foreman_openscap 9.0.2 → 9.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/compliance/tailoring_files_controller.rb +0 -8
- data/app/models/concerns/foreman_openscap/host_extensions.rb +1 -3
- data/app/models/foreman_openscap/policy.rb +0 -4
- data/app/views/tailoring_files/welcome.html.erb +1 -8
- data/lib/foreman_openscap/version.rb +1 -1
- data/test/functional/api/v2/compliance/tailoring_files_controller_test.rb +0 -11
- data/test/unit/concerns/host_extensions_test.rb +0 -9
- metadata +2 -7
- data/app/helpers/tailoring_files_helper.rb +0 -5
- data/app/services/foreman_openscap/openscap_proxy_assigned_version_check.rb +0 -14
- data/app/services/foreman_openscap/openscap_proxy_version_check.rb +0 -62
- data/test/unit/services/tailoring_files_proxy_check_test.rb +0 -27
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7f47e20cecbc1294a564f405e94da207c92060f948a056aa0ef22d14b226eada
|
|
4
|
+
data.tar.gz: cd21764970990472b08da16879541b9a049662ff91d4af42bb7c24f238c1e725
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f300139aa92a12754ad23da61402e93fe5654cb831ecbbeef04f595c7654a38838d44c257066ae59a7e2c6e8aac44e1341ce7fb0ad9655102cb8bb1675fbbdf2
|
|
7
|
+
data.tar.gz: 21fb172c6a58710a62da0fcca139d868001ab9eabcc7525557af8bbf930195cda66fd7362a6677155644b1b82b0318cb265efc3986f8ebf764f5e16da0432dad
|
|
@@ -6,7 +6,6 @@ module Api::V2
|
|
|
6
6
|
include ForemanOpenscap::Api::V2::ScapApiControllerExtensions
|
|
7
7
|
|
|
8
8
|
before_action :find_resource, :except => %w[index create]
|
|
9
|
-
before_action :openscap_proxy_check, :only => %w[create]
|
|
10
9
|
|
|
11
10
|
api :GET, '/compliance/tailoring_files', N_('List Tailoring files')
|
|
12
11
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
|
@@ -77,13 +76,6 @@ module Api::V2
|
|
|
77
76
|
super
|
|
78
77
|
end
|
|
79
78
|
end
|
|
80
|
-
|
|
81
|
-
def openscap_proxy_check
|
|
82
|
-
unless ForemanOpenscap::TailoringFile.any?
|
|
83
|
-
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
|
84
|
-
render_error :custom_error, :status => :unprocessable_entity, :locals => { :message => check.message } unless check.pass?
|
|
85
|
-
end
|
|
86
|
-
end
|
|
87
79
|
end
|
|
88
80
|
end
|
|
89
81
|
end
|
|
@@ -102,9 +102,7 @@ module ForemanOpenscap
|
|
|
102
102
|
end
|
|
103
103
|
|
|
104
104
|
def policies_enc_raw
|
|
105
|
-
|
|
106
|
-
method = check.pass? ? :to_enc : :to_enc_legacy
|
|
107
|
-
combined_policies.map(&method)
|
|
105
|
+
combined_policies.map(&:to_enc)
|
|
108
106
|
end
|
|
109
107
|
|
|
110
108
|
def combined_policies
|
|
@@ -196,10 +196,6 @@ module ForemanOpenscap
|
|
|
196
196
|
}.merge(period_enc)
|
|
197
197
|
end
|
|
198
198
|
|
|
199
|
-
def to_enc_legacy
|
|
200
|
-
to_enc.tap { |hash| hash['download_path'] = "/compliance/policies/#{self.id}/content" }
|
|
201
|
-
end
|
|
202
|
-
|
|
203
199
|
def should_validate?(step_name)
|
|
204
200
|
if new_record? && wizard_initiated?
