Module: AbideDevUtils::CEM

Defined in:
lib/abide_dev_utils/cem.rb

Overview

Methods for working with Compliance Enforcement Modules (CEM)

Class Method Summary collapse

Class Method Details

.rule_id_format(rule_id) ⇒ Object

[View source]

17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/abide_dev_utils/cem.rb', line 17

def self.rule_id_format(rule_id)
  case rule_id
  when /^c[0-9_]+$/
    :hiera_title_num
  when /^[a-z][a-z0-9_]+$/
    :hiera_title
  when /^[0-9.]+$/
    :number
  else
    :title
  end
end

.rule_identifiers(rule_id) ⇒ Object

[View source]

30
31
32
33
34
35
36
 
# File 'lib/abide_dev_utils/cem.rb', line 30

def self.rule_identifiers(rule_id)
  {
    number: xccdf.control_parts(rule_id).first,
    hiera_title: xccdf.name_normalize_control(rule_id),
    hiera_title_num: xccdf.number_normalize_control(rule_id),
  }
end

.update_legacy_config_from_diff(config_hiera, diff) ⇒ Object

[View source]

38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
# File 'lib/abide_dev_utils/cem.rb', line 38

def self.update_legacy_config_from_diff(config_hiera, diff)
  new_config_hiera = config_hiera.dup
  new_control_configs = {}
  change_report = []
  changes = diff.select { |d| d[:type][0] == :number }
  config_hiera['config']['control_configs'].each do |key, val_hash|
    key_id_format = rule_id_format(key)
    changed = false
    changes.each do |change|
      if key_id_format == :title
        next unless change[:title] == key
      else
        next unless rule_identifiers(change[:self].id)[key_id_format] == key
      end

      changed = true
      new_key = if key_id_format == :title
                  change[:other_title]
                else
                  rule_identifiers(change[:other].id)[key_id_format]
                end
      new_control_configs[new_key] = val_hash
      change_report << {
        type: :identifier_update,
        from: key,
        to: new_key,
      }
    end
    new_control_configs[key] = val_hash unless changed
  end
  new_config_hiera['config']['control_configs'] = new_control_configs
  [new_config_hiera, change_report]
end

.xccdfObject

[View source]

8
9
10
11
12
13
14
15
 
# File 'lib/abide_dev_utils/cem.rb', line 8

def self.xccdf
  return @xccdf if defined?(@xccdf)

  xccdf = Object.new
  xccdf.extend AbideDevUtils::XCCDF::Common
  @xccdf = xccdf
  @xccdf
end