foreman_scap_client 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/foreman_scap_client/client.rb +42 -14
- data/lib/foreman_scap_client/version.rb +1 -1
- metadata +13 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e6c1d19a0f82e39918df95112962273ca7733a6e
|
|
4
|
+
data.tar.gz: 0232aea565a95cf1061fcf0bdd3df1ee49902d07
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2829749f7251c1a03b6113b0b86bcdde1e39e13ceac3676dad97cad28e9baa1e897b5f4083615ce10a72701979f5102c46a8d9d8ac6da87351e417d7cad17e05
|
|
7
|
+
data.tar.gz: 0cde9ba514953ce1eef31159edfc2be849469bfdca30ebfa88862cca1b1f22619a0cfbf8631ba85f67d67caddbc04c1bd8a5f51a538935c71343e42813616a69
|
|
@@ -3,6 +3,7 @@ require 'tmpdir'
|
|
|
3
3
|
require 'net/http'
|
|
4
4
|
require 'net/https'
|
|
5
5
|
require 'uri'
|
|
6
|
+
require 'open-uri'
|
|
6
7
|
|
|
7
8
|
module ForemanScapClient
|
|
8
9
|
CONFIG_FILE = '/etc/foreman_scap_client/config.yaml'
|
|
@@ -10,7 +11,7 @@ module ForemanScapClient
|
|
|
10
11
|
class Client
|
|
11
12
|
def run(policy_id)
|
|
12
13
|
@policy_id = policy_id
|
|
13
|
-
|
|
14
|
+
ensure_scan_file
|
|
14
15
|
Dir.mktmpdir do |dir|
|
|
15
16
|
@tmp_dir = dir
|
|
16
17
|
scan
|
|
@@ -75,19 +76,7 @@ module ForemanScapClient
|
|
|
75
76
|
def upload
|
|
76
77
|
uri = URI.parse(upload_uri)
|
|
77
78
|
puts "Uploading results to #{uri}"
|
|
78
|
-
https =
|
|
79
|
-
https.use_ssl = true
|
|
80
|
-
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
81
|
-
https.ca_file = config[:ca_file]
|
|
82
|
-
begin
|
|
83
|
-
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
|
84
|
-
https.key = OpenSSL::PKey::RSA.new File.read(config[:host_private_key])
|
|
85
|
-
rescue StandardError => e
|
|
86
|
-
puts 'Unable to load certs'
|
|
87
|
-
puts e.message
|
|
88
|
-
exit(3)
|
|
89
|
-
end
|
|
90
|
-
|
|
79
|
+
https = generate_https_object(uri)
|
|
91
80
|
request = Net::HTTP::Put.new uri.path
|
|
92
81
|
request.body = File.read(results_bzip_path)
|
|
93
82
|
request['Content-Type'] = 'text/xml'
|
|
@@ -111,5 +100,44 @@ module ForemanScapClient
|
|
|
111
100
|
foreman_proxy_port = config[:port]
|
|
112
101
|
"https://#{foreman_proxy_fqdn}:#{foreman_proxy_port}"
|
|
113
102
|
end
|
|
103
|
+
|
|
104
|
+
def generate_https_object(uri)
|
|
105
|
+
https = Net::HTTP.new(uri.host, uri.port)
|
|
106
|
+
https.use_ssl = true
|
|
107
|
+
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
108
|
+
https.ca_file = config[:ca_file]
|
|
109
|
+
begin
|
|
110
|
+
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
|
111
|
+
https.key = OpenSSL::PKey::RSA.new File.read(config[:host_private_key])
|
|
112
|
+
rescue StandardError => e
|
|
113
|
+
puts 'Unable to load certs'
|
|
114
|
+
puts e.message
|
|
115
|
+
exit(3)
|
|
116
|
+
end
|
|
117
|
+
https
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
def ensure_scan_file
|
|
121
|
+
return if File.exist?(config[@policy_id][:content_path])
|
|
122
|
+
puts "File #{config[@policy_id][:content_path]} is missing. Downloading it from proxy"
|
|
123
|
+
begin
|
|
124
|
+
FileUtils.mkdir_p(File.dirname(config[@policy_id][:content_path]))
|
|
125
|
+