|
|
205
201
|
step_index > step_to_i(step_name)
|
|
@@ -8,14 +8,7 @@
|
|
|
8
8
|
<%= (_('In Foreman, tailoring_files represent the custom modifications to default XCCDF profiles and they can be applied to hosts
|
|
9
9
|
via %s') % link_to('compliance policies', policies_path)).html_safe %>
|
|
10
10
|
</p>
|
|
11
|
-
<% proxy_check = run_tailoring_proxy_check %>
|
|
12
11
|
<div class="blank-slate-pf-main-action">
|
|
13
|
-
<%= new_link(_('New Tailoring File'), {}, { :class => "btn-lg"
|
|
12
|
+
<%= new_link(_('New Tailoring File'), {}, { :class => "btn-lg" }) %>
|
|
14
13
|
</div>
|
|
15
|
-
|
|
16
|
-
<p>
|
|
17
|
-
<% unless proxy_check.pass? %>
|
|
18
|
-
<%= alert :class => 'alert-warning', :header => '', :text => proxy_check.message.html_safe %>
|
|
19
|
-
<% end %>
|
|
20
|
-
</p>
|
|
21
14
|
</div>
|
|
@@ -24,8 +24,6 @@ class Api::V2::Compliance::TailoringFilesControllerTest < ActionController::Test
|
|
|
24
24
|
test "should create tailoring_file" do
|
|
25
25
|
tf = FactoryBot.build(:tailoring_file)
|
|
26
26
|
tf_params = { :name => tf.name, :original_filename => tf.original_filename, :scap_file => tf.scap_file }
|
|
27
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
28
|
-
.returns({})
|
|
29
27
|
post :create, :params => tf_params, :session => set_session_user
|
|
30
28
|
assert_response :success
|
|
31
29
|
end
|
|
@@ -50,13 +48,4 @@ class Api::V2::Compliance::TailoringFilesControllerTest < ActionController::Test
|
|
|
50
48
|
assert_response :ok
|
|
51
49
|
refute ForemanOpenscap::ScapContent.exists?(tailoring_file.id)
|
|
52
50
|
end
|
|
53
|
-
|
|
54
|
-
test "should not create tailoring file when there is outdated proxy version" do
|
|
55
|
-
tf = FactoryBot.build(:tailoring_file)
|
|
56
|
-
tf_params = { :name => tf.name, :original_filename => tf.original_filename, :scap_file => tf.scap_file }
|
|
57
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
58
|
-
.returns('test-proxy' => '0.5.4')
|
|
59
|
-
post :create, :params => tf_params, :session => set_session_user
|
|
60
|
-
assert_response :unprocessable_entity
|
|
61
|
-
end
|
|
62
51
|
end
|
|
@@ -9,16 +9,7 @@ class HostExtensionsTest < ActiveSupport::TestCase
|
|
|
9
9
|
@host = FactoryBot.create(:compliance_host, :policies => [@policy])
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
test "should have download_path in enc without digest" do
|
|
13
|
-
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
14
|
-
.returns('test-proxy' => '0.5.4')
|
|
15
|
-
enc_out = JSON.parse @host.policies_enc
|
|
16
|
-
assert_equal 5, enc_out.first['download_path'].split('/').length
|
|
17
|
-
end
|
|
18
|
-
|
|
19
12
|
test "should have download_path in enc with digest" do
|
|
20
|
-
ForemanOpenscap::OpenscapProxyAssignedVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
21
|
-
.returns({})
|
|
22
13
|
enc_out = JSON.parse @host.policies_enc
|
|
23
14
|
assert_equal 6, enc_out.first['download_path'].split('/').length
|
|
24
15
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_openscap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 9.0.
|
|
4
|
+
version: 9.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- slukasik@redhat.com
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-07-
|
|
11
|
+
date: 2024-07-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|
|
@@ -91,7 +91,6 @@ files:
|
|
|
91
91
|
- app/helpers/foreman_openscap_helper.rb
|
|
92
92
|
- app/helpers/policies_helper.rb
|
|
93
93
|
- app/helpers/policy_dashboard_helper.rb
|
|
94
|
-
- app/helpers/tailoring_files_helper.rb
|
|
95
94
|
- app/lib/proxy_api/migration.rb
|
|
96
95
|
- app/lib/proxy_api/openscap.rb
|
|
97
96
|
- app/mailers/foreman_openscap/policy_mailer.rb
|
|
@@ -127,8 +126,6 @@ files:
|
|
|
127
126
|
- app/services/foreman_openscap/hostgroup_overrider_common.rb
|
|
128
127
|
- app/services/foreman_openscap/lookup_key_overrider.rb
|
|
129
128
|
- app/services/foreman_openscap/lookup_key_overrides_common.rb
|
|
130
|
-
- app/services/foreman_openscap/openscap_proxy_assigned_version_check.rb
|
|
131
|
-
- app/services/foreman_openscap/openscap_proxy_version_check.rb
|
|
132
129
|
- app/services/foreman_openscap/policy_dashboard/data.rb
|
|
133
130
|
- app/services/foreman_openscap/report_dashboard/data.rb
|
|
134
131
|
- app/services/proxy_status/openscap_spool.rb
|
|
@@ -409,7 +406,6 @@ files:
|
|
|
409
406
|
- test/unit/services/hostgroup_overrider_test.rb
|
|
410
407
|
- test/unit/services/lookup_key_overrider_test.rb
|
|
411
