octool 0.0.6 → 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/octool/parser.rb +12 -12
- data/lib/octool/system.rb +13 -16
- data/lib/octool/version.rb +1 -1
- data/lib/octool.rb +0 -1
- data/octool.rdoc +1 -1
- data/templates/ssp.erb +28 -28
- metadata +1 -15
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6fecd506f9519e5dea7be955335b43359dc1cf4b9b1f996410c952ec72384471
|
4
|
+
data.tar.gz: f841b91bd3e05d74a1dd90c634a9274119870bdb8698ac2c19685dd727ee6f06
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 725f37921c2943422622aad442451cf7178edd98b3f23f02ebcc27030f498290689711345a40baa160bc3054929cac00e1e2f2ff8a39cf0db6de75014a9cd324
|
7
|
+
data.tar.gz: 68e8b51a7784db9cb243caae5122faf05dfdcbb05b822b69b9afed5fff58fd857a93606d8adf7c5b62457642b6d6df30b4a5db2dd3f2e480f08905d6ccd36fb7
|
data/lib/octool/parser.rb
CHANGED
@@ -41,12 +41,12 @@ module OCTool
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def validate_file(path, type)
|
44
|
-
|
45
|
-
data =
|
46
|
-
errors =
|
44
|
+
kwalify = kwalifyer(type)
|
45
|
+
data = kwalify.parse_file(path)
|
46
|
+
errors = kwalify.errors
|
47
47
|
raise ValidationError.new(path, errors) unless errors.empty?
|
48
48
|
|
49
|
-
|
49
|
+
data
|
50
50
|
rescue SystemCallError, Kwalify::SyntaxError, ValidationError => e
|
51
51
|
die e.message
|
52
52
|
end
|
@@ -88,14 +88,14 @@ module OCTool
|
|
88
88
|
end
|
89
89
|
|
90
90
|
def parsed_component(component)
|
91
|
-
component
|
91
|
+
component['attestations'].map! do |a|
|
92
92
|
# Add a "component_key" field to each attestation.
|
93
|
-
a['component_key'] = component
|
94
|
-
a
|
93
|
+
a['component_key'] = component['component_key']
|
94
|
+
a['satisfies'].map! do |s|
|
95
95
|
# Add "attestation_key" to each control satisfied by this attestation.
|
96
|
-
s['attestation_key'] = a
|
96
|
+
s['attestation_key'] = a['summary']
|
97
97
|
# Add "component_key" to each control satisfied by this attestation.
|
98
|
-
s['component_key'] = component
|
98
|
+
s['component_key'] = component['component_key']
|
99
99
|
s
|
100
100
|
end
|
101
101
|
a
|
@@ -105,13 +105,13 @@ module OCTool
|
|
105
105
|
|
106
106
|
def parsed_standard(standard)
|
107
107
|
# Add 'standard_key' to each control family and to each control.
|
108
|
-
standard
|
109
|
-
standard
|
108
|
+
standard['families'].map! { |f| f['standard_key'] = standard['standard_key']; f }
|
109
|
+
standard['controls'].map! { |c| c['standard_key'] = standard['standard_key']; c }
|
110
110
|
standard
|
111
111
|
end
|
112
112
|
|
113
113
|
def parsed_certification(cert)
|
114
|
-
cert
|
114
|
+
cert['requires'].map! { |r| r['certification_key'] = cert['certification_key']; r }
|
115
115
|
cert
|
116
116
|
end
|
117
117
|
|
data/lib/octool/system.rb
CHANGED
@@ -23,56 +23,53 @@ module OCTool
|
|
23
23
|
end
|
24
24
|
|
25
25
|
def certifications
|
26
|
-
@certifications ||= data.select { |e| e
|
26
|
+
@certifications ||= data.select { |e| e['type'] == 'certification' }
|
27
27
|
end
|
28
28
|
|
29
29
|
def components
|
30
|
-
@components ||= data.select { |e| e
|
30
|
+
@components ||= data.select { |e| e['type'] == 'component' }
|
31
31
|
end
|
32
32
|
|
33
33
|
def standards
|
34
|
-
@standards ||= data.select { |e| e
|
34
|
+
@standards ||= data.select { |e| e['type'] == 'standard' }
|
35
35
|
end
|
36
36
|
|
37
37
|
# List of all attestations claimed by components in the system.
|
38
38
|
def attestations
|
39
|
-
@attestations ||= components.map
|
39
|
+
@attestations ||= components.map { |c| c['attestations'] }.flatten
|
40
40
|
end
|
41
41
|
|
42
42
|
# List of all coverages.
|
43
43
|
def satisfies
|
44
|
-
@satisfies ||= attestations.map
|
44
|
+
@satisfies ||= attestations.map { |a| a['satisfies'] }.flatten
|
45
45
|
end
|
46
46
|
|
47
47
|
# List of all controls defined by standards in the system.
|
48
48
|
def controls
|
49
|
-
@controls ||= standards.map
|
49
|
+
@controls ||= standards.map { |s| s['controls'] }.flatten
|
50
50
|
end
|
51
51
|
|
52
52
|
# List of all families defined by standards in the system.
|
53
53
|
def families
|
54
|
-
@families ||= standards.map
|
54
|
+
@families ||= standards.map { |s| s['families'] }.flatten
|
55
55
|
end
|
56
56
|
|
57
57
|
# List of required controls for all certifications.
|
58
58
|
def requires
|
59
|
-
@requires ||= certifications.map
|
59
|
+
@requires ||= certifications.map { |c| c['requires'] }.flatten
|
60
60
|
end
|
61
61
|
|
62
62
|
def dump(writable_dir)
|
63
|
-
TABLE_NAMES.each do |
|
64
|
-
write_csv method(
|
63
|
+
TABLE_NAMES.each do |table|
|
64
|
+
write_csv method(table.to_sym).call, File.join(writable_dir, "#{table}.csv")
|
65
65
|
end
|
66
66
|
end
|
67
67
|
|
68
68
|
# Convert array of hashes into a CSV.
|
69
69
|
def write_csv(ary, filename)
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
# Throw away nested hashes.
|
74
|
-
e.reject { |_, val| val.is_a?(Enumerable) }
|
75
|
-
end
|
70
|
+
# Throw away nested hashes. The parser already created separate tables for them.
|
71
|
+
ary = ary.map { |e| e.reject { |_, val| val.is_a?(Enumerable) } }
|
72
|
+
|
76
73
|
warn "[INFO] write #{filename}"
|
77
74
|
CSV.open(filename, 'wb') do |csv|
|
78
75
|
column_names = ary.first.keys
|
data/lib/octool/version.rb
CHANGED
data/lib/octool.rb
CHANGED
data/octool.rdoc
CHANGED
data/templates/ssp.erb
CHANGED
@@ -1,25 +1,25 @@
|
|
1
1
|
---
|
2
|
-
<% if @system.config
|
2
|
+
<% if @system.config['logo'] -%>
|
3
3
|
title: |
|
4
|
-
![](<%= @system.config
|
4
|
+
![](<%= @system.config['logo']['path'] -%>){width=<%= @system.config['logo']['width'] %>}
|
5
5
|
|
6
|
-
<%= @system.config
|
6
|
+
<%= @system.config['name'] %>
|
7
7
|
<% else %>
|
8
|
-
title: "<%= @system.config
|
8
|
+
title: "<%= @system.config['name'] -%>"
|
9
9
|
<% end %>
|
10
10
|
|
11
11
|
subtitle: "System Security Plan"
|
12
12
|
|
13
13
|
author:
|
14
|
-
<% @system.config
|
14
|
+
<% @system.config['maintainers'].each do |maintainer| %>
|
15
15
|
- <%= maintainer -%>
|
16
16
|
<% end %>
|
17
17
|
|
18
18
|
absract: |
|
19
|
-
<%= @system.config
|
19
|
+
<%= @system.config['metadata']['abstract'] rescue 'None' %>
|
20
20
|
|
21
21
|
description: |
|
22
|
-
<%= @system.config
|
22
|
+
<%= @system.config['metadata']['description'] rescue 'None' %>
|
23
23
|
|
24
24
|
fontsize: 11pt
|
25
25
|
mainfont: NotoSans
|
@@ -54,18 +54,18 @@ geometry:
|
|
54
54
|
- bottom=2cm
|
55
55
|
---
|
56
56
|
|
57
|
-
# <%= @system.config
|
57
|
+
# <%= @system.config['name'] %>
|
58
58
|
|
59
59
|
## Overview
|
60
60
|
|
61
|
-
<%= @system.config
|
61
|
+
<%= @system.config['overview'] %>
|
62
62
|
|
63
63
|
## Standards
|
64
64
|
|
65
65
|
This System Security Plan (SSP) addresses these standards:
|
66
66
|
|
67
67
|
<% @system.standards.each do |s| -%>
|
68
|
-
- <%= s
|
68
|
+
- <%= s['name'] %>
|
69
69
|
<% end %>
|
70
70
|
|
71
71
|
The full copy of each standard is included in the appendix.
|
@@ -74,30 +74,30 @@ The full copy of each standard is included in the appendix.
|
|
74
74
|
## Components
|
75
75
|
|
76
76
|
<% @system.components.each do |c| %>
|
77
|
-
### <%= c
|
77
|
+
### <%= c['name'] %>
|
78
78
|
|
79
|
-
<%= c
|
79
|
+
<%= c['description'] %>
|
80
80
|
|
81
|
-
<% if c
|
81
|
+
<% if c['attestations'].empty? %>
|
82
82
|
_The organization has not yet documented attestations for this component_.
|
83
83
|
<% else %>
|
84
84
|
The organization offers the following attestations for this component.
|
85
85
|
<% end %>
|
86
86
|
|
87
|
-
<% c
|
88
|
-
#### <%= a
|
87
|
+
<% c['attestations'].each do |a| %>
|
88
|
+
#### <%= a['summary'] %>
|
89
89
|
|
90
|
-
Status: <%= a
|
90
|
+
Status: <%= a['status'] %>
|
91
91
|
|
92
|
-
Date verified: <%= a
|
92
|
+
Date verified: <%= a['date_verified'] if a['date_verified'] %>
|
93
93
|
|
94
94
|
Satisfies:
|
95
95
|
|
96
|
-
<% a
|
97
|
-
- <%= cid
|
96
|
+
<% a['satisfies'].each do |cid| -%>
|
97
|
+
- <%= cid['standard_key'] %> control <%= cid['control_key'] %>
|
98
98
|
<% end -%>
|
99
99
|
|
100
|
-
<%= a
|
100
|
+
<%= a['narrative'] %>
|
101
101
|
|
102
102
|
<% end %>
|
103
103
|
<% end %>
|
@@ -106,14 +106,14 @@ Satisfies:
|
|
106
106
|
# Appendix: Standards
|
107
107
|
|
108
108
|
<% @system.standards.each do |s| %>
|
109
|
-
## <%=s
|
109
|
+
## <%=s['name'] %>
|
110
110
|
|
111
|
-
<% if s
|
111
|
+
<% if s['families'] and !s['families'].empty? %>
|
112
112
|
### Families
|
113
113
|
|
114
|
-
<% s
|
115
|
-
<%= family
|
116
|
-
~ <%= family
|
114
|
+
<% s['families'].each do |family| %>
|
115
|
+
<%= family['family_key'] %>
|
116
|
+
~ <%= family['name'] %>
|
117
117
|
|
118
118
|
<% end %>
|
119
119
|
|
@@ -121,10 +121,10 @@ Satisfies:
|
|
121
121
|
|
122
122
|
### Controls
|
123
123
|
|
124
|
-
<% s
|
125
|
-
#### Control <%= c
|
124
|
+
<% s['controls'].each do |c| %>
|
125
|
+
#### Control <%= c['control_key'] -%>: <%= c['name'] %>
|
126
126
|
|
127
|
-
<%= c
|
127
|
+
<%= c['description'] %>
|
128
128
|
|
129
129
|
<% end %>
|
130
130
|
<% end %>
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: octool
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Paul Morgan
|
@@ -134,20 +134,6 @@ dependencies:
|
|
134
134
|
- - '='
|
135
135
|
- !ruby/object:Gem::Version
|
136
136
|
version: 0.4.0.1
|
137
|
-
- !ruby/object:Gem::Dependency
|
138
|
-
name: recursive-open-struct
|
139
|
-
requirement: !ruby/object:Gem::Requirement
|
140
|
-
requirements:
|
141
|
-
- - '='
|
142
|
-
- !ruby/object:Gem::Version
|
143
|
-
version: 1.1.1
|
144
|
-
type: :runtime
|
145
|
-
prerelease: false
|
146
|
-
version_requirements: !ruby/object:Gem::Requirement
|
147
|
-
requirements:
|
148
|
-
- - '='
|
149
|
-
- !ruby/object:Gem::Version
|
150
|
-
version: 1.1.1
|
151
137
|
description:
|
152
138
|
email: jumanjiman@gmail.com
|
153
139
|
executables:
|