kriterion 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (564) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +2 -0
  3. data/.ruby-version +1 -0
  4. data/.travis.yml +5 -0
  5. data/Dockerfile +18 -0
  6. data/Gemfile +12 -0
  7. data/Gemfile.lock +62 -0
  8. data/LICENSE.txt +21 -0
  9. data/README.md +58 -0
  10. data/Rakefile +6 -0
  11. data/bin/setup +8 -0
  12. data/bin/update_stigs.rb +42 -0
  13. data/criterion.gemspec +31 -0
  14. data/docker-compose.yml +14 -0
  15. data/exe/kriterion +16 -0
  16. data/lib/kriterion.rb +16 -0
  17. data/lib/kriterion/api.rb +27 -0
  18. data/lib/kriterion/backend.rb +13 -0
  19. data/lib/kriterion/backend/mongodb.rb +235 -0
  20. data/lib/kriterion/cli.rb +28 -0
  21. data/lib/kriterion/cli/api.rb +35 -0
  22. data/lib/kriterion/cli/worker.rb +35 -0
  23. data/lib/kriterion/event.rb +36 -0
  24. data/lib/kriterion/item.rb +42 -0
  25. data/lib/kriterion/logs.rb +14 -0
  26. data/lib/kriterion/metrics.rb +22 -0
  27. data/lib/kriterion/object.rb +50 -0
  28. data/lib/kriterion/report.rb +69 -0
  29. data/lib/kriterion/resource.rb +60 -0
  30. data/lib/kriterion/section.rb +32 -0
  31. data/lib/kriterion/standard.rb +65 -0
  32. data/lib/kriterion/version.rb +3 -0
  33. data/lib/kriterion/worker.rb +280 -0
  34. data/standards/cis_red_hat_enterprise_linux_7.json +34 -0
  35. data/standards/stig_a10_networks_adc_alg.json +209 -0
  36. data/standards/stig_a10_networks_adc_ndm.json +233 -0
  37. data/standards/stig_active_directory_domain.json +257 -0
  38. data/standards/stig_active_directory_forest.json +41 -0
  39. data/standards/stig_active_directory_service_2003.json +173 -0
  40. data/standards/stig_active_directory_service_2008.json +167 -0
  41. data/standards/stig_adobe_acrobat_pro_xi.json +167 -0
  42. data/standards/stig_adobe_acrobat_reader_dc_classic_track.json +179 -0
  43. data/standards/stig_adobe_acrobat_reader_dc_continuous_track.json +179 -0
  44. data/standards/stig_adobe_coldfusion_11.json +611 -0
  45. data/standards/stig_airwatch_mdm.json +185 -0
  46. data/standards/stig_aix_5.3.json +3095 -0
  47. data/standards/stig_aix_6.1.json +3047 -0
  48. data/standards/stig_akamai_ksd_service_impact_level_2_alg.json +209 -0
  49. data/standards/stig_akamai_ksd_service_impact_level_2_ndm.json +155 -0
  50. data/standards/stig_android_2.2_dell.json +311 -0
  51. data/standards/stig_apache_2.2_serverwindows.json +347 -0
  52. data/standards/stig_apache_2.2_sitewindows_security_implementation_guide.json +179 -0
  53. data/standards/stig_apache_server_2.0unix.json +341 -0
  54. data/standards/stig_apache_server_2.0windows.json +341 -0
  55. data/standards/stig_apache_server_2.2unix.json +347 -0
  56. data/standards/stig_apache_server_2.2windows.json +347 -0
  57. data/standards/stig_apache_site_2.0unix.json +185 -0
  58. data/standards/stig_apache_site_2.0windows.json +179 -0
  59. data/standards/stig_apache_site_2.2unix.json +185 -0
  60. data/standards/stig_apache_site_2.2windows.json +179 -0
  61. data/standards/stig_apple_ios6.json +341 -0
  62. data/standards/stig_apple_ios_10.json +245 -0
  63. data/standards/stig_apple_ios_11.json +269 -0
  64. data/standards/stig_apple_ios_4_good_mobility_suite_interim_security_configuration_guide_iscg.json +257 -0
  65. data/standards/stig_apple_ios_5.json +329 -0
  66. data/standards/stig_apple_ios_6.json +335 -0
  67. data/standards/stig_apple_ios_6_interim_security_configuration_guide_iscg.json +371 -0
  68. data/standards/stig_apple_ios_7.json +185 -0
  69. data/standards/stig_apple_ios_8_interim_security_configuration_guide.json +251 -0
  70. data/standards/stig_apple_ios_9_interim_security_configuration_guide.json +245 -0
  71. data/standards/stig_apple_os_x_10.10_yosemite_workstation.json +851 -0
  72. data/standards/stig_apple_os_x_10.11.json +725 -0
  73. data/standards/stig_apple_os_x_10.12.json +737 -0
  74. data/standards/stig_apple_os_x_10.8_mountain_lion_workstation.json +1241 -0
  75. data/standards/stig_apple_os_x_10.9_mavericks_workstation.json +809 -0
  76. data/standards/stig_application_layer_gateway_alg_security_requirements_guide_srg.json +911 -0
  77. data/standards/stig_application_layer_gateway_security_requirements_guide.json +911 -0
  78. data/standards/stig_application_security_and_development.json +1745 -0
  79. data/standards/stig_application_security_and_development_checklist.json +959 -0
  80. data/standards/stig_application_security_requirements_guide.json +1961 -0
  81. data/standards/stig_application_server_security_requirements_guide.json +791 -0
  82. data/standards/stig_arcgisserver_10.3.json +143 -0
  83. data/standards/stig_arista_mls_dcs-7000_series_l2s.json +53 -0
  84. data/standards/stig_arista_mls_dcs-7000_series_ndm.json +197 -0
  85. data/standards/stig_arista_mls_dcs-7000_series_rtr.json +143 -0
  86. data/standards/stig_bind_9.x.json +431 -0
  87. data/standards/stig_bind_dns.json +317 -0
  88. data/standards/stig_blackberry_10.2.x_os.json +179 -0
  89. data/standards/stig_blackberry_10_os.json +227 -0
  90. data/standards/stig_blackberry_bes_12.3.x_mdm.json +65 -0
  91. data/standards/stig_blackberry_bes_12.5.x_mdm.json +65 -0
  92. data/standards/stig_blackberry_device_service_6.2.json +425 -0
  93. data/standards/stig_blackberry_enterprise_mobility_server_2.x.json +149 -0
  94. data/standards/stig_blackberry_enterprise_server,_part_1.json +35 -0
  95. data/standards/stig_blackberry_enterprise_server,_part_2.json +155 -0
  96. data/standards/stig_blackberry_enterprise_server,_part_3.json +647 -0
  97. data/standards/stig_blackberry_enterprise_server_version_5.x,_part_1.json +35 -0
  98. data/standards/stig_blackberry_enterprise_server_version_5.x,_part_2.json +155 -0
  99. data/standards/stig_blackberry_enterprise_server_version_5.x,_part_3.json +653 -0
  100. data/standards/stig_blackberry_enterprise_service_v10.1.x_blackberry_device_service.json +317 -0
  101. data/standards/stig_blackberry_enterprise_service_v10.2.x_blackberry_device_service.json +263 -0
  102. data/standards/stig_blackberry_handheld_device.json +125 -0
  103. data/standards/stig_blackberry_os_10.3.x.json +257 -0
  104. data/standards/stig_blackberry_os_7.x.json +107 -0
