hub.docker.com/r/mitre/emasser/tags).
28
+
29
+ ### Installation Dependencies
30
+ * git
31
+ * Ruby version 2.7 or greater
32
+
33
+ ### Runtime Dependencies
34
+ * Ruby version 2.7 or greater.
35
+ * `rubyzip (latest version)`
36
+ * `emass_client (latest version)`
37
+ * On Windows the `cURL` binary is required (libcurl.dll). To install cURL:
38
+ - Download cURL for windows from [curl x.x.x for Windows](https://curl.se/windows/)
39
+ - Go into the archive and browse to the /bin directory
40
+ - Locate libcurl_x64.dll (it may be named just libcurl.dll)
41
+ - Extract the file into the Ruby installation /bin directory
42
+ - Rename the file to `libcurl.dll` if it has the `_x64` suffix
43
+ - Install [cURL for windows](https://community.chocolatey.org/packages/curl) and add the installation directory to the PATH.
44
+
45
+
46
+ ## Install via GitHub
47
+ - [Clone](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository) the repository
48
+ ```bash
49
+ git clone <path to emasser repository> emasser
50
+ cd emasser
51
+ ```
52
+ - Build the emasser gem*
53
+ ```bash
54
+ gem build *.gemspec
55
+ gem install *.gem
56
+ ```
57
+
58
+ ***Note:** To run in development mode there isn't a need to build the gem, simply clone from the emasser repository and use:
59
+
60
+ ```
61
+ bundle install
62
+
63
+ bundle exec exe/emasser [command]
64
+ ```
65
+
66
+ ## Install via published RubyGems
67
+ - Install the `emasser` gem from the [RubyGems](https://rubygems.org/gems/emass_client/versions/) registry
68
+ ```bash
69
+ gem install emasser
70
+ ```
71
+ - Update the `emasser` gem to the latest version
72
+ ```bash
73
+ gem update emasser
74
+ ```
75
+
76
+ - To run (execute a command) create a `.env*` file in the directory where you want to invoke the `emmaser` and use:
77
+
78
+ ```
79
+ emasser [command]
80
+ ```
81
+ ***Note:** See [Setting Environment Variables Configuration](https://github.com/mitre/emasser/wiki/Editing-Environment-Variables-Configuration) for detailed information on required and optional variables.
82
+
83
+ ## Using Docker
84
+ Ensure that docker engine is running and start the emasser Docker Container.
85
+ ### Install
86
+ - On Linux or Mac:
87
+ ```
88
+ docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest
89
+ ```
90
+ - On Windows:
91
+ ```
92
+ docker run --rm -v %cd%/path-to-secrets:/data mitre/emasser:latest
93
+ ```
94
+ - Update via Docker
95
+ ```bash
96
+ docker pull mitre/emasser:latest
97
+ ```
98
+
99
+ **Docker Notes:**
100
+ - Docker Options
101
+ - `--rm` Automatically remove the container when it exits
102
+ - `-v` Bind mount a volume
103
+ - path-to-secrets
104
+ - Is the path to the `.env` file and the appropriate eMASS certificates (key.pem and client.pem).
105
+ - For example, if the `.env` is located in the same directory where the `docker run` is executed, running the command in a Windows platform would look like this:
106
+
107
+ ```
108
+ docker run --rm -v %cd%/.:/data mitre/emasser:latest
109
+ ```
110
+ - See [Editing Environment Variables Configuration](https://github.com/mitre/emasser/wiki/Editing-Environment-Variables-Configuration)
111
+
112
+ ### Run emasser API client commands
113
+ - To list all available GET, POST, PUT, or DELETE commands use:
114
+ ```
115
+ docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest get help
116
+ ```
117
+ ```
118
+ docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest post help
119
+ ```
120
+ ```
121
+ docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest put help
122
+ ```
123
+ ```
124
+ docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest delete help
125
+ ```
126
+ Example commands are for Linux or Mac, replace the `$PWD` with `%cd%` for Windows
127
+
128
+ ### Delete (remove) the Docker Container
129
+ ```
130
+ docker rmi -f mitre/emasser
131
+ ```
132
+ ---
133
+ ## Roadmap
134
+
135
+ The `emasser` implements all endpoints provided by the `eMASS` API, there is, all of the functions available from the `eMASS GUI` that are exposed by the API. If additional functions are useful (accessible via the CLI), please submit a request to [eMass Tier III Support](mailto:disa.meade.id.mbx.emass-tier-iii-support@mail.mil) for possible inclusion into the API.
136
+
137
+ The Road Map seeks to add any useful features that facilitates organization that utilizes `eMASS` instances and have a need to automate their cybersecurity management process.
138
+
139
+ For additional capability create an [issue](https://github.com/mitre/emasser/issues), and email it to the [SAF Team](mailto:saf@groups.mitre.org) citing the issue link so we can help.
140
+
141
+ Some proposed capabilities (looking for a sponsor) are:
142
+ * Update a system's record with met/not met NIST 800-53 Security and Privacy controls and/or common control indicators (CCI) based on scan results expressed in [Heimdall Data Format (HDF)](https://saf.mitre.org/#/normalize).
143
+ * Resolve a particular plan of action and milestone (POA&M) based on scan results or git-ops workflow.
144
+ * PKCS11 support to run in an attended mode.
145
+
146
+
147
+ ## Design
148
+
149
+ ### Interactions with eMASS API
150
+ The `emasser` CLI leverages the [emass_client](https://github.com/mitre/emass_client), which provides a REST API client developed by MITRE based on the [OpenAPI V3](https://www.openapis.org/) standards for the official [eMASS API specification](https://mitre.github.io/emass_client/docs/redoc). This design enables REST API clients to be generated in [any supported programming language](https://openapi-generator.tech/docs/generators/). The design enables the `emass_client` to be generated independently of the emasser CLI. Currently, a Ruby and a Typescript eMASS client API are provided. The TypeScript client is used with the [Security Automation Framework CLI (SAF) CLI](https://github.com/mitre/saf).
151
+
152
+ ### Business Logic
153
+ Because interactions with the API are handled by a dependency, the bulk of `emasser` business logic is for accepting user input/output, reading data from eMASS or from input, transforming data, and routing data to the appropriate eMASS API endpoint. This business logic is organized into Ruby Classes and Modules based on the command or subcommand requested by the user.
154
+
155
+ ## Emasser CLI Architecture
156
+ The `emasser` CLI makes use of the `emass_client` ruby gem to communicate with an `eMASS` instance via the `eMASS API` as depicted in the diagram below:
157
+
158
+ <div align="center">
159
+ <img src="images/emasser_architecture.jpg" alt="emasser CLI Architecture" title="emasser CLI Architecture">
160
+ </div>
161
+
162
+ ### NOTICE
163
+
164
+ © 2020 The MITRE Corporation.
165
+
166
+ Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
167
+
168
+ ### NOTICE
169
+
170
+ MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
171
+
172
+ ### NOTICE
173
+
174
+ This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
175
+
176
+ No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
177
+
178
+ For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.
data/Rakefile CHANGED
@@ -1,18 +1,18 @@
1
- # frozen_string_literal: true
2
-
3
- require 'bundler/gem_tasks'
4
- require 'rake/testtask'
5
- require 'rubocop/rake_task'
6
-
7
- Rake::TestTask.new(:test) do |t|
8
- t.libs << 'test'
9
- t.libs << 'lib'
10
- t.test_files = FileList['test/**/*_test.rb']
11
- end
12
-
13
- desc 'Run RuboCop'
14
- RuboCop::RakeTask.new(:rubocop) do |t|
15
- t.options = ['--display-cop-names', '--extra-details', '--display-style-guide', '--parallel']
16
- end
17
-
18
- task default: :test
1
+ # frozen_string_literal: true
2
+
3
+ require 'bundler/gem_tasks'
4
+ require 'rake/testtask'
5
+ require 'rubocop/rake_task'
6
+
7
+ Rake::TestTask.new(:test) do |t|
8
+ t.libs << 'test'
9
+ t.libs << 'lib'
10
+ t.test_files = FileList['test/**/*_test.rb']
11
+ end
12
+
13
+ desc 'Run RuboCop'
14
+ RuboCop::RakeTask.new(:rubocop) do |t|
15
+ t.options = ['--display-cop-names', '--extra-details', '--display-style-guide', '--parallel']
16
+ end
17
+
18
+ task default: :test
data/_config.yml CHANGED
@@ -1,2 +1,2 @@
1
- theme: jekyll-theme-cayman
1
+ theme: jekyll-theme-cayman
2
2
  # markdown: kramdown