inspec_tools 1.3.0 → 1.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +86 -11
- data/README.md +29 -8
- data/lib/inspec_tools/cli.rb +39 -0
- data/lib/inspec_tools/inspec.rb +1 -1
- data/lib/inspec_tools/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4f6fb3f12bf3d1d567d33c0857ee766c293ebffea5c303f0b78d632f62d7fb6f
|
4
|
+
data.tar.gz: 28b8de24e295bd68f875322eea276b653bf9469612aa8ab14e3b9be27a02a9c7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b8c3394b14798134b457678c801b1a9b328362eebf5a8832a70c2cf84d5a1b394a7fcca1a7c4245c3dd3dc7f4c2719f86b47993c75074601e148796bcf81e7e3
|
7
|
+
data.tar.gz: c34a859da673318768ac30c402492b3382903c214eb32497791e840c891acdab1d33a2ff4c76886609dbbb22f4df5ac9e793bee87d4bbf3a7edb5b377e0645dd
|
data/CHANGELOG.md
CHANGED
@@ -1,17 +1,92 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
## [v1.3.4](https://github.com/mitre/inspec_tools/tree/v1.3.4) (2019-05-01)
|
4
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.1.6...v1.3.4)
|
5
5
|
|
6
|
-
|
7
|
-
- Initial internal release.
|
6
|
+
**Closed issues:**
|
8
7
|
|
9
|
-
|
10
|
-
-
|
11
|
-
- Initial public release
|
8
|
+
- Needed app is missing [\#49](https://github.com/mitre/inspec_tools/issues/49)
|
9
|
+
- 2018 b79e5c3 [\#48](https://github.com/mitre/inspec_tools/issues/48)
|
12
10
|
|
13
|
-
|
14
|
-
- Replaced Docsplit and pdf2text gems, which rely on command-line tools with pdf-reader gem, which does not
|
11
|
+
**Merged pull requests:**
|
15
12
|
|
16
|
-
|
17
|
-
-
|
13
|
+
- Metadata docs and tools [\#55](https://github.com/mitre/inspec_tools/pull/55) ([samcornwell](https://github.com/samcornwell))
|
14
|
+
- Fix bugs introduced by \#51 \(STIGViewer PR\) [\#52](https://github.com/mitre/inspec_tools/pull/52) ([samcornwell](https://github.com/samcornwell))
|
15
|
+
- Enhancements to meet working with STIGViewer as well as tracking some custom metadata when converting from xccdf2inspec and inspec2ckl [\#51](https://github.com/mitre/inspec_tools/pull/51) ([kevin-j-smith](https://github.com/kevin-j-smith))
|
16
|
+
- Add modules summary, compliance [\#45](https://github.com/mitre/inspec_tools/pull/45) ([rx294](https://github.com/rx294))
|
17
|
+
|
18
|
+
## [v1.1.6](https://github.com/mitre/inspec_tools/tree/v1.1.6) (2018-12-13)
|
19
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.1.5...v1.1.6)
|
20
|
+
|
21
|
+
## [v1.1.5](https://github.com/mitre/inspec_tools/tree/v1.1.5) (2018-12-11)
|
22
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.1.2...v1.1.5)
|
23
|
+
|
24
|
+
**Implemented enhancements:**
|
25
|
+
|
26
|
+
- Add help for the gem usage and or ruby usage [\#7](https://github.com/mitre/inspec_tools/issues/7)
|
27
|
+
- add sub-help command output to match README and document each function [\#6](https://github.com/mitre/inspec_tools/issues/6)
|
28
|
+
|
29
|
+
**Fixed bugs:**
|
30
|
+
|
31
|
+
- Add help for the gem usage and or ruby usage [\#7](https://github.com/mitre/inspec_tools/issues/7)
|
32
|
+
- add sub-help command output to match README and document each function [\#6](https://github.com/mitre/inspec_tools/issues/6)
|
33
|
+
|
34
|
+
**Closed issues:**
|
35
|
+
|
36
|
+
- add rubocop integration or PRs [\#34](https://github.com/mitre/inspec_tools/issues/34)
|
37
|
+
- Do we want to expose the --cci flag in the example as it is now not needed by default given it is in the /data directory [\#29](https://github.com/mitre/inspec_tools/issues/29)
|
38
|
+
- fix the subcommands help so it works as expected [\#28](https://github.com/mitre/inspec_tools/issues/28)
|
39
|
+
- THOR CLI: xccdf2inspec for example was giving me a hard time about the order of -x or --xccdf or --cci or -c and the order they were in - the docs on it seems to give two sets of directions [\#27](https://github.com/mitre/inspec_tools/issues/27)
|
40
|
+
- do we have to do anything special for including CIS Benchmarks? [\#21](https://github.com/mitre/inspec_tools/issues/21)
|
41
|
+
- clean up debug statements [\#20](https://github.com/mitre/inspec_tools/issues/20)
|
42
|
+
- Give attribution for files in /data [\#19](https://github.com/mitre/inspec_tools/issues/19)
