inspec_tools 2.0.2.pre11 → 2.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 42b3c5fd27bb3b59310811bc8225b34c422234f44c007891aea245bac499822c
-  data.tar.gz: fa5158e8c213e81f28bd978e5b5e6673d61d703d72e6a685cc7d364b3dbf878a
+  metadata.gz: 43b88686ec67ec39b204d239fc5374c6448b9cfa1c1bd6b7832966b90619cc23
+  data.tar.gz: dca55a3609c9ff90186d7e83f6017b4653b211b871e4ff2671f834e203a39879
 SHA512:
-  metadata.gz: 545cbac4bf54f3c1e2863400608b2de5aa4a010dbfcb4a509208a59216e6c71509e0a587d748697be987807f37989874ee7e79e67e2b4b1f7ede585cb9940bca
-  data.tar.gz: b58f79559489bf1e77de08a8f2fe1eb5eb8a370a6ee58a9895f10f7cadb36dc6724d5dfdd9388eacb476fcf4a6d9e40d9050167323d9e6fd03890afe683335f5
+  metadata.gz: eab9120d563910e628f1dbfa47dc11b1abfff5992a040a23ad7978ae42567584a34dcc8bbfa0a926b3abfb55ed58f04f2f91a056f458ee75f9ca353745c3ebb5
+  data.tar.gz: 17c1fea7003f96df5ce83fbda87165144b389ae6475521bb4e14af8eda259f2093f7a206ab7f9537994b645595fdcb4fbb3c3ece81aa283c4705e3c5d3553307

data/CHANGELOG.md

@@ -2,7 +2,86 @@
 
 ## [Unreleased](https://github.com/mitre/inspec_tools/tree/HEAD)
 
-[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre10...HEAD)
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.5...HEAD)
+
+**Closed issues:**
+
+- Run inspec check in CI [\#195](https://github.com/mitre/inspec_tools/issues/195)
+
+**Merged pull requests:**
+
+- Fixes SecurityOverrideGuidance not being output in a profile [\#196](https://github.com/mitre/inspec_tools/pull/196) ([Bialogs](https://github.com/Bialogs))
+
+## [v2.0.5](https://github.com/mitre/inspec_tools/tree/v2.0.5) (2020-06-22)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.4...v2.0.5)
+
+**Closed issues:**
+
+- Remove Debug Files When Running Tests [\#175](https://github.com/mitre/inspec_tools/issues/175)
+
+**Merged pull requests:**
+
+- Add additional error checking and documentation surrounding the xccdf… [\#194](https://github.com/mitre/inspec_tools/pull/194) ([Bialogs](https://github.com/Bialogs))
+
+## [v2.0.4](https://github.com/mitre/inspec_tools/tree/v2.0.4) (2020-06-18)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.3...v2.0.4)
+
+**Closed issues:**
+
+- xccdf2inspec string quotes bug [\#191](https://github.com/mitre/inspec_tools/issues/191)
+- xccdf2inspec fails on OpenSCAP xccdf results with undefined method [\#190](https://github.com/mitre/inspec_tools/issues/190)
+
+**Merged pull requests:**
+
+- Respect debug env variable when running tests [\#193](https://github.com/mitre/inspec_tools/pull/193) ([Bialogs](https://github.com/Bialogs))
+- 191 single quote replacement [\#192](https://github.com/mitre/inspec_tools/pull/192) ([Bialogs](https://github.com/Bialogs))
+
+## [v2.0.3](https://github.com/mitre/inspec_tools/tree/v2.0.3) (2020-05-26)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre13...v2.0.3)
+
+**Implemented enhancements:**
+
+- Round compliance score down [\#146](https://github.com/mitre/inspec_tools/issues/146)
+- Every usage of Bucket and Tally uses it as a symbol, making it a symbol as part of its declaration [\#187](https://github.com/mitre/inspec_tools/pull/187) ([rbclark](https://github.com/rbclark))
+- Summary output [\#186](https://github.com/mitre/inspec_tools/pull/186) ([jsa5593](https://github.com/jsa5593))
+- Compliance score is rounded down and the README is updated [\#185](https://github.com/mitre/inspec_tools/pull/185) ([jsa5593](https://github.com/jsa5593))
+
+**Fixed bugs:**
+
+- inspec\_tools docker images is not actually showing results to cli [\#183](https://github.com/mitre/inspec_tools/issues/183)
+
+**Closed issues:**
+
+- inspec\_tools docker container doesn't let me go into a bash shell [\#184](https://github.com/mitre/inspec_tools/issues/184)
+- Add a Dockerfile so folks can eaily add this into their ci/cd container workflows [\#162](https://github.com/mitre/inspec_tools/issues/162)
+
+## [v2.0.2.pre13](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre13) (2020-05-22)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre12...v2.0.2.pre13)
+
+**Implemented enhancements:**
+
+- Ruby to docker [\#181](https://github.com/mitre/inspec_tools/pull/181) ([jsa5593](https://github.com/jsa5593))
+
+**Fixed bugs:**
+
+- All Impacts Parsed from PDF are Medium [\#173](https://github.com/mitre/inspec_tools/issues/173)
+- Git version bump version 0.17.2 is broken due to a faulty regex. [\#182](https://github.com/mitre/inspec_tools/pull/182) ([rbclark](https://github.com/rbclark))
+
+## [v2.0.2.pre12](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre12) (2020-05-07)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre11...v2.0.2.pre12)
+
+**Merged pull requests:**
+
+- Require a newer version of git-lite-version-bump for Windows support [\#178](https://github.com/mitre/inspec_tools/pull/178) ([rbclark](https://github.com/rbclark))
+
+## [v2.0.2.pre11](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre11) (2020-05-07)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre10...v2.0.2.pre11)
 
 **Merged pull requests:**
 
@@ -80,7 +159,6 @@
 - Updated README to standardize wording [\#160](https://github.com/mitre/inspec_tools/pull/160) ([Bialogs](https://github.com/Bialogs))
 - Remove guardfile [\#159](https://github.com/mitre/inspec_tools/pull/159) ([Bialogs](https://github.com/Bialogs))
 - Remove unnecessary debug output from xccdf2inspec [\#158](https://github.com/mitre/inspec_tools/pull/158) ([rbclark](https://github.com/rbclark))
-- Add unit tests for XLSXTool and add system tests in CI [\#130](https://github.com/mitre/inspec_tools/pull/130) ([Bialogs](https://github.com/Bialogs))
 
 ## [v2.0.2.pre6](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre6) (2020-04-28)
 
@@ -129,6 +207,7 @@
 
 **Merged pull requests:**
 
+- Add unit tests for XLSXTool and add system tests in CI [\#130](https://github.com/mitre/inspec_tools/pull/130) ([Bialogs](https://github.com/Bialogs))
 - Apply fixes from CodeFactor [\#129](https://github.com/mitre/inspec_tools/pull/129) ([aaronlippold](https://github.com/aaronlippold))
 
 ## [v2.0.1.pre3](https://github.com/mitre/inspec_tools/tree/v2.0.1.pre3) (2020-04-03)
@@ -174,6 +253,10 @@
 
 [Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.8.9...v1.8.10)
 
+**Merged pull requests:**
+
+- added two digit contol parsing fixes \#117 [\#120](https://github.com/mitre/inspec_tools/pull/120) ([yarick](https://github.com/yarick))
+
 ## [v1.8.9](https://github.com/mitre/inspec_tools/tree/v1.8.9) (2020-03-30)
 
 [Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.8.8...v1.8.9)
@@ -192,7 +275,6 @@
 
 **Merged pull requests:**
 
-- added two digit contol parsing fixes \#117 [\#120](https://github.com/mitre/inspec_tools/pull/120) ([yarick](https://github.com/yarick))
 - Add --json-full and --json-summary options to summary subcommand [\#116](https://github.com/mitre/inspec_tools/pull/116) ([Bialogs](https://github.com/Bialogs))
 
 ## [v1.8.7](https://github.com/mitre/inspec_tools/tree/v1.8.7) (2020-03-29)

data/README.md

@@ -61,6 +61,13 @@ xccdf_results = tool.to_xccdf(attribs_json)
 On the Command Line, `inspec_tools help` will print a listing of all the command with a short description.
 For detailed help on any command, run `inspec_tools help [COMMAND]`. Help can also be called with the `-h, --help` flags after any command, like `inspec_tools xccdf2inspec -h`.
 
