Class: AbideDevUtils::CEM::Benchmark

Inherits:

Object

• Object
• AbideDevUtils::CEM::Benchmark

Defined in:

lib/abide_dev_utils/cem/benchmark.rb

Overview

Repesents a benchmark based on resource and mapping data

Instance Attribute Summary

• #framework ⇒ Object readonly

  Returns the value of attribute framework.

• #hiera_conf ⇒ Object readonly

  Returns the value of attribute hiera_conf.

• #major_version ⇒ Object readonly

  Returns the value of attribute major_version.

• #module_name ⇒ Object readonly

  Returns the value of attribute module_name.

• #os_facts ⇒ Object readonly

  Returns the value of attribute os_facts.

• #osfamily ⇒ Object readonly

  Returns the value of attribute osfamily.

• #osname ⇒ Object readonly

  Returns the value of attribute osname.

Class Method Summary

• .benchmarks_from_puppet_module(pupmod, ignore_all_errors: false, ignore_framework_mismatch: true) ⇒ Array<AbideDevUtils::CEM::Benchmark>

  Creates Benchmark objects from a Puppet module.

Instance Method Summary

• #add_rule(rule_hash) ⇒ Object
• #controls ⇒ Object
• #initialize(osname, major_version, hiera_conf, module_name, framework: 'cis') ⇒ Benchmark constructor

  A new instance of Benchmark.

• #map(control_id, level: nil, profile: nil) ⇒ Object
• #map_data ⇒ Object
• #map_type(control_id) ⇒ Object
• #mapper ⇒ Object
• #resource_data ⇒ Object
• #resources ⇒ Object
• #rules_in_map(mtype, level: nil, profile: nil) ⇒ Object
• #title ⇒ Object
• #title_key ⇒ Object
• #version ⇒ Object

Constructor Details

#initialize(osname, major_version, hiera_conf, module_name, framework: 'cis') ⇒ Benchmark

Returns a new instance of Benchmark.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 317

def initialize(osname, major_version, hiera_conf, module_name, framework: 'cis')
  @osname = osname
  @major_version = major_version
  @os_facts = AbideDevUtils::Ppt::FacterUtils::FactSets.new.find_by_fact_value_tuples(['os.name', @osname],
                                                                                      ['os.release.major', @major_version])
  @osfamily = @os_facts['os']['family']
  @hiera_conf = hiera_conf
  @module_name = module_name
  @framework = framework
  @map_cache = {}
  @rules_in_map = {}
end

Instance Attribute Details

#framework ⇒ Object (readonly)

Returns the value of attribute framework.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def framework
  @framework
end

#hiera_conf ⇒ Object (readonly)

Returns the value of attribute hiera_conf.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def hiera_conf
  @hiera_conf
end

#major_version ⇒ Object (readonly)

Returns the value of attribute major_version.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def major_version
  @major_version
end

#module_name ⇒ Object (readonly)

Returns the value of attribute module_name.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def module_name
  @module_name
end

#os_facts ⇒ Object (readonly)

Returns the value of attribute os_facts.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def os_facts
  @os_facts
end

#osfamily ⇒ Object (readonly)

Returns the value of attribute osfamily.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def osfamily
  @osfamily
end

#osname ⇒ Object (readonly)

Returns the value of attribute osname.

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 315

def osname
  @osname
end

Class Method Details

.benchmarks_from_puppet_module(pupmod, ignore_all_errors: false, ignore_framework_mismatch: true) ⇒ Array<AbideDevUtils::CEM::Benchmark>

Creates Benchmark objects from a Puppet module

Parameters:

• pupmod (AbideDevUtils::Ppt::PuppetModule) —

  A PuppetModule instance

• skip_errors (Boolean) —

  True skips errors and loads non-erroring benchmarks, false raises the error.

Returns:

• (Array<AbideDevUtils::CEM::Benchmark>) —

  Array of Benchmark instances

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 334

def self.benchmarks_from_puppet_module(pupmod, ignore_all_errors: false, ignore_framework_mismatch: true)
  frameworks = pupmod.hiera_conf.local_hiera_files(hierarchy_name: 'Mapping Data').each_with_object([]) do |hf, ary|
    parts = hf.path.split(pupmod.hiera_conf.default_datadir)[-1].split('/')
    ary << parts[2] unless ary.include?(parts[2])
  end
  pupmod.supported_os.each_with_object([]) do |supp_os, ary|
    osname, majver = supp_os.split('::')
    if majver.is_a?(Array)
      majver.sort.each do |v|
        frameworks.each do |fw|
          benchmark = Benchmark.new(osname,
                                    v,
                                    pupmod.hiera_conf,
                                    pupmod.name(strip_namespace: true),
                                    framework: fw)
          benchmark.controls
          ary << benchmark
        rescue AbideDevUtils::Errors::MappingDataFrameworkMismatchError => e
          raise e unless ignore_all_errors || ignore_framework_mismatch
        rescue StandardError => e
          raise e unless ignore_all_errors
        end
      end
    else
      frameworks.each do |fw|
        benchmark = Benchmark.new(osname,
                                  majver,
                                  pupmod.hiera_conf,
                                  pupmod.name(strip_namespace: true),
                                  framework: fw)
        benchmark.controls
        ary << benchmark
      rescue AbideDevUtils::Errors::MappingDataFrameworkMismatchError => e
        raise e unless ignore_all_errors || ignore_framework_mismatch
      rescue StandardError => e
        raise e unless ignore_all_errors
      end
    end
  end
end

Instance Method Details

#add_rule(rule_hash) ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 409

def add_rule(rule_hash)
  @rules << rule_hash
end

#controls ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 381

def controls
  @controls ||= resources.map(&:controls).flatten.sort
end

#map(control_id, level: nil, profile: nil) ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 433

def map(control_id, level: nil, profile: nil)
  mapper.get(control_id, level: level, profile: profile)
end

#map_data ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 389

def map_data
  mapper.map_data
end

#map_type(control_id) ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 437

def map_type(control_id)
  mapper.map_type(control_id)
end

#mapper ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 385

def mapper
  @mapper ||= AbideDevUtils::CEM::Mapping::Mapper.new(module_name, framework, load_mapping_data)
end

#resource_data ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 393

def resource_data
  @resource_data ||= load_resource_data
end

#resources ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 375

def resources
  @resources ||= resource_data["#{module_name}::resources"].each_with_object([]) do |(rtitle, rdata), arr|
    arr << Resource.new(rtitle, rdata, framework, mapper)
  end
end

#rules_in_map(mtype, level: nil, profile: nil) ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 413

def rules_in_map(mtype, level: nil, profile: nil)
  real_mtype = map_type(mtype)
  cache_key = [real_mtype, level, profile].compact.join('-')
  return @rules_in_map[cache_key] if @rules_in_map.key?(cache_key)

  all_rim = mapper.each_with_array_like(real_mtype) do |(lvl, profs), arr|
    next if lvl == 'benchmark' || (!level.nil? && lvl != level)

    profs.each do |prof, maps|
      next if !profile.nil? && prof != profile

      # CIS and STIG differ in that STIG does not have profiles
      control_ids = maps.respond_to?(:keys) ? maps.keys : prof
      arr << control_ids
    end
  end
  @rules_in_map[cache_key] = all_rim.flatten.uniq
  @rules_in_map[cache_key]
end

#title ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 397

def title
  mapper.title
end

#title_key ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 405

def title_key
  @title_key ||= "#{title} #{version}"
end

#version ⇒ Object

# File 'lib/abide_dev_utils/cem/benchmark.rb', line 401

def version
  mapper.version
end