inspec_tools 1.2.2 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 9b62b4f6fb99a066fef6c3b066654b3ca6b475bf
-  data.tar.gz: 7b359dff9c331446fb456ff6179f3374b8090ae4
+SHA256:
+  metadata.gz: ab5612bdc60b04a6dd7d8fd5d975ff5a3f76c6725aaa6a5f5b839e18c1220938
+  data.tar.gz: e4cf768fa8cbebbe8c0a417cf103916026ca2083291f0bf78391ca23c5164410
 SHA512:
-  metadata.gz: 0712410c9cf84ef7cfd5a22d3a3d92670b57681056559b87275797ec015e12798c100b5974a351fafa09186f27a2b8b417071d7fb37572c11690f9e9632f09a6
-  data.tar.gz: '0826976f613dca3a6abb11228f03f0420740b9599dcf9f62ce0f7c642218d604de4d2bcf74ad97c83b6308384706dabff8daed00c0a1839c513376a4be957ab4'
+  metadata.gz: cbd6887370c90566a49dbcb9a954dd530fdb196017fe3b164dd5dcb2bb49549eb6ce840cb17093411dc8bab9a3201b4fe2e8f9a1083785584fb5134fdbeeec97
+  data.tar.gz: 0db929f5f420127940b1ed1f90b37d9ea2dea25960d903eb56b65e707b960d6152d4eaeb95764d1c699ba7e0998d83c5bdded9798e6679ae6085a2fac98f50b0

data/README.md

@@ -1,36 +1,30 @@
 # InspecTools
 
-InspecTools supplies several CLI tools to convert to and from InSpec format. The converters in version 0.2 are:
+InspecTools supplies several CLI tools to convert to and from InSpec format.
 
-* compliance
-* summary
-* csv2inspec
-* inspec2csv
-* xccdf2inspec
-* inspec2xccdf
-* inspec2ckl
-* pdf2inspec
+The inspec_tools support the following modules:
+
+- compliance
+- summary
+- csv2inspec
+- inspec2csv
+- xccdf2inspec
+- inspec2xccdf
+- inspec2ckl
+- pdf2inspec
 
 It also includes an API that can be used in a ruby application. The Ruby API is defined in lib/inspec_tools/inspec.rb
 
 # Installation
 
-Ensure happymapper is not installed, as it will take precedence over nokogiri-happymapper.
+Ensure `happymapper` is not installed, as it will take precedence over `nokogiri-happymapper`.
 
 Add this line to your application's Gemfile:
 
 ```
-gem 'inspec_tools', :git => "https://github.com/mitre/inspec_tools"
+gem 'inspec_tools'
 ```
 
-And then execute:
-
-    $ bundle
-
-Clone the repo and install it yourself as:
-
-    $ gem install inspec_tools
-
 # Usage
 
 ## Ruby Usage
@@ -60,12 +54,11 @@ xccdf_results = tool.to_xccdf(attribs_json)
 On the Command Line, `inspec_tools help` will print a listing of all the command with a short description.
 For detailed help on any command, run `inspec_tools help [COMMAND]`. Help can also be called with the `-h, --help` flags after any command, like `inspec_tools xccdf2inspec -h`.
 
-
 ## compliance
 
-  compliance parses an inspec results json to check if the compliance level meets a specified threshold.
+compliance parses an inspec results json to check if the compliance level meets a specified threshold.
 
-  If the specified threshold is not met, an error code (1) is returned along with non-compliant elements.
+If the specified threshold is not met, an error code (1) is returned along with non-compliant elements.
 
 ```
 USAGE:  inspec_tools compliance [OPTIONS] -j <inspec-json> -i <threshold-inline>
@@ -81,9 +74,9 @@ Examples:
   inspec_tools compliance -j examples/sample_json/rhel-simp.json -f examples/sample_yaml/threshold.yaml
 ```
 
-
 ##### Possible In-line and yaml file threshold definition styles:
-```# -----------------------
+
+```
 failed:
   critical:
     max: 0
@@ -91,8 +84,8 @@ failed:
     max: 1
 compliance:
   min: 81
-
 ```
+
 ```
 {compliance: {min: 80}, failed: {critical: {max: 0}, high: {max: 0}}}
 ```
@@ -100,6 +93,7 @@ compliance:
 ```
 {compliance.min: 81, failed.critical.max: 10, failed.high.max: 0}
 ```
+
 ```
 compliance.min: 81
 failed.critical.max: 10
@@ -108,8 +102,8 @@ failed.high.max: 1
 