+For Docker usage, replace the `inspec_tools` command with the correct Docker command below for your operating system:
+
+ - **On Linux and Mac**: `docker run -it -v$(pwd):/share mitre/inspec_tools`
+ - **On Windows CMD**: `docker run -it -v%cd%:/share mitre/inspec_tools`
+
+Note that all of the above Docker commands will mount your current directory on the Docker container. Ensure that you have navigated to the directory you intend to convert files in before executing the command.
+
 ### generate_map
 
 This command will generate a `mapping.xml` file that can be passed in to the `csv2inspec` command with the `--m` option.
@@ -91,6 +98,8 @@ USAGE: inspec_tools generate_inspec_metadata
 
 If the specified threshold is not met, an error code (1) is returned along with non-compliant elements.
 
+The compliance score are rounded down to the nearest whole number. For example a score of 77.3 would be displayed as 77.
+
 ```
 USAGE:  inspec_tools compliance [OPTIONS] -j <inspec-json> -i <threshold-inline>
 	inspec_tools compliance [OPTIONS] -j <inspec-json> -f <threshold-file>
@@ -135,22 +144,57 @@ failed.high.max: 1
 
 ## summary
 
-`summary` parses an inspec results json to create a summary json
+`summary` parses an inspec results json and displays the information from all of the tests that were run. Running the command with flags but `-j` it will display information like:
+
+```
+Overall compliance: 77%
+
+failed
+	total : 41
+	critical : 0
+	high : 3
+	medium : 33
+	low : 5
+passed
+	total : 174
+	critical : 0
+	high : 21
+	medium : 147
+	low : 6
+no_impact
+	total : 21
+	critical : 0
+	high : 0
+	medium : 0
+	low : 0
+skipped
+	total : 10
+	critical : 0
+	high : 2
+	medium : 5
+	low : 3
+error
+	total : 0
+	critical : 0
+	high : 0
+	medium : 0
+	low : 0
+```
+
+Using additional flags will override the normal output and only display the output that flag specifies.
+
+USAGE: inspec_tools summary [OPTIONS] -j <inspec-json>
 
 ```
-USAGE: inspec_tools summary [OPTIONS] -j <inspec-json> -o <summary-csv>
-
 FLAGS:
-	-j --inspec-json <inspec-json>   : path to InSpec results JSON
-	-o --output <output-json> 		   : path to summary JSON
-  -c --cli, --no-cli               : print formatted summary to STDOUT
+  -j --inspec-json <inspec-json>   : path to InSpec results JSON
   -V --verbose, --no-verbose       : print verbose an debug output
   -f --json-full, --no-json-full   : print the summary STDOUT as JSON
   -k --json-counts, --no-json_cou  : print the reslut status to STDOUT as JSON
 
 Examples:
 
-  inspec_tools summary -j examples/sample_json/rhel-simp.json -f -o summary.json -c
+  inspec_tools summary -j examples/sample_json/rhel-simp.json -f
 ```
 
 ## xccdf2inspec
@@ -167,7 +211,7 @@ FLAGS:
 	-f --format [ruby | hash]          : the format you would like (default: ruby) [optional]
 	-s --separate-files [true | false] : output the resulting controls as one or mutiple files (default: true) [optional]
 	-m --metadata <metadata-json>      : path to json file with additional metadata for the inspec.yml file [optional]
-	-r --replace-tags <array>          : A case-sensitive, comma separated list to replace tags with a $ if found in a group rules description tag [optional]
+	-r --replace-tags <array>          : A case-sensitive, space separated list to replace tags with a $ if found in a group rules description tag [optional]
 
 example: inspec_tools xccdf2inspec -x xccdf_file.xml -a attributes.yml -o myprofile -f ruby -s false
 ```

data/lib/data/rubocop.yml

@@ -0,0 +1,4 @@
+AllCops:
+  DisabledByDefault: true
+Style/StringLiterals:
+  Enabled: true

data/lib/happy_mapper_tools/stig_attributes.rb

@@ -38,6 +38,7 @@ module HappyMapperTools
       element :documentable, Boolean, tag: 'Documentable'
       element :mitigations, String, tag: 'Mitigations'
       element :severity_override_guidance, String, tag: 'SeverityOverrideGuidance'
+      element :security_override_guidance, String, tag: 'SecurityOverrideGuidance'
       element :potential_impacts, String, tag: 'PotentialImpacts'
       element :third_party_tools, String, tag: 'ThirdPartyTools'
       element :mitigation_controls, String, tag: 'MitigationControl'
@@ -53,7 +54,8 @@ module HappyMapperTools
 
       detail_tags = %i(vuln_discussion false_positives false_negatives documentable
                        mitigations severity_override_guidance potential_impacts
-                       third_party_tools mitigation_controls responsibility ia_controls)
+                       third_party_tools mitigation_controls responsibility ia_controls
+                       security_override_guidance)
 
       detail_tags.each do |name|
         define_method name do
@@ -140,57 +142,75 @@ module HappyMapperTools
     end
 
     class DescriptionDetailsType
-      def self.type
-        DescriptionDetails
-      end
+      class << self
+        def type
+          DescriptionDetails
+        end
 
