foreman_openscap 8.0.1 → 9.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +0 -1
- data/app/lib/proxy_api/openscap.rb +11 -0
- data/app/models/concerns/foreman_openscap/data_stream_content.rb +1 -5
- data/app/services/foreman_openscap/client_config/ansible.rb +1 -10
- data/app/validators/foreman_openscap/data_stream_validator.rb +1 -1
- data/config/initializers/inflections.rb +0 -2
- data/config/routes.rb +0 -15
- data/db/migrate/20240313111822_drop_oval.rb +17 -0
- data/lib/foreman_openscap/data_migration.rb +7 -6
- data/lib/foreman_openscap/engine.rb +2 -56
- data/lib/foreman_openscap/version.rb +1 -1
- data/test/factories/compliance_host_factory.rb +0 -12
- data/test/test_plugin_helper.rb +0 -2
- data/test/unit/scap_content_test.rb +2 -3
- data/webpack/components/OpenscapRemediationWizard/ViewSelectedHostsLink.js +2 -2
- data/webpack/components/OpenscapRemediationWizard/steps/ReviewHosts.js +12 -2
- data/webpack/components/OpenscapRemediationWizard/steps/ReviewRemediation.js +7 -4
- data/webpack/global_index.js +0 -4
- metadata +7 -169
- data/app/controllers/api/v2/compliance/oval_contents_controller.rb +0 -72
- data/app/controllers/api/v2/compliance/oval_policies_controller.rb +0 -111
- data/app/controllers/api/v2/compliance/oval_reports_controller.rb +0 -47
- data/app/controllers/concerns/foreman/controller/parameters/oval_content.rb +0 -22
- data/app/controllers/concerns/foreman/controller/parameters/oval_policy.rb +0 -22
- data/app/graphql/mutations/oval_contents/delete.rb +0 -9
- data/app/graphql/mutations/oval_policies/create.rb +0 -33
- data/app/graphql/mutations/oval_policies/delete.rb +0 -9
- data/app/graphql/mutations/oval_policies/update.rb +0 -15
- data/app/graphql/types/cve.rb +0 -17
- data/app/graphql/types/oval_check.rb +0 -11
- data/app/graphql/types/oval_content.rb +0 -19
- data/app/graphql/types/oval_policy.rb +0 -24
- data/app/lib/proxy_api/available_proxy.rb +0 -44
- data/app/models/concerns/foreman_openscap/oval_facet_host_extensions.rb +0 -38
- data/app/models/concerns/foreman_openscap/oval_facet_hostgroup_extensions.rb +0 -31
- data/app/models/foreman_openscap/cve.rb +0 -23
- data/app/models/foreman_openscap/host/oval_facet.rb +0 -14
- data/app/models/foreman_openscap/host_cve.rb +0 -7
- data/app/models/foreman_openscap/hostgroup/oval_facet.rb +0 -14
- data/app/models/foreman_openscap/hostgroup_oval_facet_oval_policy.rb +0 -6
- data/app/models/foreman_openscap/oval_content.rb +0 -28
- data/app/models/foreman_openscap/oval_facet_oval_policy.rb +0 -6
- data/app/models/foreman_openscap/oval_policy.rb +0 -54
- data/app/models/foreman_openscap/oval_status.rb +0 -45
- data/app/services/foreman_openscap/oval/check_collection.rb +0 -45
- data/app/services/foreman_openscap/oval/configure.rb +0 -83
- data/app/services/foreman_openscap/oval/cves.rb +0 -41
- data/app/services/foreman_openscap/oval/setup.rb +0 -93
- data/app/services/foreman_openscap/oval/setup_check.rb +0 -58
- data/app/services/foreman_openscap/oval/sync_oval_contents.rb +0 -42
- data/app/views/api/v2/compliance/oval_contents/base.json.rabl +0 -6
- data/app/views/api/v2/compliance/oval_contents/create.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_contents/destroy.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_contents/index.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_contents/show.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_contents/sync.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_contents/sync_result.json.rabl +0 -11
- data/app/views/api/v2/compliance/oval_contents/update.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_policies/create.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_policies/index.json.rabl +0 -3
- data/app/views/api/v2/compliance/oval_policies/main.json.rabl +0 -15
- data/app/views/api/v2/compliance/oval_policies/show.json.rabl +0 -3
- data/app/views/job_templates/run_oval_scans.erb +0 -24
- data/locale/cs_CZ/foreman_openscap.edit.po +0 -1863
- data/locale/cs_CZ/foreman_openscap.po.time_stamp +0 -0
- data/locale/de/foreman_openscap.edit.po +0 -1873
