inspec_tools 2.2.0 → 2.3.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 315e07faccf97b313b9493963ef7b9b80ffa7a1459bfa661527c4e827de89676
-  data.tar.gz: e31f0bc2c0006bcb96b9ee46f34c59b8ba71358c2293d7c39874b0fc80b5292b
+  metadata.gz: 80ef2e3696f25c1381c8ca69f7c8c0c7183c5e7d2e8ab12d2d0764afd6071f8d
+  data.tar.gz: e34d31358000c88def3e19dcbc7b936752749cf02cc28d7c99a0cdc9875e022c
 SHA512:
-  metadata.gz: 50409617c4e6142916f328e5850a5ef3f2d99b9e71671714ce0475708c435242911b6d4455f47fd1f5e50a7778b80e673d4ec74e3ee5d8f66ab5530c42fa8ad9
-  data.tar.gz: e34adf2df0ec1b1bcd5d9224a2621565c5c4efbe79177c2326a3ef8eef6e10922cbc025682c6bade7179add2e59b3b6394419da0cf7c82f1fd8dcfb58efe49f3
+  metadata.gz: d9a2ce7f04c865c6ba18bf8121bc20701c005b7357b5ba41fa4e33f3320ff96a82087c2b41e478e006c1ee1ce2f416b11d744f62eefad00765432915ca993fd5
+  data.tar.gz: b1d43d8d8eb302d9121e4ffe3f51eebb4116a75d8762cd6feb14e90a89320245ac5a5758aaf8760ba2460c62550fc6f18aaa801ac5b2436320ef568b5c735267

data/lib/happy_mapper_tools/benchmark.rb

@@ -65,6 +65,20 @@ module HappyMapperTools
       tag 'ident'
       attribute :system, String, tag: 'system'
       content :ident, String
+      def initialize(ident_str)
+        @ident = ident_str
+        if ident_str =~ /^(CCI-[0-9]{6})$/
+          # Match CCI IDs; e.g. CCI-123456
+          @system = 'http://cyber.mil/cci'
+        elsif ident_str =~ /^(S?V-[0-9]{5})$/
+          # Match SV- IDs; e.g. SV-12345
+          # Match V- IDs; e.g. V-12345
+          @system = 'http://cyber.mil/legacy'
+        else
+          # for all other ident_str, use the old identifier
+          @system = 'https://public.cyber.mil/stigs/cci/'
+        end
+      end
     end
 
     # Class Fixtext maps from the 'fixtext' from Benchmark XML file using HappyMapper

data/lib/happy_mapper_tools/stig_attributes.rb

@@ -77,6 +77,15 @@ module HappyMapperTools
       element :dc_identifier, String, tag: 'identifier', namespace: 'dc'
     end
 
+    class Ident
+      include HappyMapper
+      attr_accessor :legacy
+      attr_accessor :cci
+      tag 'ident'
+      attribute :system, String, tag: 'system'
+      content :ident, String
+    end
+
     class Rule
       include HappyMapper
       tag 'Rule'
@@ -87,7 +96,7 @@ module HappyMapperTools
       element :title, String, tag: 'title'
       has_one :description, Description, tag: 'description'
       element :reference, ReferenceInfo, tag: 'reference'
-      has_many :idents, String, tag: 'ident'
+      has_many :idents, Ident, tag: 'ident'
       element :fixtext, String, tag: 'fixtext'
       has_one :fix, Fix, tag: 'fix'
       has_one :check, Check, tag: 'check'

data/lib/inspec_tools/xccdf.rb

@@ -17,7 +17,7 @@ module InspecTools
       @xccdf = replace_tags_in_xccdf(replace_tags, @xccdf) unless replace_tags.nil?
       cci_list_path = File.join(File.dirname(__FILE__), '../data/U_CCI_List.xml')
       @cci_items = HappyMapperTools::CCIAttributes::CCI_List.parse(File.read(cci_list_path))
-      # @cci_items = HappyMapperTools::CCIAttributes::CCI_List.parse(File.read('./data/U_CCI_List.xml'))
+      register_after_parse_callbacks
       @benchmark = HappyMapperTools::StigAttributes::Benchmark.parse(@xccdf)
     end
 
@@ -89,6 +89,14 @@ module InspecTools
 
     private
 
+    def register_after_parse_callbacks
+      # Determine if the parsed Ident is refrencing a legacy ID number.
+      HappyMapperTools::StigAttributes::Ident.after_parse do |object|
+        object.cci = object.system.eql?('http://cyber.mil/cci')
+        object.legacy = !object.cci
+      end
+    end
+
     def replace_tags_in_xccdf(replace_tags, xccdf_xml)
       replace_tags.each do |tag|
         xccdf_xml = xccdf_xml.gsub(/(&lt;|<)#{tag}(&gt;|>)/, "$#{tag}")
@@ -133,8 +141,9 @@ module InspecTools
         control['tags']['rid'] = group.rule.id
         control['tags']['stig_id'] = group.rule.version
         control['tags']['fix_id'] = group.rule.fix.id
-        control['tags']['cci'] = group.rule.idents
-        control['tags']['nist'] = @cci_items.fetch_nists(group.rule.idents)
+        control['tags']['cci'] = group.rule.idents.select { |i| i.cci }.map { |i| i.ident }
+        control['tags']['legacy'] = group.rule.idents.select { |i| i.legacy}.map { |i| i.ident }
+        control['tags']['nist'] = @cci_items.fetch_nists(control['tags']['cci'])
         control['tags']['false_negatives'] = group.rule.description.false_negatives if group.rule.description.false_negatives != ''
         control['tags']['false_positives'] = group.rule.description.false_positives if group.rule.description.false_positives != ''
         control['tags']['documentable'] = group.rule.description.documentable if group.rule.description.documentable != ''

data/lib/utilities/inspec_util.rb

@@ -48,8 +48,8 @@ module Utils
           end
 
           if control['descriptions'].respond_to?(:find)
-            data[c_id][:check_content]  = control['descriptions'].find { |c| c['label'] == 'fix' }&.dig('data')
-            data[c_id][:fix_text]       = control['descriptions'].find { |c| c['label'] == 'check' }&.dig('data')
+            data[c_id][:check_content]  = control['descriptions'].find { |c| c['label'] == 'check' }&.dig('data')
+            data[c_id][:fix_text]       = control['descriptions'].find { |c| c['label'] == 'fix' }&.dig('data')
           end
 
           data[c_id][:impact]         = control['impact'].to_s unless control['impact'].nil?
@@ -99,12 +99,12 @@ module Utils
       status_list = control[:status].uniq
       if control[:impact].to_f.zero?
         'Not_Applicable'
+      elsif (status_list.include?('error') || status_list.empty?) && for_summary
+        'Profile_Error'
       elsif status_list.include?('failed')
         'Open'
       elsif status_list.include?('passed')
         'NotAFinding'
-      elsif status_list.include?('error') && for_summary
-        'Profile_Error'
       else
         # profile skipped or profile error
         'Not_Reviewed'
@@ -246,6 +246,7 @@ module Utils
         control.add_tag(::Inspec::Object::Tag.new('stig_id',  json_control['tags']['stig_id']))
         control.add_tag(::Inspec::Object::Tag.new('fix_id', json_control['tags']['fix_id']))
         control.add_tag(::Inspec::Object::Tag.new('cci', json_control['tags']['cci']))
+        control.add_tag(::Inspec::Object::Tag.new('legacy', json_control['tags']['legacy']))
         control.add_tag(::Inspec::Object::Tag.new('nist', json_control['tags']['nist']))
         control.add_tag(::Inspec::Object::Tag.new('cis_level', json_control['tags']['cis_level'])) unless json_control['tags']['cis_level'].blank?
         control.add_tag(::Inspec::Object::Tag.new('cis_controls', json_control['tags']['cis_controls'])) unless json_control['tags']['cis_controls'].blank?

data/lib/utilities/xccdf/from_inspec.rb

@@ -34,6 +34,7 @@ module Utils
         c_data[c_id]['rweight']        = control['tags']['rweight'] if control['tags']['rweight'] # Optional attribute where N/A is not schema compliant
         c_data[c_id]['stig_id']        = control['tags']['stig_id'] || DATA_NOT_FOUND_MESSAGE
         c_data[c_id]['cci']            = control['tags']['cci'] if control['tags']['cci'] # Optional attribute
+        c_data[c_id]['legacy']         = control['tags']['legacy'] if control['tags']['legacy'] # Optional attribute
         c_data[c_id]['nist']           = control['tags']['nist'] || ['unmapped']
         c_data[c_id]['check']          = control['tags']['check'] || DATA_NOT_FOUND_MESSAGE
         c_data[c_id]['checkref']       = control['tags']['checkref'] || DATA_NOT_FOUND_MESSAGE

data/lib/utilities/xccdf/to_xccdf.rb

@@ -74,6 +74,7 @@ module Utils
         end
 
         group.rule.ident = build_rule_idents(control['cci']) if control['cci']
+        group.rule.ident += build_rule_idents(control['legacy']) if control['legacy']
 
         group.rule.fixtext = HappyMapperTools::Benchmark::Fixtext.new
         group.rule.fixtext.fixref = control['fix_id']
@@ -126,10 +127,7 @@ module Utils
 
       # Each rule identifier is a different element
       idents.map do |identifier|
-        ident = HappyMapperTools::Benchmark::Ident.new
-        ident.system = 'https://public.cyber.mil/stigs/cci/'
-        ident.ident = identifier
-        ident
+        ident = HappyMapperTools::Benchmark::Ident.new identifier
       end
     end
 
@@ -227,6 +225,7 @@ module Utils
       rule_result.instance = result['code_desc']
 
       rule_result.ident = build_rule_idents(control['cci']) if control['cci']
+      rule_result.ident += build_rule_idents(control['legacy']) if control['legacy']
 
       # Fix information is only necessary when there are failed tests
       rule_result.fix = build_rule_fix(control['fix_id']) if control['fix_id'] && result_status == 'fail'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: inspec_tools
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.5
 platform: ruby
 authors:
 - Robert Thew
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-10-16 00:00:00.000000000 Z
+date: 2021-05-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -201,20 +201,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -363,7 +349,7 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - "~>"
+  - - ">="
     - !ruby/object:Gem::Version
       version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
@@ -372,7 +358,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.15
 signing_key: 
 specification_version: 4
 summary: Converter utils for Inspec