-      def self.apply(value) # rubocop:disable Metrics/AbcSize
-        value = value.gsub('&', 'and')
-        DescriptionDetails.parse "<Details>#{value}</Details>"
-      rescue Nokogiri::XML::SyntaxError
-        allowed_tags = %w{VulnDiscussion FalsePositives FalseNegatives Documentable
-                          Mitigations SeverityOverrideGuidance PotentialImpacts
-                          PotentialImpacts ThirdPartyTools MitigationControl
-                          Responsibility IAControls}
-
-        tags_found = value.scan(%r{(?<=<)([^\/]*?)((?= \/>)|(?=>))}).to_a
-
-        tags_found = tags_found.uniq.flatten.reject!(&:empty?)
-        offending_tags = tags_found - allowed_tags
-
-        if offending_tags.count > 1
-          puts "\n\nThe non-standard tags: #{offending_tags.to_s.colorize(:red)}" \
-               ' were found in: ' + "\n\n#{value}"
-        else
-          puts "\n\nThe non-standard tag: #{offending_tags.to_s.colorize(:red)}" \
-               ' was found in: ' + "\n\n#{value}"
+        def apply(value)
+          value = value.gsub('&', 'and')
+          DescriptionDetails.parse "<Details>#{value}</Details>"
+        rescue Nokogiri::XML::SyntaxError => e
+          if e.to_s.include?('StartTag')
+            report_invalid_start_tag(value, e)
+          else
+            report_disallowed_tags(value)
+          end
+        end
+
+        def apply?(value, _convert_to_type)
+          value.is_a?(String)
         end
-        puts "\n\nPlease:\n "
-        option_one = '(1) ' + '(best)'.colorize(:green) + ' Use the ' +
-                     '`-r --replace-tags array` '.colorize(:light_yellow) +
-                     '(case sensitive) option to replace the offending tags ' \
-                     'during processing of the XCCDF ' \
-                     'file to use the ' +
-                     "`$#{offending_tags[0]}` " .colorize(:light_green) +
-                     'syntax in your InSpec profile.'
-        option_two = '(2) Update your XCCDF file to *not use* non-standard XCCDF ' \
-                     'elements within ' +
-                     '`&lt;`,`&gt;`, `<` '.colorize(:red) +
-                     'or '.colorize(:default) +
-                     '`>` '.colorize(:red) +
-                     'as "placeholders", and use something that doesn\'t confuse ' \
-                     'the XML parser, such as : ' +
-                     "`$#{offending_tags[0]}`" .colorize(:light_green)
-        puts option_one
-        puts "\n"
-        puts option_two
-        # exit
-      end
 