- data/locale/de/foreman_openscap.po.time_stamp +0 -0
- data/locale/en/foreman_openscap.edit.po +0 -1863
- data/locale/en/foreman_openscap.po.time_stamp +0 -0
- data/locale/en_GB/foreman_openscap.edit.po +0 -1863
- data/locale/en_GB/foreman_openscap.po.time_stamp +0 -0
- data/locale/es/foreman_openscap.edit.po +0 -1868
- data/locale/es/foreman_openscap.po.time_stamp +0 -0
- data/locale/fr/foreman_openscap.edit.po +0 -1874
- data/locale/fr/foreman_openscap.po.time_stamp +0 -0
- data/locale/gl/foreman_openscap.edit.po +0 -1863
- data/locale/gl/foreman_openscap.po.time_stamp +0 -0
- data/locale/it/foreman_openscap.edit.po +0 -1865
- data/locale/it/foreman_openscap.po.time_stamp +0 -0
- data/locale/ja/foreman_openscap.edit.po +0 -1869
- data/locale/ja/foreman_openscap.po.time_stamp +0 -0
- data/locale/ka/foreman_openscap.edit.po +0 -1863
- data/locale/ka/foreman_openscap.po.time_stamp +0 -0
- data/locale/ko/foreman_openscap.edit.po +0 -1863
- data/locale/ko/foreman_openscap.po.time_stamp +0 -0
- data/locale/pt_BR/foreman_openscap.edit.po +0 -1873
- data/locale/pt_BR/foreman_openscap.po.time_stamp +0 -0
- data/locale/ru/foreman_openscap.edit.po +0 -1867
- data/locale/ru/foreman_openscap.po.time_stamp +0 -0
- data/locale/sv_SE/foreman_openscap.edit.po +0 -1863
- data/locale/sv_SE/foreman_openscap.po.time_stamp +0 -0
- data/locale/zh_CN/foreman_openscap.edit.po +0 -1868
- data/locale/zh_CN/foreman_openscap.po.time_stamp +0 -0
- data/locale/zh_TW/foreman_openscap.edit.po +0 -1864
- data/locale/zh_TW/foreman_openscap.po.time_stamp +0 -0
- data/test/factories/oval_content_factory.rb +0 -7
- data/test/factories/oval_policy_factory.rb +0 -9
- data/test/fixtures/cve_fixtures.rb +0 -104
- data/test/functional/api/v2/compliance/oval_contents_controller_test.rb +0 -39
- data/test/functional/api/v2/compliance/oval_policies_controller_test.rb +0 -141
- data/test/functional/api/v2/compliance/oval_reports_controller_test.rb +0 -32
- data/test/graphql/mutations/oval_policies/delete_mutation_test.rb +0 -63
- data/test/graphql/queries/oval_content_query_test.rb +0 -29
- data/test/graphql/queries/oval_contents_query_test.rb +0 -35
- data/test/graphql/queries/oval_policies_query_test.rb +0 -35
- data/test/unit/oval_host_test.rb +0 -45
- data/test/unit/oval_policy_test.rb +0 -133
- data/test/unit/oval_status_test.rb +0 -47
- data/test/unit/services/oval/cves_test.rb +0 -81
- data/test/unit/services/oval/setup_check_test.rb +0 -37
- data/test/unit/services/oval/setup_test.rb +0 -87
- data/webpack/graphql/mutations/createOvalPolicy.gql +0 -22
- data/webpack/graphql/mutations/deleteOvalContent.gql +0 -9
- data/webpack/graphql/mutations/deleteOvalPolicy.gql +0 -9
- data/webpack/graphql/mutations/updateOvalPolicy.gql +0 -14
- data/webpack/graphql/queries/currentUserAttributes.gql +0 -11
- data/webpack/graphql/queries/cves.gql +0 -23
- data/webpack/graphql/queries/hostgroups.gql +0 -14
- data/webpack/graphql/queries/ovalContent.gql +0 -8
- data/webpack/graphql/queries/ovalContents.gql +0 -19
- data/webpack/graphql/queries/ovalPolicies.gql +0 -20
- data/webpack/graphql/queries/ovalPolicy.gql +0 -29
- data/webpack/helpers/pathsHelper.js +0 -29
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsIndex.js +0 -71
- data/webpack/routes/OvalContents/OvalContentsIndex/OvalContentsTable.js +0 -83
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsDestroy.fixtures.js +0 -105
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsDestroy.test.js +0 -124
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.fixtures.js +0 -127
- data/webpack/routes/OvalContents/OvalContentsIndex/__tests__/OvalContentsIndex.test.js +0 -89
- data/webpack/routes/OvalContents/OvalContentsIndex/index.js +0 -13
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNew.js +0 -138
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNew.scss +0 -3
- data/webpack/routes/OvalContents/OvalContentsNew/OvalContentsNewHelper.js +0 -73
- data/webpack/routes/OvalContents/OvalContentsNew/__tests__/OvalContentsNew.test.js +0 -104
- data/webpack/routes/OvalContents/OvalContentsNew/index.js +0 -13
