RubyGems - opencontrol-linter - Versions diffs - 0.1.4 → 0.1.5 - Mend

opencontrol-linter 0.1.4 → 0.1.5

Files changed (6) hide show

checksums.yaml +4 -4
data/exe/opencontrol2cfacts +181 -36
data/lib/opencontrol/inspector.rb +37 -0
data/lib/opencontrol/version.rb +1 -1
data/vendor/schemas/examples/component_v3.1.0.yaml +1 -1
metadata +31 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c357e597012b9d0a0d3e39d2142641b07da23a7a4b76c3f6354a7a7f71293b2a
-  data.tar.gz: 56ce59414bc589a19ea9c6d48be26fe7179c157693180314d03ac8bf7537e756
+  metadata.gz: ed96388c4ae00d37b78992687c43e054b5a8d043db7f7f28fbb1702723055932
+  data.tar.gz: c66468f2db29a8ea4de93d228c3c1d02efa3a6409c5e1e4a3e387977c490570c
 SHA512:
-  metadata.gz: 127982ea79db363912df7ae1c6e30dc148b3c7dc6d256d446892fbbb24262c31e2db38faf49ababcde44b51874d3aa8e9e99a1120f5f77d2ef8a453677ecd8dd
-  data.tar.gz: 86724dbdbda2d39d63239481b064a4c41bb68bf341bbad26fc50a11ce7e540e70a0a2bd432d280ead7e33019b71be342e6959d6794609e500340d72a912f9f1e
+  metadata.gz: bd127b83e300f08a26191b67e960f5acc1cc1fb79c8100ec10c9373956017f69ae2833a5aa083211f6cd3b0e2406135ee87641633211553078ec9513feb78ca9
+  data.tar.gz: 73289f4f62be55c3e42eee035257790571e832468c2aa3acee38c224bcee3020fdeffe38d9d618f39d1d9a6f2317693ada7285edf1d79ae302b8cab43d7969e8

data/exe/opencontrol2cfacts CHANGED

@@ -1,53 +1,198 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
-require "yaml"
-require "json"
-require "pp"
+require 'yaml'
+require 'json'
+require 'pp'
 require 'date'
-require 'csv'
 require 'colorize'
+require 'rubyXL'
+require 'rubyXL/convenience_methods/cell'
+require 'rationalist'
-DEFAULT_OPENCONTROLS_FILENAME = "./opencontrols/opencontrol.yaml".freeze
-CFACTS_COLUMNS = ['Control Key', 'Response']
-opencontrols_filename = DEFAULT_OPENCONTROLS_FILENAME
-cfacts_csv_filename = "./opencontrols/opencontrol.cfacts.csv".freeze
+CFACTS_WORKBOOK_INDEX = 0
+CFACTS_CONTROL_KEY_COLUMN_INDEX = 1
+CFACTS_NARRATIVE_COLUMN_INDEX = 4
-puts "OpenControl conversion to CSV CFACTS format starting".green
+DEFAULT_OPENCONTROLS_FILENAME = './opencontrols/opencontrol.yaml'
+DEFAULT_CFACTS_XLSX_FILENAME = './assets/opencontrol.cfacts.xlsx'
+DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME = './opencontrols/opencontrol.cfacts.xlsx'
-if not File.exists?(opencontrols_filename)
-  puts "Expected an opencontrol.yaml, but could not find opencontrol.yaml " +
-  "in this directory.".red
-  exit(1)
+USAGE_TEXT = <<USAGE_TEXT
+    usage: opencontrol2cfacts
+    Usually used with a control masonry process that outputs merged yaml results.
+    optional arguments:
+      -h, --help            show this help message and exit
+      -i, --cfacts_in_filename --input
+                            Specify the xlsx spreadsheet file input from cfacts
+                            (this should contain your various id's).
+                            defaults to #{DEFAULT_CFACTS_XLSX_FILENAME}
+      -o, --cfacts_out_filename --output
+                            Specify the xlsx spreadsheet file output for cfacts
+                            (this should contain your various id's).
+                            defaults to #{DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME}
+      -v, --version         Show the version of this utility.
+    Usage examples:
+        # convert using default directories #{DEFAULT_OPENCONTROLS_FILENAME}
+        # #{DEFAULT_CFACTS_XLSX_FILENAME} to #{DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME}
+         opencontrol2cfacts
+        # lint all components subdir components
+         opencontrol2cfacts --input './cfacts.inputfile.xslx'
+USAGE_TEXT
+ALIASES = {
+  input: %w[i cfacts_in_filename],
+  output: %w[o cfacts_out_filename],
+  controls: %w[c opencontrols_filename],
+  help: 'h',
+  version: 'v'
+}.freeze
+VERSION = '0.1'
+def write_when_empty_merge_strategy(row, narrative)
+  if row[CFACTS_NARRATIVE_COLUMN_INDEX].nil? ||
+     row[CFACTS_NARRATIVE_COLUMN_INDEX].value.nil? ||
+     row[CFACTS_NARRATIVE_COLUMN_INDEX].value.strip == ''
+    row[CFACTS_NARRATIVE_COLUMN_INDEX].change_contents(narrative)
+  end
+end
+def merge_response(row, narrative)
+  write_when_empty_merge_strategy(row, narrative)
+end
+def read_opencontrols_yaml(opencontrols_filename)
+  puts ' . Reading OpenControl components:'
+  YAML.load_file(opencontrols_filename)
+end
+def build_narrative(key, control, control_responses)
+  control['narrative'].each do |narrative|
+    control_responses[key]['text'] += key + "\n"
+    control_responses[key]['text'] += narrative['text']
+    control_responses[key]['text'] += "\n"
+  end
+end
+def narrative?(key, control_responses)
+  control_responses[key].key?('text')
+end
+def build_control_response(key, control, control_responses)
+  control_responses[key] = {} unless control_responses.key?(key)
+  control_responses[key]['text'] = '' unless narrative?(key, control_responses)
+  control_responses[key]['control_key'] = control['control_key']
+  control_responses[key]['standard_key'] = control['standard_key']
+  build_narrative(key, control, control_responses)
+end
+def key_for_control(control)
+  "#{control['standard_key']} #{control['control_key']}"
+end
+def build_control_responses(opencontrols)
+  control_responses = {}
+  opencontrols['data']['components'].each do |component|
+    puts "    . #{component['name']}"
+    component['satisfies'].each do |control|
+      key = key_for_control(control)
+      build_control_response(key, control, control_responses)
+    end
+  end
+  control_responses
+end
+def row_malformed?(row)
+  row.nil? || row.size < CFACTS_CONTROL_KEY_COLUMN_INDEX
 end
-puts " . Reading OpenControl components:"
-control_responses = {}
-opencontrols = YAML.load_file(opencontrols_filename)
-opencontrols['data']['components'].each do |component|
-  puts "    . #{component['name']}"
-  component['satisfies'].each do |control|
-    key = "#{control['standard_key']} #{control['control_key']}"
-    control_responses[key] = {} unless control_responses.has_key?(key)
-    control_responses[key]['text'] = "" unless control_responses[key].has_key?('text')
-    control_responses[key]['control_key'] = control['control_key']
-    control_responses[key]['standard_key'] = control['standard_key']
-    control['narrative'].each do |narrative|
-      control_responses[key]['text'] += key + "\n"
-      control_responses[key]['text'] += narrative['text']
-      control_responses[key]['text'] += "\n"
+def control_key_matches?(control_key, control_response)
+  control_key == control_response['control_key'].strip
+end
+def maybe_merge_into_row(row, row_number, control_response)
+  if row_malformed?(row)
+    puts "Skip malformed row (line no. #{row_number} [#{row}])" unless row.nil?
+  else
+    control_key = row[CFACTS_CONTROL_KEY_COLUMN_INDEX].value.strip
+    # puts "Searching in row #{control_key}"
+    if control_key_matches?(control_key, control_response)
+      merge_response(row, control_response['text'])
     end
   end
 end
-puts " . Building CFACTS file:"
-CSV.open(cfacts_csv_filename, "w") do |csv|
-  csv << CFACTS_COLUMNS
-  control_responses.each do |key, control_response|
-    puts "    . #{control_response['control_key']}"
-    csv << [control_response['control_key'], control_response['text']]
+def locate_and_merge_control(worksheet, control_response)
+  puts "    . #{control_response['control_key']}"
+  # we have to locate the key in the sheet - skip the titles row
+  1.upto(worksheet.sheet_data.size) do |row_number|
+    row = worksheet[row_number]
+    maybe_merge_into_row(row, row_number, control_response)
   end
 end
-puts "Completed (OpenControl 2 CFACTS)".green
+def update_workbook(in_filename, control_responses, out_filename)
+  puts ' . Building CFACTS file:'
+  workbook = RubyXL::Parser.parse(in_filename)
+  worksheet = workbook[CFACTS_WORKBOOK_INDEX]
+  control_responses.each do |_key, control_response|
+    locate_and_merge_control(worksheet, control_response)
+  end
+  workbook.write(out_filename)
+end
+def no_opencontrol_exit
+  puts 'Expected an opencontrol.yaml, but could not find opencontrol.yaml ' +
+       'in this directory.'.red
+  exit(1)
+end
+def check_files_exist(opencontrols_filename)
+  no_opencontrol_exit unless File.exist?(opencontrols_filename)
+end
+def self.parse_args(arguments)
+  opts = Rationalist.parse(arguments, alias: ALIASES)
+  exit(show_version)  if opts[:version]
+  exit(show_help)     if opts[:help]
+  opts[:controls] = DEFAULT_OPENCONTROLS_FILENAME unless opts.key?(:controls)
+  opts[:input] = DEFAULT_CFACTS_XLSX_FILENAME unless opts.key?(:input)
+  opts[:output] = DEFAULT_CFACTS_XLSX_OUTPUT_FILENAME unless opts.key?(:output)
+  opts
+end
+def show_help
+  puts USAGE_TEXT
+  0 # exit with no error
+end
+def show_version
+  puts 'opecontrol2cfacts: v' + VERSION
+  puts 'CMS 2019 Adrian Kierman '
+  0 # exit with no error
+end
+def main
+  opts = parse_args(ARGV)
+  opencontrols_filename = opts[:controls]
+  in_filename =           opts[:input]
+  out_filename =          opts[:output]
+  puts 'OpenControl conversion to CSV CFACTS format starting'.green
+  check_files_exist(opencontrols_filename)
+  opencontrols = read_opencontrols_yaml(opencontrols_filename)
+  control_responses = build_control_responses(opencontrols)
+  update_workbook(in_filename, control_responses, out_filename)
+  puts 'Completed (OpenControl 2 CFACTS)'.green
+end
+# only run main if called directly - don't call it if running as a library
+main if $PROGRAM_NAME == __FILE__

data/lib/opencontrol/inspector.rb ADDED

@@ -0,0 +1,37 @@
+require 'yaml'
+require 'json'
+require 'opencontrol'
+require 'rationalist'
+require 'colorize'
+require 'pp'
+require 'active_support/core_ext/hash/indifferent_access'
+certification_key = ''
+certification_filename = "./certifications/#{certification_key}.yaml"
+data = YAML.load_file('./opencontrol.yaml').with_indifferent_access
+data[:standards] = data[:standards].collect do |filename|
+  YAML.load_file(filename)
+end
+data[:components] = data[:components].collect do |filename|
+  YAML.load_file(filename + '/component.yaml')
+end
+# just load the one certification here instead
+data[:certification] = YAML.load_file(certification_filename)
+                         .merge({key: certification_key})
+data = JSON.parse(data.to_json)
+puts data.to_yaml
+# to get the inspector output we want we'd pull in the controls from components where we have controls in the standard
+# we might want to invert the data so that each control is identified in the expected way
+#
+# We want to count up the completion status of the whole project and see where we are easily
+data[:components].each do |component|
+  component[:satisfies] = component[:satisfies].select do |control|
+    data[:certification][:standards][control[:standard_key]].keys.include? control[:control_key]
+  end
+end
+# after this we want to iterate the components and add up the status of the components in terms of implementation

data/lib/opencontrol/version.rb CHANGED

@@ -3,7 +3,7 @@
 module Opencontrol
   # This module holds the Opencontrol Linter version information.
   module Version
-    STRING = '0.1.4'.freeze
+    STRING = '0.1.5'.freeze
     MSG = '%<version>s (using Parser %<parser_version>s, running on ' \
           '%<ruby_engine>s %<ruby_version>s %<ruby_platform>s)'.freeze

data/vendor/schemas/examples/component_v3.1.0.yaml CHANGED

@@ -69,7 +69,7 @@ satisfies:
       - text: "Justification in narrative form for 2.1"
     standard_key: PCI-DSS-MAY-2015
 responsible_role: "AWS Staff"
-schema_version: 3.0.0
+schema_version: 3.1.0
 verifications:
   - key: EC2_Verification_2
     name: EC2 Governor 2

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: opencontrol-linter
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Adrian Kierman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-27 00:00:00.000000000 Z
+date: 2019-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -143,6 +143,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.4
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.2.1
+- !ruby/object:Gem::Dependency
+  name: rubyXL
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.3
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -279,6 +307,7 @@ files:
 - exe/opencontrol2cfacts
 - lib/opencontrol.rb
 - lib/opencontrol/cli.rb
+- lib/opencontrol/inspector.rb
 - lib/opencontrol/linter.rb
 - lib/opencontrol/messages.rb
 - lib/opencontrol/version.rb