inspec_tools 2.0.2.pre13 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -3
- data/README.md +44 -7
- data/lib/inspec_tools/plugin_cli.rb +1 -4
- data/lib/inspec_tools/summary.rb +7 -7
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d99887f62c18c23143d73ceb049277beaf493a765dc1df5beec9fee9b9bb7dca
|
4
|
+
data.tar.gz: c2613ab9b76c9dae510ba8c57a27664989161cc8dd0cfec099f1365a9743030f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e8f1fd2c3b491e7c3ef65c76c250e16e6e00cbb03ae0d3ed8c6c23bc8598ba31f8315bd72e6bcfb76b22c4a054f881852de0f290789c6d5bab304afc616003f4
|
7
|
+
data.tar.gz: ad843429c15e5e10c655860a6178b20d088decbd4f6bc92817183635b45c7478be16b30baf6883d3e1565f47c0926226e117482351137811829c9e147de4be3e
|
data/CHANGELOG.md
CHANGED
@@ -2,7 +2,30 @@
|
|
2
2
|
|
3
3
|
## [Unreleased](https://github.com/mitre/inspec_tools/tree/HEAD)
|
4
4
|
|
5
|
-
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.
|
5
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre13...HEAD)
|
6
|
+
|
7
|
+
**Implemented enhancements:**
|
8
|
+
|
9
|
+
- Round compliance score down [\#146](https://github.com/mitre/inspec_tools/issues/146)
|
10
|
+
|
11
|
+
**Fixed bugs:**
|
12
|
+
|
13
|
+
- inspec\_tools docker images is not actually showing results to cli [\#183](https://github.com/mitre/inspec_tools/issues/183)
|
14
|
+
|
15
|
+
**Closed issues:**
|
16
|
+
|
17
|
+
- inspec\_tools docker container doesn't let me go into a bash shell [\#184](https://github.com/mitre/inspec_tools/issues/184)
|
18
|
+
- Add a Dockerfile so folks can eaily add this into their ci/cd container workflows [\#162](https://github.com/mitre/inspec_tools/issues/162)
|
19
|
+
|
20
|
+
**Merged pull requests:**
|
21
|
+
|
22
|
+
- Every usage of Bucket and Tally uses it as a symbol, making it a symbol as part of its declaration [\#187](https://github.com/mitre/inspec_tools/pull/187) ([rbclark](https://github.com/rbclark))
|
23
|
+
- Summary output [\#186](https://github.com/mitre/inspec_tools/pull/186) ([jsa5593](https://github.com/jsa5593))
|
24
|
+
- Compliance score is rounded down and the README is updated [\#185](https://github.com/mitre/inspec_tools/pull/185) ([jsa5593](https://github.com/jsa5593))
|
25
|
+
|
26
|
+
## [v2.0.2.pre13](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre13) (2020-05-22)
|
27
|
+
|
28
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre12...v2.0.2.pre13)
|
6
29
|
|
7
30
|
**Implemented enhancements:**
|
8
31
|
|
@@ -266,13 +289,16 @@
|
|
266
289
|
|
267
290
|
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.8.2...v1.8.3)
|
268
291
|
|
292
|
+
**Merged pull requests:**
|
293
|
+
|
294
|
+
- Spaces cause interpreter not to pick up encoding correctly [\#111](https://github.com/mitre/inspec_tools/pull/111) ([Bialogs](https://github.com/Bialogs))
|
295
|
+
|
269
296
|
## [v1.8.2](https://github.com/mitre/inspec_tools/tree/v1.8.2) (2020-03-25)
|
270
297
|
|
271
298
|
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.8.1...v1.8.2)
|
272
299
|
|
273
300
|
**Merged pull requests:**
|
274
301
|
|
275
|
-
- Spaces cause interpreter not to pick up encoding correctly [\#111](https://github.com/mitre/inspec_tools/pull/111) ([Bialogs](https://github.com/Bialogs))
|
276
302
|
- Gemspec Dependency Updates [\#109](https://github.com/mitre/inspec_tools/pull/109) ([Bialogs](https://github.com/Bialogs))
|
277
303
|
|
278
304
|
## [v1.8.1](https://github.com/mitre/inspec_tools/tree/v1.8.1) (2020-03-24)
|
@@ -519,6 +545,7 @@
|
|
519
545
|
|
520
546
|
- Update Profile logic include control exceptions [\#75](https://github.com/mitre/inspec_tools/pull/75) ([rx294](https://github.com/rx294))
|
521
547
|
- Null Byte in json report causes inspec2ckl to bomb-out [\#73](https://github.com/mitre/inspec_tools/pull/73) ([kevin-j-smith](https://github.com/kevin-j-smith))
|
548
|
+
- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
|
522
549
|
|
523
550
|
## [v1.6.0](https://github.com/mitre/inspec_tools/tree/v1.6.0) (2019-10-04)
|
524
551
|
|
@@ -553,7 +580,6 @@
|
|
553
580
|
**Merged pull requests:**
|
554
581
|
|
555
582
|
- Updated rake version [\#69](https://github.com/mitre/inspec_tools/pull/69) ([robthew](https://github.com/robthew))
|
556
|
-
- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
|
557
583
|
|
558
584
|
## [v1.4.1](https://github.com/mitre/inspec_tools/tree/v1.4.1) (2019-06-20)
|
559
585
|
|
data/README.md
CHANGED
@@ -98,6 +98,8 @@ USAGE: inspec_tools generate_inspec_metadata
|
|
98
98
|
|
99
99
|
If the specified threshold is not met, an error code (1) is returned along with non-compliant elements.
