inspec_tools 2.0.2.pre7 → 2.0.2.pre8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1410fb02c77dbcd0c595447a1cef161810c2ae471864d46afc16f5c966d00eb5
-  data.tar.gz: 26ad8e5b1c328989827007a74c2fd6db2049c7e7d2cafa29a3b172f497e2f0b0
+  metadata.gz: 4c0c4c149888d3a7b8c1c4455e4110ca665cac3ed59544120a2cc0447a031544
+  data.tar.gz: dac8d2543995b1aaceb383b1a9239c1280cfd74b2effb99796f558a0e9ef2812
 SHA512:
-  metadata.gz: b4aa66076589885a11df71770c48d6bc69688442b6bf8543f5cd4e91bd8967a2340f3a0bcb3e25cdd4873fa3b917123e58430fa41725ee7b4da772e8778973f4
-  data.tar.gz: 38bded3989b79a3aa8e474a23c3c7cc0bc08ee9c08cb17250340cfb09d16fcdc041d4b2f58589be48b1c4e57f62e5c1be49d9cb94fcffb5c53b1fafb85e91346
+  metadata.gz: 020fd1249cbe919996fbc7037cb6d5d55bad2a99ee6f8eed7044afc3452804cc264940c471c110b003b59e24c31039c194e6553b7114c9be2b353d41682a01f8
+  data.tar.gz: 44911ab26c33046670a35a2a5919afb0c4a1b8de38838dd04dfc65720df9020018f566cfb1e027fe014209b72d18cd2800aa3d6fc2cfd9af84758bae39bbc73f

data/CHANGELOG.md

@@ -2,7 +2,26 @@
 
 ## [Unreleased](https://github.com/mitre/inspec_tools/tree/HEAD)
 
-[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre6...HEAD)
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre7...HEAD)
+
+**Fixed bugs:**
+
+- CCI Information is blank in CKL output [\#147](https://github.com/mitre/inspec_tools/issues/147)
+- STIG Viewer fails to validate CKL Schema [\#131](https://github.com/mitre/inspec_tools/issues/131)
+
+**Closed issues:**
+
+- Add integration tests to validate output Checklist against schema [\#62](https://github.com/mitre/inspec_tools/issues/62)
+
+**Merged pull requests:**
+
+- Break CCI Vuln Information into separate StigData [\#167](https://github.com/mitre/inspec_tools/pull/167) ([Bialogs](https://github.com/Bialogs))
+- Missing array type for replace\_tags [\#166](https://github.com/mitre/inspec_tools/pull/166) ([Didar-Bhullar](https://github.com/Didar-Bhullar))
+- 131 ckl schema [\#163](https://github.com/mitre/inspec_tools/pull/163) ([Bialogs](https://github.com/Bialogs))
+
+## [v2.0.2.pre7](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre7) (2020-04-28)
+
+[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre6...v2.0.2.pre7)
 
 **Implemented enhancements:**
 
@@ -19,7 +38,6 @@
 - Updated README to standardize wording [\#160](https://github.com/mitre/inspec_tools/pull/160) ([Bialogs](https://github.com/Bialogs))
 - Remove guardfile [\#159](https://github.com/mitre/inspec_tools/pull/159) ([Bialogs](https://github.com/Bialogs))
 - Remove unnecessary debug output from xccdf2inspec [\#158](https://github.com/mitre/inspec_tools/pull/158) ([rbclark](https://github.com/rbclark))
-- Add unit tests for XLSXTool and add system tests in CI [\#130](https://github.com/mitre/inspec_tools/pull/130) ([Bialogs](https://github.com/Bialogs))
 
 ## [v2.0.2.pre6](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre6) (2020-04-28)
 
@@ -68,6 +86,7 @@
 
 **Merged pull requests:**
 
+- Add unit tests for XLSXTool and add system tests in CI [\#130](https://github.com/mitre/inspec_tools/pull/130) ([Bialogs](https://github.com/Bialogs))
 - Apply fixes from CodeFactor [\#129](https://github.com/mitre/inspec_tools/pull/129) ([aaronlippold](https://github.com/aaronlippold))
 
 ## [v2.0.1.pre3](https://github.com/mitre/inspec_tools/tree/v2.0.1.pre3) (2020-04-03)
@@ -471,7 +490,6 @@
 **Merged pull requests:**
 
 - Updated rake version [\#69](https://github.com/mitre/inspec_tools/pull/69) ([robthew](https://github.com/robthew))
-- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
 
 ## [v1.4.1](https://github.com/mitre/inspec_tools/tree/v1.4.1) (2019-06-20)
 
@@ -483,6 +501,7 @@
 
 **Merged pull requests:**
 
+- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
 - Apply fixes from CodeFactor [\#61](https://github.com/mitre/inspec_tools/pull/61) ([aaronlippold](https://github.com/aaronlippold))
 
 ## [v1.3.6](https://github.com/mitre/inspec_tools/tree/v1.3.6) (2019-05-02)

data/lib/happy_mapper_tools/stig_checklist.rb

@@ -42,6 +42,12 @@ module HappyMapperTools
     # Class Asset maps from the 'STIG_DATA' from Checklist XML file using HappyMapper
     class StigData
       include HappyMapper
+
+      def initialize(attrib = nil, data = nil)
+        self.attrib = attrib
+        self.data = data
+      end
+
       tag 'STIG_DATA'
       has_one :attrib, String, tag: 'VULN_ATTRIBUTE'
       has_one :data, String, tag: 'ATTRIBUTE_DATA'

data/lib/inspec_tools/inspec.rb

@@ -113,57 +113,6 @@ module InspecTools
       end
     end
 
-    def generate_vuln_data(control)
-      vuln = HappyMapperTools::StigChecklist::Vuln.new
-      stig_data_list = []
-
-      %w{
-        Vuln_Num Severity Group_Title Rule_ID Rule_Ver Rule_Title Vuln_Discuss
-        Check_Content Fix_Text CCI_REF
-      }.each do |attrib|
-        if attrib == 'Severity'
-          key = :impact
-        else
-          key = attrib.downcase.to_sym
-        end
-
-        next if control[key].nil?
-
-        if attrib == 'Severity'
-          value = Utils::InspecUtil.get_impact_string(control[key])
-          next if value == 'none'
-
-          value = 'high' if value == 'critical'
-        else
-          value = control[key]
-        end
-
-        stigdata = HappyMapperTools::StigChecklist::StigData.new
-        stigdata.attrib = attrib
-        stigdata.data = value
-        stig_data_list.push(stigdata)
-      end
-
-      stigdata = HappyMapperTools::StigChecklist::StigData.new
-      stigdata.attrib = 'STIGRef'
-      stigdata.data = @title
-      stig_data_list.push(stigdata)
-
-      vuln.stig_data = stig_data_list
-      vuln.status = Utils::InspecUtil.control_status(control)
-      vuln.comments = "\nAutomated compliance tests brought to you by the MITRE corporation and the InSpec project.\n\nInspec Profile: #{control[:profile_name]}\nProfile shasum: #{control[:profile_shasum]}"
-      vuln.finding_details = Utils::InspecUtil.control_finding_details(control, vuln.status)
-      vuln.severity_override = ''
-      vuln.severity_justification = ''
-
-      vuln
-    end
-
-    def generate_title(title, json, date)
-      title ||= "Untitled - Checklist Created from Automated InSpec Results JSON; Profiles: #{json['profiles'].map { |x| x['name'] }.join(' | ')}"
-      title + " Checklist Date: #{date || Date.today.to_s}"
-    end
-
     def generate_ckl
       stigs = HappyMapperTools::StigChecklist::Stigs.new
       istig = HappyMapperTools::StigChecklist::IStig.new
@@ -191,6 +140,27 @@ module InspecTools
       @checklist.asset = generate_asset
     end
 
+    def generate_vuln_data(control)
+      vuln = HappyMapperTools::StigChecklist::Vuln.new
+      stig_data_list = []
+
+      %w{Vuln_Num Group_Title Rule_ID Rule_Ver Rule_Title Vuln_Discuss Check_Content Fix_Text}.each do |attribute|
+        stig_data_list << create_stig_data_element(attribute, control)
+      end
+      stig_data_list << handle_severity(control)
+      stig_data_list += handle_cci_ref(control)
+      stig_data_list << handle_stigref
+
+      vuln.stig_data = stig_data_list.reject!(&:nil?)
+      vuln.status = Utils::InspecUtil.control_status(control)
+      vuln.comments = "\nAutomated compliance tests brought to you by the MITRE corporation and the InSpec project.\n\nInspec Profile: #{control[:profile_name]}\nProfile shasum: #{control[:profile_shasum]}"
+      vuln.finding_details = Utils::InspecUtil.control_finding_details(control, vuln.status)
+      vuln.severity_override = ''
+      vuln.severity_justification = ''
+
+      vuln
+    end
+
     def generate_asset
       asset = HappyMapperTools::StigChecklist::Asset.new
       asset.role = !@metadata['role'].nil? ? @metadata['role'] : 'Workstation'
@@ -321,5 +291,43 @@ module InspecTools
       end
       @benchmark.group = group_array
     end
+
+    def generate_title(title, json, date)
+      title ||= "Untitled - Checklist Created from Automated InSpec Results JSON; Profiles: #{json['profiles'].map { |x| x['name'] }.join(' | ')}"
+      title + " Checklist Date: #{date || Date.today.to_s}"
+    end
+
+    def create_stig_data_element(attribute, control)
+      return HappyMapperTools::StigChecklist::StigData.new(attribute, control[attribute.downcase.to_sym]) unless control[attribute.downcase.to_sym].nil?
+    end
+
+    def handle_severity(control)
+      return if control[:impact].nil?
+
+      value = Utils::InspecUtil.get_impact_string(control[:impact])
+      return if value == 'none'
+
+      value = 'high' if value == 'critical'
+
+      HappyMapperTools::StigChecklist::StigData.new('Severity', value)
+    end
+
+    def handle_cci_ref(control)
+      return [] if control[:cci_ref].nil?
+
+      cci_data = []
+      if control[:cci_ref].respond_to?(:each)
+        control[:cci_ref].each do |cci_number|
+          cci_data << HappyMapperTools::StigChecklist::StigData.new('CCI_REF', cci_number)
+        end
+        cci_data
+      else
+        cci_data << HappyMapperTools::StigChecklist::StigData.new('CCI_REF', control[:cci_ref])
+      end
+    end
+
+    def handle_stigref
+      HappyMapperTools::StigChecklist::StigData.new('STIGRef', @title)
+    end
   end
 end

data/lib/inspec_tools/plugin_cli.rb

@@ -35,7 +35,7 @@ module InspecPlugins
       option :output, required: false, aliases: '-o', default: 'profile'
       option :format, required: false, aliases: '-f', enum: %w{ruby hash}, default: 'ruby'
       option :separate_files, required: false, type: :boolean, default: true, aliases: '-s'
-      option :replace_tags, required: false, aliases: '-r'
+      option :replace_tags, type: :array, required: false, aliases: '-r'
       option :metadata, required: false, aliases: '-m'
       def xccdf2inspec
         xccdf = InspecTools::XCCDF.new(File.read(options[:xccdf]), options[:replace_tags])

data/lib/utilities/inspec_util.rb

@@ -145,20 +145,16 @@ module Utils
 
     def self.control_status(control)
       status_list = control[:status].uniq
-      if status_list.include?('error')
-        result = 'Profile_Error'
-      elsif control[:impact].to_f.zero?
-        result = 'Not_Applicable'
+      if control[:impact].to_f.zero?
+        'Not_Applicable'
       elsif status_list.include?('failed')
-        result = 'Open'
+        'Open'
       elsif status_list.include?('passed')
-        result = 'NotAFinding'
-      elsif status_list.include?('skipped')
-        result = 'Not_Reviewed'
+        'NotAFinding'
       else
-        result = 'Profile_Error'
+        # profile skipped or profile error
+        'Not_Reviewed'
       end
-      result
     end
 
     def self.control_finding_details(control, control_clk_status)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: inspec_tools
 version: !ruby/object:Gem::Version
-  version: 2.0.2.pre7
+  version: 2.0.2.pre8
 platform: ruby
 authors:
 - Robert Thew
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-28 00:00:00.000000000 Z
+date: 2020-05-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize