RubyGems - opencontrol-linter - Versions diffs - 0.1.4 → 0.1.5 - Mend

opencontrol-linter 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/exe/opencontrol2cfacts +181 -36
data/lib/opencontrol/inspector.rb +37 -0
data/lib/opencontrol/version.rb +1 -1
data/vendor/schemas/examples/component_v3.1.0.yaml +1 -1
metadata +31 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c357e597012b9d0a0d3e39d2142641b07da23a7a4b76c3f6354a7a7f71293b2a
-  data.tar.gz: 56ce59414bc589a19ea9c6d48be26fe7179c157693180314d03ac8bf7537e756
+  metadata.gz: ed96388c4ae00d37b78992687c43e054b5a8d043db7f7f28fbb1702723055932
+  data.tar.gz: c66468f2db29a8ea4de93d228c3c1d02efa3a6409c5e1e4a3e387977c490570c
 SHA512:
-  metadata.gz: 127982ea79db363912df7ae1c6e30dc148b3c7dc6d256d446892fbbb24262c31e2db38faf49ababcde44b51874d3aa8e9e99a1120f5f77d2ef8a453677ecd8dd
-  data.tar.gz: 86724dbdbda2d39d63239481b064a4c41bb68bf341bbad26fc50a11ce7e540e70a0a2bd432d280ead7e33019b71be342e6959d6794609e500340d72a912f9f1e
+  metadata.gz: bd127b83e300f08a26191b67e960f5acc1cc1fb79c8100ec10c9373956017f69ae2833a5aa083211f6cd3b0e2406135ee87641633211553078ec9513feb78ca9
+  data.tar.gz: 73289f4f62be55c3e42eee035257790571e832468c2aa3acee38c224bcee3020fdeffe38d9d618f39d1d9a6f2317693ada7285edf1d79ae302b8cab43d7969e8

data/exe/opencontrol2cfacts CHANGED

@@ -1,53 +1,198 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
-require "yaml"
-require "json"
-require "pp"
+require 'yaml'
+require 'json'
+require 'pp'
 require 'date'
-require 'csv'
 require 'colorize'
+require 'rubyXL'
+require 'rubyXL/convenience_methods/cell'
+require 'rationalist'
-DEFAULT_OPENCONTROLS_FILENAME = "./opencontrols/opencontrol.yaml".freeze
-CFACTS_COLUMNS = ['Control Key', 'Response']
-opencontrols_filename = DEFAULT_OPENCONTROLS_FILENAME
-cfacts_csv_filename = "./opencontrols/opencontrol.cfacts.csv".freeze
+CFACTS_WORKBOOK_INDEX = 0
+CFACTS_CONTROL_KEY_COLUMN_INDEX = 1
+CFACTS_NARRATIVE_COLUMN_INDEX = 4
-puts "OpenControl conversion to CSV CFACTS format starting".green
+DEFAULT_OPENCONTROLS_FILENAME = './opencontrols/opencontrol.yaml'
+DEFAULT_CFACTS_XLSX_FILENAME = './assets/opencontrol.cfacts.xlsx'
+DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME = './opencontrols/opencontrol.cfacts.xlsx'
-if not File.exists?(opencontrols_filename)
-  puts "Expected an opencontrol.yaml, but could not find opencontrol.yaml " +
-  "in this directory.".red
-  exit(1)
+USAGE_TEXT = <<USAGE_TEXT
+    usage: opencontrol2cfacts
+    Usually used with a control masonry process that outputs merged yaml results.
+    optional arguments:
+      -h, --help            show this help message and exit
+      -i, --cfacts_in_filename --input
+                            Specify the xlsx spreadsheet file input from cfacts
+                            (this should contain your various id's).
+                            defaults to #{DEFAULT_CFACTS_XLSX_FILENAME}
+      -o, --cfacts_out_filename --output
+                            Specify the xlsx spreadsheet file output for cfacts
+                            (this should contain your various id's).
+                            defaults to #{DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME}
+      -v, --version         Show the version of this utility.
+    Usage examples:
+        # convert using default directories #{DEFAULT_OPENCONTROLS_FILENAME}
+        # #{DEFAULT_CFACTS_XLSX_FILENAME} to #{DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME}
+         opencontrol2cfacts
+        # lint all components subdir components
+         opencontrol2cfacts --input './cfacts.inputfile.xslx'
+USAGE_TEXT
+ALIASES = {
+  input: %w[i cfacts_in_filename],
+  output: %w[o cfacts_out_filename],
+  controls: %w[c opencontrols_filename],
+  help: 'h',
+  version: 'v'
+}.freeze
+VERSION = '0.1'
+def write_when_empty_merge_strategy(row, narrative)
+  if row[CFACTS_NARRATIVE_COLUMN_INDEX].nil? ||
+     row[CFACTS_NARRATIVE_COLUMN_INDEX].value.nil? ||
+     row[CFACTS_NARRATIVE_COLUMN_INDEX].value.strip == ''
+    row[CFACTS_NARRATIVE_COLUMN_INDEX].change_contents(narrative)
+  end
+end
+def merge_response(row, narrative)
+  write_when_empty_merge_strategy(row, narrative)
+end
+def read_opencontrols_yaml(opencontrols_filename)
+  puts ' . Reading OpenControl components:'
+  YAML.load_file(opencontrols_filename)
+end
+def build_narrative(key, control, control_responses)
+  control['narrative'].each do |narrative|
+    control_responses[key]['text'] += key + "\n"
+    control_responses[key]['text'] += narrative['text']
+    control_responses[key]['text'] += "\n"
+  end
+end
+def narrative?(key, control_responses)
+  control_responses[key].key?('text')
+end
+def build_control_response(key, control, control_responses)
+  control_responses[key] = {} unless control_responses.key?(key)
+  control_responses[key]['text'] = '' unless narrative?(key, control_responses)
+  control_responses[key]['control_key'] = control['control_key']
+  control_responses[key]['standard_key'] = control['standard_key']
+  build_narrative(key, control, control_responses)
+end
+def key_for_control(control)
+  "#{control['standard_key']} #{control['control_key']}"
+end
+def build_control_responses(opencontrols)
+  control_responses = {}
+  opencontrols['data']['components'].each do |component|
+    puts "    . #{component['name']}"
+    component['satisfies'].each do |control|
+      key = key_for_control(control)
+      build_control_response(key, control, control_responses)
+    end
+  end
+  control_responses
+end
+def row_malformed?(row)
+  row.nil? || row.size < CFACTS_CONTROL_KEY_COLUMN_INDEX
 end
-puts " . Reading OpenControl components:"
-control_responses = {}
-opencontrols = YAML.load_file(opencontrols_filename)
-opencontrols['data']['components'].each do |component|
-  puts "    . #{component['name']}"
-  component['satisfies'].each do |control|
-    key = "#{control['standard_key']} #{control['control_key']}"
-    control_responses[key] = {} unless control_responses.has_key?(key)
-    control_responses[key]['text'] = "" unless control_responses[key].has_key?('text')
-    control_responses[key]['control_key'] = control['control_key']
-    control_responses[key]['standard_key'] = control['standard_key']
-    control['narrative'].each do |narrative|
-      control_responses[key]['text'] += key + "\n"
-      control_responses[key]['text'] += narrative['text']
-      control_responses[key]['text'] += "\n"
+def control_key_matches?(control_key, control_response)
+  control_key == control_response['control_key'].strip
+end
+def maybe_merge_into_row(row, row_number, control_response)
+  if row_malformed?(row)
+    puts "Skip malformed row (line no. #{row_number} [#{row}])" unless row.nil?
+  else
+    control_key = row[CFACTS_CONTROL_KEY_COLUMN_INDEX].value.strip
+    # puts "Searching in row #{control_key}"
+    if control_key_matches?(control_key, control_response)
+      merge_response(row, control_response['text'])
     end
   end
 end
-puts " . Building CFACTS file:"
-CSV.open(cfacts_csv_filename, "w") do |csv|
-  csv << CFACTS_COLUMNS
-  control_responses.each do |key, control_response|
-    puts "    . #{control_response['control_key']}"
-    csv << [control_response['control_key'], control_response['text']]
+def locate_and_merge_control(worksheet, control_response)
+  puts "    . #{control_response['control_key']}"
+  # we have to locate the key in the sheet - skip the titles row
+  1.upto(worksheet.sheet_data.size) do |row_number|
+    row = worksheet[row_number]
+    maybe_merge_into_row(row, row_number, control_response)
   end
 end
-puts "Completed (OpenControl 2 CFACTS)".green
+def update_workbook(in_filename, control_responses, out_filename)
+  puts ' . Building CFACTS file:'
+  workbook = RubyXL::Parser.parse(in_filename)
+  worksheet = workbook[CFACTS_WORKBOOK_INDEX]
+  control_responses.each do |_key, control_response|
+    locate_and_merge_control(worksheet, control_response)
+  end
+  workbook.write(out_filename)
+end
+def no_opencontrol_exit
+  puts 'Expected an opencontrol.yaml, but could not find opencontrol.yaml ' +
+       'in this directory.'.red
+  exit(1)
+end
+def check_files_exist(opencontrols_filename)
+  no_opencontrol_exit unless File.exist?(opencontrols_filename)
+end
+def self.parse_args(arguments)
+  opts = Rationalist.parse(arguments, alias: ALIASES)
+  exit(show_version)  if opts[:version]
+  exit(show_help)     if opts[:help]
+  opts[:controls] = DEFAULT_OPENCONTROLS_FILENAME unless opts.key?(:controls)
+  opts[:input] = DEFAULT_CFACTS_XLSX_FILENAME unless opts.key?(:input)
+  opts[:output] = DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME unless opts.key?(:output)
+  opts
+end
+def show_help
+  puts USAGE_TEXT
+  0 # exit with no error
+end
+def show_version
+  puts 'opecontrol2cfacts: v' + VERSION
+  puts 'CMS 2019 Adrian Kierman '
+  0 # exit with no error
+end
+def main
+  opts = parse_args(ARGV)
+  opencontrols_filename = opts[:controls]
+  in_filename =           opts[:input]
+  out_filename =          opts[:output]
+  puts 'OpenControl conversion to CSV CFACTS format starting'.green
+  check_files_exist(opencontrols_filename)
+  opencontrols = read_opencontrols_yaml(opencontrols_filename)
+  control_responses = build_control_responses(opencontrols)
+  update_workbook(in_filename, control_responses, out_filename)
+  puts 'Completed (OpenControl 2 CFACTS)'.green
+end
+# only run main if called directly - don't call it if running as a library
+main if $PROGRAM_NAME == __FILE__

data/lib/opencontrol/inspector.rb ADDED

@@ -0,0 +1,37 @@
+require 'yaml'
+require 'json'
+require 'opencontrol'
+require 'rationalist'
+require 'colorize'
+require 'pp'
+require 'active_support/core_ext/hash/indifferent_access'
+certification_key = ''
+certification_filename = "./certifications/#{certification_key}.yaml"
+data = YAML.load_file('./opencontrol.yaml').with_indifferent_access
+data[:standards] = data[:standards].collect do |filename|
+  YAML.load_file(filename)
+end
+data[:components] = data[:components].collect do |filename|
+  YAML.load_file(filename + '/component.yaml')
+end
+# just load the one certification here instead
+data[:certification] = YAML.load_file(certification_filename)
+                         .merge({key: certification_key})
+data = JSON.parse(data.to_json)
+puts data.to_yaml
+# to get the inspector output we want we'd pull in the controls from components where we have controls in the standard
+# we might want to invert the data so that each control is identified in the expected way
+#
+# We want to count up the completion status of the whole project and see where we are easily
+data[:components].each do |component|
+  component[:satisfies] = component[:satisfies].select do |control|
+    data[:certification][:standards][control[:standard_key]].keys.include? control[:control_key]
+  end
+end
+# after this we want to iterate the components and add up the status of the components in terms of implementation

data/lib/opencontrol/version.rb CHANGED

@@ -3,7 +3,7 @@
 module Opencontrol
   # This module holds the Opencontrol Linter version information.
   module Version
-    STRING = '0.1.4'.freeze
+    STRING = '0.1.5'.freeze
     MSG = '%<version>s (using Parser %<parser_version>s, running on ' \
           '%<ruby_engine>s %<ruby_version>s %<ruby_platform>s)'.freeze

data/vendor/schemas/examples/component_v3.1.0.yaml CHANGED

@@ -69,7 +69,7 @@ satisfies:
       - text: "Justification in narrative form for 2.1"
     standard_key: PCI-DSS-MAY-2015
 responsible_role: "AWS Staff"
-schema_version: 3.0.0
+schema_version: 3.1.0
 verifications:
   - key: EC2_Verification_2
     name: EC2 Governor 2

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: opencontrol-linter
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Adrian Kierman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-27 00:00:00.000000000 Z
+date: 2019-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -143,6 +143,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.4
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.2.1
+- !ruby/object:Gem::Dependency
+  name: rubyXL
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.3
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -279,6 +307,7 @@ files:
 - exe/opencontrol2cfacts
 - lib/opencontrol.rb
 - lib/opencontrol/cli.rb
+- lib/opencontrol/inspector.rb
 - lib/opencontrol/linter.rb
 - lib/opencontrol/messages.rb
 - lib/opencontrol/version.rb