foreman_openscap 0.5.3 → 0.5.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -7
- data/app/assets/javascripts/foreman_openscap/policy_edit.js +2 -2
- data/app/controllers/api/v2/compliance/arf_reports_controller.rb +3 -9
- data/app/controllers/api/v2/compliance/policies_controller.rb +3 -9
- data/app/controllers/api/v2/compliance/scap_contents_controller.rb +18 -10
- data/app/controllers/arf_reports_controller.rb +5 -5
- data/app/controllers/policies_controller.rb +2 -2
- data/app/helpers/concerns/foreman_openscap/lookup_keys_helper_extensions.rb +14 -0
- data/app/helpers/dashboard_helper.rb +26 -0
- data/app/lib/proxy_api/available_proxy.rb +20 -2
- data/app/lib/proxy_api/migration.rb +13 -0
- data/app/lib/proxy_api/openscap.rb +2 -2
- data/app/mailers/foreman_openscap/policy_mailer.rb +1 -1
- data/app/models/concerns/foreman_openscap/compliance_status_scoped_search.rb +1 -1
- data/app/models/concerns/foreman_openscap/host_extensions.rb +1 -1
- data/app/models/concerns/foreman_openscap/log_extensions.rb +10 -0
- data/app/models/concerns/foreman_openscap/openscap_proxy_core_extensions.rb +29 -9
- data/app/models/concerns/foreman_openscap/openscap_proxy_extensions.rb +1 -1
- data/app/models/foreman_openscap/arf_report.rb +2 -4
- data/app/models/foreman_openscap/policy.rb +3 -3
- data/app/models/foreman_openscap/scap_content.rb +7 -6
- data/app/services/foreman_openscap/report_dashboard/data.rb +1 -1
- data/app/views/api/v2/compliance/arf_reports/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/arf_reports/main.json.rabl +5 -1
- data/app/views/api/v2/compliance/common/_loc.json.rabl +3 -0
- data/app/views/api/v2/compliance/common/_org.json.rabl +3 -0
- data/app/views/api/v2/compliance/policies/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/scap_contents/base.json.rabl +4 -1
- data/app/views/api/v2/compliance/scap_contents/show.json.rabl +7 -1
- data/app/views/arf_reports/_list.html.erb +7 -1
- data/app/views/arf_reports/delete_multiple.html.erb +1 -1
- data/app/views/arf_reports/show.html.erb +1 -1
- data/app/views/compliance_hosts/_openscap_proxy.html.erb +1 -6
- data/app/views/compliance_hosts/show.html.erb +1 -1
- data/app/views/dashboard/_compliance_host_reports_widget.html.erb +2 -6
- data/app/views/foreman_openscap/policy_mailer/policy_summary.erb +1 -1
- data/app/views/policies/_form.html.erb +1 -1
- data/app/views/policies/welcome.html.erb +7 -6
- data/app/views/scap_contents/welcome.html.erb +1 -1
- data/config/routes.rb +5 -1
- data/db/migrate/20150821100137_migrate_from_scaptimony.rb +7 -6
- data/db/migrate/20150929152345_move_arf_reports_to_reports_table.rb +0 -97
- data/db/migrate/20151120090851_add_openscap_proxy_to_host_and_hostgroup.rb +0 -12
- data/db/seeds.d/openscap_policy_notification.rb +1 -1
- data/lib/foreman_openscap/bulk_upload.rb +1 -0
- data/lib/foreman_openscap/data_migration.rb +82 -0
- data/lib/foreman_openscap/engine.rb +5 -6
- data/lib/foreman_openscap/version.rb +1 -1
- data/lib/tasks/foreman_openscap_tasks.rake +14 -0
- data/test/factories/arf_report_factory.rb +1 -0
- data/test/factories/compliance_host_factory.rb +11 -1
- data/test/functional/api/v2/compliance/arf_reports_controller_test.rb +3 -1
- data/test/test_plugin_helper.rb +23 -2
- data/test/unit/scap_content_test.rb +1 -1
- data/test/unit/services/report_dashboard/data_test.rb +25 -0
- metadata +202 -194
- data/app/assets/javascripts/foreman_openscap/openscap_proxy.js +0 -52
- data/app/controllers/concerns/foreman_openscap/hosts_common_controller_extensions.rb +0 -45
- data/db/migrate/20151023131950_link_arf_report_directly_to_host.rb +0 -21
- data/db/seeds.d/openscap_scap_default.rb +0 -2
|
@@ -48,14 +48,14 @@ module ForemanOpenscap
|
|
|
48
48
|
|
|
49
49
|
def to_html
|
|
50
50
|
if scap_content.nil? || scap_content_profile.nil?