  105. data/standards/stig_blackberry_os_7.x.x.json +101 -0
  106. data/standards/stig_blackberry_os_version_5-7.json +107 -0
  107. data/standards/stig_blackberry_playbook.json +65 -0
  108. data/standards/stig_blackberry_playbook_os_nea_mode.json +65 -0
  109. data/standards/stig_blackberry_playbook_os_v2.1.json +197 -0
  110. data/standards/stig_blackberry_uem_12.7.json +59 -0
  111. data/standards/stig_bluetoothzigbee.json +35 -0
  112. data/standards/stig_ca_api_gateway_alg.json +497 -0
  113. data/standards/stig_cisco_css_dns.json +71 -0
  114. data/standards/stig_cisco_ios_xe_release_3_ndm.json +395 -0
  115. data/standards/stig_cisco_ios_xe_release_3_rtr.json +149 -0
  116. data/standards/stig_cmd_management_server_policy.json +53 -0
  117. data/standards/stig_commercial_mobile_device_cmd_policy.json +83 -0
  118. data/standards/stig_csfc_campus_wlan_policy_security_implementation_guide.json +95 -0
  119. data/standards/stig_database_security_requirements_guide.json +767 -0
  120. data/standards/stig_dbn-6300_idps.json +107 -0
  121. data/standards/stig_dbn-6300_ndm.json +359 -0
  122. data/standards/stig_defense_switched_network.json +683 -0
  123. data/standards/stig_defense_switched_network_dsn.json +653 -0
  124. data/standards/stig_desktop_applications_general.json +41 -0
  125. data/standards/stig_dns_policy.json +155 -0
  126. data/standards/stig_domain_name_system_dns_security_requirements_guide.json +599 -0
  127. data/standards/stig_draft_aix.json +3503 -0
  128. data/standards/stig_edb_postgres_advanced_server.json +665 -0
  129. data/standards/stig_email_services_policy.json +137 -0
  130. data/standards/stig_exchange_2010_client_access_server.json +179 -0
  131. data/standards/stig_exchange_2010_edge_transport_server.json +389 -0
  132. data/standards/stig_exchange_2010_hub_transport_server.json +269 -0
  133. data/standards/stig_exchange_2010_mailbox_server.json +209 -0
  134. data/standards/stig_f5_big-ip_access_policy_manager_11.x.json +149 -0
  135. data/standards/stig_f5_big-ip_advanced_firewall_manager_11.x.json +41 -0
  136. data/standards/stig_f5_big-ip_application_security_manager_11.x.json +89 -0
  137. data/standards/stig_f5_big-ip_device_management_11.x.json +467 -0
  138. data/standards/stig_f5_big-ip_local_traffic_manager_11.x.json +407 -0
  139. data/standards/stig_final_draft_general_wireless_policy.json +71 -0
  140. data/standards/stig_firewall.json +449 -0
  141. data/standards/stig_firewall_-_cisco.json +449 -0
  142. data/standards/stig_firewall_security_requirements_guide.json +257 -0
  143. data/standards/stig_forescout_counteract_alg.json +83 -0
  144. data/standards/stig_forescout_counteract_ndm.json +239 -0
  145. data/standards/stig_free_space_optics_device.json +143 -0
  146. data/standards/stig_general_mobile_device_policy_non-enterprise_activated.json +113 -0
  147. data/standards/stig_general_mobile_device_technical_non-enterprise_activated.json +59 -0
  148. data/standards/stig_general_purpose_operating_system_srg.json +1199 -0
  149. data/standards/stig_general_wireless_policy.json +71 -0
  150. data/standards/stig_good_mobility_suite_server_android_os.json +203 -0
  151. data/standards/stig_good_mobility_suite_server_apple_ios_4_interim_security_configuration_guide_iscg.json +209 -0
  152. data/standards/stig_good_mobility_suite_server_windows_phone_6.5.json +449 -0
  153. data/standards/stig_goodenterprise_8.x.json +401 -0
  154. data/standards/stig_google_chrome_browser.json +209 -0
  155. data/standards/stig_google_chrome_current_windows.json +215 -0
  156. data/standards/stig_google_chrome_draft.json +281 -0
  157. data/standards/stig_google_chrome_v23_windows.json +275 -0
  158. data/standards/stig_google_chrome_v24_windows.json +263 -0
  159. data/standards/stig_google_chrome_v24_windows_benchmark.json +227 -0
  160. data/standards/stig_google_search_appliance.json +209 -0
  161. data/standards/stig_harris_secnet_11_54.json +89 -0
  162. data/standards/stig_hp-ux_11.23.json +3215 -0
  163. data/standards/stig_hp-ux_11.31.json +3155 -0
  164. data/standards/stig_hp-ux_smse.json +431 -0
  165. data/standards/stig_hpe_3par_storeserv_3.2.x.json +131 -0
  166. data/standards/stig_ibm_datapower_alg.json +401 -0
  167. data/standards/stig_ibm_datapower_network_device_management.json +395 -0
  168. data/standards/stig_ibm_db2_v10.5_luw.json +575 -0
  169. data/standards/stig_ibm_hardware_management_console_hmc.json +221 -0
  170. data/standards/stig_ibm_hardware_management_console_hmc_policies.json +35 -0
  171. data/standards/stig_ibm_maas360_v2.3.x_mdm.json +59 -0
  172. data/standards/stig_ibm_zvm_using_ca_vm:secure.json +473 -0
  173. data/standards/stig_idps_security_requirements_guide_srg.json +1865 -0
  174. data/standards/stig_idsips.json +257 -0
  175. data/standards/stig_iis6_server.json +221 -0
  176. data/standards/stig_iis6_site.json +263 -0
  177. data/standards/stig_iis_7.0_web_server.json +155 -0
  178. data/standards/stig_iis_7.0_web_site.json +299 -0
  179. data/standards/stig_iis_8.5_server.json +293 -0
  180. data/standards/stig_iis_8.5_site.json +347 -0
  181. data/standards/stig_infoblox_7.x_dns.json +419 -0
  182. data/standards/stig_infrastructure_l3_switch.json +599 -0
  183. data/standards/stig_infrastructure_l3_switch_-_cisco.json +659 -0
  184. data/standards/stig_infrastructure_l3_switch_secure_technical_implementation_guide_-_cisco.json +659 -0
  185. data/standards/stig_infrastructure_router.json +479 -0
  186. data/standards/stig_infrastructure_router_-_cisco.json +539 -0
  187. data/standards/stig_infrastructure_router_-_juniper.json +485 -0
  188. data/standards/stig_infrastructure_router__cisco.json +539 -0
  189. data/standards/stig_infrastructure_router__juniper.json +485 -0
  190. data/standards/stig_internet_explorer_8.json +821 -0
  191. data/standards/stig_internet_explorer_9.json +815 -0
  192. data/standards/stig_intrusion_detection_and_prevention_systems_idps_security_requirements_guide.json +371 -0
  193. data/standards/stig_ipsec_vpn_gateway.json +521 -0
  194. data/standards/stig_java_runtime_environment_jre_6_unix.json +65 -0
  195. data/standards/stig_java_runtime_environment_jre_6_win7.json +65 -0