-      def self.apply?(value, _convert_to_type)
-        value.is_a?(String)
+        private
+
+        def report_invalid_start_tag(value, error)
+          puts error.to_s.colorize(:red)
+          column = error.column - '<Details>'.length - 2
+          puts "Error around #{value[column-10..column+10].colorize(:light_yellow)}"
+          exit(1)
+        end
+
+        def report_disallowed_tags(value)
+          allowed_tags = %w{VulnDiscussion FalsePositives FalseNegatives Documentable
+                            Mitigations SeverityOverrideGuidance PotentialImpacts
+                            PotentialImpacts ThirdPartyTools MitigationControl
+                            Responsibility IAControl SecurityOverrideGuidance}
+
+          tags_found = value.scan(%r{(?<=<)([^\/]*?)((?= \/>)|(?=>))}).to_a
+
+          tags_found = tags_found.uniq.flatten.reject!(&:empty?)
+          offending_tags = tags_found - allowed_tags
+
+          if offending_tags.count > 1
+            puts "\n\nThe non-standard tags: #{offending_tags.to_s.colorize(:red)}" \
+                 ' were found in: ' + "\n\n#{value}"
+          else
+            puts "\n\nThe non-standard tag: #{offending_tags.to_s.colorize(:red)}" \
+                 ' was found in: ' + "\n\n#{value}"
+          end
+          puts "\n\nPlease:\n "
+          option_one = '(1) ' + '(best)'.colorize(:green) + ' Use the ' +
+                       '`-r --replace-tags array` '.colorize(:light_yellow) +
+                       '(case sensitive) option to replace the offending tags ' \
+                       'during processing of the XCCDF ' \
+                       'file to use the ' +
+                       "`$#{offending_tags[0]}` " .colorize(:light_green) +
+                       'syntax in your InSpec profile.'
+          option_two = '(2) Update your XCCDF file to *not use* non-standard XCCDF ' \
+                       'elements within ' +
+                       '`&lt;`,`&gt;`, `<` '.colorize(:red) +
+                       'or '.colorize(:default) +
+                       '`>` '.colorize(:red) +
+                       'as "placeholders", and use something that doesn\'t confuse ' \
+                       'the XML parser, such as : ' +
+                       "`$#{offending_tags[0]}`" .colorize(:light_green)
+          puts option_one
+          puts "\n"
+          puts option_two
+        end
       end
+      HappyMapper::SupportedTypes.register DescriptionDetailsType
     end
-    HappyMapper::SupportedTypes.register DescriptionDetailsType
   end
 end

data/lib/inspec_tools/plugin_cli.rb

@@ -200,8 +200,6 @@ module InspecPlugins
       desc 'summary', 'summary parses an inspec results json to create a summary json'
       long_desc InspecTools::Help.text(:summary)
       option :inspec_json, required: true, aliases: '-j'
-      option :output, required: false, aliases: '-o'
-      option :cli, type: :boolean, required: false, aliases: '-c'
       option :verbose, type: :boolean, aliases: '-V'
       option :json_full, type: :boolean, required: false, aliases: '-f'
       option :json_counts, type: :boolean, required: false, aliases: '-k'
@@ -209,7 +207,7 @@ module InspecPlugins
       def summary
         summary = InspecTools::Summary.new(File.read(options[:inspec_json])).to_summary
 
-        if options[:cli]
+        unless options.include?('json_full') || options.include?('json_counts')
           puts "\nOverall compliance: #{summary[:compliance]}%\n\n"
           summary[:status].keys.each do |category|
             puts category
@@ -220,7 +218,6 @@ module InspecPlugins
         end
 
         json_summary = summary.to_json
-        File.write(options[:output], json_summary) if options[:output]
         puts json_summary if options[:json_full]
         puts summary[:status].to_json if options[:json_counts]
       end

data/lib/inspec_tools/summary.rb

@@ -10,8 +10,8 @@ HIGH = 0.7
 MEDIUM = 0.5
 LOW = 0.3
 
-BUCKETS = %w{failed passed no_impact skipped error}.freeze
-TALLYS = %w{total critical high medium low}.freeze
+BUCKETS = %i(failed passed no_impact skipped error).freeze
+TALLYS = %i(total critical high medium low).freeze
 
 THRESHOLD_TEMPLATE = File.expand_path('../data/threshold.yaml', File.dirname(__FILE__))
 
@@ -83,7 +83,7 @@ module InspecTools
         (@summary[:status][:passed][:total]+
          @summary[:status][:failed][:total]+
          @summary[:status][:skipped][:total]+
-         @summary[:status][:error][:total])).round(1)
+         @summary[:status][:error][:total])).floor
     end
 
     def threshold_compliance
@@ -104,13 +104,13 @@ module InspecTools
         TALLYS.each do |tally|
           max = @threshold["#{bucket}.#{tally}.max"]
           min = @threshold["#{bucket}.#{tally}.min"]
-          if max != -1 and status[bucket.to_sym][tally.to_sym] > max
+          if max != -1 and status[bucket][tally] > max
             compliance = false
-            failure << "Expected #{bucket}.#{tally}.max:#{max} got:#{status[bucket.to_sym][tally.to_sym]}"
+            failure << "Expected #{bucket}.#{tally}.max:#{max} got:#{status[bucket][tally]}"
           end
-          if min != -1 and status[bucket.to_sym][tally.to_sym] < min
+          if min != -1 and status[bucket][tally] < min
             compliance = false
-            failure << "Expected #{bucket}.#{tally}.min:#{min} got:#{status[bucket.to_sym][tally.to_sym]}"
+            failure << "Expected #{bucket}.#{tally}.min:#{min} got:#{status[bucket][tally]}"
           end
         end
       end