|
|
51
|
-
return (_('
|
|
52
|
-
{ :scap_content => self.scap_content, :profile => self.scap_content_profile }).html_safe
|
|
51
|
+
return ("<h2>%s</h2>" % (_('Cannot generate HTML guide for %{scap_content}/%{profile}') %
|
|
52
|
+
{ :scap_content => self.scap_content, :profile => self.scap_content_profile })).html_safe
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
if (proxy = scap_content.proxy_url)
|
|
56
56
|
api = ProxyAPI::Openscap.new(:url => proxy)
|
|
57
57
|
else
|
|
58
|
-
return
|
|
58
|
+
return ("<h2>%s</h2>" % _('No valid OpenSCAP proxy server found.')).html_safe
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
api.policy_html_guide(scap_content.scap_file, scap_content_profile.profile_id)
|
|
@@ -6,12 +6,12 @@ module ForemanOpenscap
|
|
|
6
6
|
return unless scap_content.scap_file_changed?
|
|
7
7
|
|
|
8
8
|
unless SmartProxy.with_features('Openscap').any?
|
|
9
|
-
scap_content.errors.add(:base, _('No
|
|
9
|
+
scap_content.errors.add(:base, _('No proxy with OpenSCAP features'))
|
|
10
10
|
return false
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
if scap_content.proxy_url.nil?
|
|
14
|
-
scap_content.errors.add(:base, _('No
|
|
14
|
+
scap_content.errors.add(:base, _('No available proxy to validate SCAP content'))
|
|
15
15
|
return false
|
|
16
16
|
end
|
|
17
17
|
|
|
@@ -29,7 +29,7 @@ module ForemanOpenscap
|
|
|
29
29
|
|
|
30
30
|
|
|
31
31
|
unless (scap_content.scap_content_profiles.map(&:profile_id) - scap_content.fetch_profiles.keys).empty?
|
|
32
|
-
scap_content.errors.add(:scap_file, _('Changed file does not include existing SCAP
|
|
32
|
+
scap_content.errors.add(:scap_file, _('Changed file does not include existing SCAP content profiles'))
|
|
33
33
|
return false
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -90,10 +90,11 @@ module ForemanOpenscap
|
|
|
90
90
|
end
|
|
91
91
|
|
|
92
92
|
def proxy_url
|
|
93
|
-
@proxy_url ||= SmartProxy.with_features('Openscap').
|
|
93
|
+
@proxy_url ||= SmartProxy.with_features('Openscap').find do |proxy|
|
|
94
94
|
available = ProxyAPI::AvailableProxy.new(:url => proxy.url)
|
|
95
|
-
|
|
96
|
-
end
|
|
95
|
+
available.available?
|
|
96
|
+
end.try(:url)
|
|
97
|
+
@proxy_url
|
|
97
98
|
end
|
|
98
99
|
|
|
99
100
|
def as_json(*args)
|
|
@@ -31,7 +31,7 @@ module ForemanOpenscap::ReportDashboard
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def othered_breakdowns
|
|
34
|
-
Log.where(:result =>
|
|
34
|
+
Log.where(:result => Log::SCAP_RESULT[2..-1]).joins("INNER JOIN reports ON reports.id = report_id").count(:id).to_f
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
end
|
|
@@ -1,3 +1,6 @@
|
|
|
1
1
|
object @policy
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
extends "api/v2/compliance/common/org"
|
|
4
|
+
extends "api/v2/compliance/common/loc"
|
|
5
|
+
|
|
6
|
+
attributes :id, :name, :period, :weekday, :description, :scap_content_id, :scap_content_profile_id, :day_of_month, :cron_line
|
|
@@ -13,7 +13,13 @@
|
|
|
13
13
|
<% for arf_report in @arf_reports %>
|
|
14
14
|
<tr>
|
|
15
15
|
<td class="ca">
|
|
16
|
-
<%= check_box_tag "host_ids[]",
|
|
16
|
+
<%= check_box_tag "host_ids[]",
|
|
17
|
+
nil,
|
|
18
|
+
false,
|
|
19
|
+
:id => "host_ids_#{arf_report.id}",
|
|
20
|
+
:disabled => !authorized_for(:controller => :arf_reports, :action => :destroy),
|
|
21
|
+
:class => 'host_select_boxes',
|
|
22
|
+
:onclick => 'hostChecked(this)' %>
|
|
17
23
|
</td>
|
|
18
24
|
<td><%= name_column(arf_report.host) %></td>
|
|
19
25
|
<td><%= display_link_if_authorized(_("%s ago") % time_ago_in_words(arf_report.reported_at), hash_for_arf_report_path(:id => arf_report.id)) %></td>
|
|
@@ -25,5 +25,5 @@
|
|
|
25
25
|
|
|
26
26
|
<%= form_tag submit_delete_multiple_arf_reports_path({:arf_report_ids => params[:arf_report_ids]}) do %>
|
|
27
27
|
<span class="label label-danger"><%= _('Delete') %></span>
|
|
28
|
-
<%= _('these
|
|
28
|
+
<%= _('these Complianace reports') %>
|
|
29
29
|
<% end %>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
<%= javascript 'foreman_openscap/reports' %>
|
|
2
2
|
<%= stylesheet 'foreman_openscap/reports' %>
|
|
3
3
|
<% title "#{@arf_report.host}" %>
|
|
4
|
-
<p class='ra'> <%= _("Reported at %s
|
|
4
|
+
<p class='ra'> <%= _("Reported at %s") % @arf_report.reported_at %> </p>
|
|
5
5
|
|
|
6
6
|
<% content_for(:search_bar) {show_logs} %>
|
|
7
7
|
|
|
@@ -1,8 +1,3 @@
|
|
|
1
|
-
<%= javascript 'foreman_openscap/openscap_proxy' %>
|
|
2
|
-
<% data_url = @host ? openscap_proxy_changed_hosts_path : openscap_proxy_changed_hostgroups_path%>
|
|
3
1
|
<%= select_f f, :openscap_proxy_id, SmartProxy.with_features("Openscap"), :id, :name,
|
|
4
2
|
{ :include_blank => blank_or_inherit_f(f, :openscap_proxy) },
|
|
5
|
-
{ :label => _('Openscap Proxy')
|
|
6
|
-
:onchange => 'updateOpenscapProxy(this)',
|
|
7
|
-
:'data-url' => data_url,
|
|
8
|
-
:help_inline => :indicator } %>
|
|
3
|
+
{ :label => _('Openscap Proxy') } %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<%= javascript 'dashboard', 'foreman_openscap/scap_hosts_show' %>
|
|
2
2
|
|
|
3
|
-
<% title
|
|
3
|
+
<% title n_("%s compliance report by policy", "%s compliance reports by policy"m , host.combined_policies.length) % @host.to_label %>
|
|
4
4
|
<% @host.combined_policies.each do |policy| %>
|
|
5
5
|
<h2 class="center-block"><%= _('Policy %s') % policy %></h2>
|
|
6
6
|
<div class="row">
|
|
@@ -5,11 +5,7 @@
|
|
|
5
5
|
<% else %>
|
|
6
6
|
<table class="table table-striped ellipsis">
|
|
7
7
|
<tr>
|
|
8
|
-
|
|
9
|
-
<th><%= _('Policy') %></th>
|
|
10
|
-
<%= translated_header(s_('Passed|P'), _('Passed')).html_safe %>
|
|
11
|
-
<%= translated_header(s_('Failed|F'), _('Failed')).html_safe %>
|
|
12
|
-