  196. data/standards/stig_java_runtime_environment_jre_6_windows_xp.json +77 -0
  197. data/standards/stig_java_runtime_environment_jre_6_winxp.json +65 -0
  198. data/standards/stig_java_runtime_environment_jre_7_unix.json +65 -0
  199. data/standards/stig_java_runtime_environment_jre_7_win7.json +65 -0
  200. data/standards/stig_java_runtime_environment_jre_7_winxp.json +65 -0
  201. data/standards/stig_java_runtime_environment_jre_version_6_unix.json +77 -0
  202. data/standards/stig_java_runtime_environment_jre_version_6_windows_7.json +77 -0
  203. data/standards/stig_java_runtime_environment_jre_version_6_windows_xp.json +65 -0
  204. data/standards/stig_java_runtime_environment_jre_version_7_unix.json +77 -0
  205. data/standards/stig_java_runtime_environment_jre_version_7_windows_7.json +77 -0
  206. data/standards/stig_java_runtime_environment_jre_version_7_winxp.json +77 -0
  207. data/standards/stig_java_runtime_environment_jre_version_8_unix.json +107 -0
  208. data/standards/stig_java_runtime_environment_jre_version_8_windows.json +107 -0
  209. data/standards/stig_jboss_eap_6.3.json +413 -0
  210. data/standards/stig_juniper_srx_sg_alg.json +155 -0
  211. data/standards/stig_juniper_srx_sg_idps.json +179 -0
  212. data/standards/stig_juniper_srx_sg_ndm.json +443 -0
  213. data/standards/stig_juniper_srx_sg_vpn.json +185 -0
  214. data/standards/stig_keyboard_video_and_mouse_switch.json +269 -0
  215. data/standards/stig_l3_kov-26_talon_wireless_role.json +77 -0
  216. data/standards/stig_layer_2_switch.json +347 -0
  217. data/standards/stig_layer_2_switch_-_cisco.json +365 -0
  218. data/standards/stig_lg_android_5.x_interim_security_configuration_guide.json +245 -0
  219. data/standards/stig_lg_android_6.x.json +281 -0
  220. data/standards/stig_mac_osx_10.6_workstation.json +1319 -0
  221. data/standards/stig_mac_osx_10.6_workstation_draft.json +1319 -0
  222. data/standards/stig_mainframe_product_security_requirements_guide.json +1115 -0
  223. data/standards/stig_mcafee_application_control_7.x.json +203 -0
  224. data/standards/stig_mcafee_move_2.63.6.1_multi-platform_client.json +149 -0
  225. data/standards/stig_mcafee_move_2.63.6.1_multi-platform_oss.json +101 -0
  226. data/standards/stig_mcafee_move_2.6_multi-platform_client.json +149 -0
  227. data/standards/stig_mcafee_move_2.6_multi-platform_oss.json +101 -0
  228. data/standards/stig_mcafee_move_3.6.1_multi-platform_client.json +149 -0
  229. data/standards/stig_mcafee_move_3.6.1_multi-platform_oss.json +101 -0
  230. data/standards/stig_mcafee_move_agentless_3.03.6.1_security_virtual_appliance.json +167 -0
  231. data/standards/stig_mcafee_move_agentless_3.0_security_virtual_appliance.json +167 -0
  232. data/standards/stig_mcafee_move_agentless_3.0_vsel_1.9sva.json +203 -0
  233. data/standards/stig_mcafee_move_agentless_3.6.1_security_virtual_appliance.json +167 -0
  234. data/standards/stig_mcafee_move_av_agentless_4.5.json +155 -0
  235. data/standards/stig_mcafee_move_av_multi-platform_4.5.json +215 -0
  236. data/standards/stig_mcafee_virusscan_8.8_local_client.json +533 -0
  237. data/standards/stig_mcafee_virusscan_8.8_managed_client.json +533 -0
  238. data/standards/stig_mcafee_vsel_1.92.0_local_client.json +245 -0
  239. data/standards/stig_mcafee_vsel_1.92.0_managed_client.json +239 -0
  240. data/standards/stig_mdm_server_policy.json +47 -0
  241. data/standards/stig_microsoft_access_2003.json +47 -0
  242. data/standards/stig_microsoft_access_2007.json +77 -0
  243. data/standards/stig_microsoft_access_2010.json +119 -0
  244. data/standards/stig_microsoft_access_2013.json +113 -0
  245. data/standards/stig_microsoft_access_2016.json +107 -0
  246. data/standards/stig_microsoft_dot_net_framework_4.0.json +101 -0
  247. data/standards/stig_microsoft_excel_2003.json +47 -0
  248. data/standards/stig_microsoft_excel_2007.json +155 -0
  249. data/standards/stig_microsoft_excel_2010.json +287 -0
  250. data/standards/stig_microsoft_excel_2013.json +293 -0
  251. data/standards/stig_microsoft_excel_2016.json +257 -0
  252. data/standards/stig_microsoft_exchange_2010_client_access_server_role.json +71 -0
  253. data/standards/stig_microsoft_exchange_2010_core_server.json +47 -0
  254. data/standards/stig_microsoft_exchange_2010_edge_transport_server_role.json +233 -0
  255. data/standards/stig_microsoft_exchange_2010_hub_transport_server_role.json +125 -0
  256. data/standards/stig_microsoft_exchange_2010_mailbox_server_role.json +107 -0
  257. data/standards/stig_microsoft_exchange_server_2003.json +647 -0
  258. data/standards/stig_microsoft_groove_2013.json +71 -0
  259. data/standards/stig_microsoft_ie_version_6.json +599 -0
  260. data/standards/stig_microsoft_ie_version_7.json +749 -0
  261. data/standards/stig_microsoft_infopath_2003.json +41 -0
  262. data/standards/stig_microsoft_infopath_2007.json +167 -0
  263. data/standards/stig_microsoft_infopath_2010.json +155 -0
  264. data/standards/stig_microsoft_infopath_2013.json +149 -0
  265. data/standards/stig_microsoft_internet_explorer_10.json +857 -0
  266. data/standards/stig_microsoft_internet_explorer_11.json +839 -0
  267. data/standards/stig_microsoft_internet_explorer_9.json +821 -0
  268. data/standards/stig_microsoft_lync_2013.json +29 -0
  269. data/standards/stig_microsoft_office_system_2007.json +221 -0
  270. data/standards/stig_microsoft_office_system_2010.json +233 -0
  271. data/standards/stig_microsoft_office_system_2013.json +293 -0
  272. data/standards/stig_microsoft_office_system_2016.json +131 -0
  273. data/standards/stig_microsoft_onedrivebusiness_2016.json +89 -0
  274. data/standards/stig_microsoft_onenote_2010.json +77 -0
  275. data/standards/stig_microsoft_onenote_2013.json +71 -0
  276. data/standards/stig_microsoft_onenote_2016.json +71 -0
  277. data/standards/stig_microsoft_outlook_2003.json +65 -0
  278. data/standards/stig_microsoft_outlook_2007.json +479 -0
  279. data/standards/stig_microsoft_outlook_2010.json +515 -0
  280. data/standards/stig_microsoft_outlook_2013.json +497 -0
  281. data/standards/stig_microsoft_outlook_2016.json +359 -0
  282. data/standards/stig_microsoft_powerpoint_2003.json +47 -0
