inspec_tools 0.0.0.1.ENOTAG → 1.2.0

data/lib/inspec_tools/pdf.rb

@@ -65,7 +65,6 @@ module InspecTools
         control['desc'] = contr[:descr]
         control['impact'] = Utils::InspecUtil.get_impact('medium')
         control['tags'] = {}
-        control['tags']['severity'] = Utils::InspecUtil.get_impact_string(control['impact'])
         control['tags']['ref'] = contr[:ref] unless contr[:ref].nil?
         control['tags']['applicability'] = contr[:applicability] unless contr[:applicability].nil?
         control['tags']['cis_id'] = contr[:title].split(' ')[0] unless contr[:title].nil?
@@ -92,8 +91,8 @@ module InspecTools
       @profile['supports'] = []
       @profile['attributes'] = []
       @profile['generator'] = {
-        'name': 'inspec_tools',
-        'version': VERSION
+        'name': 'inspec',
+        'version': Gem.loaded_specs['inspec'].version
       }
     end
 

data/lib/inspec_tools/summary.rb

@@ -26,7 +26,7 @@ module InspecTools
       @summary = {}
       @data.keys.each do |control_id|
         current_control = @data[control_id]
-        current_control[:compliance_status] = Utils::InspecUtil.control_status(current_control, true)
+        current_control[:compliance_status] = Utils::InspecUtil.control_status(current_control)
         current_control[:finding_details] = Utils::InspecUtil.control_finding_details(current_control, current_control[:compliance_status])
       end
       compute_summary
@@ -48,7 +48,7 @@ module InspecTools
       @summary[:buckets][:passed]    = select_by_status(@data, 'NotAFinding')
       @summary[:buckets][:no_impact] = select_by_status(@data, 'Not_Applicable')
       @summary[:buckets][:skipped]   = select_by_status(@data, 'Not_Reviewed')
-      @summary[:buckets][:error]     = select_by_status(@data, 'Profile_Error')
+      @summary[:buckets][:error]     = select_by_status(@data, 'Not_Tested')
 
       @summary[:status] = {}
       @summary[:status][:failed]    = tally_by_impact(@summary[:buckets][:failed])

data/lib/inspec_tools/version.rb

@@ -1,8 +1,3 @@
-require 'git-version-bump'
-
 module InspecTools
-  # Enable lite-tags (2nd parameter to git-version-bump version command)
-  # Lite tags are tags that are used by GitHub releases that do not contain
-  # annotations
-  VERSION = GVB.version(false, true)
+  VERSION = '1.2.0'.freeze
 end

data/lib/inspec_tools/xccdf.rb

@@ -3,7 +3,6 @@ require_relative '../happy_mapper_tools/cci_attributes'
 require_relative '../utilities/inspec_util'
 
 require 'digest'
-require 'json'
 
 module InspecTools
   # rubocop:disable Metrics/ClassLength
@@ -80,13 +79,6 @@ module InspecTools
       @benchmark.release_date.release_date
     end
 
-    def inject_metadata(metadata = '{}')
-      json_metadata = JSON.parse(metadata)
-      json_metadata.each do |key, value|
-        @profile[key] = value
-      end
-    end
-
     private
 
     def replace_tags_in_xccdf(replace_tags, xccdf_xml)
@@ -97,25 +89,20 @@ module InspecTools
     end
 
     def insert_json_metadata
-      @profile['name'] = @benchmark.id
+      @profile['name'] = @benchmark.title
       @profile['title'] = @benchmark.title
-      @profile['maintainer'] = 'The Authors' if @profile['maintainer'].nil?
-      @profile['copyright'] = 'The Authors' if @profile['copyright'].nil?
-      @profile['copyright_email'] = 'you@example.com' if @profile['copyright_email'].nil?
-      @profile['license'] = 'Apache-2.0' if @profile['license'].nil?
+      @profile['maintainer'] = 'The Authors'
+      @profile['copyright'] = 'The Authors'
+      @profile['copyright_email'] = 'you@example.com'
+      @profile['license'] = 'Apache-2.0'
       @profile['summary'] = "\"#{@benchmark.description.gsub('\\', '\\\\\\').gsub('"', '\"')}\""
-      @profile['version'] = '0.1.0' if @profile['version'].nil?
+      @profile['version'] = '0.1.0'
       @profile['supports'] = []
       @profile['attributes'] = []
       @profile['generator'] = {
-        'name': 'inspec_tools',
-        'version': VERSION
+        'name': 'inspec',
+        'version': Gem.loaded_specs['inspec'].version
       }
-      @profile['plaintext'] = @benchmark.plaintext.plaintext
-      @profile['status'] = "#{@benchmark.status} on #{@benchmark.release_date.release_date}"
-      @profile['reference_href'] = @benchmark.reference.href
-      @profile['reference_publisher'] = @benchmark.reference.dc_publisher
-      @profile['reference_source'] = @benchmark.reference.dc_source
     end
 
     def insert_controls
@@ -126,7 +113,6 @@ module InspecTools
         control['desc'] = group.rule.description.vuln_discussion.split('Satisfies: ')[0]
         control['impact'] = Utils::InspecUtil.get_impact(group.rule.severity)
         control['tags'] = {}
-        control['tags']['severity'] = Utils::InspecUtil.get_impact_string(control['impact'])
         control['tags']['gtitle'] = group.title
         control['tags']['satisfies'] = group.rule.description.vuln_discussion.split('Satisfies: ')[1].split(',').map(&:strip) if group.rule.description.vuln_discussion.split('Satisfies: ').length > 1
         control['tags']['gid'] = group.id

data/lib/utilities/inspec_util.rb

@@ -1,34 +1,18 @@
-require 'inspec-objects'
+require 'inspec/objects'
 require 'word_wrap'
 require 'pp'
-require 'uri'
-require 'net/http'
-require 'fileutils'
-require 'exceptions/impact_input_error'
-require 'exceptions/severity_input_error'
-require 'overrides/false_class'
-require 'overrides/true_class'
-require 'overrides/nil_class'
-require 'overrides/object'
-require 'overrides/string'
 
 # rubocop:disable Metrics/ClassLength
 # rubocop:disable Metrics/AbcSize
 # rubocop:disable Metrics/PerceivedComplexity
 # rubocop:disable Metrics/CyclomaticComplexity
+# rubocop:disable Metrics/BlockLength
 # rubocop:disable Metrics/MethodLength
 
 module Utils
   class InspecUtil
     DATA_NOT_FOUND_MESSAGE = 'N/A'.freeze
     WIDTH = 80
-    IMPACT_SCORES = {
-      'none' => 0.0,
-      'low' => 0.1,
-      'medium' => 0.4,
-      'high' => 0.7,
-      'critical' => 0.9
-    }.freeze
 
     def self.parse_data_for_xccdf(json)
       data = {}
@@ -45,7 +29,7 @@ module Utils
       end
       c_data = {}
 
-      controls.each do |control|
+      controls.each do |control| # rubocop:disable Metrics/BlockLength
         c_id = control['id'].to_sym
         c_data[c_id] = {}
         c_data[c_id]['id']             = control['id']    || DATA_NOT_FOUND_MESSAGE
@@ -87,11 +71,9 @@ module Utils
         profile['controls'].each do |control|
           c_id = control['id'].to_sym
           data[c_id] = {}
-
           data[c_id][:vuln_num]       = control['id'] unless control['id'].nil?
           data[c_id][:rule_title]     = control['title'] unless control['title'].nil?
           data[c_id][:vuln_discuss]   = control['desc'] unless control['desc'].nil?
-
           unless control['tags'].nil?
             data[c_id][:severity]       = control['tags']['severity'] unless control['tags']['severity'].nil?
             data[c_id][:gid]            = control['tags']['gid'] unless control['tags']['gid'].nil?
@@ -100,45 +82,31 @@ module Utils
             data[c_id][:rule_ver]       = control['tags']['stig_id'] unless control['tags']['stig_id'].nil?
             data[c_id][:cci_ref]        = control['tags']['cci'] unless control['tags']['cci'].nil?
             data[c_id][:nist]           = control['tags']['nist'].join(' ') unless control['tags']['nist'].nil?
+            data[c_id][:check_content]  = control['tags']['check'] unless control['tags']['check'].nil?
+            data[c_id][:fix_text]       = control['tags']['fix'] unless control['tags']['fix'].nil?
           end
-
-          if control['descriptions'].respond_to?(:find)
-            data[c_id][:check_content]  = control['descriptions'].find { |c| c['label'] == 'fix' }&.dig('data')
-            data[c_id][:fix_text]       = control['descriptions'].find { |c| c['label'] == 'check' }&.dig('data')
-          end
-
           data[c_id][:impact]         = control['impact'].to_s unless control['impact'].nil?
           data[c_id][:profile_name]   = profile['name'].to_s unless profile['name'].nil?
           data[c_id][:profile_shasum] = profile['sha256'].to_s unless profile['sha256'].nil?
 
           data[c_id][:status] = []
           data[c_id][:message] = []
-
           if control.key?('results')
             control['results'].each do |result|
-              if !result['backtrace'].nil?
-                result['status'] = 'error'
-              end
               data[c_id][:status].push(result['status'])
-              data[c_id][:message].push("SKIPPED -- Test: #{result['code_desc']}\nMessage: #{result['skip_message']}\n") if result['status'] == 'skipped'
+              data[c_id][:message].push(result['skip_message']) if result['status'] == 'skipped'
               data[c_id][:message].push("FAILED -- Test: #{result['code_desc']}\nMessage: #{result['message']}\n") if result['status'] == 'failed'
               data[c_id][:message].push("PASS -- #{result['code_desc']}\n") if result['status'] == 'passed'
-              data[c_id][:message].push("PROFILE_ERROR -- Test: #{result['code_desc']}\nMessage: #{result['backtrace']}\n") if result['status'] == 'error'
             end
           end
-
           if data[c_id][:impact].to_f.zero?
-            data[c_id][:message].unshift("NOT_APPLICABLE -- Description: #{control['desc']}\n\n")
+            data[c_id][:message] = control['desc']
           end
         end
       end
       data
     end
 
-    def self.get_platform(json)
-      json['profiles'].find { |profile| !profile[:platform].nil? }
-    end
-
     def self.to_dotted_hash(hash, recursive_key = '')
       hash.each_with_object({}) do |(k, v), ret|
         key = recursive_key + k.to_s
@@ -150,28 +118,29 @@ module Utils
       end
     end
 
-    def self.control_status(control, for_summary = false)
+    def self.control_status(control)
       status_list = control[:status].uniq
-      if control[:impact].to_f.zero?
-        'Not_Applicable'
-      elsif status_list.include?('failed')
-        'Open'
+      if status_list.include?('failed')
+        result = 'Open'
+      elsif status_list.include?('skipped')
+        result = 'Not_Reviewed'
       elsif status_list.include?('passed')
-        'NotAFinding'
-      elsif status_list.include?('error') && for_summary
-        'Profile_Error'
+        result = 'NotAFinding'
       else
-        # profile skipped or profile error
-        'Not_Reviewed'
+        result = 'Not_Tested'
+      end
+      if control[:impact].to_f.zero?
+        result = 'Not_Applicable'
       end
+      result
     end
 
     def self.control_finding_details(control, control_clk_status)
       result = "One or more of the automated tests failed or was inconclusive for the control \n\n #{control[:message].sort.join}" if control_clk_status == 'Open'
       result = "All Automated tests passed for the control \n\n #{control[:message].join}" if control_clk_status == 'NotAFinding'
       result = "Automated test skipped due to known accepted condition in the control : \n\n#{control[:message].join}" if control_clk_status == 'Not_Reviewed'
-      result = "Justification: \n #{control[:message].join}" if control_clk_status == 'Not_Applicable'
-      result = 'No test available or some test errors occurred for this control' if control_clk_status == 'Profile_Error'
+      result = "Justification: \n #{control[:message].split.join(' ')}" if control_clk_status == 'Not_Applicable'
+      result = 'No test available for this control' if control_clk_status == 'Not_Tested'
       result
     end
 
@@ -191,81 +160,19 @@ module Utils
     # @todo Allow for the user to pass in a hash for the desired mapping of text
     # values to numbers or to override our hard coded values.
     #
-    def self.get_impact(severity, use_cvss_terms: true)
-      return float_to_impact(severity, use_cvss_terms) if severity.is_a?(Float)
-
-      return string_to_impact(severity, use_cvss_terms) if severity.is_a?(String)
-
-      raise SeverityInputError, "'#{severity}' is not a valid severity value. It should be a Float between 0.0 and " \
-                                '1.0 or one of the approved keywords.'
-    end
-
-    private_class_method def self.float_to_impact(severity, use_cvss_terms)
-      unless severity.between?(0, 1)
-        raise SeverityInputError, "'#{severity}' is not a valid severity value. It should be a Float between 0.0 and " \
-                                  '1.0 or one of the approved keywords.'
-      end
-
-      if severity <= 0.01
-        0.0 # Informative
-      elsif severity < 0.4
-        0.3 # Low Impact
-      elsif severity < 0.7
-        0.5 # Medium Impact
-      elsif severity < 0.9 || use_cvss_terms
-        0.7 # High Impact
-      else
-        1.0 # Critical Controls
-      end
-    end
-
-    private_class_method def self.string_to_impact(severity, use_cvss_terms)
-      if /none|na|n\/a|not[_|(\s*)]?applicable/i.match?(severity)
-        impact = 0.0 # Informative
-      elsif /low|cat(egory)?\s*(iii|3)/i.match?(severity)
-        impact = 0.3 # Low Impact
-      elsif /med(ium)?|cat(egory)?\s*(ii|2)/i.match?(severity)
-        impact = 0.5 # Medium Impact
-      elsif /high|cat(egory)?\s*(i|1)/i.match?(severity)
-        impact = 0.7 # High Impact
-      elsif /crit(ical)?|severe/i.match?(severity)
-        impact = 1.0 # Critical Controls
-      else
-        raise SeverityInputError, "'#{severity}' is not a valid severity value. It should be a Float between 0.0 and " \
-                                  '1.0 or one of the approved keywords.'
-      end
-
-      impact == 1.0 && use_cvss_terms ? 0.7 : impact
-    end
-
-    def self.get_impact_string(impact, use_cvss_terms: true)
-      return if impact.nil?
-
-      value = impact.to_f
-      unless value.between?(0, 1)
-        raise ImpactInputError, "'#{value}' is not a valid impact score. Valid impact scores: [0.0 - 1.0]."
-      end
-
-      IMPACT_SCORES.reverse_each do |name, impact_score|
-        if name == 'critical' && value >= impact_score && use_cvss_terms
-          return 'high'
-        elsif value >= impact_score
-          return name
-        else
-          next
-        end
+    def self.get_impact(severity)
+      case severity
+      when 'low' then 0.3
+      when 'medium' then 0.5
+      when 'high' then 0.7
+      else severity
       end
     end
 
     def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
-      if directory == 'id'
-        directory = inspec_json['name']
-      end
       controls = generate_controls(inspec_json)
       unpack_profile(directory || 'profile', controls, separated, output_format || 'json')
       create_inspec_yml(directory || 'profile', inspec_json)
-      create_license(directory || 'profile', inspec_json)
-      create_readme_md(directory || 'profile', inspec_json)
     end
 