408
|
- test/unit/services/report_dashboard/data_test.rb
|
|
412
|
-
- test/unit/services/tailoring_files_proxy_check_test.rb
|
|
413
409
|
- test/unit/tailoring_file_test.rb
|
|
414
410
|
- webpack/components/ConfirmModal.js
|
|
415
411
|
- webpack/components/ConfirmModal.scss
|
|
@@ -525,5 +521,4 @@ test_files:
|
|
|
525
521
|
- test/unit/services/hostgroup_overrider_test.rb
|
|
526
522
|
- test/unit/services/lookup_key_overrider_test.rb
|
|
527
523
|
- test/unit/services/report_dashboard/data_test.rb
|
|
528
|
-
- test/unit/services/tailoring_files_proxy_check_test.rb
|
|
529
524
|
- test/unit/tailoring_file_test.rb
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
module ForemanOpenscap
|
|
2
|
-
class OpenscapProxyAssignedVersionCheck < OpenscapProxyVersionCheck
|
|
3
|
-
def initialize(host)
|
|
4
|
-
@host = host
|
|
5
|
-
super()
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
private
|
|
9
|
-
|
|
10
|
-
def get_openscap_proxies
|
|
11
|
-
@host.openscap_proxy ? [@host.openscap_proxy] : []
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
end
|
|
@@ -1,62 +0,0 @@
|
|
|
1
|
-
module ForemanOpenscap
|
|
2
|
-
class OpenscapProxyVersionCheck
|
|
3
|
-
def initialize
|
|
4
|
-
@versions = {}
|
|
5
|
-
@message = ''
|
|
6
|
-
@down = []
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
def run
|
|
10
|
-
@versions = openscap_proxy_versions.select do |key, value|
|
|
11
|
-
Gem::Version.new(value) < Gem::Version.new("0.6.1")
|
|
12
|
-
end
|
|
13
|
-
self
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def pass?
|
|
17
|
-
!any_outdated? && !any_unreachable?
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def any_outdated?
|
|
21
|
-
!@versions.empty?
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def any_unreachable?
|
|
25
|
-
!@down.empty?
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def message
|
|
29
|
-
if pass?
|
|
30
|
-
@message
|
|
31
|
-
else
|
|
32
|
-
build_message
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
private
|
|
37
|
-
|
|
38
|
-
def build_message
|
|
39
|
-
@message = _('This feature is temporarily disabled. ')
|
|
40
|
-
@message << _('The following Smart Proxies need to be updated to unlock the feature: %s. ') % @versions.keys.to_sentence if any_outdated?
|
|
41
|
-
@message << _('The following proxies could not be reached: %s. Please make sure they are available so Foreman can check their versions.') % @down.to_sentence if any_unreachable?
|
|
42
|
-
@message
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def get_openscap_proxies
|
|
46
|
-
SmartProxy.with_features "Openscap"
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
def openscap_proxy_versions
|
|
50
|
-
get_openscap_proxies.inject({}) do |memo, proxy|
|
|
51
|
-
begin
|
|
52
|
-
status = ProxyStatus::Version.new(proxy).version
|
|
53
|
-
openscap_version = status["modules"]["openscap"]
|
|
54
|
-
memo[proxy.name] = openscap_version
|
|
55
|
-
rescue Foreman::WrappedException
|
|
56
|
-
@down << proxy.name
|
|
57
|
-
end
|
|
58
|
-
memo
|
|
59
|
-
end
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
end
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
require 'test_plugin_helper'
|
|
2
|
-
|
|
3
|
-
class TailoringFilesProxyCheckTest < ActiveSupport::TestCase
|
|
4
|
-
test 'should find proxies with old versions' do
|
|
5
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
6
|
-
.returns('old-proxy.test.com' => "0.5.4", "outdate-proxy.test.com" => "0.6.0")
|
|
7
|
-
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
|
8
|
-
refute check.pass?
|
|
9
|
-
refute check.message.empty?
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
test 'should not find any outdated proxies' do
|
|
13
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:openscap_proxy_versions)
|
|
14
|
-
.returns({})
|
|
15
|
-
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
|
16
|
-
assert check.pass?
|
|
17
|
-
assert check.message.empty?
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
test 'should fail when proxy cannot be reached' do
|
|
21
|
-
ProxyStatus::Version.any_instance.stubs(:version).raises(Foreman::WrappedException.new(nil, 'test message'))
|
|
22
|
-
ForemanOpenscap::OpenscapProxyVersionCheck.any_instance.stubs(:get_openscap_proxies).returns([FactoryBot.create(:openscap_proxy)])
|
|
23
|
-
check = ForemanOpenscap::OpenscapProxyVersionCheck.new.run
|
|
24
|
-
refute check.pass?
|
|
25
|
-
refute check.message.empty?
|
|
26
|
-
end
|
|
27
|
-
end
|