  283. data/standards/stig_microsoft_powerpoint_2007.json +131 -0
  284. data/standards/stig_microsoft_powerpoint_2010.json +191 -0
  285. data/standards/stig_microsoft_powerpoint_2013.json +251 -0
  286. data/standards/stig_microsoft_powerpoint_2016.json +233 -0
  287. data/standards/stig_microsoft_project_2010.json +83 -0
  288. data/standards/stig_microsoft_project_2013.json +95 -0
  289. data/standards/stig_microsoft_project_2016.json +95 -0
  290. data/standards/stig_microsoft_publisher_2010.json +107 -0
  291. data/standards/stig_microsoft_publisher_2013.json +101 -0
  292. data/standards/stig_microsoft_publisher_2016.json +101 -0
  293. data/standards/stig_microsoft_sharepoint_designer_2013.json +71 -0
  294. data/standards/stig_microsoft_skypebusiness_2016.json +29 -0
  295. data/standards/stig_microsoft_sql_server_2005_database.json +167 -0
  296. data/standards/stig_microsoft_sql_server_2005_instance.json +1001 -0
  297. data/standards/stig_microsoft_sql_server_2012_database.json +179 -0
  298. data/standards/stig_microsoft_sql_server_2012_database_instance.json +929 -0
  299. data/standards/stig_microsoft_visio_2013.json +89 -0
  300. data/standards/stig_microsoft_visio_2016.json +89 -0
  301. data/standards/stig_microsoft_windows_10_mobile.json +215 -0
  302. data/standards/stig_microsoft_windows_2008_server_domain_name_system.json +269 -0
  303. data/standards/stig_microsoft_windows_2012_server_domain_name_system.json +551 -0
  304. data/standards/stig_microsoft_windows_phone_8.1.json +161 -0
  305. data/standards/stig_microsoft_windows_server_2012_domain_controller.json +2633 -0
  306. data/standards/stig_microsoft_windows_server_2012_member_server.json +2411 -0
  307. data/standards/stig_microsoft_word_2003.json +47 -0
  308. data/standards/stig_microsoft_word_2007.json +119 -0
  309. data/standards/stig_microsoft_word_2010.json +221 -0
  310. data/standards/stig_microsoft_word_2013.json +221 -0
  311. data/standards/stig_microsoft_word_2016.json +215 -0
  312. data/standards/stig_mobile_application_management_mam_server.json +95 -0
  313. data/standards/stig_mobile_application_security_requirements_guide.json +233 -0
  314. data/standards/stig_mobile_device_integrity_scanning_mdis_server.json +119 -0
  315. data/standards/stig_mobile_device_management_mdm_server.json +125 -0
  316. data/standards/stig_mobile_device_manager_security_requirements_guide.json +2555 -0
  317. data/standards/stig_mobile_email_management_mem_server.json +197 -0
  318. data/standards/stig_mobile_operating_system_security_requirements_guide.json +1943 -0
  319. data/standards/stig_mobile_policy.json +35 -0
  320. data/standards/stig_mobile_policy_security_requirements_guide.json +437 -0
  321. data/standards/stig_mobileiron_core_v9.x_mdm.json +89 -0
  322. data/standards/stig_mobility_policy.json +65 -0
  323. data/standards/stig_mozilla_firefox.json +161 -0
  324. data/standards/stig_ms_exchange_2013_client_access_server.json +209 -0
  325. data/standards/stig_ms_exchange_2013_edge_transport_server.json +443 -0
  326. data/standards/stig_ms_exchange_2013_mailbox_server.json +437 -0
  327. data/standards/stig_ms_sharepoint_2010.json +269 -0
  328. data/standards/stig_ms_sharepoint_2013.json +245 -0
  329. data/standards/stig_ms_sharepoint_designer_2013.json +71 -0
  330. data/standards/stig_ms_sql_server_2014_database.json +263 -0
  331. data/standards/stig_ms_sql_server_2014_instance.json +575 -0
  332. data/standards/stig_ms_sql_server_2016_database.json +185 -0
  333. data/standards/stig_ms_sql_server_2016_instance.json +731 -0
  334. data/standards/stig_ms_windows_defender_antivirus.json +257 -0
  335. data/standards/stig_multifunction_device_and_network_printers.json +131 -0
  336. data/standards/stig_network_device_management_security_requirements_guide.json +863 -0
  337. data/standards/stig_network_devices.json +389 -0
  338. data/standards/stig_network_infrastructure_policy.json +455 -0
  339. data/standards/stig_network_security_requirements_guide.json +1961 -0
  340. data/standards/stig_operating_system_security_requirements_guide.json +1961 -0
  341. data/standards/stig_oracle_10_database_installation.json +527 -0
  342. data/standards/stig_oracle_10_database_instance.json +569 -0
  343. data/standards/stig_oracle_11_database_installation.json +527 -0
  344. data/standards/stig_oracle_11_database_instance.json +551 -0
  345. data/standards/stig_oracle_database_10g_installation.json +527 -0
  346. data/standards/stig_oracle_database_10g_instance.json +581 -0
  347. data/standards/stig_oracle_database_11.2g.json +1229 -0
  348. data/standards/stig_oracle_database_11g_installation.json +527 -0
  349. data/standards/stig_oracle_database_11g_instance.json +575 -0
  350. data/standards/stig_oracle_database_12c.json +1217 -0
  351. data/standards/stig_oracle_http_server_12.1.3.json +1703 -0
  352. data/standards/stig_oracle_linux_5.json +3431 -0
  353. data/standards/stig_oracle_linux_6.json +1583 -0
  354. data/standards/stig_oracle_weblogic_server_12c.json +443 -0
  355. data/standards/stig_palo_alto_networks_alg.json +311 -0
  356. data/standards/stig_palo_alto_networks_idps.json +185 -0
  357. data/standards/stig_palo_alto_networks_ndm.json +251 -0
  358. data/standards/stig_pda.json +83 -0
  359. data/standards/stig_pdasmartphone.json +95 -0
  360. data/standards/stig_perimeter_l3_switch.json +923 -0
  361. data/standards/stig_perimeter_l3_switch_-_cisco.json +1001 -0
  362. data/standards/stig_perimeter_router.json +803 -0
  363. data/standards/stig_perimeter_router_cisco.json +881 -0
  364. data/standards/stig_perimeter_router_juniper.json +803 -0
  365. data/standards/stig_postgresql_9.x.json +677 -0
  366. data/standards/stig_red_hat_enterprise_linux_5.json +3437 -0
  367. data/standards/stig_red_hat_enterprise_linux_6.json +1565 -0
  368. data/standards/stig_red_hat_enterprise_linux_7.json +1451 -0
  369. data/standards/stig_remote_access_policy.json +317 -0
  370. data/standards/stig_removable_storage_and_external_connection_technologies.json +143 -0
  371. data/standards/stig_removable_storage_and_external_connections.json +137 -0
  372. data/standards/stig_rfid_scanner.json +35 -0