- data/webpack/routes/OvalContents/OvalContentsShow/OvalContentsShow.js +0 -62
- data/webpack/routes/OvalContents/OvalContentsShow/OvalContentsShow.test.js +0 -45
- data/webpack/routes/OvalContents/OvalContentsShow/OvalContentsShowHelper.js +0 -0
- data/webpack/routes/OvalContents/OvalContentsShow/index.js +0 -35
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesIndex.js +0 -62
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/OvalPoliciesTable.js +0 -74
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesDestroy.fixtures.js +0 -101
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesDestroy.test.js +0 -117
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.fixtures.js +0 -111
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/__tests__/OvalPoliciesIndex.test.js +0 -81
- data/webpack/routes/OvalPolicies/OvalPoliciesIndex/index.js +0 -13
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/HostgroupSelect.js +0 -135
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/NewOvalPolicyForm.js +0 -119
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/NewOvalPolicyFormHelpers.js +0 -107
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/OvalPoliciesNew.js +0 -32
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/__tests__/OvalPoliciesNew.fixtures.js +0 -147
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/__tests__/OvalPoliciesNew.test.js +0 -172
- data/webpack/routes/OvalPolicies/OvalPoliciesNew/index.js +0 -11
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTab.js +0 -49
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/CvesTable.js +0 -63
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/DetailsTab.js +0 -87
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/HostgroupsTab.js +0 -49
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/HostgroupsTable.js +0 -38
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShow.js +0 -82
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/OvalPoliciesShowHelper.js +0 -117
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesEdit.fixtures.js +0 -48
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesEdit.test.js +0 -202
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.fixtures.js +0 -124
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/__tests__/OvalPoliciesShow.test.js +0 -172
- data/webpack/routes/OvalPolicies/OvalPoliciesShow/index.js +0 -39
- data/webpack/routes/routes.js +0 -49
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1332b15937eb430092240b50430503d12b494031dc357711cee88d422bfa0559
|
4
|
+
data.tar.gz: 5fd7b3e4e80187a99506caf214c97189944474fe8ea431b2c74f1454216b9992
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 462a22ad2c6c44a85f408aed545640d28768941a239979bde967a8d52549db65a393fc7a10b2bef98a18d48eff686425ce3c1f431e2a97f3b8358e5ddae219ca
|
7
|
+
data.tar.gz: ae90d141280b390315a7681e7cd46069a997d811a011f4d66d49a793216f72895b777baeb51184066e5ad22a22b1c3aa85c9626061a8279c098e6b1e013049a3
|
data/README.md
CHANGED
@@ -19,7 +19,6 @@ of Foreman based infrastructure.
|
|
19
19
|
+ Waive known issues (one-time waivers, re-occurring, waivers)
|
20
20
|
+ Ad-hoc audit of given machine
|
21
21
|
+ Support for PreupgradeAssistant evaluation
|
22
|
-
+ Vulnerability Assessment (processing OVAL CVE streams)
|
23
22
|
+ E-mail notifications
|
24
23
|
|
25
24
|
## Usage
|
@@ -1,5 +1,16 @@
|
|
1
1
|
module ::ProxyAPI
|
2
2
|
class Openscap < ::ProxyAPI::Resource
|
3
|
+
HTTP_ERRORS = [
|
4
|
+
EOFError,
|
5
|
+
Errno::ECONNRESET,
|
6
|
+
Errno::EINVAL,
|
7
|
+
Net::HTTPBadResponse,
|
8
|
+
Net::HTTPHeaderSyntaxError,
|
9
|
+
Net::ProtocolError,
|
10
|
+
Timeout::Error,
|
11
|
+
ProxyAPI::ProxyException
|
12
|
+
].freeze
|
13
|
+
|
3
14
|
def initialize(args)
|
4
15
|
@url = args[:url] + '/compliance/'
|
5
16
|
super args
|
@@ -10,11 +10,7 @@ module ForemanOpenscap
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def proxy_url
|
13
|
-
@proxy_url ||= SmartProxy.with_features('Openscap').find
|
14
|
-
available = ProxyAPI::AvailableProxy.new(:url => proxy.url)
|
15
|
-
available.available?
|
16
|
-
end.try(:url)
|
17
|
-
@proxy_url
|
13
|
+
@proxy_url ||= SmartProxy.with_features('Openscap').find(&:ping)&.url
|
18
14
|
end
|
19
15
|
|
20
16
|
def create_profiles
|
@@ -37,7 +37,7 @@ module ForemanOpenscap
|
|
37
37
|
private
|
38
38
|
|
39
39
|
def policy_types
|
40
|
-
[ForemanOpenscap::Policy
|
40
|
+
[ForemanOpenscap::Policy]
|
41
41
|
end
|
42
42
|
|
43
43
|
def initialize_constants(policy_class)
|
@@ -59,15 +59,6 @@ module ForemanOpenscap
|
|
59
59
|
)
|
60
60
|
)
|
61
61
|
end
|
62
|
-
|
63
|
-
if policy_class == ::ForemanOpenscap::OvalPolicy
|
64
|
-
@constants = OpenStruct.new(
|
65
|
-
base_constants.merge(
|
66
|
-
:policies_param => 'foreman_scap_client_oval_policies',
|
67
|
-
:policies_param_default_value => '<%= @host.oval_policies_enc %>'
|
68
|
-
)
|
69
|
-
)
|
70
|
-
end
|
71
62
|
end
|
72
63
|
end
|
73
64
|
end
|
@@ -22,7 +22,7 @@ module ForemanOpenscap
|
|
22
22
|
errors['errors'].each { |error| data_stream_content.errors.add(:scap_file, _(error)) }
|
23
23
|
return false
|
24
24
|
end
|
25
|
-
rescue *ProxyAPI::
|
25
|
+
rescue *ProxyAPI::Openscap::HTTP_ERRORS => e
|
26
26
|
data_stream_content.errors.add(:base, _('No available proxy to validate. Returned with error: %s') % e)
|
27
27
|
return false
|
28
28
|
end
|
data/config/routes.rb
CHANGED
@@ -94,21 +94,6 @@ Rails.application.routes.draw do
|
|
94
94
|
|
95
95
|
post 'arf_reports/:cname/:policy_id/:date', \
|
96
96
|
:constraints => { :cname => /[^\/]+/ }, :to => 'arf_reports#create'
|
97
|
-
|
98
|
-
resources :oval_contents, :except => %i[new edit] do
|
99
|
-
collection do
|
100
|
-
post 'sync'
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
resources :oval_policies, :except => %i[new edit] do
|
105
|
-
member do
|
106
|
-
post 'assign_hostgroups'
|
107
|
-
post 'assign_hosts'
|
108
|
-
get 'oval_content'
|
109
|
-
end
|
110
|
-
end
|
111
|
-
post 'oval_reports/:cname/:oval_policy_id/:date', :constraints => { :cname => /[^\/]+/ }, :to => 'oval_reports#create'
|
112
97
|
end
|
113
98
|
end
|
114
99
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class DropOval < ActiveRecord::Migration[6.1]
|
2
|
+
def up
|
3
|
+
drop_table :foreman_openscap_host_cves
|
4
|
+
drop_table :foreman_openscap_oval_contents
|
5
|
+
drop_table :foreman_openscap_oval_policies
|
6
|
+
drop_table :foreman_openscap_hostgroup_oval_facet_oval_policies
|
7
|
+
drop_table :foreman_openscap_hostgroup_oval_facets
|
8
|
+
drop_table :foreman_openscap_oval_facet_oval_policies
|
9
|
+
drop_table :foreman_openscap_oval_facets
|
10
|
+
drop_table :foreman_openscap_cves
|
11
|
+
|
12
|
+
scope = ::HostStatus::Status.where(type: 'ForemanOpenscap::OvalStatus')
|
13
|
+
host_ids = scope.pluck(:host_id)
|
14
|
+
scope.delete_all
|
15
|
+
::Host::Managed.where(id: host_ids).find_each(&:refresh_global_status!)
|
16
|
+
end
|
17
|
+
end
|
@@ -6,14 +6,15 @@ require 'tempfile'
|
|
6
6
|
module ForemanOpenscap
|
7
7
|
class DataMigration
|
8
8
|
def initialize(proxy_id)
|
9
|
-
@proxy = ::SmartProxy.
|
10
|
-
|
11
|
-
|
9
|
+
@proxy = ::SmartProxy.with_features('Openscap').where(id: proxy_id).first
|
10
|
+
if @proxy
|
11
|
+
puts "Found proxy #{@proxy.to_label}"
|
12
|
+
@url = @proxy.url
|
13
|
+
end
|
12
14
|
end
|
13
15
|
|
14
16
|
def available?
