Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added --control-id flag #229

Merged
merged 7 commits into from
May 27, 2021
Merged

Added --control-id flag #229

merged 7 commits into from
May 27, 2021

Conversation

wdower
Copy link
Contributor

@wdower wdower commented May 6, 2021

Added --control-id flag to xccdf2inspec to allow user to specify if they want the created profile to use legacy vuln IDs (ex. 'V-XXXXX') or rule IDs as the control IDs for the generated profile

resolves #218

Signed-off-by: Will Dower [email protected]

@wdower wdower requested review from rbclark and Bialogs May 6, 2021 18:54
@aaronlippold
Copy link
Member

I'd use a v3 RedHat xccdf

@wdower
Copy link
Contributor Author

wdower commented May 6, 2021

Updated the RHEL7 V1R4 example profile to V3R3

@Bialogs Bialogs self-assigned this May 7, 2021
@rbclark rbclark removed their request for review May 7, 2021 15:19
rbclark
rbclark requested changes May 7, 2021
View reviewed changes
lib/inspec_tools/plugin_cli.rb Outdated Show resolved Hide resolved
test/unit/inspec_tools/xccdf_test.rb Outdated Show resolved Hide resolved
rbclark
rbclark requested changes May 12, 2021
View reviewed changes
.rubocop.yml Outdated Show resolved Hide resolved
@Bialogs Bialogs force-pushed the xccdf2inspec_add_control_id_flag branch from 5191e74 to f87e4bf Compare May 13, 2021 17:15
Bialogs
Bialogs reviewed May 13, 2021
View reviewed changes
Copy link
Contributor

@Bialogs Bialogs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is the option a string instead of boolean?

wdower added 5 commits May 13, 2021 10:19
@wdower
Added --control-id flag to xccdf2inspec to allow user to specify if t…
81b4c16 
…hey want the created profile to use legacy vuln IDs (ex. 'V-XXXXX') or rule IDs as the control IDs for the generated profile

Signed-off-by: Will Dower <[email protected]>
@wdower
updated test RHEL7 STIG profile to V3R3
4d42263 
Signed-off-by: Will Dower <[email protected]>
@wdower
swapped out old RHEL7 profile for new one
2b51656 
Signed-off-by: Will Dower <[email protected]>
@wdower
split out control_id test into two tests for clarity, linted plugin_cli
f2191b4 
Signed-off-by: Will Dower <[email protected]>
@wdower
fixing rubocop errors
22d7314 
Signed-off-by: Will Dower <[email protected]>
@Bialogs Bialogs force-pushed the xccdf2inspec_add_control_id_flag branch from f87e4bf to e87e92e Compare May 13, 2021 17:20
@wdower
Copy link
Contributor Author

wdower commented May 13, 2021

I think we left it a string so that we could eventually use any tag for the control_id as opposed to just a flag for using the legacy vulnID (which for now would need to default to true anyway). But the logic using the variable does expect it to be either ruleID or vulnID.

@aaronlippold aaronlippold linked an issue May 22, 2021 that may be closed by this pull request
Support for new group and rule ids #135
Closed
@aaronlippold
Copy link
Member

note that there seem to be at least two ids hat are considered 'legecy' so it looks like it need to be an array

@rbclark rbclark force-pushed the xccdf2inspec_add_control_id_flag branch 3 times, most recently from 94fece0 to fa7c87a Compare May 27, 2021 14:08
@rbclark
Copy link
Collaborator

rbclark commented May 27, 2021

note that there seem to be at least two ids hat are considered 'legecy' so it looks like it need to be an array

We are already mapping over the legacy array so this shouldn't be an issue.

@rbclark rbclark force-pushed the xccdf2inspec_add_control_id_flag branch from fa7c87a to 8f849eb Compare May 27, 2021 14:20
@rbclark rbclark self-requested a review May 27, 2021 14:40
@rbclark rbclark merged commit 4b7d799 into master May 27, 2021
@rbclark rbclark deleted the xccdf2inspec_add_control_id_flag branch May 27, 2021 14:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Bialogs Bialogs Bialogs left review comments

@rbclark rbclark rbclark approved these changes

Assignees

@Bialogs Bialogs

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Discuss the use of STIG field Rule ID as InSpec Control id Support for new group and rule ids
4 participants
@wdower @aaronlippold @rbclark @Bialogs