  373. data/standards/stig_rfid_workstation.json +23 -0
  374. data/standards/stig_riverbed_steelhead_cx_v8_alg.json +83 -0
  375. data/standards/stig_riverbed_steelhead_cx_v8_ndm.json +371 -0
  376. data/standards/stig_router_security_requirements_guide.json +575 -0
  377. data/standards/stig_samsung_android_os_5_with_knox_2.0.json +365 -0
  378. data/standards/stig_samsung_android_os_6_with_knox_2.x.json +377 -0
  379. data/standards/stig_samsung_android_os_7_with_knox_2.x.json +443 -0
  380. data/standards/stig_samsung_android_with_knox_1.x.json +293 -0
  381. data/standards/stig_samsung_android_with_knox_2.x.json +371 -0
  382. data/standards/stig_samsung_knox_android_1.0.json +167 -0
  383. data/standards/stig_sharepoint_2010.json +269 -0
  384. data/standards/stig_sharepoint_2013.json +245 -0
  385. data/standards/stig_smartphone_policy.json +131 -0
  386. data/standards/stig_solaris_10_sparc.json +3029 -0
  387. data/standards/stig_solaris_10_x86.json +3065 -0
  388. data/standards/stig_solaris_11_sparc.json +1427 -0
  389. data/standards/stig_solaris_11_x86.json +1421 -0
  390. data/standards/stig_solaris_9_sparc.json +2915 -0
  391. data/standards/stig_solaris_9_x86.json +2915 -0
  392. data/standards/stig_sun_ray_4.json +185 -0
  393. data/standards/stig_sun_ray_4_policy.json +77 -0
  394. data/standards/stig_suse_linux_enterprise_server_v11system_z.json +3311 -0
  395. data/standards/stig_symantec_endpoint_protection_12.1_local_client_antivirus.json +689 -0
  396. data/standards/stig_symantec_endpoint_protection_12.1_managed_client_antivirus.json +695 -0
  397. data/standards/stig_tanium_6.5.json +461 -0
  398. data/standards/stig_tanium_7.0.json +803 -0
  399. data/standards/stig_test_and_development_zone_a.json +167 -0
  400. data/standards/stig_test_and_development_zone_b.json +179 -0
  401. data/standards/stig_test_and_development_zone_c.json +143 -0
  402. data/standards/stig_test_and_development_zone_d.json +143 -0
  403. data/standards/stig_traditional_security.json +917 -0
  404. data/standards/stig_unix_srg.json +3287 -0
  405. data/standards/stig_video_services_policy.json +497 -0
  406. data/standards/stig_video_teleconference.json +47 -0
  407. data/standards/stig_video_teleconference_vtc.json +12 -0
  408. data/standards/stig_vmware_esx_3_policy.json +155 -0
  409. data/standards/stig_vmware_esx_3_server.json +3791 -0
  410. data/standards/stig_vmware_esx_3_virtual_center.json +257 -0
  411. data/standards/stig_vmware_esx_3_virtual_machine.json +53 -0
  412. data/standards/stig_vmware_esxi_server_5.0.json +809 -0
  413. data/standards/stig_vmware_esxi_v5.json +5177 -0
  414. data/standards/stig_vmware_esxi_version_5_virtual_machine.json +317 -0
  415. data/standards/stig_vmware_nsx_distributed_firewall.json +83 -0
  416. data/standards/stig_vmware_nsx_distributed_logical_router.json +35 -0
  417. data/standards/stig_vmware_nsx_manager.json +191 -0
  418. data/standards/stig_vmware_vcenter_server.json +179 -0
  419. data/standards/stig_vmware_vcenter_server_version_5.json +149 -0
  420. data/standards/stig_vmware_vsphere_esxi_6.0.json +659 -0
  421. data/standards/stig_vmware_vsphere_vcenter_server_version_6.json +311 -0
  422. data/standards/stig_vmware_vsphere_virtual_machine_version_6.json +269 -0
  423. data/standards/stig_voice_and_video_over_internet_protocol_vvoip_policy.json +407 -0
  424. data/standards/stig_voice_video_endpoint_security_requirements_guide.json +395 -0
  425. data/standards/stig_voice_video_services_policy.json +671 -0
  426. data/standards/stig_voice_video_session_management_security_requirements_guide.json +329 -0
  427. data/standards/stig_voicevideo_over_internet_protocol.json +419 -0
  428. data/standards/stig_voicevideo_over_internet_protocol_vvoip.json +263 -0
  429. data/standards/stig_voicevideo_services_policy.json +569 -0
  430. data/standards/stig_web_policy.json +95 -0
  431. data/standards/stig_web_server.json +317 -0
  432. data/standards/stig_web_server_security_requirements_guide.json +587 -0
  433. data/standards/stig_win2k3_audit.json +761 -0
  434. data/standards/stig_win2k8_audit.json +1085 -0
  435. data/standards/stig_win2k8_r2_audit.json +1637 -0
  436. data/standards/stig_win7_audit.json +1613 -0
  437. data/standards/stig_windows_10.json +1691 -0
  438. data/standards/stig_windows_2003_domain_controller.json +893 -0
  439. data/standards/stig_windows_2003_member_server.json +845 -0
  440. data/standards/stig_windows_2008_domain_controller.json +1475 -0
  441. data/standards/stig_windows_2008_member_server.json +1301 -0
  442. data/standards/stig_windows_7.json +1781 -0
  443. data/standards/stig_windows_8.json +2399 -0
  444. data/standards/stig_windows_88.1.json +2273 -0
  445. data/standards/stig_windows_8_8.1.json +2297 -0
  446. data/standards/stig_windows_defender_antivirus.json +239 -0
  447. data/standards/stig_windows_dns.json +185 -0
  448. data/standards/stig_windows_firewall_with_advanced_security.json +137 -0
  449. data/standards/stig_windows_paw.json +155 -0
  450. data/standards/stig_windows_phone_6.5_with_good_mobility_suite.json +65 -0
  451. data/standards/stig_windows_server_2008_r2_domain_controller.json +1961 -0
  452. data/standards/stig_windows_server_2008_r2_member_server.json +1745 -0
  453. data/standards/stig_windows_server_20122012_r2_domain_controller.json +2255 -0
  454. data/standards/stig_windows_server_20122012_r2_member_server.json +2045 -0
  455. data/standards/stig_windows_server_2012_2012_r2_domain_controller.json +2279 -0
  456. data/standards/stig_windows_server_2012_2012_r2_member_server.json +2075 -0
  457. data/standards/stig_windows_server_2012_domain_controller.json +2471 -0
  458. data/standards/stig_windows_server_2012_member_server.json +2249 -0
  459. data/standards/stig_windows_server_2016.json +1661 -0
  460. data/standards/stig_windows_vista.json +1517 -0
  461. data/standards/stig_windows_xp.json +893 -0
  462. data/standards/stig_wireless_keyboard_and_mouse.json +23 -0
  463. data/standards/stig_wireless_management_server_policy.json +53 -0
  464. data/standards/stig_wireless_remote_access_policy_security_implementation_guide.json +29 -0