<%= translated_header(s_('Othered|O'), _('Othered')).html_safe %>
|
|
8
|
+
<%= latest_headers() %>
|
|
13
9
|
</tr>
|
|
14
10
|
<% latest_reports.each do |report| %>
|
|
15
11
|
<tr>
|
|
@@ -21,4 +17,4 @@
|
|
|
21
17
|
</tr>
|
|
22
18
|
<% end %>
|
|
23
19
|
</table>
|
|
24
|
-
<% end %>
|
|
20
|
+
<% end %>
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
<title> Summary report for OpenScap from Foreman </title>
|
|
7
7
|
</head>
|
|
8
8
|
<body style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; color: #3f3f3f; background-color: #f1f1f1; padding: 10px 24px">
|
|
9
|
-
<h2 style="font-weight: normal; text-transform: uppercase; font-size: 120%;"><%= _("<b>Foreman</b>
|
|
9
|
+
<h2 style="font-weight: normal; text-transform: uppercase; font-size: 120%;"><%= _("<b>Foreman</b> OpenSCAP summary").html_safe %></h2>
|
|
10
10
|
<h2 style="margin: 5px 0px;"><%= _("Summary from %{time} ago to now") % {:time => distance_of_time_in_words(Time.now - @time)} %></h2>
|
|
11
11
|
<h3 style="margin: 0px;"><%= _("Summary report from Foreman server at %{foreman_url}") % {:foreman_url => Setting[:foreman_url]} %></h3>
|
|
12
12
|
<div style="background: #e1e2e3; padding: 20px 40px; margin: 5px 0px 10px;">
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
<% if show_organization_tab? %>
|
|
15
15
|
<li><a href='#organizations' data-toggle='tab'><%= _('Organizations') %></a></li>
|
|
16
16
|
<% end %>
|
|
17
|
-
<li><a href='#hostgroups' data-toggle='tab'><%= _('
|
|
17
|
+
<li><a href='#hostgroups' data-toggle='tab'><%= _('Host Groups') %></a></li>
|
|
18
18
|
</ul>
|
|
19
19
|
<div class="tab-content">
|
|
20
20
|
<div class="tab-pane active" id="primary">
|
|
@@ -1,14 +1,15 @@
|
|
|
1
|
-
<% title_actions display_link_if_authorized(_("New Compliance
|
|
1
|
+
<% title_actions display_link_if_authorized(_("New Compliance Policy"), hash_for_new_policy_path) %>
|
|
2
2
|
|
|
3
3
|
<% title _("Compliance policy configuration") %>
|
|
4
4
|
<div id="welcome">
|
|
5
5
|
<p>
|
|
6
|
-
<%= _('A compliance policy is defined by security professionals who specify desired
|
|
7
|
-
(often in the form of a checklist) that are to be used in the computing
|
|
8
|
-
|
|
6
|
+
<%= _('A compliance policy is defined by security professionals who specify desired ' +
|
|
7
|
+
'settings (often in the form of a checklist) that are to be used in the computing ' +
|
|
8
|
+
'environment. Compliance audit is a process of figuring out whether a given object ' +
|
|
9
|
+
'follows all the rules written out in a compliance policy.') %>
|
|
9
10
|
</p>
|
|
10
11
|
<p>
|
|
11
|
-
<%= (_('In Foreman, a compliance policy checklist is defined via %s, once SCAP content
|
|
12
|
-
|
|
12
|
+
<%= (_('In Foreman, a compliance policy checklist is defined via %s, once SCAP content ' +
|
|
13
|
+
'is present, you can create a policy, assign select host groups and schedule to run.') % link_to(_('SCAP content'), scap_contents_path)).html_safe %>
|
|
13
14
|
</p>
|
|
14
15
|
</div>
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
and policy compliance evaluation. ') %><small><%= (_('Source: Wikipedia %s') % link_to(_('read more'), 'http://en.wikipedia.org/wiki/Security_Content_Automation_Protocol')).html_safe %></small>
|
|
10
10
|
</p>
|
|
11
11
|
<p>
|
|
12
|
-
<%= (_("In Foreman, scap_contents represent the SCAP security guides on your hosts, and create SCAP profiles for you to assign to hosts /
|
|
12
|
+
<%= (_("In Foreman, scap_contents represent the SCAP security guides on your hosts, and create SCAP profiles for you to assign to hosts / host groups
|
|
13
13
|