     private_class_method def self.wrap(str, width = WIDTH)
@@ -279,46 +186,35 @@ module Utils
     private_class_method def self.generate_controls(inspec_json)
       controls = []
       inspec_json['controls'].each do |json_control|
-        control = ::Inspec::Object::Control.new
+        control = Inspec::Control.new
         if (defined? control.desc).nil?
           control.descriptions[:default] = json_control['desc']
-          control.descriptions[:rationale] = json_control['tags']['rationale']
-          control.descriptions[:check] = json_control['tags']['check']
-          control.descriptions[:fix] = json_control['tags']['fix']
         else
           control.desc = json_control['desc']
         end
         control.id     = json_control['id']
         control.title  = json_control['title']
         control.impact = get_impact(json_control['impact'])
-
-        # json_control['tags'].each do |tag|
-        #  control.add_tag(Inspec::Object::Tag.new(tag.key, tag.value)
-        # end
-
-        control.add_tag(::Inspec::Object::Tag.new('severity', json_control['tags']['severity']))
-        control.add_tag(::Inspec::Object::Tag.new('gtitle', json_control['tags']['gtitle']))
-        control.add_tag(::Inspec::Object::Tag.new('satisfies', json_control['tags']['satisfies'])) if json_control['tags']['satisfies']
-        control.add_tag(::Inspec::Object::Tag.new('gid',      json_control['tags']['gid']))
-        control.add_tag(::Inspec::Object::Tag.new('rid',      json_control['tags']['rid']))
-        control.add_tag(::Inspec::Object::Tag.new('stig_id',  json_control['tags']['stig_id']))
-        control.add_tag(::Inspec::Object::Tag.new('fix_id', json_control['tags']['fix_id']))
-        control.add_tag(::Inspec::Object::Tag.new('cci', json_control['tags']['cci']))
-        control.add_tag(::Inspec::Object::Tag.new('nist', json_control['tags']['nist']))
-        control.add_tag(::Inspec::Object::Tag.new('cis_level', json_control['tags']['cis_level'])) unless json_control['tags']['cis_level'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('cis_controls', json_control['tags']['cis_controls'])) unless json_control['tags']['cis_controls'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('cis_rid', json_control['tags']['cis_rid'])) unless json_control['tags']['cis_rid'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('ref', json_control['tags']['ref'])) unless json_control['tags']['ref'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('false_negatives', json_control['tags']['false_negatives'])) unless json_control['tags']['false_positives'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('false_positives', json_control['tags']['false_positives'])) unless json_control['tags']['false_positives'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('documentable', json_control['tags']['documentable'])) unless json_control['tags']['documentable'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('mitigations', json_control['tags']['mitigations'])) unless json_control['tags']['mitigations'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('severity_override_guidance', json_control['tags']['severity_override_guidance'])) unless json_control['tags']['severity_override_guidance'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('potential_impacts', json_control['tags']['potential_impacts'])) unless json_control['tags']['potential_impacts'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('third_party_tools', json_control['tags']['third_party_tools'])) unless json_control['tags']['third_party_tools'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('mitigation_controls', json_control['tags']['mitigation_controls'])) unless json_control['tags']['mitigation_controls'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('responsibility', json_control['tags']['responsibility'])) unless json_control['tags']['responsibility'].blank?
-        control.add_tag(::Inspec::Object::Tag.new('ia_controls', json_control['tags']['ia_controls'])) unless json_control['tags']['ia_controls'].blank?
+        control.add_tag(Inspec::Tag.new('gtitle', json_control['tags']['gtitle']))
+        control.add_tag(Inspec::Tag.new('satisfies', json_control['tags']['satisfies'])) if json_control['tags']['satisfies']
+        control.add_tag(Inspec::Tag.new('gid',      json_control['tags']['gid']))
+        control.add_tag(Inspec::Tag.new('rid',      json_control['tags']['rid']))
+        control.add_tag(Inspec::Tag.new('stig_id',  json_control['tags']['stig_id']))
+        control.add_tag(Inspec::Tag.new('fix_id', json_control['tags']['fix_id']))
+        control.add_tag(Inspec::Tag.new('cci', json_control['tags']['cci']))
+        control.add_tag(Inspec::Tag.new('nist', json_control['tags']['nist']))
+        control.add_tag(Inspec::Tag.new('false_negatives', json_control['tags']['false_negatives'])) if json_control['tags']['false_positives'] != ''
+        control.add_tag(Inspec::Tag.new('false_positives', json_control['tags']['false_positives'])) if json_control['tags']['false_positives'] != ''
+        control.add_tag(Inspec::Tag.new('documentable', json_control['tags']['documentable'])) if json_control['tags']['documentable'] != ''
+        control.add_tag(Inspec::Tag.new('mitigations', json_control['tags']['mitigations'])) if json_control['tags']['mitigations'] != ''
+        control.add_tag(Inspec::Tag.new('severity_override_guidance', json_control['tags']['documentable'])) if json_control['tags']['severity_override_guidance'] != ''
+        control.add_tag(Inspec::Tag.new('potential_impacts', json_control['tags']['potential_impacts'])) if json_control['tags']['potential_impacts'] != ''
+        control.add_tag(Inspec::Tag.new('third_party_tools', json_control['tags']['third_party_tools'])) if json_control['tags']['third_party_tools'] != ''
+        control.add_tag(Inspec::Tag.new('mitigation_controls', json_control['tags']['mitigation_controls'])) if json_control['tags']['mitigation_controls'] != ''
+        control.add_tag(Inspec::Tag.new('responsibility', json_control['tags']['responsibility'])) if json_control['tags']['responsibility'] != ''
+        control.add_tag(Inspec::Tag.new('ia_controls', json_control['tags']['ia_controls'])) if json_control['tags']['ia_controls'] != ''
+        control.add_tag(Inspec::Tag.new('check', json_control['tags']['check']))
+        control.add_tag(Inspec::Tag.new('fix', json_control['tags']['fix']))
 