|
43
|
+
- add copyright statements if necessary [\#15](https://github.com/mitre/inspec_tools/issues/15)
|
44
|
+
- check /examples/sample\_json to see if any of the results are sensitive [\#14](https://github.com/mitre/inspec_tools/issues/14)
|
45
|
+
|
46
|
+
**Merged pull requests:**
|
47
|
+
|
48
|
+
- replaced docsplit with pdf-reader [\#43](https://github.com/mitre/inspec_tools/pull/43) ([robthew](https://github.com/robthew))
|
49
|
+
- Updated remove dir statement [\#41](https://github.com/mitre/inspec_tools/pull/41) ([robthew](https://github.com/robthew))
|
50
|
+
- Added appveyor config [\#40](https://github.com/mitre/inspec_tools/pull/40) ([robthew](https://github.com/robthew))
|
51
|
+
- Travis test [\#39](https://github.com/mitre/inspec_tools/pull/39) ([robthew](https://github.com/robthew))
|
52
|
+
- Add rubocop to the process [\#35](https://github.com/mitre/inspec_tools/pull/35) ([aaronlippold](https://github.com/aaronlippold))
|
53
|
+
- \* added refernces to external data sources [\#30](https://github.com/mitre/inspec_tools/pull/30) ([aaronlippold](https://github.com/aaronlippold))
|
54
|
+
|
55
|
+
## [v1.1.2](https://github.com/mitre/inspec_tools/tree/v1.1.2) (2018-11-08)
|
56
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.1.1...v1.1.2)
|
57
|
+
|
58
|
+
## [v1.1.1](https://github.com/mitre/inspec_tools/tree/v1.1.1) (2018-11-08)
|
59
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.1.0...v1.1.1)
|
60
|
+
|
61
|
+
## [v1.1.0](https://github.com/mitre/inspec_tools/tree/v1.1.0) (2018-11-08)
|
62
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v1.0.0...v1.1.0)
|
63
|
+
|
64
|
+
**Fixed bugs:**
|
65
|
+
|
66
|
+
- Remove unneeded `exe` dir if we are going to standardize on `bin`and update the `.gemspec` file [\#25](https://github.com/mitre/inspec_tools/issues/25)
|
67
|
+
|
68
|
+
**Closed issues:**
|
69
|
+
|
70
|
+
- when you When build the gem and install it - the command `inspec\_tools` does not seem to install into the path [\#26](https://github.com/mitre/inspec_tools/issues/26)
|
71
|
+
- Add MITRE Copyright to the end of the README.md [\#23](https://github.com/mitre/inspec_tools/issues/23)
|
72
|
+
- Update email addresses to MITRE addresses [\#18](https://github.com/mitre/inspec_tools/issues/18)
|
73
|
+
- update readme.md [\#17](https://github.com/mitre/inspec_tools/issues/17)
|
74
|
+
- update inspec\_tools.gemspec [\#16](https://github.com/mitre/inspec_tools/issues/16)
|
75
|
+
- update license to apache 2.0 [\#13](https://github.com/mitre/inspec_tools/issues/13)
|
76
|
+
- Separate Files defaults to \[False\] [\#10](https://github.com/mitre/inspec_tools/issues/10)
|
77
|
+
- Rename repository to 'inspec\_tools' [\#9](https://github.com/mitre/inspec_tools/issues/9)
|
78
|
+
|
79
|
+
**Merged pull requests:**
|
80
|
+
|
81
|
+
- Cleanup Debug Statetements [\#12](https://github.com/mitre/inspec_tools/pull/12) ([yarick](https://github.com/yarick))
|
82
|
+
- Change default separated\_files setting to default to true [\#11](https://github.com/mitre/inspec_tools/pull/11) ([yarick](https://github.com/yarick))
|
83
|
+
- Cleanup [\#8](https://github.com/mitre/inspec_tools/pull/8) ([robthew](https://github.com/robthew))
|
84
|
+
- Unification [\#5](https://github.com/mitre/inspec_tools/pull/5) ([dromazmj](https://github.com/dromazmj))
|
85
|
+
- \* Adds functionality for inspec2csv [\#4](https://github.com/mitre/inspec_tools/pull/4) ([dromazmj](https://github.com/dromazmj))
|
86
|
+
- Md/pdf [\#3](https://github.com/mitre/inspec_tools/pull/3) ([dromazmj](https://github.com/dromazmj))
|
87
|
+
- Md/csv2inspec [\#2](https://github.com/mitre/inspec_tools/pull/2) ([dromazmj](https://github.com/dromazmj))
|
88
|
+
- Writes code in the inspec util to output an inspec json to a directory [\#1](https://github.com/mitre/inspec_tools/pull/1) ([dromazmj](https://github.com/dromazmj))
|
89
|
+
|
90
|
+
|
91
|
+
|
92
|
+
\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
|
data/README.md
CHANGED
@@ -4,6 +4,9 @@ InspecTools supplies several CLI tools to convert to and from InSpec format.
|
|
4
4
|
|
5
5
|
The inspec_tools support the following modules:
|
6
6
|
|
7
|
+
- generate_map
|
8
|
+
- generate_ckl_metadata
|
9
|
+
- generate_inspec_metadata
|
7
10
|
- compliance
|
8
11
|
- summary
|
9
12
|
- csv2inspec
|
@@ -54,6 +57,30 @@ xccdf_results = tool.to_xccdf(attribs_json)
|
|
54
57
|
On the Command Line, `inspec_tools help` will print a listing of all the command with a short description.
|
55
58
|
For detailed help on any command, run `inspec_tools help [COMMAND]`. Help can also be called with the `-h, --help` flags after any command, like `inspec_tools xccdf2inspec -h`.
|
56
59
|
|
60
|
+
## generate_map
|
61
|
+
|
62
|
+
This command will generate a `mapping.xml` file that can be passed in to the `csv2inspec` command with the `-m` option.
|
63
|
+
|
64
|
+
```
|
65
|
+
USAGE: inspec_tools generate_map
|
66
|
+
```
|
67
|
+
|
68
|
+
## generate_ckl_metadata
|
69
|
+
|
70
|
+
This command will generate a `metadata.json` file that can be passed in to the `inspec2ckl` command with the `-m` option.
|
71
|
+
|
72
|
+
```
|
73
|
+
USAGE: inspec_tools generate_ckl_metadata
|
74
|
+
```
|
75
|
+
|
76
|
+
## generate_inspec_metadata
|
77
|
+
|
78
|
+
This command will generate a `metadata.json` file that can be passed in to the `xccdf2inspec` command with the `-m` option.
|
79
|
+
|
80
|
+
```
|
81
|
+
USAGE: inspec_tools generate_inspec_metadata
|
82
|
+
```
|
83
|
+
|
57
84
|
## compliance
|
58
85
|
|
59
86
|
compliance parses an inspec results json to check if the compliance level meets a specified threshold.
|
@@ -129,6 +156,7 @@ FLAGS:
|
|
129
156
|
-o --output <profile-path> : path to the InSpec profile output (default: profile) [optional]
|
130
157
|
-f --format [ruby | hash] : the format you would like (default: ruby) [optional]
|
131
158
|
-s --separate-files [true | false] : output the resulting controls as one or mutiple files (default: true) [optional]
|
159
|
+
-m --metadata <metadata-json> : path to json file with additional metadata for the inspec.yml file [optional]
|
132
160
|
-r --replace-tags <array> : A case-sensitive, comma separated list to replace tags with a $ if found in a group rules description tag [optional]
|
133
161
|
|
134
162
|
example: inspec_tools xccdf2inspec -x xccdf_file.xml -a attributes.yml -o myprofile -f ruby -s false
|
@@ -168,14 +196,6 @@ FLAGS:
|
|
168
196
|
example: inspec_tools csv2inspec -c stig.csv -m map.yml -o mydir -f ruby -s true # To map stig.csv to InSpec via map.yml
|
169
197
|
```
|
170
198
|
|
171
|
-
### generate_map
|
172
|
-
|
173
|
-
This command will generate a `mapping.xml` file that can be passed in to the `csv2inspec` command with the `--m` option.
|
174
|
-
|
175
|
-
```
|
176
|
-
USAGE: inspec_tools generate_map
|
177
|
-
```
|
178
|
-
|
179
199
|
## inspec2csv
|
180
200
|
|
181
201
|
Convert an InSpec json to a csv file
|
@@ -201,6 +221,7 @@ USAGE: inspec_tools inspec2ckl [OPTIONS] -j <inspec-json> -o <results-ckl>
|
|
201
221
|
FLAGS:
|
202
222
|
-j --inspec-json <inspec-json> : path to InSpec results json file
|
203
223
|
-o --output <results-ckl> : path to output checklist file
|
224
|
+
-m --metadata <metadata-json> : path to json file with additional metadata for the checklist file [optional]
|
204
225
|
-V --verbose : verbose run [optional]
|
205
226
|
|
206
227
|
example: inspec_tools inspec2ckl -j results.json -o output.ckl
|
data/lib/inspec_tools/cli.rb
CHANGED
@@ -121,6 +121,45 @@ module InspecTools
|
|
121
121
|
myfile.close
|
122
122
|
end
|
123
123
|
|
124
|
+
desc 'generate_ckl_metadata', 'Generate metadata file that can be passed to inspec2ckl'
|
125
|
+
def generate_ckl_metadata
|
126
|
+
metadata = {}
|
127
|
+
|
128
|
+
metadata['stigid'] = ask('STID ID: ')
|
129
|
+
metadata['role'] = ask('Role: ')
|
130
|
+
metadata['type'] = ask('Type: ')
|
131
|
+
metadata['hostname'] = ask('Hostname: ')
|
132
|
+
metadata['ip'] = ask('IP Address: ')
|
133
|
+
metadata['mac'] = ask('MAC Address: ')
|
134
|
+
metadata['fqdn'] = ask('FQDN: ')
|
135
|
+
metadata['tech_area'] = ask('Tech Area: ')
|
136
|
+
metadata['target_key'] = ask('Target Key: ')
|
137
|
+
metadata['web_or_database'] = ask('Web or Database: ')
|
138
|
+
metadata['web_db_site'] = ask('Web DB Site: ')
|
139
|
+
metadata['web_db_instance'] = ask('Web DB Instance: ')
|
140
|
+
|
141
|
+
metadata.delete_if { |_key, value| value.empty? }
|
142
|
+
File.open('metadata.json', 'w') do |f|
|
143
|
+
f.write(metadata.to_json)
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
desc 'generate_inspec_metadata', 'Generate mapping file that can be passed to xccdf2inspec'
|
148
|
+
def generate_inspec_metadata
|
149
|
+
metadata = {}
|
150
|
+
|
151
|
+
metadata['maintainer'] = ask('Maintainer: ')
|
152
|
+
metadata['copyright'] = ask('Copyright: ')
|
153
|
+
metadata['copyright_email'] = ask('Copyright Email: ')
|
154
|
+
metadata['license'] = ask('License: ')
|
155
|
+
metadata['version'] = ask('Version: ')
|
156
|
+
|
157
|
+
metadata.delete_if { |_key, value| value.empty? }
|
158
|
+
File.open('metadata.json', 'w') do |f|
|
159
|
+
f.write(metadata.to_json)
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
124
163
|
desc 'summary', 'summary parses an inspec results json to create a summary json'
|
125
164
|
long_desc Help.text(:summary)
|
126
165
|
option :inspec_json, required: true, aliases: '-j'
|
data/lib/inspec_tools/inspec.rb
CHANGED
@@ -184,7 +184,7 @@ module InspecTools
|
|
184
184
|
asset.host_fqdn = generate_fqdn
|
185
185
|
asset.tech_area = !@metadata['tech_area'].nil? ? @metadata['tech_area'] : ''
|
186
186
|
asset.target_key = !@metadata['target_key'].nil? ? @metadata['target_key'] : ''
|
187
|
-
asset.web_or_database = !@metadata['
|
187
|
+
asset.web_or_database = !@metadata['web_or_database'].nil? ? @metadata['web_or_database'] : '0'
|
188
188
|
asset.web_db_site = !@metadata['web_db_site'].nil? ? @metadata['web_db_site'] : ''
|
189
189
|
asset.web_db_instance = !@metadata['web_db_instance'].nil? ? @metadata['web_db_instance'] : ''
|
190
190
|
asset
|
data/lib/inspec_tools/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec_tools
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Robert Thew
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: exe
|
13
13
|
cert_chain: []
|
14
|
-
date: 2019-
|
14
|
+
date: 2019-05-01 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: colorize
|