|
15
|
-
|
16
|
-
::ProxyAPI::AvailableProxy.new(:url => @url).available? && foreman_available?
|
17
|
+
@proxy&.ping && foreman_available?
|
17
18
|
end
|
18
19
|
|
19
20
|
def migrate
|
@@ -47,7 +48,7 @@ module ForemanOpenscap
|
|
47
48
|
foreman_status_url = Setting[:foreman_url] + '/status'
|
48
49
|
response = JSON.parse(RestClient.get(foreman_status_url))
|
49
50
|
return true if response["status"] == "ok"
|
50
|
-
rescue *::ProxyAPI::
|
51
|
+
rescue *::ProxyAPI::Openscap::HTTP_ERRORS
|
51
52
|
return false
|
52
53
|
end
|
53
54
|
|
@@ -43,7 +43,7 @@ module ForemanOpenscap
|
|
43
43
|
end
|
44
44
|
|
45
45
|
initializer 'foreman_openscap.filter_large_params' do |app|
|
46
|
-
app.config.filter_parameters += %i[logs scap_file
|
46
|
+
app.config.filter_parameters += %i[logs scap_file] if app.config.filter_parameters
|
47
47
|
end
|
48
48
|
|
49
49
|
initializer 'foreman_openscap.register_plugin', :before => :finisher_hook do |app|
|
@@ -54,7 +54,6 @@ module ForemanOpenscap
|
|
54
54
|
apipie_documented_controllers ["#{ForemanOpenscap::Engine.root}/app/controllers/api/v2/compliance/*.rb"]
|
55
55
|
|
56
56
|
register_custom_status ForemanOpenscap::ComplianceStatus
|
57
|
-
register_custom_status ForemanOpenscap::OvalStatus
|
58
57
|
|
59
58
|
# Add permissions
|
60
59
|
security_block :foreman_openscap do
|
@@ -123,24 +122,6 @@ module ForemanOpenscap
|
|
123
122
|
:resource_type => 'ForemanOpenscap::TailoringFile'
|
124
123
|
permission :view_openscap_proxies, { :openscap_proxies => [:openscap_spool] },
|
125
124
|
:resource_type => 'SmartProxy'
|
126
|
-
permission :view_oval_contents, { 'api/v2/compliance/oval_contents' => %i[index show] },
|
127
|
-
:resource_type => 'ForemanOpenscap::OvalContent'
|
128
|
-
permission :edit_oval_contents, { 'api/v2/compliance/oval_contents' => %i[update sync] },
|
129
|
-
:resource_type => 'ForemanOpenscap::OvalContent'
|
130
|
-
permission :create_oval_contents, { 'api/v2/compliance/oval_contents' => %i[create] },
|
131
|
-
:resource_type => 'ForemanOpenscap::OvalContent'
|
132
|
-
permission :destroy_oval_contents, { 'api/v2/compliance/oval_contents' => %i[destroy] },
|
133
|
-
:resource_type => 'ForemanOpenscap::OvalContent'
|
134
|
-
permission :view_oval_policies, { 'api/v2/compliance/oval_policies' => %i[index show oval_content] },
|
135
|
-
:resource_type => 'ForemanOpenscap::OvalPolicy'
|
136
|
-
permission :edit_oval_policies, { 'api/v2/compliance/oval_policies' => %i[update assign_hosts assign_hostgroups] },
|
137
|
-
:resource_type => 'ForemanOpenscap::OvalPolicy'
|
138
|
-
permission :create_oval_policies, { 'api/v2/compliance/oval_policies' => %i[create] },
|
139
|
-
:resource_type => 'ForemanOpenscap::OvalPolicy'
|
140
|
-
permission :destroy_oval_policies, { 'api/v2/compliance/oval_policies' => %i[destroy] },
|
141
|
-
:resource_type => 'ForemanOpenscap::OvalPolicy'
|
142
|
-
permission :create_oval_policies, { 'api/v2/compliance/oval_reports' => %i[create] },
|
143
|
-
:resource_type => 'ForemanOpenscap::Cve'
|
144
125
|
end
|
145
126
|
|
146
127
|
role "Compliance viewer", %i[view_arf_reports view_policies view_scap_contents view_tailoring_files view_openscap_proxies],
|
@@ -169,15 +150,7 @@ module ForemanOpenscap
|
|
169
150
|
menu :top_menu, :compliance_files, :caption => N_('Tailoring Files'),
|
170
151
|
:url_hash => { :controller => :tailoring_files, :action => :index },
|
171
152
|
:parent => :hosts_menu