  465. data/standards/stig_wlan_access_point_enclave-niprnet_connected.json +227 -0
  466. data/standards/stig_wlan_access_point_internet_gateway_only_connection.json +209 -0
  467. data/standards/stig_wlan_access_point_policy.json +17 -0
  468. data/standards/stig_wlan_authentication_server.json +29 -0
  469. data/standards/stig_wlan_bridge.json +209 -0
  470. data/standards/stig_wlan_client.json +65 -0
  471. data/standards/stig_wlan_controller.json +215 -0
  472. data/standards/stig_wlan_ids_sensorserver.json +23 -0
  473. data/standards/stig_wman_access_point.json +263 -0
  474. data/standards/stig_wman_bridge.json +209 -0
  475. data/standards/stig_wman_subscriber.json +65 -0
  476. data/standards/stig_zos_acf2.json +1451 -0
  477. data/standards/stig_zos_bmc_control-dacf2.json +53 -0
  478. data/standards/stig_zos_bmc_control-dracf.json +59 -0
  479. data/standards/stig_zos_bmc_control-dtss.json +65 -0
  480. data/standards/stig_zos_bmc_control-macf2.json +59 -0
  481. data/standards/stig_zos_bmc_control-mracf.json +65 -0
  482. data/standards/stig_zos_bmc_control-mrestartacf2.json +23 -0
  483. data/standards/stig_zos_bmc_control-mrestartracf.json +23 -0
  484. data/standards/stig_zos_bmc_control-mrestarttss.json +23 -0
  485. data/standards/stig_zos_bmc_control-mtss.json +71 -0
  486. data/standards/stig_zos_bmc_control-oacf2.json +53 -0
  487. data/standards/stig_zos_bmc_control-oracf.json +59 -0
  488. data/standards/stig_zos_bmc_control-otss.json +65 -0
  489. data/standards/stig_zos_bmc_ioaacf2.json +53 -0
  490. data/standards/stig_zos_bmc_ioaracf.json +59 -0
  491. data/standards/stig_zos_bmc_ioatss.json +65 -0
  492. data/standards/stig_zos_bmc_mainviewzosacf2.json +47 -0
  493. data/standards/stig_zos_bmc_mainviewzosracf.json +53 -0
  494. data/standards/stig_zos_bmc_mainviewzostss.json +59 -0
  495. data/standards/stig_zos_ca_1_tape_managementacf2.json +65 -0
  496. data/standards/stig_zos_ca_1_tape_managementracf.json +77 -0
  497. data/standards/stig_zos_ca_1_tape_managementtss.json +77 -0
  498. data/standards/stig_zos_ca_auditoracf2.json +29 -0
  499. data/standards/stig_zos_ca_auditorracf.json +29 -0
  500. data/standards/stig_zos_ca_auditortss.json +29 -0
  501. data/standards/stig_zos_ca_common_servicesacf2.json +23 -0
  502. data/standards/stig_zos_ca_common_servicesracf.json +29 -0
  503. data/standards/stig_zos_ca_common_servicestss.json +29 -0
  504. data/standards/stig_zos_ca_micsacf2.json +23 -0
  505. data/standards/stig_zos_ca_micsracf.json +23 -0
  506. data/standards/stig_zos_ca_micstss.json +23 -0
  507. data/standards/stig_zos_ca_mimacf2.json +41 -0
  508. data/standards/stig_zos_ca_mimracf.json +47 -0
  509. data/standards/stig_zos_ca_mimtss.json +47 -0
  510. data/standards/stig_zos_ca_vtapeacf2.json +29 -0
  511. data/standards/stig_zos_ca_vtaperacf.json +35 -0
  512. data/standards/stig_zos_ca_vtapetss.json +35 -0
  513. data/standards/stig_zos_catalog_solutionsacf2.json +23 -0
  514. data/standards/stig_zos_catalog_solutionsracf.json +23 -0
  515. data/standards/stig_zos_catalog_solutionstss.json +23 -0
  516. data/standards/stig_zos_clsupersessionacf2.json +53 -0
  517. data/standards/stig_zos_clsupersessionracf.json +65 -0
  518. data/standards/stig_zos_clsupersessiontss.json +71 -0
  519. data/standards/stig_zos_compuware_abend-aidacf2.json +47 -0
  520. data/standards/stig_zos_compuware_abend-aidracf.json +53 -0
  521. data/standards/stig_zos_compuware_abend-aidtss.json +53 -0
  522. data/standards/stig_zos_cssmtpacf2.json +23 -0
  523. data/standards/stig_zos_cssmtpracf.json +29 -0
  524. data/standards/stig_zos_cssmtptss.json +29 -0
  525. data/standards/stig_zos_fdracf2.json +23 -0
  526. data/standards/stig_zos_fdrracf.json +23 -0
  527. data/standards/stig_zos_fdrtss.json +23 -0
  528. data/standards/stig_zos_hcdacf2.json +29 -0
  529. data/standards/stig_zos_hcdracf.json +29 -0
  530. data/standards/stig_zos_hcdtss.json +29 -0
  531. data/standards/stig_zos_ibm_cics_transaction_serveracf2.json +17 -0
  532. data/standards/stig_zos_ibm_cics_transaction_serverracf.json +17 -0
  533. data/standards/stig_zos_ibm_cics_transaction_servertss.json +17 -0
  534. data/standards/stig_zos_ibm_health_checkeracf2.json +23 -0
  535. data/standards/stig_zos_ibm_health_checkerracf.json +29 -0
  536. data/standards/stig_zos_ibm_health_checkertss.json +29 -0
  537. data/standards/stig_zos_ibm_system_display_and_search_facility_sdsfacf2.json +53 -0
  538. data/standards/stig_zos_ibm_system_display_and_search_facility_sdsfracf.json +59 -0
  539. data/standards/stig_zos_ibm_system_display_and_search_facility_sdsftss.json +53 -0
  540. data/standards/stig_zos_icsfacf2.json +29 -0
  541. data/standards/stig_zos_icsfracf.json +35 -0
  542. data/standards/stig_zos_icsftss.json +35 -0
  543. data/standards/stig_zos_netviewacf2.json +41 -0
  544. data/standards/stig_zos_netviewracf.json +47 -0
  545. data/standards/stig_zos_netviewtss.json +53 -0
  546. data/standards/stig_zos_quest_nc-passacf2.json +35 -0
  547. data/standards/stig_zos_quest_nc-passracf.json +41 -0
  548. data/standards/stig_zos_quest_nc-passtss.json +47 -0
  549. data/standards/stig_zos_racf.json +1415 -0
  550. data/standards/stig_zos_roscoeacf2.json +47 -0
  551. data/standards/stig_zos_roscoeracf.json +53 -0
  552. data/standards/stig_zos_roscoetss.json +59 -0
  553. data/standards/stig_zos_srrauditacf2.json +23 -0
  554. data/standards/stig_zos_srrauditracf.json +23 -0
  555. data/standards/stig_zos_srraudittss.json +23 -0
  556. data/standards/stig_zos_tadzacf2.json +29 -0
  557. data/standards/stig_zos_tadzracf.json +35 -0
  558. data/standards/stig_zos_tadztss.json +35 -0
  559. data/standards/stig_zos_tdmfacf2.json +23 -0
  560. data/standards/stig_zos_tdmfracf.json +23 -0
  561. data/standards/stig_zos_tdmftss.json +23 -0
  562. data/standards/stig_zos_tss.json +1523 -0
  563. data/standards/stig_zos_vssracf.json +29 -0
  564. metadata +691 -0
data/lib/kriterion/cli.rb ADDED
@@ -0,0 +1,28 @@
1
+ require 'cri'
2
+
3
+ class Kriterion
4
+ class CLI
5
+ def self.command
6
+ @cmd ||= Cri::Command.define do
7
+ name 'kriterion'
8
+ usage 'kriterion <subcommand>'
9
+ summary 'Exposes Puppet\'s compliance information in a REST API'
10
+
11
+ flag :h, :help, 'show help for this command' do |value, cmd|
12
+ puts cmd.help
13
+ exit 0
14
+ end
15
+
16
+ flag :d, :debug, 'Enable debug logging'
17
+ flag nil, :trace, 'Print stacktraces'
18
+
19
+ run do |opts, args, cmd|
20
+ puts cmd.help
21
+ exit 0
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
27
+
28
+ require 'kriterion/cli/worker'
data/lib/kriterion/cli/api.rb ADDED
@@ -0,0 +1,35 @@
1
+ require 'cri'
2
+
3
+ class Kriterion
4
+ class CLI
5
+ class API
6
+ def self.command
7
+ @cmd ||= Cri::Command.define do
8
+ name 'api'
9
+ usage 'api --standards_dir <uri>'
10
+ summary 'Runs a kriterion API server'
11
+
12
+ flag :h, :help, 'show help for this command' do |value, cmd|
13
+ puts cmd.help
14
+ exit 0
15
+ end
16
+
17
+ option :u, :standards_dir, 'URI of the RestMQ server', argument: :required
18
+ optional :h, :mongo_hostname, 'Hostname of the MongoDB server to use', default: 'localhost'
19
+ optional :d, :mongo_database, 'Name of the MongoDB database to use', default: 'kriterion'
20
+ optional :p, :mongo_port, 'Port for MongoDB', default: 27017
21
+
22
+
23
+ run do |opts, args, cmd|
24
+ # TODO: Get log levels working properly
25
+ require 'kriterion/api'
26
+ worker = Kriterion::API.new(opts)
27
+ worker.run
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
34
+
35
+ Kriterion::CLI.command.add_command(Kriterion::CLI::API.command)
data/lib/kriterion/cli/worker.rb ADDED
@@ -0,0 +1,35 @@
1
+ require 'cri'
2
+
3
+ class Kriterion
4
+ class CLI
5
+ class Worker
6
+ def self.command
7
+ @cmd ||= Cri::Command.define do
8
+ name 'worker'
9
+ usage 'worker --uri <uri>'
10
+ summary 'Runs a kriterion worker'
11
+
12
+ flag :h, :help, 'show help for this command' do |value, cmd|
13
+ puts cmd.help
14
+ exit 0
15
+ end
16
+
17
+ optional :u, :uri , 'URI of the RestMQ server' , default: ENV['uri'] || 'http://localhost:8888'
18
+ optional :q, :queue , 'Queue to subscribe to' , default: ENV['queue']|| 'reports'
19
+ optional :h, :mongo_hostname, 'Hostname of the MongoDB server to use', default: ENV['mongo_hostname']|| 'localhost'
20
+ optional :d, :mongo_database, 'Name of the MongoDB database to use' , default: ENV['mongo_database']|| 'kriterion'
21
+ optional :p, :mongo_port , 'Port for MongoDB' , default: ENV['mongo_port']|| 27017
22
+
23
+
24
+ run do |opts, args, cmd|
25
+ require 'kriterion/worker'
26
+ worker = Kriterion::Worker.new(opts)
27
+ worker.run
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
34
+
35
+ Kriterion::CLI.command.add_command(Kriterion::CLI::Worker.command)
data/lib/kriterion/event.rb ADDED
@@ -0,0 +1,36 @@
1
+ require 'kriterion/object'
2
+
3
+ class Kriterion
4
+ class Event < Kriterion::Object
5
+ attr_reader :audited
6
+ attr_reader :property
7
+ attr_reader :previous_value
8
+ attr_reader :desired_value
9
+ attr_reader :historical_value
10
+ attr_reader :message
11
+ attr_reader :name
12
+ attr_reader :status
13
+ attr_reader :time
14
+ attr_reader :redacted
15
+ attr_reader :corrective_change
16
+
17
+ attr_accessor :certname
18
+ attr_accessor :resource
19
+
20
+ def initialize(data)
21
+ @audited = data['audited']
22
+ @property = data['property']
23
+ @previous_value = data['previous_value']
24
+ @desired_value = data['desired_value']
25
+ @historical_value = data['historical_value']
26
+ @message = data['message']
27
+ @name = data['name']
28
+ @status = data['status']
29
+ @time = data['time']
30
+ @redacted = data['redacted']
31
+ @corrective_change = data['corrective_change']
32
+ @certname = data['certname']
33
+ @resource = data['resource']
34
+ end
35
+ end
36
+ end
data/lib/kriterion/item.rb ADDED
@@ -0,0 +1,42 @@
1
+ require 'kriterion/object'
2
+
3
+ class Kriterion
4
+ class Item < Kriterion::Object
5
+ attr_reader :uuid
6
+ attr_reader :id
7
+ attr_reader :title
8
+ attr_reader :description
9
+ attr_reader :severity
10
+ attr_reader :parent_uuid
11
+ attr_reader :section_path
12
+
13
+ attr_accessor :resources
14
+
15
+ def initialize(data)
16
+ @uuid = data['uuid'] || SecureRandom.uuid
17
+ @id = data['id']
18
+ @title = data['title']
19
+ @description = data['description']
20
+ @severity = data['severity']
21
+ @section_path = data['section_path']
22
+ @parent_type = data['parent_type']
23
+ @parent_uuid = data['parent_uuid']
24
+ @resources = data['resources'] || []
25
+ end
26
+
27
+ def compliance
28
+ super(resources)
29
+ end
30
+
31
+ def parent_names(separator)
32
+ parents = []
33
+
34
+ section_path.each_index do |index|
35
+ parents << section_path[0..index].join(separator)
36
+ end
37
+
38
+ parents.delete(id)
39
+ parents.reverse
40
+ end
41
+ end
42
+ end
data/lib/kriterion/logs.rb ADDED
@@ -0,0 +1,14 @@
1
+ require 'logger'
2
+
3
+ module Kriterion::Logs
4
+ DEBUG = ::Logger::DEBUG
5
+ INFO = ::Logger::INFO
6
+
7
+ def logger
8
+ unless $logger
9
+ $logger = ::Logger.new(STDOUT)
10
+ $logger.level = ::Logger::INFO
11
+ end
12
+ $logger
13
+ end
14
+ end
data/lib/kriterion/metrics.rb ADDED
@@ -0,0 +1,22 @@
1
+ class Kriterion
2
+ class Metrics
3
+ def initialize
4
+ @metrics = {}
5
+ end
6
+
7
+ def [](symbol)
8
+ @metrics[symbol] || 0
9
+ end
10
+
11
+ def []=(symbol, value)
12
+ @metrics[symbol] = value
13
+ end
14
+
15
+ def print
16
+ logger.info 'Metrics:'
17
+ @metrics.each do |name, value|
18
+ logger.info " #{name} #{value.round(2)}s"
19
+ end
20
+ end
21
+ end
22
+ end
data/lib/kriterion/object.rb ADDED
@@ -0,0 +1,50 @@
1
+ class Kriterion
2
+ class Object
3
+ def to_h(mode = :basic)
4
+ raise 'Mode must be :basic or :full' unless %i[basic full].include? mode
5
+ hash = {}
6
+
7
+ instance_variables.each do |v|
8
+ hash[v.to_s.gsub(/^@/, '')] = instance_variable_get(v.to_s)
9
+ end
10
+
11
+ if mode == :basic
12
+ hash.reject do |k, _v|
13
+ %w[
14
+ sections
15
+ items
16
+ resources
17
+ events
18
+ ].include? k
19
+ end
20
+ elsif mode == :full
21
+ hash
22
+ end
23
+ end
24
+
25
+ def find_section(name)
26
+ sections ? sections.select { |s| s.name == name }[0] : nil
27
+ end
28
+
29
+ def compliance(objects)
30
+ total = objects.count
31
+ compliant = objects.count { |o| o.compliance['compliant'] }
32
+ non_compliant = total - compliant
33
+ percentage = if total.zero?
34
+ 0
35
+ else
36
+ compliant / total
37
+ end
38
+
39
+ {
40
+ 'compliant' => percentage == 1,
41
+ 'events' => {
42
+ 'percentage' => percentage,
43
+ 'compliant' => compliant,
44
+ 'non_compliant' => non_compliant,
45
+ 'total' => total
46
+ }
47
+ }
48
+ end
49
+ end
50
+ end
data/lib/kriterion/report.rb ADDED
@@ -0,0 +1,69 @@
1
+ require 'json'
2
+ require 'kriterion/resource'
3
+
4
+ class Kriterion
5
+ class Report
6
+ attr_reader :host
7
+ attr_reader :time
8
+ attr_reader :configuration_version
9
+ attr_reader :transaction_uuid
10
+ attr_reader :report_format
11
+ attr_reader :puppet_version
12
+ attr_reader :status
13
+ attr_reader :transaction_completed
14
+ attr_reader :noop
15
+ attr_reader :noop_pending
16
+ attr_reader :environment
17
+ attr_reader :logs
18
+ attr_reader :metrics
19
+ attr_reader :corrective_change
20
+ attr_reader :catalog_uuid
21
+ attr_reader :code_id
22
+ attr_reader :cached_catalog_status
23
+
24
+ def initialize(data)
25
+ @host = data['host']
26
+ @time = data['time']
27
+ @configuration_version = data['configuration_version']
28
+ @transaction_uuid = data['transaction_uuid']
29
+ @report_format = data['report_format']
30
+ @puppet_version = data['puppet_version']
31
+ @status = data['status']
32
+ @transaction_completed = data['transaction_completed']
33
+ @noop = data['noop']
34
+ @noop_pending = data['noop_pending']
35
+ @environment = data['environment']
36
+ @logs = data['logs']
37
+ @metrics = data['metrics']
38
+ @resource_statuses = data['resource_statuses']
39
+ @corrective_change = data['corrective_change']
40
+ @catalog_uuid = data['catalog_uuid']
41
+ @code_id = data['code_id']
42
+ @cached_catalog_status = data['cached_catalog_status']
43
+ end
44
+
45
+ def resource_statuses
46
+ # If this is a hash then the objects haven't been initialised
47
+ # We should initialise them now
48
+ if @resource_statuses.is_a? Hash
49
+ @resource_statuses = @resource_statuses.map do |_ref, params|
50
+ Kriterion::Resource.new(params)
51
+ end
52
+ end
53
+ @resource_statuses
54
+ end
55
+
56
+ def certname
57
+ host
58
+ end
59
+
60
+ # Returns resources that have given tags, expects an array of tags
61
+ def resources_with_tags(tags)
62
+ resource_statuses.select do |resource|
63
+ tags.any? do |tag|
64
+ resource.tags.include? tag
65
+ end
66
+ end
67
+ end
68
+ end
69
+ end
data/lib/kriterion/resource.rb ADDED
@@ -0,0 +1,60 @@
1
+ require 'kriterion/object'
2
+ require 'json'
3
+
4
+ class Kriterion
5
+ class Resource < Kriterion::Object
6
+ attr_reader :uuid
7
+ attr_reader :title
8
+ attr_reader :file
9
+ attr_reader :line
10
+ attr_reader :resource
11
+ attr_reader :resource_type
12
+ attr_reader :provider_used
13
+ attr_reader :containment_path
14
+ attr_reader :tags
15
+
16
+ attr_accessor :events
17
+ attr_accessor :parent_uuid
18
+ attr_accessor :unchanged_nodes
19
+
20
+ def initialize(hash)
21
+ @uuid = hash['uuid'] || SecureRandom.uuid
22
+ @title = hash['title']
23
+ @file = hash['file']
24
+ @line = hash['line']
25
+ @resource = hash['resource']
26
+ @resource_type = hash['resource_type']
27
+ @provider_used = hash['provider_used']
28
+ @containment_path = hash['containment_path']
29
+ @tags = hash['tags']
30
+ @events = hash['events'] || []
31
+ @parent_uuid = hash['parent_uuid']
32
+ @unchanged_nodes = hash['unchanged_nodes'] || []
33
+ end
34
+
35
+ def ==(other)
36
+ other.resource == resource
37
+ end
38
+
39
+ def compliance
40
+ compliant = unchanged_nodes.count
41
+ non_compliant = events.group_by(&:certname).count
42
+ total = compliant + non_compliant
43
+ percentage = if total.zero?
44
+ 0
45
+ else
46
+ compliant / total
47
+ end
48
+
49
+ {
50
+ 'compliant' => events.empty?,
51
+ 'events' => {
52
+ 'percentage' => percentage,
53
+ 'compliant' => compliant,
54
+ 'non_compliant' => non_compliant,
55
+ 'total' => total
56
+ }
57
+ }
58
+ end
59
+ end
60
+ end
data/lib/kriterion/section.rb ADDED
@@ -0,0 +1,32 @@
1
+ require 'securerandom'
2
+ require 'kriterion/object'
3
+
4
+ class Kriterion
5
+ class Section < Kriterion::Object
6
+ attr_accessor :uuid
7
+ attr_accessor :name
8
+ attr_accessor :standard
9
+ attr_accessor :description
10
+ attr_accessor :items
11
+ attr_accessor :sections
12
+
13
+ def initialize(data)
14
+ @uuid = data['uuid'] || SecureRandom.uuid
15
+ @name = data['name']
16
+ @standard = data['standard']
17
+ @description = data['description']
18
+ @items = data['items'] || []
19
+ @sections = data['sections'] || []
20
+ @parent_type = data['parent_type']
21
+ @parent_uuid = data['parent_uuid']
22
+ end
23
+
24
+ def type
25
+ :section
26
+ end
27
+
28
+ def compliance
29
+ super([items, sections].flatten)
30
+ end
31
+ end
32
+ end
data/lib/kriterion/standard.rb ADDED
@@ -0,0 +1,65 @@
1
+
2
+ require 'kriterion/object'
3
+
4
+ class Kriterion
5
+ class Standard < Kriterion::Object
6
+ @@standards = []
7
+
8
+ attr_accessor :uuid
9
+ attr_accessor :name
10
+ attr_accessor :date
11
+ attr_accessor :description
12
+ attr_accessor :title
13
+ attr_accessor :version
14
+ attr_accessor :item_syntax
15
+ attr_accessor :section_separator
16
+ attr_accessor :sections
17
+ attr_accessor :items
18
+
19
+ def initialize(data)
20
+ @uuid = data['uuid'] || SecureRandom.uuid
21
+ @name = data['name']
22
+ @date = data['date']
23
+ @description = data['description']
24
+ @title = data['title']
25
+ @version = data['version']
26
+ @item_syntax = if data['item_syntax'].is_a? Regexp
27
+ data['item_syntax']
28
+ else
29
+ Regexp.new(data['item_syntax'])
30
+ end
31
+ @section_separator = data['section_separator']
32
+ @sections = data['sections'] || []
33
+ @items = data['items'] || []
34
+ end
35
+
36
+ def self.get(name)
37
+ # Reload all standards
38
+ Kriterion::Standard.reload_all!
39
+
40
+ results = @@standards.select { |s| s.name == name }
41
+
42
+ case results.length
43
+ when 0
44
+ raise "No standards found with name: #{name}"
45
+ when 1
46
+ results.first
47
+ else
48
+ raise "Multiple standards found with #{name}"
49
+ end
50
+ end
51
+
52
+ def self.reload_all!
53
+ backend = Kriterion::Backend.get
54
+ @@standards = backend.standards
55
+ end
56
+
57
+ def type
58
+ :standard
59
+ end
60
+
61
+ def compliance
62
+ super([items, sections].flatten)
63
+ end
64
+ end
65
+ end