From 32f10bea9585375b354a3d57db2bf85c73e69e01 Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Thu, 7 Dec 2023 11:24:49 -0600 Subject: [PATCH] feat: Allow use of OpenSCAP result files in task xccdf_result_to_oscal_ar Before this commit if you wanted to use result files from OpenSCAP in the task xccdf_result_to_oscal_ar you had to extract the `TestResult` element and place it as the root of the XML document, otherwise the resulting OSCAL document would be blank. Thus making it impossible to directly use output from OpenSCAP with the task. With this commit the task will detect that the root element is not `TestResult` and then it will find the `TestResult` element in the XML document. This allows the use of files created by OpenSCAP using the `--results` and `--results-arf` switches. Signed-off-by: Matthew Burket --- trestle/transforms/implementations/xccdf.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/trestle/transforms/implementations/xccdf.py b/trestle/transforms/implementations/xccdf.py index fa4fbf3f6..5afedfece 100644 --- a/trestle/transforms/implementations/xccdf.py +++ b/trestle/transforms/implementations/xccdf.py @@ -199,7 +199,7 @@ def inventory_key(self): @property def ns(self): """Derive namespace.""" - return f'https://ibm.github.io/compliance-trestle/schemas/oscal/ar/{self.scanner_name}' + return f'https://ibm.github.io/compliance-trestle/schemas/oscal/ar/{self.scanner_name}' # noqa: E231 class _XccdfResult(): @@ -317,9 +317,14 @@ def _get_result(self, lev1: Element) -> str: def _parse_xml(self) -> Iterator[RuleUse]: """Parse the stringified XML.""" + ns = { + 'checklist12': 'http://checklists.nist.gov/xccdf/1.2', + } results = self.xccdf_xml root = ElementTree.fromstring(results, forbid_dtd=True) version = self._get_version(root) + if _remove_namespace(root.tag) != 'TestResult': + root = root.find('.//checklist12:TestResult', ns) id_ = self._get_id(root) target = self._get_target(root) target_type = self._get_target_type(root)