foreman_scap_client 0.5.0 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 825ce2dba8229d5ed21451e89686f8b5d496d11a7b8520cc69e5e0b46be0f08c
|
|
4
|
+
data.tar.gz: fdde4a6929aaf4318acec62faf415121977f03cdb5a0034a09195520527ed83e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '086cbe81e50cbacdc9955ee9f5e65354fbd34e4a2c05937dbf333e37d890dc236508ca6dc6bd49d99d268178a7090a967c62e1debbfceed198135d09d6b35b56'
|
|
7
|
+
data.tar.gz: dfafef66458765b284a1b5ff37ec8ce94a083f881adecafb6bbc0b489f7686a17a36b648f1efaf29c4bc4b899f65c7e1f7346e218e2b6f706aa96c51218b5d55
|
data/config/config.yaml.example
CHANGED
|
@@ -28,11 +28,11 @@
|
|
|
28
28
|
# leave empty for default profile
|
|
29
29
|
:profile: ''
|
|
30
30
|
# ds input file
|
|
31
|
-
:content_path: '/usr/share/xml/scap/ssg/
|
|
31
|
+
:content_path: '/usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml'
|
|
32
32
|
|
|
33
33
|
2:
|
|
34
34
|
:profile: 'xccdf_org.ssgproject.content_profile_common'
|
|
35
|
-
:content_path: '/usr/share/xml/scap/ssg/
|
|
35
|
+
:content_path: '/usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml'
|
|
36
36
|
|
|
37
37
|
:oval:
|
|
38
38
|
3:
|
|
@@ -81,7 +81,7 @@ module ForemanScapClient
|
|
|
81
81
|
def run_scan
|
|
82
82
|
stdout_str, error_str, result = Open3.capture3(scan_command_env_vars, scan_command)
|
|
83
83
|
if result.success? || result.exitstatus == 2
|
|
84
|
-
puts error_str.split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
|
|
84
|
+
puts error_str.scrub("?").split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
|
|
85
85
|
@report = results_path
|
|
86
86
|
else
|
|
87
87
|
puts 'Scan failed'
|
|
@@ -182,7 +182,7 @@ module ForemanScapClient
|
|
|
182
182
|
https.ca_file = config[:ca_file]
|
|
183
183
|
begin
|
|
184
184
|
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
|
185
|
-
https.key = OpenSSL::PKey
|
|
185
|
+
https.key = OpenSSL::PKey.read File.read(config[:host_private_key])
|
|
186
186
|
rescue StandardError => e
|
|
187
187
|
puts 'Unable to load certs'
|
|
188
188
|
puts e.message
|
|
@@ -36,7 +36,18 @@ module ForemanScapClient
|
|
|
36
36
|
else
|
|
37
37
|
''
|
|
38
38
|
end
|
|
39
|
-
"oscap xccdf eval #{fetch_remote_resources} #{profile} #{tailoring_subcommand} --results-arf #{results_path} #{config[@policy_id][:content_path]}"
|
|
39
|
+
"oscap xccdf eval #{fetch_remote_resources} #{local_files_subcommand} #{profile} #{tailoring_subcommand} --results-arf #{results_path} #{config[@policy_id][:content_path]}"
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def local_files_subcommand
|
|
43
|
+
supports_local_file_option? && !config[:fetch_remote_resources] ? '--local-files /root' : ''
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def supports_local_file_option?
|
|
47
|
+
# OpenSCAP 1.3.6 and newer requires the `--local-files` option to use local copies of remote SDS components
|
|
48
|
+
version, _stderr, status = Open3.capture3('rpm', '-q', '--qf', '%{version}', 'openscap')
|
|
49
|
+
return false unless status.success?
|
|
50
|
+
Gem::Version.new(version) >= Gem::Version.new('1.3.6')
|
|
40
51
|
end
|
|
41
52
|
|
|
42
53
|
def tailoring_subcommand
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_scap_client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marek Hulan
|
|
@@ -10,22 +10,22 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2023-12-15 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: bundler
|
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
|
18
18
|
requirements:
|
|
19
|
-
- - "
|
|
19
|
+
- - ">="
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: '
|
|
21
|
+
version: '0'
|
|
22
22
|
type: :development
|
|
23
23
|
prerelease: false
|
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
25
|
requirements:
|
|
26
|
-
- - "
|
|
26
|
+
- - ">="
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
version: '
|
|
28
|
+
version: '0'
|
|
29
29
|
- !ruby/object:Gem::Dependency
|
|
30
30
|
name: rake
|
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -60,7 +60,7 @@ files:
|
|
|
60
60
|
- lib/foreman_scap_client/client.rb
|
|
61
61
|
- lib/foreman_scap_client/oval_client.rb
|
|
62
62
|
- lib/foreman_scap_client/version.rb
|
|
63
|
-
homepage: https://github.com/
|
|
63
|
+
homepage: https://github.com/theforeman/foreman_scap_client
|
|
64
64
|
licenses:
|
|
65
65
|
- GPL-3.0
|
|
66
66
|
metadata: {}
|
|
@@ -80,7 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
80
80
|
version: '0'
|
|
81
81
|
requirements:
|
|
82
82
|
- bzip2
|
|
83
|
-
rubygems_version: 3.
|
|
83
|
+
rubygems_version: 3.2.33
|
|
84
84
|
signing_key:
|
|
85
85
|
specification_version: 4
|
|
86
86
|
summary: Client script that runs openscap scan and uploads the result to foreman proxy
|