foreman_scap_client 0.5.0 → 0.5.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 825ce2dba8229d5ed21451e89686f8b5d496d11a7b8520cc69e5e0b46be0f08c
|
4
|
+
data.tar.gz: fdde4a6929aaf4318acec62faf415121977f03cdb5a0034a09195520527ed83e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '086cbe81e50cbacdc9955ee9f5e65354fbd34e4a2c05937dbf333e37d890dc236508ca6dc6bd49d99d268178a7090a967c62e1debbfceed198135d09d6b35b56'
|
7
|
+
data.tar.gz: dfafef66458765b284a1b5ff37ec8ce94a083f881adecafb6bbc0b489f7686a17a36b648f1efaf29c4bc4b899f65c7e1f7346e218e2b6f706aa96c51218b5d55
|
data/config/config.yaml.example
CHANGED
@@ -28,11 +28,11 @@
|
|
28
28
|
# leave empty for default profile
|
29
29
|
:profile: ''
|
30
30
|
# ds input file
|
31
|
-
:content_path: '/usr/share/xml/scap/ssg/
|
31
|
+
:content_path: '/usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml'
|
32
32
|
|
33
33
|
2:
|
34
34
|
:profile: 'xccdf_org.ssgproject.content_profile_common'
|
35
|
-
:content_path: '/usr/share/xml/scap/ssg/
|
35
|
+
:content_path: '/usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml'
|
36
36
|
|
37
37
|
:oval:
|
38
38
|
3:
|
@@ -81,7 +81,7 @@ module ForemanScapClient
|
|
81
81
|
def run_scan
|
82
82
|
stdout_str, error_str, result = Open3.capture3(scan_command_env_vars, scan_command)
|
83
83
|
if result.success? || result.exitstatus == 2
|
84
|
-
puts error_str.split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
|
84
|
+
puts error_str.scrub("?").split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
|
85
85
|
@report = results_path
|
86
86
|
else
|
87
87
|
puts 'Scan failed'
|
@@ -182,7 +182,7 @@ module ForemanScapClient
|
|
182
182
|
https.ca_file = config[:ca_file]
|
183
183
|
begin
|
184
184
|
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
185
|
-
https.key = OpenSSL::PKey
|
185
|
+
https.key = OpenSSL::PKey.read File.read(config[:host_private_key])
|
186
186
|
rescue StandardError => e
|
187
187
|
puts 'Unable to load certs'
|
188
188
|
puts e.message
|
@@ -36,7 +36,18 @@ module ForemanScapClient
|
|
36
36
|
else
|
37
37
|
''
|
38
38
|
end
|
39
|
-
"oscap xccdf eval #{fetch_remote_resources} #{profile} #{tailoring_subcommand} --results-arf #{results_path} #{config[@policy_id][:content_path]}"
|
39
|
+
"oscap xccdf eval #{fetch_remote_resources} #{local_files_subcommand} #{profile} #{tailoring_subcommand} --results-arf #{results_path} #{config[@policy_id][:content_path]}"
|
40
|
+
end
|
41
|
+
|
42
|
+
def local_files_subcommand
|
43
|
+
supports_local_file_option? && !config[:fetch_remote_resources] ? '--local-files /root' : ''
|
44
|
+
end
|
45
|
+
|
46
|
+
def supports_local_file_option?
|
47
|
+
# OpenSCAP 1.3.6 and newer requires the `--local-files` option to use local copies of remote SDS components
|
48
|
+
version, _stderr, status = Open3.capture3('rpm', '-q', '--qf', '%{version}', 'openscap')
|
49
|
+
return false unless status.success?
|
50
|
+
Gem::Version.new(version) >= Gem::Version.new('1.3.6')
|
40
51
|
end
|
41
52
|
|
42
53
|
def tailoring_subcommand
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: foreman_scap_client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Marek Hulan
|
@@ -10,22 +10,22 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2023-12-15 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: bundler
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
18
18
|
requirements:
|
19
|
-
- - "
|
19
|
+
- - ">="
|
20
20
|
- !ruby/object:Gem::Version
|
21
|
-
version: '
|
21
|
+
version: '0'
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
25
25
|
requirements:
|
26
|
-
- - "
|
26
|
+
- - ">="
|
27
27
|
- !ruby/object:Gem::Version
|
28
|
-
version: '
|
28
|
+
version: '0'
|
29
29
|
- !ruby/object:Gem::Dependency
|
30
30
|
name: rake
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
@@ -60,7 +60,7 @@ files:
|
|
60
60
|
- lib/foreman_scap_client/client.rb
|
61
61
|
- lib/foreman_scap_client/oval_client.rb
|
62
62
|
- lib/foreman_scap_client/version.rb
|
63
|
-
homepage: https://github.com/
|
63
|
+
homepage: https://github.com/theforeman/foreman_scap_client
|
64
64
|
licenses:
|
65
65
|
- GPL-3.0
|
66
66
|
metadata: {}
|
@@ -80,7 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
80
80
|
version: '0'
|
81
81
|
requirements:
|
82
82
|
- bzip2
|
83
|
-
rubygems_version: 3.
|
83
|
+
rubygems_version: 3.2.33
|
84
84
|
signing_key:
|
85
85
|
specification_version: 4
|
86
86
|
summary: Client script that runs openscap scan and uploads the result to foreman proxy
|