via %s") % link_to('compliance policies', policies_path)).html_safe %>
|
|
14
14
|
</p>
|
|
15
15
|
</div>
|
data/config/routes.rb
CHANGED
|
@@ -45,7 +45,11 @@ Rails.application.routes.draw do
|
|
|
45
45
|
scope "(:apiv)", :module => :v2, :defaults => {:apiv => 'v2'},
|
|
46
46
|
:apiv => /v1|v2/, :constraints => ApiConstraints.new(:version => 2) do
|
|
47
47
|
namespace :compliance do
|
|
48
|
-
resources :scap_contents, :except => [:new, :edit]
|
|
48
|
+
resources :scap_contents, :except => [:new, :edit] do
|
|
49
|
+
member do
|
|
50
|
+
get 'xml'
|
|
51
|
+
end
|
|
52
|
+
end
|
|
49
53
|
resources :policies, :except => [:new, :edit] do
|
|
50
54
|
member do
|
|
51
55
|
get 'content'
|
|
@@ -6,13 +6,14 @@ class MigrateFromScaptimony < ActiveRecord::Migration
|
|
|
6
6
|
def rename_table_indexes(a,b)
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
|
+
|
|
10
|
+
execute 'DROP VIEW IF EXISTS scaptimony_arf_report_breakdowns'
|
|
11
|
+
execute 'DROP VIEW IF EXISTS foreman_openscap_arf_report_breakdowns'
|
|
12
|
+
|
|
9
13
|
ActiveRecord::Base.connection.tables.grep(/^scaptimony/).each do |table|
|
|
10
14
|
rename_table table, table.sub(/^scaptimony/, "foreman_openscap")
|
|
11
15
|
end
|
|
12
16
|
|
|
13
|
-
execute 'DROP VIEW scaptimony_arf_report_breakdowns' if table_exists? 'scaptimony_arf_report_breakdowns'
|
|
14
|
-
execute 'DROP VIEW foreman_openscap_arf_report_breakdowns' if table_exists? 'foreman_openscap_arf_report_breakdowns'
|
|
15
|
-
|
|
16
17
|
execute <<-SQL
|
|
17
18
|
CREATE VIEW foreman_openscap_arf_report_breakdowns AS
|
|
18
19
|
SELECT
|
|
@@ -39,13 +40,13 @@ class MigrateFromScaptimony < ActiveRecord::Migration
|
|
|
39
40
|
end
|
|
40
41
|
|
|
41
42
|
def down
|
|
43
|
+
execute 'DROP VIEW IF EXISTS scaptimony_arf_report_breakdowns'
|
|
44
|
+
execute 'DROP VIEW IF EXISTS foreman_openscap_arf_report_breakdowns'
|
|
45
|
+
|
|
42
46
|
ActiveRecord::Base.connection.tables.grep(/^foreman_openscap/).each do |table|
|
|
43
47
|
rename_table table, table.sub(/^foreman_openscap/, "scaptimony")
|
|
44
48
|
end
|
|
45
49
|
|
|
46
|
-
execute 'DROP VIEW scaptimony_arf_report_breakdowns' if table_exists? 'scaptimony_arf_report_breakdowns'
|
|
47
|
-
execute 'DROP VIEW foreman_openscap_arf_report_breakdowns' if table_exists? 'foreman_openscap_arf_report_breakdowns'
|
|
48
|
-
|
|
49
50
|
execute <<-SQL
|
|
50
51
|
CREATE VIEW scaptimony_arf_report_breakdowns AS
|
|
51
52
|
SELECT
|
|
@@ -3,73 +3,13 @@ class MoveArfReportsToReportsTable < ActiveRecord::Migration
|
|
|
3
3
|
# rubocop:disable Metrics/MethodLength
|
|
4
4
|
# rubocop:disable Metrics/AbcSize
|
|
5
5
|
def up
|
|
6
|
-
old_arf_reports = execute("SELECT * FROM foreman_openscap_arf_reports;")
|
|
7
|
-
|
|
8
|
-
#select only reports with existing host
|
|
9
|
-
old_arf_reports = old_arf_reports.select do |item|
|
|
10
|
-
asset = ForemanOpenscap::Asset.find item['asset_id']
|
|
11
|
-
!asset.host.nil? && asset.assetable_type = "Host::Base"
|
|
12
|
-
end
|
|
13
|
-
#and remove assets without assetable
|
|
14
|
-
ForemanOpenscap::Asset.where(:assetable_type => "Host::Base").select { |a| a.host.nil? }.map(&:destroy)
|
|
15
|
-
ForemanOpenscap::Asset.where(:assetable_type => "Hostgroup").select { |a| a.hostgroup.nil? }.map(&:destroy)
|
|
16
|
-
|
|
17
|
-
old_arf_reports.each do |item|
|
|
18
|
-
metrics = breakdown_to_metrics item["id"]
|
|
19
|
-
|
|
20
|
-
#reported_at attribute must be unique
|
|
21
|
-
reported_at = DateTime.strptime(item["created_at"], "%Y-%m-%d %H:%M:%S")
|
|
22
|
-
|
|
23
|
-
reported_at += 1.second until arfs_by_reported(reported_at).empty?
