foreman_scap_client 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/foreman_scap_client/client.rb +42 -14
- data/lib/foreman_scap_client/version.rb +1 -1
- metadata +13 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e6c1d19a0f82e39918df95112962273ca7733a6e
|
|
4
|
+
data.tar.gz: 0232aea565a95cf1061fcf0bdd3df1ee49902d07
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2829749f7251c1a03b6113b0b86bcdde1e39e13ceac3676dad97cad28e9baa1e897b5f4083615ce10a72701979f5102c46a8d9d8ac6da87351e417d7cad17e05
|
|
7
|
+
data.tar.gz: 0cde9ba514953ce1eef31159edfc2be849469bfdca30ebfa88862cca1b1f22619a0cfbf8631ba85f67d67caddbc04c1bd8a5f51a538935c71343e42813616a69
|
|
@@ -3,6 +3,7 @@ require 'tmpdir'
|
|
|
3
3
|
require 'net/http'
|
|
4
4
|
require 'net/https'
|
|
5
5
|
require 'uri'
|
|
6
|
+
require 'open-uri'
|
|
6
7
|
|
|
7
8
|
module ForemanScapClient
|
|
8
9
|
CONFIG_FILE = '/etc/foreman_scap_client/config.yaml'
|
|
@@ -10,7 +11,7 @@ module ForemanScapClient
|
|
|
10
11
|
class Client
|
|
11
12
|
def run(policy_id)
|
|
12
13
|
@policy_id = policy_id
|
|
13
|
-
|
|
14
|
+
ensure_scan_file
|
|
14
15
|
Dir.mktmpdir do |dir|
|
|
15
16
|
@tmp_dir = dir
|
|
16
17
|
scan
|
|
@@ -75,19 +76,7 @@ module ForemanScapClient
|
|
|
75
76
|
def upload
|
|
76
77
|
uri = URI.parse(upload_uri)
|
|
77
78
|
puts "Uploading results to #{uri}"
|
|
78
|
-
https =
|
|
79
|
-
https.use_ssl = true
|
|
80
|
-
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
81
|
-
https.ca_file = config[:ca_file]
|
|
82
|
-
begin
|
|
83
|
-
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
|
84
|
-
https.key = OpenSSL::PKey::RSA.new File.read(config[:host_private_key])
|
|
85
|
-
rescue StandardError => e
|
|
86
|
-
puts 'Unable to load certs'
|
|
87
|
-
puts e.message
|
|
88
|
-
exit(3)
|
|
89
|
-
end
|
|
90
|
-
|
|
79
|
+
https = generate_https_object(uri)
|
|
91
80
|
request = Net::HTTP::Put.new uri.path
|
|
92
81
|
request.body = File.read(results_bzip_path)
|
|
93
82
|
request['Content-Type'] = 'text/xml'
|
|
@@ -111,5 +100,44 @@ module ForemanScapClient
|
|
|
111
100
|
foreman_proxy_port = config[:port]
|
|
112
101
|
"https://#{foreman_proxy_fqdn}:#{foreman_proxy_port}"
|
|
113
102
|
end
|
|
103
|
+
|
|
104
|
+
def generate_https_object(uri)
|
|
105
|
+
https = Net::HTTP.new(uri.host, uri.port)
|
|
106
|
+
https.use_ssl = true
|
|
107
|
+
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
108
|
+
https.ca_file = config[:ca_file]
|
|
109
|
+
begin
|
|
110
|
+
https.cert = OpenSSL::X509::Certificate.new File.read(config[:host_certificate])
|
|
111
|
+
https.key = OpenSSL::PKey::RSA.new File.read(config[:host_private_key])
|
|
112
|
+
rescue StandardError => e
|
|
113
|
+
puts 'Unable to load certs'
|
|
114
|
+
puts e.message
|
|
115
|
+
exit(3)
|
|
116
|
+
end
|
|
117
|
+
https
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
def ensure_scan_file
|
|
121
|
+
return if File.exist?(config[@policy_id][:content_path])
|
|
122
|
+
puts "File #{config[@policy_id][:content_path]} is missing. Downloading it from proxy"
|
|
123
|
+
begin
|
|
124
|
+
FileUtils.mkdir_p(File.dirname(config[@policy_id][:content_path]))
|
|
125
|
+
uri = URI.parse(download_uri(config[@policy_id][:download_path]))
|
|
126
|
+
puts "Download scap content xml from: #{uri}"
|
|
127
|
+
request = generate_https_object(uri).get(uri.path)
|
|
128
|
+
request.value
|
|
129
|
+
scap_content_xml = request.body
|
|
130
|
+
open(config[@policy_id][:content_path], 'wb') do |file|
|
|
131
|
+
file << scap_content_xml
|
|
132
|
+
end
|
|
133
|
+
rescue StandardError => e
|
|
134
|
+
puts "SCAP file is missing and download failed with error: #{e.message}"
|
|
135
|
+
exit(5)
|
|
136
|
+
end
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
def download_uri(download_path)
|
|
140
|
+
foreman_proxy_uri + "#{download_path}"
|
|
141
|
+
end
|
|
114
142
|
end
|
|
115
143
|
end
|
metadata
CHANGED
|
@@ -1,42 +1,42 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_scap_client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marek Hulan
|
|
8
|
-
- Šimon Lukašík
|
|
8
|
+
- "Šimon Lukašík"
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-
|
|
12
|
+
date: 2015-05-07 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- - ~>
|
|
18
|
+
- - "~>"
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: '1.7'
|
|
21
21
|
type: :development
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- - ~>
|
|
25
|
+
- - "~>"
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
27
|
version: '1.7'
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: rake
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
31
31
|
requirements:
|
|
32
|
-
- - ~>
|
|
32
|
+
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
34
|
version: '10.0'
|
|
35
35
|
type: :development
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
|
-
- - ~>
|
|
39
|
+
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
41
|
version: '10.0'
|
|
42
42
|
description: Client script that runs openscap scan and uploads the result to foreman
|
|
@@ -49,13 +49,13 @@ executables:
|
|
|
49
49
|
extensions: []
|
|
50
50
|
extra_rdoc_files: []
|
|
51
51
|
files:
|
|
52
|
+
- LICENSE
|
|
53
|
+
- README.md
|
|
52
54
|
- bin/foreman_scap_client
|
|
53
55
|
- config/config.yaml.example
|
|
54
56
|
- lib/foreman_scap_client.rb
|
|
55
57
|
- lib/foreman_scap_client/client.rb
|
|
56
58
|
- lib/foreman_scap_client/version.rb
|
|
57
|
-
- LICENSE
|
|
58
|
-
- README.md
|
|
59
59
|
homepage: https://github.com/openscap/foreman_scap_client
|
|
60
60
|
licenses:
|
|
61
61
|
- GPL-3.0
|
|
@@ -66,18 +66,18 @@ require_paths:
|
|
|
66
66
|
- lib
|
|
67
67
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
68
68
|
requirements:
|
|
69
|
-
- -
|
|
69
|
+
- - ">="
|
|
70
70
|
- !ruby/object:Gem::Version
|
|
71
71
|
version: '0'
|
|
72
72
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
73
73
|
requirements:
|
|
74
|
-
- -
|
|
74
|
+
- - ">="
|
|
75
75
|
- !ruby/object:Gem::Version
|
|
76
76
|
version: '0'
|
|
77
77
|
requirements:
|
|
78
|
-
- /usr/bin/bzip2
|
|
78
|
+
- "/usr/bin/bzip2"
|
|
79
79
|
rubyforge_project:
|
|
80
|
-
rubygems_version: 2.
|
|
80
|
+
rubygems_version: 2.2.2
|
|
81
81
|
signing_key:
|
|
82
82
|
specification_version: 4
|
|
83
83
|
summary: Client script that runs openscap scan and uploads the result to foreman proxy
|