|
100
100
|
|
101
|
+
The compliance score are rounded down to the nearest whole number. For example a score of 77.3 would be displayed as 77.
|
102
|
+
|
101
103
|
```
|
102
104
|
USAGE: inspec_tools compliance [OPTIONS] -j <inspec-json> -i <threshold-inline>
|
103
105
|
inspec_tools compliance [OPTIONS] -j <inspec-json> -f <threshold-file>
|
@@ -142,22 +144,57 @@ failed.high.max: 1
|
|
142
144
|
|
143
145
|
## summary
|
144
146
|
|
145
|
-
`summary` parses an inspec results json
|
147
|
+
`summary` parses an inspec results json and displays the information from all of the tests that were run. Running the command with flags but `-j` it will display information like:
|
148
|
+
|
149
|
+
```
|
150
|
+
Overall compliance: 77%
|
151
|
+
|
152
|
+
failed
|
153
|
+
total : 41
|
154
|
+
critical : 0
|
155
|
+
high : 3
|
156
|
+
medium : 33
|
157
|
+
low : 5
|
158
|
+
passed
|
159
|
+
total : 174
|
160
|
+
critical : 0
|
161
|
+
high : 21
|
162
|
+
medium : 147
|
163
|
+
low : 6
|
164
|
+
no_impact
|
165
|
+
total : 21
|
166
|
+
critical : 0
|
167
|
+
high : 0
|
168
|
+
medium : 0
|
169
|
+
low : 0
|
170
|
+
skipped
|
171
|
+
total : 10
|
172
|
+
critical : 0
|
173
|
+
high : 2
|
174
|
+
medium : 5
|
175
|
+
low : 3
|
176
|
+
error
|
177
|
+
total : 0
|
178
|
+
critical : 0
|
179
|
+
high : 0
|
180
|
+
medium : 0
|
181
|
+
low : 0
|
182
|
+
```
|
183
|
+
|
184
|
+
Using additional flags will override the normal output and only display the output that flag specifies.
|
185
|
+
|
186
|
+
USAGE: inspec_tools summary [OPTIONS] -j <inspec-json>
|
146
187
|
|
147
188
|
```
|
148
|
-
USAGE: inspec_tools summary [OPTIONS] -j <inspec-json> -o <summary-csv>
|
149
|
-
|
150
189
|
FLAGS:
|
151
|
-
|
152
|
-
-o --output <output-json> : path to summary JSON
|
153
|
-
-c --cli, --no-cli : print formatted summary to STDOUT
|
190
|
+
-j --inspec-json <inspec-json> : path to InSpec results JSON
|
154
191
|
-V --verbose, --no-verbose : print verbose an debug output
|
155
192
|
-f --json-full, --no-json-full : print the summary STDOUT as JSON
|
156
193
|
-k --json-counts, --no-json_cou : print the reslut status to STDOUT as JSON
|
157
194
|
|
158
195
|
Examples:
|
159
196
|
|
160
|
-
inspec_tools summary -j examples/sample_json/rhel-simp.json -f
|
197
|
+
inspec_tools summary -j examples/sample_json/rhel-simp.json -f
|
161
198
|
```
|
162
199
|
|
163
200
|
## xccdf2inspec
|
@@ -200,8 +200,6 @@ module InspecPlugins
|
|
200
200
|
desc 'summary', 'summary parses an inspec results json to create a summary json'
|
201
201
|
long_desc InspecTools::Help.text(:summary)
|
202
202
|
option :inspec_json, required: true, aliases: '-j'
|
203
|
-
option :output, required: false, aliases: '-o'
|
204
|
-
option :cli, type: :boolean, required: false, aliases: '-c'
|
205
203
|
option :verbose, type: :boolean, aliases: '-V'
|
206
204
|
option :json_full, type: :boolean, required: false, aliases: '-f'
|
207
205
|
option :json_counts, type: :boolean, required: false, aliases: '-k'
|
@@ -209,7 +207,7 @@ module InspecPlugins
|
|
209
207
|
def summary
|
210
208
|
summary = InspecTools::Summary.new(File.read(options[:inspec_json])).to_summary
|
211
209
|
|
212
|
-
|
210
|
+
unless options.include?('json_full') || options.include?('json_counts')
|
213
211
|
puts "\nOverall compliance: #{summary[:compliance]}%\n\n"
|
214
212
|
summary[:status].keys.each do |category|
|
215
213
|
puts category
|
@@ -220,7 +218,6 @@ module InspecPlugins
|
|
220
218
|
end
|
221
219
|
|
222
220
|
json_summary = summary.to_json
|
223
|
-
File.write(options[:output], json_summary) if options[:output]
|
224
221
|
puts json_summary if options[:json_full]
|
225
222
|
puts summary[:status].to_json if options[:json_counts]
|
226
223
|
end
|
data/lib/inspec_tools/summary.rb
CHANGED
@@ -10,8 +10,8 @@ HIGH = 0.7
|
|
10
10
|
MEDIUM = 0.5
|
11
11
|
LOW = 0.3
|
12
12
|
|
13
|
-
BUCKETS = %
|
14
|
-
TALLYS = %
|
13
|
+
BUCKETS = %i(failed passed no_impact skipped error).freeze
|
14
|
+
TALLYS = %i(total critical high medium low).freeze
|
15
15
|
|
16
16
|
THRESHOLD_TEMPLATE = File.expand_path('../data/threshold.yaml', File.dirname(__FILE__))
|
17
17
|
|
@@ -83,7 +83,7 @@ module InspecTools
|
|
83
83
|
(@summary[:status][:passed][:total]+
|
84
84
|
@summary[:status][:failed][:total]+
|
85
85
|
@summary[:status][:skipped][:total]+
|
86
|
-
@summary[:status][:error][:total])).
|
86
|
+
@summary[:status][:error][:total])).floor
|
87
87
|
end
|
88
88
|
|
89
89
|
def threshold_compliance
|
@@ -104,13 +104,13 @@ module InspecTools
|
|
104
104
|
TALLYS.each do |tally|
|
105
105
|
max = @threshold["#{bucket}.#{tally}.max"]
|
106
106
|
min = @threshold["#{bucket}.#{tally}.min"]
|
107
|
-
if max != -1 and status[bucket
|
107
|
+
if max != -1 and status[bucket][tally] > max
|
108
108
|
compliance = false
|
109
|
-
failure << "Expected #{bucket}.#{tally}.max:#{max} got:#{status[bucket
|
109
|
+
failure << "Expected #{bucket}.#{tally}.max:#{max} got:#{status[bucket][tally]}"
|
110
110
|
end
|
111
|
-
if min != -1 and status[bucket
|
111
|
+
if min != -1 and status[bucket][tally] < min
|
112
112
|
compliance = false
|
113
|
-
failure << "Expected #{bucket}.#{tally}.min:#{min} got:#{status[bucket
|
113
|
+
failure << "Expected #{bucket}.#{tally}.min:#{min} got:#{status[bucket][tally]}"
|
114
114
|
end
|
115
115
|
end
|
116
116
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec_tools
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Robert Thew
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: exe
|
13
13
|
cert_chain: []
|
14
|
-
date: 2020-05-
|
14
|
+
date: 2020-05-26 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: colorize
|
@@ -348,9 +348,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
348
348
|
version: '2.5'
|
349
349
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
350
350
|
requirements:
|
351
|
-
- - "
|
351
|
+
- - ">="
|
352
352
|
- !ruby/object:Gem::Version
|
353
|
-
version:
|
353
|
+
version: '0'
|
354
354
|
requirements: []
|
355
355
|
rubygems_version: 3.1.2
|
356
356
|
signing_key:
|