inspec-reporter-json-hdf 1.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a6c20b0715afb937bf44526ca1d45e7644c594fd8fe2749baaca84da1efbbcee
+  data.tar.gz: a1cacadb0ec44285a0f506e876efe175dbe8e074608aaa66296485354a35be61
+SHA512:
+  metadata.gz: 615fbd5bda9c8018b2e01dc6fe7801289b05cc6eb7b0077234f518c9e8f23a52aa738d153dc3bf4d74ecf74a232fd1bf5a6cc692c7dc004513a5ce4ba0f28faa
+  data.tar.gz: 1bdf1a54c466a3d150522aa5546729e5d0616d68fef645b57e3a01b0ee4f73d5f5e4bf0b5c9d229f7bddb00f256a6dcfe4c8088eb9ebc61a820312701d84206f

data/inspec-reporter-json-hdf.gemspec

@@ -0,0 +1,30 @@
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+require 'inspec-reporter-json-hdf/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'inspec-reporter-json-hdf'
+  spec.version       = InspecPlugins::HdfReporter::VERSION
+  spec.authors       = ['Rony Xavier']
+  spec.email         = ['rxavier@mitre.org']
+  spec.summary       = 'InSpec Reporter plugin for Heimdall'
+  spec.description   = 'InSpec Reporter plugin to report HDF formated JSON to be used with Heimdall.'
+  spec.homepage      = 'https://github.com/mitre/inspec-reporter-json-hdf'
+  spec.license       = 'Apache-2.0'
+  spec.require_paths = ['lib']
+  spec.files = Dir.glob('{{lib}/**/*,inspec-reporter-json-hdf.gemspec}').reject { |f| File.directory?(f) }
+
+  spec.required_ruby_version = '~> 2.5'
+
+  spec.add_runtime_dependency 'git-lite-version-bump', '~> 0.17', '>= 0.17.3'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'bundler-audit'
+  spec.add_development_dependency 'codeclimate-test-reporter'
+  spec.add_development_dependency 'minitest'
+  spec.add_development_dependency 'minitest-reporters'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'simplecov'
+  spec.add_development_dependency 'inspec'
+end

data/lib/inspec-reporter-json-hdf.rb

@@ -0,0 +1 @@
+require_relative 'inspec-reporter-json-hdf/plugin'

data/lib/inspec-reporter-json-hdf/plugin.rb

@@ -0,0 +1,14 @@
+require 'inspec/plugin/v2'
+
+module InspecPlugins
+  module HdfReporter
+    class Plugin < Inspec.plugin(2)
+      plugin_name :'inspec-reporter-json-hdf'
+
+      reporter :hdf do
+        require_relative 'reporter.rb'
+        InspecPlugins::HdfReporter::Reporter
+      end
+    end
+  end
+end

data/lib/inspec-reporter-json-hdf/reporter.rb

@@ -0,0 +1,163 @@
+
+require 'inspec/plugin/v2'
+require 'json'
+
+VALID_FREQUENCY = %w[annually semiannually quarterly monthly every2weeks weekly every3days daily].freeze
+
+VALID_STATUSES = %w[passed failed].freeze
+
+DATE_FORMAT = '%Y-%m-%d'.freeze
+
+module InspecPlugins::HdfReporter
+  # Reporter Plugin Class
+  class Reporter < Inspec.plugin(2, :reporter)
+    def render
+      output(report.to_json, false)
+    end
+
+    def self.run_data_schema_constraints
+      '~> 0.0' # Accept any non-breaking change
+    end
+
+    def report
+      report = Inspec::Reporters::Json.new(@config).report
+      attestations = collect_attestations
+
+      report[:profiles].each do |profile|
+        profile[:controls].each do |control|
+          attestation = attestations.detect { |x| x['control_id'].eql?(control[:id]) }
+
+          next if attestation.nil?
+
+          control[:attestation] = attestation
+          unless attestation_expired?(attestation['updated'], attestation['frequency'])
+            control[:results] = apply_attestation(control[:results], attestation)
+          end
+        end
+      end
+      report
+    end
+
+    private
+
+    def apply_attestation(results, attestation)
+      if results.empty?
+        results = [{
+          "code_desc": 'Manually verified Status provided through attestation',
+          "run_time": 0.0,
+          "start_time": DateTime.now.to_s,
+          "status": attestation['status'],
+          "message": attestation_message(attestation)
+        }]
+      else
+        results.each do |result|
+          result[:message] = 'Automated test returned as passed.' if result[:status].eql?('passed')
+          result[:message] = result[:skip_message] if result[:status].eql?('skipped')
+
+          result[:status] = attestation['status']
+          result[:message] = result[:message] + attestation_message(attestation)
+
+          if result[:backtrace]
+            result[:message] = result[:message] + "\nbacktrace: #{result[:backtrace]}"
+            result[:backtrace] = nil
+          end
+        end
+      end
+      results
+    end
+
+    def attestation_message(attestation)
+      "
+       Attestation:
+       Status: #{attestation['status']}
+       Explanation: #{attestation['explanation']}
+       Updated: #{attestation['updated']}
+       Updated By: #{attestation['updated_by']}
+       Frequency: #{attestation['frequency']}
+       "
+    end
+
+    def attestation_expired?(date, frequency)
+      advanced_date(date, frequency) < DateTime.now
+    end
+
+    def advanced_date(date, frequency)
+      parsed_date = DateTime.strptime(date, DATE_FORMAT)
+
+      case frequency.downcase
+      when 'annually'
+        parsed_date.next_year(1)
+      when 'semiannually'
+        parsed_date.next_year(0.5)
+      when 'quarterly'
+        parsed_date.next_year(0.25)
+      when 'monthly'
+        parsed_date.next_month(1)
+      when 'every2weeks'
+        parsed_date.next_day(14)
+      when 'weekly'
+        parsed_date.next_day(7)
+      when 'every3days'
+        parsed_date.next_day(3)
+      when 'daily'
+        parsed_date.next_day(1)
+      else
+        parsed_date
+      end
+    end
+
+    # Check if its a valid Date and Date not in future.
+    def valid_date?(date)
+      DateTime.strptime(date, DATE_FORMAT) < DateTime.now
+    rescue ArgumentError
+      false
+    end
+
+    def valid_frequency?(frequency)
+      frequency.is_a?(String) && VALID_FREQUENCY.include?(frequency.downcase)
+    end
+
+    def valid_status?(status)
+      status.is_a?(String) && VALID_STATUSES.include?(status.downcase)
+    end
+
+    def collect_attestations
+      plugin_config = Inspec::Config.cached.fetch_plugin_config('inspec-reporter-json-hdf')
+      attestations = plugin_config['attestations'] || []
+
+      if attestations.empty?
+        puts 'Warning: Attestations not provided; HDF will be generated without attestations.'
+      else
+        validate_attestation(attestations)
+      end
+      attestations
+    end
+
+    def validate_attestation(attestations)
+      attestations.each do |attestation|
+        unless attestation['control_id'].is_a?(String)
+          raise "Error: Invalid `control_id` field at attestation: #{attestation}."
+        end
+        unless valid_status?(attestation['status'])
+          raise "Error: Invalid `status` field at attestation: #{attestation}."
+        end
+        unless attestation['updated_by'].is_a?(String)
+          raise "Error: Invalid `updated_by` field at attestation: #{attestation}."
+        end
+        unless attestation['explanation'].is_a?(String)
+          raise "Error: Invalid `explanation` field at attestation: #{attestation}."
+        end
+        unless valid_frequency?(attestation['frequency'])
+          raise "Error: Invalid `frequency` field at attestation: #{attestation}."
+        end
+        unless valid_date?(attestation['updated'])
+          raise "Error: Invalid `updated` field at attestation: #{attestation}."
+        end
+
+        if attestation_expired?(attestation['updated'], attestation['frequency'])
+          puts "Warning: Attestation Expired : #{attestation}"
+        end
+      end
+    end
+  end
+end

data/lib/inspec-reporter-json-hdf/version.rb

@@ -0,0 +1,8 @@
+# provide the version for the plugin
+require 'git-version-bump'
+
+module InspecPlugins
+  module HdfReporter
+    VERSION = GVB.version(false, true)
+  end
+end

metadata

@@ -0,0 +1,194 @@
+--- !ruby/object:Gem::Specification
+name: inspec-reporter-json-hdf
+version: !ruby/object:Gem::Version
+  version: 1.0.1
+platform: ruby
+authors:
+- Rony Xavier
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-01-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: git-lite-version-bump
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.17'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.17.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.17'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.17.3
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: inspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: InSpec Reporter plugin to report HDF formated JSON to be used with Heimdall.
+email:
+- rxavier@mitre.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- inspec-reporter-json-hdf.gemspec
+- lib/inspec-reporter-json-hdf.rb
+- lib/inspec-reporter-json-hdf/plugin.rb
+- lib/inspec-reporter-json-hdf/reporter.rb
+- lib/inspec-reporter-json-hdf/version.rb
+homepage: https://github.com/mitre/inspec-reporter-json-hdf
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - "~>"
+    - !ruby/object:Gem::Version
+      version: '2.5'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.3
+signing_key: 
+specification_version: 4
+summary: InSpec Reporter plugin for Heimdall
+test_files: []