|
|
24
|
-
|
|
25
|
-
arf = ForemanOpenscap::ArfReport.create!(:metrics => metrics,
|
|
26
|
-
:reported_at => reported_at,
|
|
27
|
-
:created_at => item["created_at"],
|
|
28
|
-
:updated_at => item["updated_at"],
|
|
29
|
-
:host_id => item["asset_id"],
|
|
30
|
-
:status => metrics)
|
|
31
|
-
|
|
32
|
-
ForemanOpenscap::PolicyArfReport.create!(:arf_report_id => arf.id, :policy_id => item["policy_id"], :digest => item["digest"])
|
|
33
|
-
|
|
34
|
-
xccdf_rules.each { |rule_item| Source.find_or_create(rule_item["xid"]) }
|
|
35
|
-
|
|
36
|
-
xccdf_rule_results(item["id"]).each do |rr_item|
|
|
37
|
-
message = Message.find_or_create("No message for this log")
|
|
38
|
-
|
|
39
|
-
rule_item = xccdf_rule(rr_item['xccdf_rule_id'])
|
|
40
|
-
source = Source.find_or_create(rule_item['xid'])
|
|
41
|
-
|
|
42
|
-
Log.create!(:report_id => arf.id,
|
|
43
|
-
:result => xccdf_result(rr_item["xccdf_result_id"])['name'],
|
|
44
|
-
:message_id => message.id,
|
|
45
|
-
:source_id => source.id,
|
|
46
|
-
:level => :info)
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
6
|
execute 'DROP VIEW foreman_openscap_arf_report_breakdowns' if table_exists? 'foreman_openscap_arf_report_breakdowns'
|
|
51
7
|
drop_table :foreman_openscap_xccdf_results
|
|
52
8
|
drop_table :foreman_openscap_xccdf_rules
|
|
53
9
|
drop_table :foreman_openscap_xccdf_rule_results
|
|
54
|
-
drop_table :foreman_openscap_arf_reports
|
|
55
|
-
drop_table :foreman_openscap_arf_report_raws
|
|
56
10
|
end
|
|
57
11
|
|
|
58
12
|
def down
|
|
59
|
-
#warning! we cannot fully revert since arf_report_raws got dropped and we have no way of recreating them
|
|
60
|
-
create_table :foreman_openscap_arf_reports do |t|
|
|
61
|
-
t.references :asset, :index => true
|
|
62
|
-
t.references :policy, :index => true
|
|
63
|
-
t.datetime :date
|
|
64
|
-
t.string :digest, :limit => 128
|
|
65
|
-
|
|
66
|
-
t.timestamps
|
|
67
|
-
end
|
|
68
|
-
add_index :foreman_openscap_arf_reports, :digest, :unique => true
|
|
69
|
-
|
|
70
|
-
add_index :foreman_openscap_arf_reports, [:asset_id, :policy_id, :date, :digest],
|
|
71
|
-
:unique => true, :name => :index_openscap_arf_reports_unique_set
|
|
72
|
-
|
|
73
13
|
create_table :foreman_openscap_xccdf_results do |t|
|
|
74
14
|
t.string :name, :limit => 16, :null => false
|
|
75
15
|
end
|
|
@@ -139,41 +79,4 @@ class MoveArfReportsToReportsTable < ActiveRecord::Migration
|
|
|
139
79
|
end
|
|
140
80
|
ForemanOpenscap::PolicyArfReport.all.map(&:destroy)
|
|
141
81
|
end
|
|
142
|
-
|
|
143
|
-
private
|
|
144
|
-
|
|
145
|
-
def breakdown_to_metrics(report_id)
|
|
146
|
-
execute("SELECT passed, failed, othered FROM foreman_openscap_arf_report_breakdowns WHERE arf_report_id='#{report_id}';").first
|
|
147
|
-
end
|
|
148
|
-
|
|
149
|
-
def xccdf_rule_results(report_id)
|
|
150
|
-
execute("SELECT arf_report_id, xccdf_result_id, xccdf_rule_id
|
|
151
|
-
FROM foreman_openscap_xccdf_rule_results
|
|
152
|
-
WHERE arf_report_id='#{report_id}';")
|
|
153
|
-
end
|
|
154
|
-
|
|
155
|
-
def xccdf_rules
|
|
156
|
-
execute("SELECT xid FROM foreman_openscap_xccdf_rules;")
|
|
157
|
-
end
|
|
158
|
-
|
|
159
|
-
def xccdf_rule(rule_id)
|
|
160
|
-
execute("SELECT xid
|
|
161
|
-
FROM foreman_openscap_xccdf_rules
|
|
162
|
-
WHERE foreman_openscap_xccdf_rules.id = '#{rule_id}';").first
|
|
163
|
-
end
|
|
164
|
-
|
|
165
|
-
def xccdf_result(result_id)
|
|
166
|
-
execute("SELECT name FROM foreman_openscap_xccdf_results WHERE id = '#{result_id}';").first
|
|
167
|
-
end
|
|
168
|
-
|
|
169
|
-
def arfs_by_reported(time)
|
|
170
|
-
ForemanOpenscap::ArfReport.where(:reported_at => time)
|
|
171
|
-
end
|
|
172
|
-
|
|
173
|
-
def report(arf)
|
|
174
|
-
execute("SELECT id
|
|
175
|
-
FROM foreman_openscap_arf_reports
|
|
176
|
-
WHERE date = '#{arf.reported_at}' AND
|
|
177
|
-
digest = '#{arf.policy_arf_report.digest}';").first
|
|
178
|
-
end
|
|
179
82
|
end
|
|
@@ -3,18 +3,6 @@ class AddOpenscapProxyToHostAndHostgroup < ActiveRecord::Migration
|
|
|
3
3
|
add_column :hostgroups, :openscap_proxy_id, :integer
|
|
4
4
|
add_column :hosts, :openscap_proxy_id, :integer
|
|
5
5
|
add_column :reports, :openscap_proxy_id, :integer
|
|
6
|
-
|
|
7
|
-
#to ensure backward compatiblity
|
|
8
|
-
#this relies on the fact that only one scap proxy was registered
|
|
9
|
-
#because there has not been support for multiple scap proxies
|
|
10
|
-
reports = ForemanOpenscap::ArfReport.where(:openscap_proxy_id => nil)
|
|
11
|
-
scap_proxy = SmartProxy.with_features("Openscap").first
|
|
12
|
-
unless scap_proxy.nil?
|
|
13
|
-
reports.each do |report|
|
|
14
|
-
report.openscap_proxy = scap_proxy
|
|
15
|
-
report.save!
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
6
|
end
|
|
19
7
|
|
|
20
8
|
def down
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
policy_notification = {
|
|
2
2
|
:name => :openscap_policy_summary,
|
|
3
|
-
:description => N_('A summary of reports for
|
|
3
|
+
:description => N_('A summary of reports for OpenSCAP policies'),
|
|
4
4
|
:mailer => 'ForemanOpenscap::PolicyMailer',
|
|
5
5
|
:method => 'policy_summary',
|
|
6
6
|
:subscription_type => 'report',
|
|
@@ -30,6 +30,7 @@ module ForemanOpenscap
|
|
|
30
30
|
scap_content.original_filename = filename
|
|
31
31
|
scap_content.location_ids = Location.all.map(&:id) if SETTINGS[:locations_enabled]
|
|
32
32
|
scap_content.organization_ids = Organization.all.map(&:id) if SETTINGS[:organizations_enabled]
|
|
33
|
+
|
|
33
34
|
next puts "## SCAP content is invalid: #{scap_content.errors.full_messages.uniq.join(',')} ##" unless scap_content.valid?
|
|
34
35
|
if scap_content.save
|
|
35
36
|
puts "Saved #{datastream} as #{scap_content.title}"
|