data/lib/inspec_tools/xccdf.rb

@@ -140,6 +140,7 @@ module InspecTools
         control['tags']['documentable'] = group.rule.description.documentable if group.rule.description.documentable != ''
         control['tags']['mitigations'] = group.rule.description.false_negatives if group.rule.description.mitigations != ''
         control['tags']['severity_override_guidance'] = group.rule.description.severity_override_guidance if group.rule.description.severity_override_guidance != ''
+        control['tags']['security_override_guidance'] = group.rule.description.security_override_guidance if group.rule.description.security_override_guidance != ''
         control['tags']['potential_impacts'] = group.rule.description.potential_impacts if group.rule.description.potential_impacts != ''
         control['tags']['third_party_tools'] = group.rule.description.third_party_tools if group.rule.description.third_party_tools != ''
         control['tags']['mitigation_controls'] = group.rule.description.mitigation_controls if group.rule.description.mitigation_controls != ''

data/lib/utilities/inspec_util.rb

@@ -11,6 +11,7 @@ require 'overrides/true_class'
 require 'overrides/nil_class'
 require 'overrides/object'
 require 'overrides/string'
+require 'rubocop'
 
 # rubocop:disable Metrics/ClassLength
 # rubocop:disable Metrics/AbcSize
@@ -314,6 +315,7 @@ module Utils
         control.add_tag(::Inspec::Object::Tag.new('documentable', json_control['tags']['documentable'])) unless json_control['tags']['documentable'].blank?
         control.add_tag(::Inspec::Object::Tag.new('mitigations', json_control['tags']['mitigations'])) unless json_control['tags']['mitigations'].blank?
         control.add_tag(::Inspec::Object::Tag.new('severity_override_guidance', json_control['tags']['severity_override_guidance'])) unless json_control['tags']['severity_override_guidance'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('security_override_guidance', json_control['tags']['security_override_guidance'])) unless json_control['tags']['security_override_guidance'].blank?
         control.add_tag(::Inspec::Object::Tag.new('potential_impacts', json_control['tags']['potential_impacts'])) unless json_control['tags']['potential_impacts'].blank?
         control.add_tag(::Inspec::Object::Tag.new('third_party_tools', json_control['tags']['third_party_tools'])) unless json_control['tags']['third_party_tools'].blank?
         control.add_tag(::Inspec::Object::Tag.new('mitigation_controls', json_control['tags']['mitigation_controls'])) unless json_control['tags']['mitigation_controls'].blank?
@@ -393,7 +395,7 @@ module Utils
             file_name = control.id.to_s
             myfile = File.new("#{directory}/controls/#{file_name}.rb", 'w')
             myfile.puts "# encoding: UTF-8\n\n"
-            myfile.puts wrap(control.to_ruby.gsub('"', "\'"), WIDTH) + "\n"
+            myfile.puts wrap(control.to_ruby, WIDTH) + "\n"
             myfile.close
           end
         else
@@ -424,6 +426,10 @@ module Utils
         end
         myfile.close
       end
+      config_store = ::RuboCop::ConfigStore.new
+      config_store.options_config = File.join(File.dirname(__FILE__), '../data/rubocop.yml')
+      rubocop = ::RuboCop::Runner.new({ auto_correct: true }, config_store)
+      rubocop.run([directory])
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: inspec_tools
 version: !ruby/object:Gem::Version
-  version: 2.0.2.pre11
+  version: 2.0.6
 platform: ruby
 authors:
 - Robert Thew
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-05-07 00:00:00.000000000 Z
+date: 2020-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -151,22 +151,22 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.1
+        version: 0.17.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.1
+        version: 0.17.3
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :development
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -174,7 +174,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -188,7 +188,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -202,7 +202,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -216,7 +216,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -230,7 +230,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -244,7 +244,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -292,6 +292,7 @@ files:
 - lib/data/attributes.yml
 - lib/data/cci2html.xsl
 - lib/data/mapping.yml
+- lib/data/rubocop.yml
 - lib/data/stig.csv
 - lib/data/threshold.yaml
 - lib/exceptions/impact_input_error.rb
@@ -348,9 +349,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.1.2
 signing_key: