| 1 |  |  | from __future__ import print_function | 
            
                                                                                                            
                            
            
                                    
            
            
                | 2 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 3 |  |  | import os | 
            
                                                                                                            
                            
            
                                    
            
            
                | 4 |  |  | import json | 
            
                                                                                                            
                            
            
                                    
            
            
                | 5 |  |  | import argparse | 
            
                                                                                                            
                            
            
                                    
            
            
                | 6 |  |  | from glob import glob | 
            
                                                                                                            
                            
            
                                    
            
            
                | 7 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 8 |  |  | from ssg.entities import profile | 
            
                                                                                                            
                            
            
                                    
            
            
                | 9 |  |  | from ssg import build_yaml | 
            
                                                                                                            
                            
            
                                    
            
            
                | 10 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 11 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 12 |  |  | RULE_CONTENT_FILES = ( | 
            
                                                                                                            
                            
            
                                    
            
            
                | 13 |  |  |     ("ansible", "fixes/ansible/{id}.yml"), | 
            
                                                                                                            
                            
            
                                    
            
            
                | 14 |  |  |     ("bash", "fixes/bash/{id}.sh"), | 
            
                                                                                                            
                            
            
                                    
            
            
                | 15 |  |  |     ("oval", "checks/oval/{id}.xml"), | 
            
                                                                                                            
                            
            
                                    
            
            
                | 16 |  |  |     ("oval", "checks_from_templates/oval/{id}.xml"), | 
            
                                                                                                            
                            
            
                                    
            
            
                | 17 |  |  | ) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 18 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 19 |  |  | RULE_ATTRIBUTES = dict( | 
            
                                                                                                            
                            
            
                                    
            
            
                | 20 |  |  |     platform_expression="", | 
            
                                                                                                            
                            
            
                                    
            
            
                | 21 |  |  | ) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 22 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 23 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 24 |  |  | def create_parser(): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 25 |  |  |     parser = argparse.ArgumentParser() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 26 |  |  |     parser.add_argument( | 
            
                                                                                                            
                            
            
                                    
            
            
                | 27 |  |  |         "--build-root", required=True, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 28 |  |  |         help="The root of the built product" | 
            
                                                                                                            
                            
            
                                    
            
            
                | 29 |  |  |     ) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 30 |  |  |     parser.add_argument( | 
            
                                                                                                            
                            
            
                                    
            
            
                | 31 |  |  |         "--output", required=True, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 32 |  |  |         help="Where to save the manifest" | 
            
                                                                                                            
                            
            
                                    
            
            
                | 33 |  |  |     ) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 34 |  |  |     return parser | 
            
                                                                                                            
                            
            
                                    
            
            
                | 35 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 36 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 37 |  |  | def add_rule_attributes(main_dir, output_dict, rule_id): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 38 |  |  |     rule_filename = os.path.join(main_dir, "rules", rule_id + ".yml") | 
            
                                                                                                            
                            
            
                                    
            
            
                | 39 |  |  |     r = build_yaml.Rule.from_yaml(rule_filename) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 40 |  |  |     platform_names = r.cpe_platform_names.union(r.inherited_cpe_platform_names) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 41 |  |  |     output_dict["platform_names"] = sorted(list(platform_names)) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 42 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 43 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 44 |  |  | def add_rule_associated_content(main_dir, output_dict, rule_id): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 45 |  |  |     contents = set() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 46 |  |  |     for content_id, expected_filename_template in RULE_CONTENT_FILES: | 
            
                                                                                                            
                            
            
                                    
            
            
                | 47 |  |  |         expected_filename = os.path.join(main_dir, expected_filename_template.format(id=rule_id)) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 48 |  |  |         if os.path.exists(expected_filename): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 49 |  |  |             contents.add(content_id) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 50 |  |  |     output_dict["content"] = list(contents) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 51 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 52 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 53 |  |  | def add_rule_data(output_dict, main_dir): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 54 |  |  |     rules_glob = os.path.join(main_dir, "rules", "*.yml") | 
            
                                                                                                            
                            
            
                                    
            
            
                | 55 |  |  |     filenames = glob(rules_glob) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 56 |  |  |     for path in sorted(filenames): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 57 |  |  |         rid = os.path.splitext(os.path.basename(path))[0] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 58 |  |  |         output_dict[rid] = dict() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 59 |  |  |         add_rule_associated_content(main_dir, output_dict[rid], rid) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 60 |  |  |         add_rule_attributes(main_dir, output_dict[rid], rid) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 61 |  |  |  | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 62 |  |  |  | 
            
                                                                        
                            
            
                                    
            
            
                | 63 |  |  | def add_profile_data(output_dict, main_dir): | 
            
                                                                        
                            
            
                                    
            
            
                | 64 |  |  |     profiles_glob = os.path.join(main_dir, "profiles", "*.profile") | 
            
                                                                        
                            
            
                                    
            
            
                | 65 |  |  |     filenames = glob(profiles_glob) | 
            
                                                                        
                            
            
                                    
            
            
                | 66 |  |  |     for path in sorted(filenames): | 
            
                                                                        
                            
            
                                    
            
            
                | 67 |  |  |         p = profile.Profile.from_yaml(path) | 
            
                                                                        
                            
            
                                    
            
            
                | 68 |  |  |         output_dict[p.id_] = dict() | 
            
                                                                        
                            
            
                                    
            
            
                | 69 |  |  |         output_dict[p.id_]["rules"] = sorted(p.selected) | 
            
                                                                        
                            
            
                                    
            
            
                | 70 |  |  |  | 
            
                                                                        
                            
            
                                    
            
            
                | 71 |  |  |         value_assignments = list() | 
            
                                                                        
                            
            
                                    
            
            
                | 72 |  |  |         for name, value in p.variables.items(): | 
            
                                                                        
                            
            
                                    
            
            
                | 73 |  |  |             value_assignments.append("{name}={value}".format(name=name, value=value)) | 
            
                                                                        
                            
            
                                    
            
            
                | 74 |  |  |         output_dict[p.id_]["values"] = sorted(value_assignments) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 75 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 76 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 77 |  |  | def main(): | 
            
                                                                                                            
                            
            
                                    
            
            
                | 78 |  |  |     parser = create_parser() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 79 |  |  |     args = parser.parse_args() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 80 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 81 |  |  |     main_dir = args.build_root | 
            
                                                                                                            
                            
            
                                    
            
            
                | 82 |  |  |     product_name = os.path.basename(main_dir.rstrip("/")) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 83 |  |  |     output_dict = dict(product_name=product_name) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 84 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 85 |  |  |     rules_dict = dict() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 86 |  |  |     add_rule_data(rules_dict, main_dir) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 87 |  |  |     output_dict["rules"] = rules_dict | 
            
                                                                                                            
                            
            
                                    
            
            
                | 88 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 89 |  |  |     profiles_dict = dict() | 
            
                                                                                                            
                            
            
                                    
            
            
                | 90 |  |  |     add_profile_data(profiles_dict, main_dir) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 91 |  |  |     output_dict["profiles"] = profiles_dict | 
            
                                                                                                            
                            
            
                                    
            
            
                | 92 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 93 |  |  |     with open(args.output, "w") as f: | 
            
                                                                                                            
                            
            
                                    
            
            
                | 94 |  |  |         json.dump(output_dict, f) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 95 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 96 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 97 |  |  | if __name__ == "__main__": | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 98 |  |  |     main() | 
            
                                                        
            
                                    
            
            
                | 99 |  |  |  |