 ## summary
 
-  summary parses an inspec results json to create a summary json
-  
+summary parses an inspec results json to create a summary json
+
 ```
 USAGE: inspec_tools summary [OPTIONS] -j <inspec-json> -o <summary-csv>
 
@@ -122,10 +116,10 @@ Examples:
   inspec_tools summary -j examples/sample_json/rhel-simp.json -o summary.json
 ```
 
-
 ## xccdf2inspec
 
 xccdf2inspec translates an xccdf file to an InSpec profile in one or many files
+
 ```
 USAGE: inspec_tools xccdf2inspec [OPTIONS] -x <xccdf-file>
 
@@ -143,6 +137,7 @@ example: inspec_tools xccdf2inspec -x xccdf_file.xml -a attributes.yml -o myprof
 ## inspec2xccdf
 
 inspec2xccdf converts an InSpec profile in json format to a STIG XCCDF Document
+
 ```
 USAGE: inspec_tools inspec2xccdf [OPTIONS] -j <inspec-json> -a <xccdf-attr-yml> -o <xccdf-xml>
 
@@ -158,6 +153,7 @@ example: inspec_tools inspec2xccdf -j example.json -a attributes.yml -o xccdf.xm
 ## csv2inspec
 
 Convert a csv export of STIG controls to an InSpec profile
+
 ```
 USAGE: inspec_tools csv2inspec [OPTIONS] -c <stig-csv> -m <map-yml>
 
@@ -175,6 +171,7 @@ example: inspec_tools csv2inspec -c stig.csv -m map.yml -o mydir -f ruby -s true
 ### generate_map
 
 This command will generate a `mapping.xml` file that can be passed in to the `csv2inspec` command with the `--m` option.
+
 ```
 USAGE: inspec_tools generate_map
 ```
@@ -182,6 +179,7 @@ USAGE: inspec_tools generate_map
 ## inspec2csv
 
 Convert an InSpec json to a csv file
+
 ```
 USAGE: inspec_tools inspec2csv [OPTIONS] -j <inspec-json> -o <profile-csv>
 
@@ -225,7 +223,7 @@ FLAGS:
 example: inspec_tools pdf2inspec -p benchmark.pdf -o /path/to/myprofile -f ruby -s true
 ```
 
-## version  
+## version
 
 Prints out the gem version
 
@@ -233,30 +231,60 @@ Prints out the gem version
 USAGE: inspec_tools version
 ```
 
-# Development
+# Development / PR process
+
 This gem was developed using the [CLI Template](https://github.com/tongueroo/cli-template), a generator tool that builds a starter CLI project.
 
+## A complete PR should include 7 core elements:  
+
+- A signed PR ( aka `git commit -a -s` )
+- Code for the new functionality
+- Updates to the CLI
+- New unit tests for the functionality
+- Updates to the docs and examples in `README.md` and `./docs/*`
+- (if needed) Example / Template files ( `metadata.yml`,`example.yml`, etc )
+  - Scripts / Scaffolding code for the Example / Template files ( `generate_map` is an example )
+- Example Output of the new functionality if it produces an artifact
+
+1. open an issue on the main inspec_tools website noting the issues your PR will address
+2. fork the repo
+3. checkout your repo
+4. cd to the repo
+5. git co -b `<your_branch>`
+6. bundle install
+7. `hack as you will`
+8. test via rake
+9. ensure unit tests still function and add unit tests for your new feature
+10. add new docs to the `README.md` and to `./docs/examples`
+11. update the CLI as needed and add in `usage` example
+12. (if needed) create and document any example or templates
+13. (if needed) create any supporing scripts
+14. (opt) gem build inspec_tools.gemspec
+15. (opt) gem install inspec_tools
+16. (opt) test via the installed gem
+17. git commit -a -s `<your_branch>`
+18. Open a PRs aginst the MITRE inspec_tools repo
+
+# Testing  
+
 There are a set of unit tests. Run `rake test` to run the tests.
 
-To release a new version, update the version number in `version.rb` according to the [Semantic Versioning Policy](https://semver.org/). Then, run `bundle exec rake release` which will create a git tag for the specified version, push git commits and tags, and push the `.gem` file to [github.com](https://github.com/mitre/inspec_tools).
+To release a new version, update the version number in `version.rb` according to the [Semantic Versioning Policy](https://semver.org/).
+
+Then, run `bundle exec rake release` which will create a git tag for the specified version, push git commits and tags, and push the `.gem` file to [github.com](https://github.com/mitre/inspec_tools).
 
 ### NOTICE
 
 © 2018 The MITRE Corporation.
 
-Approved for Public Release; Distribution Unlimited. Case Number 18-3678.  
+Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
 
 ## NOTICE
-MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
-
-### NOTICE  
-
-This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.  
 
-No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
-
-For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA  22102-7539, (703) 983-6000.
+MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
 
 ### NOTICE
 
-DISA STIGs are published by DISA IASE, see: https://iase.disa.mil/Pages/privacy_policy.aspx
+This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
+
+No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.DISA STIGs are published by DISA IASE, see: https://iase.disa.mil/Pages/privacy_policy.aspx

data/lib/inspec_tools/cli.rb

@@ -15,9 +15,15 @@ module InspecTools
     option :format, required: false, aliases: '-f', enum: %w{ruby hash}, default: 'ruby'
     option :separate_files, required: false, type: :boolean, default: true, aliases: '-s'
     option :replace_tags, required: false, aliases: '-r'
+    option :metadata, required: false, aliases: '-m'
     def xccdf2inspec
-      xccdf = XCCDF.new(File.read(options[:xccdf]))
+      xccdf = XCCDF.new(File.read(options[:xccdf]), options[:replace_tags])
       profile = xccdf.to_inspec
+
+      if !options[:metadata].nil?
+        xccdf.inject_metadata(File.read(options[:metadata]))
+      end
+
       Utils::InspecUtil.unpack_inspec_json(options[:output], profile, options[:separate_files], options[:format])
       if !options[:attributes].nil?
         attributes = xccdf.to_attributes
@@ -68,8 +74,13 @@ module InspecTools
     option :inspec_json, required: true, aliases: '-j'
     option :output, required: true, aliases: '-o'
     option :verbose, type: :boolean, aliases: '-V'
+    option :metadata, required: false, aliases: '-m'
     def inspec2ckl
-      ckl = InspecTools::Inspec.new(File.read(options[:inspec_json])).to_ckl
+      metadata = '{}'
+      if !options[:metadata].nil?
+        metadata = File.read(options[:metadata])
+      end
+      ckl = InspecTools::Inspec.new(File.read(options[:inspec_json]), metadata).to_ckl
       File.write(options[:output], ckl)
     end
 

data/lib/inspec_tools/inspec.rb

@@ -3,6 +3,7 @@ require 'json'
 require 'cgi'
 require 'csv'
 require 'yaml'
+require 'pp'
 require_relative '../happy_mapper_tools/stig_attributes'
 require_relative '../happy_mapper_tools/stig_checklist'
 require_relative '../happy_mapper_tools/benchmark'
@@ -16,12 +17,14 @@ require_relative 'csv'
 
 module InspecTools
   class Inspec
-    def initialize(inspec_json)
+    def initialize(inspec_json, metadata = '{}')
       @json = JSON.parse(inspec_json)
+      @metadata = JSON.parse(metadata)
     end
 
     def to_ckl(title = nil, date = nil, cklist = nil)
       @data = Utils::InspecUtil.parse_data_for_ckl(@json)
+      @platform = Utils::InspecUtil.get_platform(@json)
       @title = generate_title title, @json, date
       @cklist = cklist
       @checklist = HappyMapperTools::StigChecklist::Checklist.new
@@ -147,17 +150,90 @@ module InspecTools
     def generate_ckl
       stigs = HappyMapperTools::StigChecklist::Stigs.new
       istig = HappyMapperTools::StigChecklist::IStig.new
+
       vuln_list = []
       @data.keys.each do |control_id|
         vuln_list.push(generate_vuln_data(@data[control_id]))
       end
-      istig.stig_info = HappyMapperTools::StigChecklist::StigInfo.new
+
+      si_data = HappyMapperTools::StigChecklist::SiData.new
+      si_data.name = 'stigid'
+      si_data.data = ''
+      if !@metadata['stigid'].nil?
+        si_data.data = @metadata['stigid']
+      end
+
+      stig_info = HappyMapperTools::StigChecklist::StigInfo.new
+      stig_info.si_data = si_data
+      istig.stig_info = stig_info
+
       istig.vuln = vuln_list
       stigs.istig = istig
       @checklist.stig = stigs
+
+      @checklist.asset = generate_asset
+    end
+
+    def generate_asset
       asset = HappyMapperTools::StigChecklist::Asset.new
-      asset.type = 'Computing'
-      @checklist.asset = asset
+      asset.role = !@metadata['role'].nil? ? @metadata['role'] : 'Workstation'
+      asset.type = !@metadata['type'].nil? ? @metadata['type'] : 'Computing'
+      asset.host_name = generate_hostname
+      asset.host_ip = generate_ip
+      asset.host_mac = generate_mac
+      asset.host_fqdn = generate_fqdn
+      asset.tech_area = !@metadata['tech_area'].nil? ? @metadata['tech_area'] : ''
+      asset.target_key = !@metadata['target_key'].nil? ? @metadata['target_key'] : ''
+      asset.web_or_database = !@metadata['web_or_databae'].nil? ? @metadata['web_or_database'] : '0'
+      asset.web_db_site = !@metadata['web_db_site'].nil? ? @metadata['web_db_site'] : ''
+      asset.web_db_instance = !@metadata['web_db_instance'].nil? ? @metadata['web_db_instance'] : ''
+      asset
+    end
+
+    def generate_hostname
+      hostname = @metadata['hostname']
+      if hostname.nil? && @platform.nil?
+        hostname = ''
+      elsif hostname.nil?
+        hostname = @platform[:hostname]
+      end
+      hostname
+    end
+
+    def generate_mac
+      mac = @metadata['mac']
+      if mac.nil?
+        nics = @platform.nil? ? [] : @platform[:network]
+        nics_macs = []
+        nics.each do |nic|
+          nics_macs.push(nic[:mac])
+        end
+        mac = nics_macs.join(',')
+      end
+      mac
+    end
+
+    def generate_fqdn
+      fqdn = @metadata['fqdn']
+      if fqdn.nil? && @platform.nil?
+        fqdn = ''
+      elsif fqdn.nil?
+        fqdn = @platform[:fqdn]
+      end
+      fqdn
+    end
+
+    def generate_ip
+      ip = @metadata['ip']
+      if ip.nil?
+        nics = @platform.nil? ? [] : @platform[:network]
+        nics_ips = []
+        nics.each do |nic|
+          nics_ips.push(*nic[:ip])
+        end
+        ip = nics_ips.join(',')
+      end
+      ip
     end
 
     def populate_header

data/lib/inspec_tools/version.rb

@@ -1,3 +1,3 @@
 module InspecTools
-  VERSION = '1.2.2'.freeze
+  VERSION = '1.3.0'.freeze
 end

data/lib/inspec_tools/xccdf.rb

@@ -3,6 +3,7 @@ require_relative '../happy_mapper_tools/cci_attributes'
 require_relative '../utilities/inspec_util'
 
 require 'digest'
+require 'json'
 
 module InspecTools
   # rubocop:disable Metrics/ClassLength
@@ -79,6 +80,13 @@ module InspecTools
       @benchmark.release_date.release_date
     end
 
+    def inject_metadata(metadata = '{}')
+      json_metadata = JSON.parse(metadata)
+      json_metadata.each do |key, value|
+        @profile[key] = value
+      end
+    end
+
     private
 
     def replace_tags_in_xccdf(replace_tags, xccdf_xml)
@@ -89,20 +97,25 @@ module InspecTools
     end
 
     def insert_json_metadata
-      @profile['name'] = @benchmark.title
+      @profile['name'] = @benchmark.id
       @profile['title'] = @benchmark.title
-      @profile['maintainer'] = 'The Authors'
-      @profile['copyright'] = 'The Authors'
-      @profile['copyright_email'] = 'you@example.com'
-      @profile['license'] = 'Apache-2.0'
+      @profile['maintainer'] = 'The Authors' if @profile['maintainer'].nil?
+      @profile['copyright'] = 'The Authors' if @profile['copyright'].nil?
+      @profile['copyright_email'] = 'you@example.com' if @profile['copyright_email'].nil?
+      @profile['license'] = 'Apache-2.0' if @profile['license'].nil?
       @profile['summary'] = "\"#{@benchmark.description.gsub('\\', '\\\\\\').gsub('"', '\"')}\""
-      @profile['version'] = '0.1.0'
+      @profile['version'] = '0.1.0' if @profile['version'].nil?
       @profile['supports'] = []
       @profile['attributes'] = []
       @profile['generator'] = {
         'name': 'inspec',
         'version': Gem.loaded_specs['inspec'].version
       }
+      @profile['plaintext'] = @benchmark.plaintext.plaintext
+      @profile['status'] = "#{@benchmark.status} on #{@benchmark.release_date.release_date}"
+      @profile['reference_href'] = @benchmark.reference.href
+      @profile['reference_publisher'] = @benchmark.reference.dc_publisher
+      @profile['reference_source'] = @benchmark.reference.dc_source
     end
 
     def insert_controls
@@ -133,6 +146,7 @@ module InspecTools
         control['tags']['ia_controls'] = group.rule.description.ia_controls if group.rule.description.ia_controls != ''
         control['tags']['check'] = group.rule.check.content
         control['tags']['fix'] = group.rule.fixtext
+        control['tags']['severity'] = group.rule.severity
         @controls << control
       end
       @profile['controls'] = @controls

data/lib/utilities/inspec_util.rb

@@ -1,6 +1,8 @@
 require 'inspec/objects'
 require 'word_wrap'
 require 'pp'
+require 'uri'
+require 'net/http'
 
 # rubocop:disable Metrics/ClassLength
 # rubocop:disable Metrics/AbcSize
@@ -94,19 +96,23 @@ module Utils
           if control.key?('results')
             control['results'].each do |result|
               data[c_id][:status].push(result['status'])
-              data[c_id][:message].push(result['skip_message']) if result['status'] == 'skipped'
+              data[c_id][:message].push("SKIPPED -- Test: #{result['code_desc']}\nMessage: #{result['skip_message']}\n") if result['status'] == 'skipped'
               data[c_id][:message].push("FAILED -- Test: #{result['code_desc']}\nMessage: #{result['message']}\n") if result['status'] == 'failed'
               data[c_id][:message].push("PASS -- #{result['code_desc']}\n") if result['status'] == 'passed'
             end
           end
           if data[c_id][:impact].to_f.zero?
-            data[c_id][:message] = control['desc']
+            data[c_id][:message].unshift("NOT_APPLICABLE -- Description: #{control['desc']}\n\n")
           end
         end
       end
       data
     end
 
+    def self.get_platform(json)
+      json['profiles'].find { |profile| !profile[:platform].nil? }
+    end
+
     def self.to_dotted_hash(hash, recursive_key = '')
       hash.each_with_object({}) do |(k, v), ret|
         key = recursive_key + k.to_s
@@ -127,7 +133,8 @@ module Utils
       elsif status_list.include?('passed')
         result = 'NotAFinding'
       else
-        result = 'Not_Tested'
+        # result = 'Not_Tested' ## STIGViewer does not allow Not_Tested as a possible status.
+        result = 'Not_Reviewed'
       end
       if control[:impact].to_f.zero?
         result = 'Not_Applicable'
@@ -139,7 +146,7 @@ module Utils
       result = "One or more of the automated tests failed or was inconclusive for the control \n\n #{control[:message].sort.join}" if control_clk_status == 'Open'
       result = "All Automated tests passed for the control \n\n #{control[:message].join}" if control_clk_status == 'NotAFinding'
       result = "Automated test skipped due to known accepted condition in the control : \n\n#{control[:message].join}" if control_clk_status == 'Not_Reviewed'
-      result = "Justification: \n #{control[:message].split.join(' ')}" if control_clk_status == 'Not_Applicable'
+      result = "Justification: \n #{control[:message].join}" if control_clk_status == 'Not_Applicable'
       result = 'No test available for this control' if control_clk_status == 'Not_Tested'
       result
     end
@@ -170,9 +177,14 @@ module Utils
     end
 
     def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
+      if directory == 'id'
+        directory = inspec_json['name']
+      end
       controls = generate_controls(inspec_json)
       unpack_profile(directory || 'profile', controls, separated, output_format || 'json')
       create_inspec_yml(directory || 'profile', inspec_json)
+      create_license(directory || 'profile', inspec_json)
+      create_readme_md(directory || 'profile', inspec_json)
     end
 
     private_class_method def self.wrap(str, width = WIDTH)
@@ -195,6 +207,7 @@ module Utils
         control.id     = json_control['id']
         control.title  = json_control['title']
         control.impact = get_impact(json_control['impact'])
+        control.add_tag(Inspec::Tag.new('severity', json_control['tags']['severity']))
         control.add_tag(Inspec::Tag.new('gtitle', json_control['tags']['gtitle']))
         control.add_tag(Inspec::Tag.new('satisfies', json_control['tags']['satisfies'])) if json_control['tags']['satisfies']
         control.add_tag(Inspec::Tag.new('gid',      json_control['tags']['gid']))
@@ -226,26 +239,63 @@ module Utils
     #
     private_class_method def self.create_inspec_yml(directory, inspec_json)
       benchmark_info =
-        "name: #{inspec_json['name']}
-        title: #{inspec_json['title']}
-        maintainer: #{inspec_json['maintainer']}
-        copyright: #{inspec_json['copyright']}
-        copyright_email: #{inspec_json['copyright_email']}
-        license: #{inspec_json['license']}
-        summary: #{inspec_json['summary']}
-        version: #{inspec_json['version']}"
+        "name: #{inspec_json['name']}\n" \
+        "title: #{inspec_json['title']}\n" \
+        "maintainer: #{inspec_json['maintainer']}\n" \
+        "copyright: #{inspec_json['copyright']}\n" \
+        "copyright_email: #{inspec_json['copyright_email']}\n" \
+        "license: #{inspec_json['license']}\n" \
+        "summary: #{inspec_json['summary']}\n" \
+        "version: #{inspec_json['version']}\n"
 
       myfile = File.new("#{directory}/inspec.yml", 'w')
       myfile.puts benchmark_info
     end
 
+    private_class_method def self.create_license(directory, inspec_json)
+      license_content = ''
+      if !inspec_json['license'].nil?
+        begin
+          response = Net::HTTP.get_response(URI(inspec_json['license']))
+          if response.code == '200'
+            license_content = response.body
+          else
+            license_content = inspec_json['license']
+          end
+        rescue StandardError => e
+          license_content = inspec_json['license']
+        end
+      end
+
+      myfile = File.new("#{directory}/LICENSE", 'w')
+      myfile.puts license_content
+    end
+
+    private_class_method def self.create_readme_md(directory, inspec_json)
+      readme_contents =
+        "\# #{inspec_json['title']}\n" \
+        "#{inspec_json['summary']}\n" \
+        "---\n" \
+        "Name: #{inspec_json['name']}\n" \
+        "Author: #{inspec_json['maintainer']}\n" \
+        "Status: #{inspec_json['status']}\n" \
+        "Copyright: #{inspec_json['copyright']}\n" \
+        "Copyright Email: #{inspec_json['copyright_email']}\n" \
+        "Version: #{inspec_json['version']}\n" \
+        "#{inspec_json['plaintext']}\n" \
+        "Reference: #{inspec_json['reference_href']}\n" \
+        "Reference by: #{inspec_json['reference_publisher']}\n" \
+        "Reference source: #{inspec_json['reference_source']}\n"
+
+      myfile = File.new("#{directory}/README.md", 'w')
+      myfile.puts readme_contents
+    end
+
     private_class_method def self.unpack_profile(directory, controls, separated, output_format)
       FileUtils.rm_rf(directory) if Dir.exist?(directory)
       Dir.mkdir directory unless Dir.exist?(directory)
       Dir.mkdir "#{directory}/controls" unless Dir.exist?("#{directory}/controls")
       Dir.mkdir "#{directory}/libraries" unless Dir.exist?("#{directory}/libraries")
-      myfile = File.new("#{directory}/README.md", 'w')
-      myfile.puts "# Example InSpec Profile\n\nthis example shows the implementation of an InSpec profile."
       if separated
         if output_format == 'ruby'
           controls.each do |control|

data/test/unit/inspec_tools/xccdf_test.rb

@@ -29,7 +29,7 @@ class XCCDFTest < Minitest::Test
   def test_to_inspec_metadata
     xccdf = InspecTools::XCCDF.new(File.read('examples/xccdf2inspec/data/U_Red_Hat_Enterprise_Linux_7_STIG_V1R4_Manual-xccdf.xml'))
     inspec_json = xccdf.to_inspec
-    assert_equal(inspec_json['name'], "Red Hat Enterprise Linux 7 Security Technical Implementation Guide")
+    assert_equal(inspec_json['name'], "RHEL_7_STIG")
     assert_equal(inspec_json['title'], "Red Hat Enterprise Linux 7 Security Technical Implementation Guide")
     assert_equal(inspec_json['maintainer'], "The Authors")
     assert_equal(inspec_json['copyright'], "The Authors")

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: inspec_tools
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.3.0
 platform: ruby
 authors:
 - Robert Thew
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-03-11 00:00:00.000000000 Z
+date: 2019-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -87,22 +87,22 @@ dependencies:
   name: pdf-reader
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: roo
   requirement: !ruby/object:Gem::Requirement
@@ -288,8 +288,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.14
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Converter utils for Inspec