|
172
|
-
|
173
|
-
:url_hash => { :controller => 'react', :action => 'index' },
|
174
|
-
:url => '/experimental/compliance/oval_contents',
|
175
|
-
:parent => :lab_features_menu
|
176
|
-
|
177
|
-
menu :labs_menu, :oval_policies, :caption => N_('OVAL Policies'),
|
178
|
-
:url_hash => { :controller => 'react', :action => 'index' },
|
179
|
-
:url => '/experimental/compliance/oval_policies',
|
180
|
-
:parent => :lab_features_menu
|
153
|
+
|
181
154
|
# add dashboard widget
|
182
155
|
widget 'compliance_host_reports_widget',
|
183
156
|
:name => N_('Latest Compliance Reports'), :sizex => 6, :sizey => 1
|
@@ -219,27 +192,6 @@ module ForemanOpenscap
|
|
219
192
|
|
220
193
|
register_global_js_file 'global'
|
221
194
|
|
222
|
-
register_graphql_query_field :oval_contents, '::Types::OvalContent', :collection_field
|
223
|
-
register_graphql_query_field :oval_content, '::Types::OvalContent', :record_field
|
224
|
-
register_graphql_query_field :oval_policies, '::Types::OvalPolicy', :collection_field
|
225
|
-
register_graphql_query_field :oval_policy, '::Types::OvalPolicy', :record_field
|
226
|
-
register_graphql_query_field :cves, '::Types::Cve', :collection_field
|
227
|
-
|
228
|
-
register_graphql_mutation_field :delete_oval_policy, ::Mutations::OvalPolicies::Delete
|
229
|
-
register_graphql_mutation_field :delete_oval_content, ::Mutations::OvalContents::Delete
|
230
|
-
register_graphql_mutation_field :update_oval_policy, ::Mutations::OvalPolicies::Update
|
231
|
-
register_graphql_mutation_field :create_oval_policy, ::Mutations::OvalPolicies::Create
|
232
|
-
|
233
|
-
register_facet ForemanOpenscap::Host::OvalFacet, :oval_facet do
|
234
|
-
configure_host do
|
235
|
-
extend_model ForemanOpenscap::OvalFacetHostExtensions
|
236
|
-
end
|
237
|
-
|
238
|
-
configure_hostgroup(ForemanOpenscap::Hostgroup::OvalFacet) do
|
239
|
-
extend_model ForemanOpenscap::OvalFacetHostgroupExtensions
|
240
|
-
end
|
241
|
-
end
|
242
|
-
|
243
195
|
describe_host do
|
244
196
|
multiple_actions_provider :compliance_host_multiple_actions
|
245
197
|
overview_buttons_provider :compliance_host_overview_button
|
@@ -271,10 +223,6 @@ module ForemanOpenscap
|
|
271
223
|
:provided_inputs => "policies"
|
272
224
|
}
|
273
225
|
|
274
|
-
oval_options = {
|
275
|
-
:description => N_("Run OVAL scan")
|
276
|
-
}
|
277
|
-
|
278
226
|
ansible_remediation_options = {
|
279
227
|
:description => N_("Run OpenSCAP remediation with Ansible"),
|
280
228
|
:provided_inputs => ["tasks", "reboot"]
|
@@ -287,11 +235,9 @@ module ForemanOpenscap
|
|
287
235
|
|
288
236
|
if Gem::Version.new(ForemanRemoteExecution::VERSION) >= Gem::Version.new('1.2.3')
|
289
237
|
options[:host_action_button] = true
|
290
|
-
oval_options[:host_action_button] = (!::Foreman.in_rake? && ActiveRecord::Base.connection.table_exists?(:settings)) ? (Setting.find_by(:name => 'lab_features')&.value || false) : false
|
291
238
|
end
|
292
239
|
|
293
240
|
RemoteExecutionFeature.register(:foreman_openscap_run_scans, N_("Run OpenSCAP scan"), options)
|
294
|
-
RemoteExecutionFeature.register(:foreman_openscap_run_oval_scans, N_("Run OVAL scan"), oval_options)
|
295
241
|
RemoteExecutionFeature.register(:ansible_run_openscap_remediation, N_("Run OpenSCAP remediation with Ansible"), ansible_remediation_options)
|
296
242
|
RemoteExecutionFeature.register(:script_run_openscap_remediation, N_("Run OpenSCAP remediation with Shell"), script_remediation_options)
|
297
243
|
end
|
@@ -16,16 +16,4 @@ FactoryBot.define do
|
|
16
16
|
openscap_proxy { SmartProxy.unscoped.with_features('Openscap').first || FactoryBot.create(:openscap_proxy) }
|
17
17
|
policies { [] }
|
18
18
|
end
|
19
|
-
|
20
|
-
factory :oval_facet, :class => ForemanOpenscap::Host::OvalFacet
|
21
|
-
|
22
|
-
factory :oval_host, :class => Host::Managed do
|
23
|
-
sequence(:name) { |n| "host#{n}" }
|
24
|
-
end
|
25
|
-
|
26
|
-
factory :cve, :class => ForemanOpenscap::Cve do
|
27
|
-
sequence(:ref_id) { |n| "CVE-#{n}" }
|
28
|
-
sequence(:ref_url) { |n| "https://access.redhat.com/security/cve/CVE-#{n}" }
|
29
|
-
sequence(:definition_id) { |n| "oval:com.redhat.rhsa:def:202015#{n}" }
|
30
|
-
end
|
31
19
|
end
|
data/test/test_plugin_helper.rb
CHANGED
@@ -8,8 +8,6 @@ FactoryBot.definition_file_paths << File.join(ForemanAnsible::Engine.root, '/tes
|
|
8
8
|
FactoryBot.definition_file_paths << File.join(ForemanPuppet::Engine.root, '/test/factories') if defined?(ForemanPuppet::Engine)
|
9
9
|
FactoryBot.reload
|
10
10
|
|
11
|
-
require "#{ForemanOpenscap::Engine.root}/test/fixtures/cve_fixtures"
|
12
|
-
|
13
11
|
module ScapClientPuppetclass
|
14
12
|
def puppet_available?
|
15
13
|
Foreman::Plugin.installed?("foreman_puppet")
|
@@ -17,7 +17,6 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
17
17
|
|
18
18
|
test 'scap content should fail if no openscap proxy' do
|
19
19
|
SmartProxy.stubs(:with_features).returns([])
|
20
|
-
ProxyAPI::AvailableProxy.any_instance.stubs(:available?).returns(false)
|
21
20
|
scap_content = ForemanOpenscap::ScapContent.new(:title => 'Fedora', :scap_file => @scap_file)
|
22
21
|
refute(scap_content.save)
|
23
22
|
assert_includes(scap_content.errors.messages[:base], 'No proxy with OpenSCAP feature was found.')
|
@@ -26,8 +25,8 @@ class ScapContentTest < ActiveSupport::TestCase
|
|
26
25
|
test 'proxy_url should return the first available proxy it finds' do
|
27
26
|
available_proxy = SmartProxy.with_features('Openscap').first
|
28
27
|
unavailable_proxy = FactoryBot.create(:smart_proxy, :url => 'http://proxy.example.com:8443', :features => [FactoryBot.create(:feature, :name => 'Openscap')])
|
29
|
-
|
30
|
-
|
28
|
+
SmartProxy.expects(:with_features).with('Openscap').returns([unavailable_proxy, available_proxy])
|
29
|
+
SmartProxy.any_instance.expects(:ping).twice.returns(false).then.returns(true)
|
31
30
|
scap_content = ForemanOpenscap::ScapContent.new(:title => 'Fedora', :scap_file => @scap_file)
|
32
31
|
assert_equal(available_proxy.url, scap_content.proxy_url)
|
33
32
|
end
|
@@ -6,7 +6,7 @@ import { Button } from '@patternfly/react-core';
|
|
6
6
|
|
7
7
|
import { translate as __ } from 'foremanReact/common/I18n';
|
8
8
|
import { foremanUrl } from 'foremanReact/common/helpers';
|
9
|
-
import {
|
9
|
+
import { useForemanHostsPageUrl } from 'foremanReact/Root/Context/ForemanContext';
|
10
10
|
|
11
11
|
const ViewSelectedHostsLink = ({
|
12
12
|
hostIdsParam,
|
@@ -14,7 +14,7 @@ const ViewSelectedHostsLink = ({
|
|
14
14
|
defaultFailedHostsSearch,
|
15
15
|
}) => {
|
16
16
|
const search = isAllHostsSelected ? defaultFailedHostsSearch : hostIdsParam;
|
17
|
-
const url = foremanUrl(`${
|
17
|
+
const url = foremanUrl(`${useForemanHostsPageUrl()}?search=${search}`);
|
18
18
|
return (
|
19
19
|
<Button
|
20
20
|
component="a"
|
@@ -7,6 +7,7 @@ import {
|
|
7
7
|
ToolbarContent,
|
8
8
|
ToolbarGroup,
|
9
9
|
ToolbarItem,
|
10
|
+
Button,
|
10
11
|
} from '@patternfly/react-core';
|
11
12
|
import { Td } from '@patternfly/react-table';
|
12
13
|
import { toArray } from 'lodash';
|
@@ -19,6 +20,7 @@ import { useBulkSelect } from 'foremanReact/components/PF4/TableIndexPage/Table/
|
|
19
20
|
import { getPageStats } from 'foremanReact/components/PF4/TableIndexPage/Table/helpers';
|
20
21
|
import { STATUS } from 'foremanReact/constants';
|
21
22
|
import { useAPI } from 'foremanReact/common/hooks/API/APIHooks';
|
23
|
+
import { useForemanHostDetailsPageUrl } from 'foremanReact/Root/Context/ForemanContext';
|
22
24
|
|
23
25
|
import OpenscapRemediationWizardContext from '../OpenscapRemediationWizardContext';
|
24
26
|
import WizardHeader from '../WizardHeader';
|
@@ -158,11 +160,19 @@ const ReviewHosts = () => {
|
|
158
160
|
rowData: PropTypes.object.isRequired,
|
159
161
|
};
|
160
162
|
|
163
|
+
const hostDetailsURL = useForemanHostDetailsPageUrl();
|
161
164
|
const columns = {
|
162
165
|
name: {
|
163
166
|
title: __('Name'),
|
164
|
-
wrapper: ({
|
165
|
-
<
|
167
|
+
wrapper: ({ name, display_name: displayName }) => (
|
168
|
+
<Button
|
169
|
+
component="a"
|
170
|
+
variant="link"
|
171
|
+
target="_blank"
|
172
|
+
href={foremanUrl(`${hostDetailsURL}${name}`)}
|
173
|
+
>
|
174
|
+
{displayName}
|
175
|
+
</Button>
|
166
176
|
),
|
167
177
|
isSorted: true,
|
168
178
|
weight: 50,
|
@@ -16,12 +16,15 @@ import { ExternalLinkSquareAltIcon } from '@patternfly/react-icons';
|
|
16
16
|
|
17
17
|
import { translate as __ } from 'foremanReact/common/I18n';
|
18
18
|
import { foremanUrl } from 'foremanReact/common/helpers';
|
19
|
-
import {
|
19
|
+
import {
|
20
|
+
useForemanHostsPageUrl,
|
21
|
+
useForemanHostDetailsPageUrl,
|
22
|
+
} from 'foremanReact/Root/Context/ForemanContext';
|
20
23
|
|
21
24
|
import OpenscapRemediationWizardContext from '../OpenscapRemediationWizardContext';
|
22
25
|
import WizardHeader from '../WizardHeader';
|
23
26
|
import ViewSelectedHostsLink from '../ViewSelectedHostsLink';
|
24
|
-
import {
|
27
|
+
import { FAIL_RULE_SEARCH } from '../constants';
|
25
28
|
import { findFixBySnippet } from '../helpers';
|
26
29
|
|
27
30
|
import './ReviewRemediation.scss';
|
@@ -120,7 +123,7 @@ const ReviewRemediation = () => {
|
|
120
123
|
iconPosition="right"
|
121
124
|
target="_blank"
|
122
125
|
component="a"
|
123
|
-
href={foremanUrl(`${
|
126
|
+
href={foremanUrl(`${useForemanHostDetailsPageUrl()}${hostName}`)}
|
124
127
|
>
|
125
128
|
{hostName}
|
126
129
|
</Button>{' '}
|
@@ -133,7 +136,7 @@ const ReviewRemediation = () => {
|
|
133
136
|
target="_blank"
|
134
137
|
component="a"
|
135
138
|
href={foremanUrl(
|
136
|
-
`${
|
139
|
+
`${useForemanHostsPageUrl()}?search=${FAIL_RULE_SEARCH} = ${source}`
|
137
140
|
)}
|
138
141
|
>
|
139
142
|
{__('Other hosts failing this rule')}
|
data/webpack/global_index.js
CHANGED
@@ -1,10 +1,6 @@
|
|
1
1
|
import React from 'react';
|
2
|
-
import { registerRoutes } from 'foremanReact/routes/RoutingService';
|
3
2
|
import { addGlobalFill } from 'foremanReact/components/common/Fill/GlobalFill';
|
4
3
|
import HostKebabItems from './components/HostExtentions/HostKebabItems';
|
5
|
-
import routes from './routes/routes';
|
6
|
-
|
7
|
-
registerRoutes('foreman_openscap', routes);
|
8
4
|
|
9
5
|
addGlobalFill(
|
10
6
|
'host-details-kebab',
|