uri = URI.parse(download_uri(config[@policy_id][:download_path]))
|
|
126
|
+
puts "Download scap content xml from: #{uri}"
|
|
127
|
+
request = generate_https_object(uri).get(uri.path)
|
|
128
|
+
request.value
|
|
129
|
+
scap_content_xml = request.body
|
|
130
|
+
open(config[@policy_id][:content_path], 'wb') do |file|
|
|
131
|
+
file << scap_content_xml
|
|
132
|
+
end
|
|
133
|
+
rescue StandardError => e
|
|
134
|
+
puts "SCAP file is missing and download failed with error: #{e.message}"
|
|
135
|
+
exit(5)
|
|
136
|
+
end
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
def download_uri(download_path)
|
|
140
|
+
foreman_proxy_uri + "#{download_path}"
|
|
141
|
+
end
|
|
114
142
|
end
|
|
115
143
|
end
|
metadata
CHANGED
|
@@ -1,42 +1,42 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_scap_client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marek Hulan
|
|
8
|
-
- Šimon Lukašík
|
|
8
|
+
- "Šimon Lukašík"
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-
|
|
12
|
+
date: 2015-05-07 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- - ~>
|
|
18
|
+
- - "~>"
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: '1.7'
|
|
21
21
|
type: :development
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- - ~>
|
|
25
|
+
- - "~>"
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
27
|
version: '1.7'
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: rake
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
31
31
|
requirements:
|
|
32
|
-
- - ~>
|
|
32
|
+
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
34
|
version: '10.0'
|
|
35
35
|
type: :development
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
|
-
- - ~>
|
|
39
|
+
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
41
|
version: '10.0'
|
|
42
42
|
description: Client script that runs openscap scan and uploads the result to foreman
|
|
@@ -49,13 +49,13 @@ executables:
|
|
|
49
49
|
extensions: []
|
|
50
50
|
extra_rdoc_files: []
|
|
51
51
|
files:
|
|
52
|
+
- LICENSE
|
|
53
|
+
- README.md
|
|
52
54
|
- bin/foreman_scap_client
|
|
53
55
|
- config/config.yaml.example
|
|
54
56
|
- lib/foreman_scap_client.rb
|
|
55
57
|
- lib/foreman_scap_client/client.rb
|
|
56
58
|
- lib/foreman_scap_client/version.rb
|
|
57
|
-
- LICENSE
|
|
58
|
-
- README.md
|
|
59
59
|
homepage: https://github.com/openscap/foreman_scap_client
|
|
60
60
|
licenses:
|
|
61
61
|
- GPL-3.0
|
|
@@ -66,18 +66,18 @@ require_paths:
|
|
|
66
66
|
- lib
|
|
67
67
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
68
68
|
requirements:
|
|
69
|
-
- -
|
|
69
|
+
- - ">="
|
|
70
70
|
- !ruby/object:Gem::Version
|
|
71
71
|
version: '0'
|
|
72
72
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
73
73
|
requirements:
|
|
74
|
-
- -
|
|
74
|
+
- - ">="
|
|
75
75
|
- !ruby/object:Gem::Version
|
|
76
76
|
version: '0'
|
|
77
77
|
requirements:
|
|
78
|
-
- /usr/bin/bzip2
|
|
78
|
+
- "/usr/bin/bzip2"
|
|
79
79
|
rubyforge_project:
|
|
80
|
-
rubygems_version: 2.
|
|
80
|
+
rubygems_version: 2.2.2
|
|
81
81
|
signing_key:
|
|
82
82
|
specification_version: 4
|
|
83
83
|
summary: Client script that runs openscap scan and uploads the result to foreman proxy
|