         controls << control
       end
@@ -330,70 +226,32 @@ module Utils
     #
     private_class_method def self.create_inspec_yml(directory, inspec_json)
       benchmark_info =
-        "name: #{inspec_json['name']}\n" \
-        "title: #{inspec_json['title']}\n" \
-        "maintainer: #{inspec_json['maintainer']}\n" \
-        "copyright: #{inspec_json['copyright']}\n" \
-        "copyright_email: #{inspec_json['copyright_email']}\n" \
-        "license: #{inspec_json['license']}\n" \
-        "summary: #{inspec_json['summary']}\n" \
-        "version: #{inspec_json['version']}\n"
+        "name: #{inspec_json['name']}
+        title: #{inspec_json['title']}
+        maintainer: #{inspec_json['maintainer']}
+        copyright: #{inspec_json['copyright']}
+        copyright_email: #{inspec_json['copyright_email']}
+        license: #{inspec_json['license']}
+        summary: #{inspec_json['summary']}
+        version: #{inspec_json['version']}"
 
       myfile = File.new("#{directory}/inspec.yml", 'w')
       myfile.puts benchmark_info
     end
 
-    private_class_method def self.create_license(directory, inspec_json)
-      license_content = ''
-      if !inspec_json['license'].nil?
-        begin
-          response = Net::HTTP.get_response(URI(inspec_json['license']))
-          if response.code == '200'
-            license_content = response.body
-          else
-            license_content = inspec_json['license']
-          end
-        rescue StandardError => _e
-          license_content = inspec_json['license']
-        end
-      end
-
-      myfile = File.new("#{directory}/LICENSE", 'w')
-      myfile.puts license_content
-    end
-
-    private_class_method def self.create_readme_md(directory, inspec_json)
-      readme_contents =
-        "\# #{inspec_json['title']}\n" \
-        "#{inspec_json['summary']}\n" \
-        "---\n" \
-        "Name: #{inspec_json['name']}\n" \
-        "Author: #{inspec_json['maintainer']}\n" \
-        "Status: #{inspec_json['status']}\n" \
-        "Copyright: #{inspec_json['copyright']}\n" \
-        "Copyright Email: #{inspec_json['copyright_email']}\n" \
-        "Version: #{inspec_json['version']}\n" \
-        "#{inspec_json['plaintext']}\n" \
-        "Reference: #{inspec_json['reference_href']}\n" \
-        "Reference by: #{inspec_json['reference_publisher']}\n" \
-        "Reference source: #{inspec_json['reference_source']}\n"
-
-      myfile = File.new("#{directory}/README.md", 'w')
-      myfile.puts readme_contents
-    end
-
     private_class_method def self.unpack_profile(directory, controls, separated, output_format)
       FileUtils.rm_rf(directory) if Dir.exist?(directory)
       Dir.mkdir directory unless Dir.exist?(directory)
       Dir.mkdir "#{directory}/controls" unless Dir.exist?("#{directory}/controls")
       Dir.mkdir "#{directory}/libraries" unless Dir.exist?("#{directory}/libraries")
+      myfile = File.new("#{directory}/README.md", 'w')
+      myfile.puts "# Example InSpec Profile\n\nthis example shows the implementation of an InSpec profile."
       if separated
         if output_format == 'ruby'
           controls.each do |control|
             file_name = control.id.to_s
             myfile = File.new("#{directory}/controls/#{file_name}.rb", 'w')
-            myfile.puts "# encoding: UTF-8\n\n"
-            myfile.puts wrap(control.to_ruby.gsub('"', "\'"), WIDTH) + "\n"
+            myfile.puts wrap(control.to_ruby, WIDTH) + "\n"
             myfile.close
           end
         else
@@ -408,8 +266,7 @@ module Utils
         myfile = File.new("#{directory}/controls/controls.rb", 'w')
         if output_format == 'ruby'
           controls.each do |control|
-            myfile.puts "# encoding: UTF-8\n\n"
-            myfile.puts wrap(control.to_ruby.gsub('"', "\'"), WIDTH) + "\n"
+            myfile.puts wrap(control.to_ruby, WIDTH) + "\n"
           end
         else
           controls.each do |control|
@@ -427,9 +284,3 @@ module Utils
     end
   end
 end
-
-# rubocop:enable Metrics/ClassLength
-# rubocop:enable Metrics/AbcSize
-# rubocop:enable Metrics/PerceivedComplexity
-# rubocop:enable Metrics/CyclomaticComplexity
-# rubocop:enable Metrics/MethodLength