Module: CemSpecHelper::ResourceDataSpec

Defined in:

lib/cem_spec_helper/resource_data_spec.rb

Defined Under Namespace

Classes: Resource

Constant Summary

DATA_ROOT =

File.join(Dir.pwd, 'spec', 'fixtures', 'data')

REDHAT_FAMILY_ROOT =

File.join(DATA_ROOT, 'RedHat')

REDHAT_ROOT_DIR =

File.join(REDHAT_FAMILY_ROOT, 'RedHat')

REDHAT_MAJVER =

[7, 8].freeze

CENTOS_ROOT_DIR =

File.join(REDHAT_FAMILY_ROOT, 'CentOS')

CENTOS_MAJVER =

[7].freeze

ORACLE_ROOT_DIR =

File.join(REDHAT_FAMILY_ROOT, 'OracleLinux')

ORACLE_MAJVER =

[7, 8].freeze

ALMA_ROOT_DIR =

File.join(REDHAT_FAMILY_ROOT, 'AlmaLinux')

ALMA_MAJVER =

[8].freeze

WINDOWS_ROOT_DIR =

File.join(DATA_ROOT, 'windows')

WINDOWS_MAJVER =

[10, 2016, 2019, 2022].freeze

SYNTHETIC_DATA_ROOT =

File.join(Dir.pwd, 'spec', 'fixtures', 'unit', 'puppet_x', 'puppetlabs', 'cem', 'data_processor')

SPECIAL_CONTROLS =

['cem_options', 'cem_protected'].freeze

Instance Method Summary

• #alma_resource_data(majver = nil, as_objects: false) ⇒ Object
• #centos_resource_data(majver = nil, as_objects: false) ⇒ Object
• #duplicate_controls(rdata_objects) ⇒ Object
• #find_resource_data(distro, majver = nil, as_objects: false) ⇒ Object
• #load_resource_data(root_dir, majver = nil, as_objects: false) ⇒ Object
• #oracle_resource_data(majver = nil, as_objects: false) ⇒ Object
• #redhat_resource_data(majver = nil, as_objects: false) ⇒ Object
• #single_control_resources(distro, majver = nil, benchmark = 'cis') ⇒ Hash

  Finds all resources that only implement a single control.

• #synthetic_resource_data(as_objects: false) ⇒ Object
• #windows_resource_data(majver = nil, as_objects: false) ⇒ Object

Instance Method Details

#alma_resource_data(majver = nil, as_objects: false) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 61

def alma_resource_data(majver = nil, as_objects: false)
  raise ArgumentError, "major version #{majver} not found" unless majver.nil? || ALMA_MAJVER.include?(majver.to_i)

  load_resource_data(ALMA_ROOT_DIR, majver, as_objects: as_objects)
end

#centos_resource_data(majver = nil, as_objects: false) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 49

def centos_resource_data(majver = nil, as_objects: false)
  raise ArgumentError, "major version #{majver} not found" unless majver.nil? || CENTOS_MAJVER.include?(majver.to_i)

  load_resource_data(CENTOS_ROOT_DIR, majver, as_objects: as_objects)
end

#duplicate_controls(rdata_objects) ⇒ Object

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 118

def duplicate_controls(rdata_objects)
  all_controls = rdata_objects.map(&:controls).flatten
  # Lets go O(n^2) solution!
  all_controls.select { |c| all_controls.count(c) > 1 }.reject { |c| SPECIAL_CONTROLS.include?(c) }.uniq
end

#find_resource_data(distro, majver = nil, as_objects: false) ⇒ Object

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 24

def find_resource_data(distro, majver = nil, as_objects: false)
  case distro
  when 'RedHat'
    redhat_resource_data(majver, as_objects: as_objects)
  when 'CentOS'
    centos_resource_data(majver, as_objects: as_objects)
  when 'OracleLinux'
    oracle_resource_data(majver, as_objects: as_objects)
  when 'AlmaLinux'
    alma_resource_data(majver, as_objects: as_objects)
  when 'Windows'
    windows_resource_data(majver, as_objects: as_objects)
  when 'Synthetic'
    load_resource_data(SYNTHETIC_DATA_ROOT, 'test_resource_data', as_objects: as_objects)
  else
    raise "Unknown distro: #{distro}"
  end
end

#load_resource_data(root_dir, majver = nil, as_objects: false) ⇒ Object

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 99

def load_resource_data(root_dir, majver = nil, as_objects: false)
  raise "root_dir \"#{root_dir}\" is not a valid path" unless File.directory?(root_dir)

  unless majver.nil?
    file_path = File.join(root_dir, "#{majver}.yaml")
    raise "Resource data file \"#{file_path}\" not found" unless File.file?(file_path)

    resources = YAML.load_file(file_path)['cem_linux::resources']
    final_resources = as_objects ? resources.map { |k, v| Resource.new(k, v) } : resources
    return final_resources
  end

  Dir[File.join(root_dir, '*')].each_with_object({}) do |rdata, hsh|
    resources = YAML.load_file(rdata)['cem_linux::resources']
    final_resources = as_objects ? resources.map { |k, v| Resource.new(k, v) } : resources
    hsh[File.basename(rdata, '.yaml')] = final_resources
  end
end

#oracle_resource_data(majver = nil, as_objects: false) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 55

def oracle_resource_data(majver = nil, as_objects: false)
  raise ArgumentError, "major version #{majver} not found" unless majver.nil? || ORACLE_MAJVER.include?(majver.to_i)

  load_resource_data(ORACLE_ROOT_DIR, majver, as_objects: as_objects)
end

#redhat_resource_data(majver = nil, as_objects: false) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 43

def redhat_resource_data(majver = nil, as_objects: false)
  raise ArgumentError, "major version #{majver} not found" unless majver.nil? || REDHAT_MAJVER.include?(majver.to_i)

  load_resource_data(REDHAT_ROOT_DIR, majver, as_objects: as_objects)
end

#single_control_resources(distro, majver = nil, benchmark = 'cis') ⇒ Hash

Finds all resources that only implement a single control

Parameters:

• distro (String)
• majver (String) (defaults to: nil)
• benchmark (String) (defaults to: 'cis') —

  either cis or stig

Returns:

• (Hash) —

  A hash of control_name => [resource type, resource title]

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 82

def single_control_resources(distro, majver = nil, benchmark = 'cis')
  resources = find_resource_data(distro, majver, as_objects: true)
  resources.select! { |res| res.controls(include_special: false).length == 1 }
  resources.map! do |res|
    [res.controls.first, [res.type, res.title]]
  end
  resources = resources.to_h
  # Reduce to just benchmark-related keypairs
  case benchmark
  when 'cis'
    resources.reject! { |k, _v| k.match?(%r{^V-}) }
  when 'stig'
    resources.select! { |k, _v| k.match?(%r{^V-}) }
  end
  resources
end

#synthetic_resource_data(as_objects: false) ⇒ Object

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 73

def synthetic_resource_data(as_objects: false)
  load_resource_data(SYNTHETIC_DATA_ROOT, 'test_resource_data', as_objects: as_objects)
end

#windows_resource_data(majver = nil, as_objects: false) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/cem_spec_helper/resource_data_spec.rb', line 67

def windows_resource_data(majver = nil, as_objects: false)
  raise ArgumentError, "major version #{majver} not found" unless majver.nil? || WINDOWS_MAJVER.include?(majver.to_i)

  load_resource_data(WINDOWS_ROOT_DIR, majver, as_objects: as_objects)
end