Skip to content

Commit

Permalink
Enhancement to handle arboretum fetcher-built OSCO evidence as input
Browse files Browse the repository at this point in the history 
Signed-off-by: Lou Degenaro <[email protected]>
  • Loading branch information
@degenaro
degenaro committed Jan 22, 2021
1 parent ad995a2 commit 5edb864
Show file tree
Hide file tree
Showing 14 changed files with 18,040 additions and 66 deletions.
5 changes: 5 additions & 0 deletions tests/data/tasks/osco/demo-osco-to-oscal-fetcher.config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[task.osco-to-oscal]

input-dir = tests/data/tasks/osco/input-fetcher
output-dir = tests/data/tasks/osco/runtime
output-overwrite = true
64 changes: 64 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource.json
View file

Large diffs are not rendered by default.

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_data.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"bogus": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_kind0.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"bogus": "ConfigMap",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_kind1.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "bogus",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_metadata.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "ConfigMap",
"bogus": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_metadata_name.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"bogus": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_resources.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"bogus": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"results": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

39 changes: 39 additions & 0 deletions tests/data/tasks/osco/input-fetcher/cluster_resource_no_results.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
{
"iks": {
"demo2020": [
{
"account": "demo2020",
"name": "compliance-dev-dal10",
"region": "us-south",
"resources": [
{
"apiVersion": "v1",
"data": {
"exit-code": "2",
"bogus": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestResult></TestResult>"
},
"kind": "ConfigMap",
"metadata": {
"annotations": {
"compliance-remediations/processed": "",
"compliance.openshift.io/scan-error-msg": "",
"compliance.openshift.io/scan-result": "NON-COMPLIANT",
"openscap-scan-result/node": "111.222.333.444"
},
"creationTimestamp": "2020-08-03T02:26:34Z",
"labels": {
"compliance-scan": "ssg-ocp4-ds-cis"
},
"name": "ssg-ocp4-ds-cis-111.222.333.444-pod",
"namespace": "openshift-compliance",
"resourceVersion": "22693328",
"selfLink": "/api/v1/namespaces/openshift-compliance/configmaps/ssg-ocp4-ds-cis-111.222.333.444-pod",
"uid": "1da3ea81-0a25-4512-ad86-7ac360246b5d"
}
}
]
}
]
}
}

55 changes: 55 additions & 0 deletions tests/data/tasks/osco/input-fetcher/oscal-metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@

ssg-ocp4-ds-cis-111.222.333.444-pod:
locker: https://github.mycorp.com/degenaro/evidence-locker
namespace: xccdf
subject-references:
component:
uuid-ref: 56666738-0f9a-4e38-9aac-c0fad00a5821
type: component
title: Red Hat OpenShift Kubernetes
inventory-item:
uuid-ref: 46aADFAC-A1fd-4Cf0-a6aA-d1AfAb3e0d3e
type: inventory-item
title: Pod
properties:
target: kube-br7qsa3d0vceu2so1a90-roksopensca-default-0000026b.iks.mycorp
cluster-name: ROKS-OpenSCAP-1
cluster-type: openshift
cluster-region: us-south

ssg-ocp4-ds-cis-111.222.333.555-pod:
locker: https://github.mycorp.com/degenaro/evidence-locker
namespace: xccdf
subject-references:
component:
uuid-ref: 3e42fa6b-a819-4f58-b073-a04a0b3c828d
type: component
title: Red Hat OpenShift Kubernetes
inventory-item:
uuid-ref: 285d87c2-aab0-4935-b28b-c4dab131cf88
type: inventory-item
title: Pod
properties:
target: kube-br7qsa3d0vceu2so1a90-roksopensca-default-000001fe.iks.mycorp
cluster-name: ROKS-OpenSCAP-1
cluster-type: openshift
cluster-region: us-south

ssg-rhel7-ds-cis-111.222.333.444-pod:
locker: https://github.mycorp.com/degenaro/evidence-locker
namespace: xccdf
subject-references:
component:
uuid-ref: 89cfe7a7-ce6b-4699-aa7b-2f5739c72001
type: component
title: RedHat Enterprise Linux 7.8
inventory-item:
uuid-ref: 46aADFAC-A1fd-4Cf0-a6aA-d1AfAb3e0d3e
type: inventory-item
title: VM
properties:
target: kube-br7qsa3d0vceu2so1a90-roksopensca-default-0000026b.iks.mycorp
cluster-name: ROKS-OpenSCAP-1
cluster-type: openshift
cluster-region: us-south

Loading

0 comments on commit 5edb864

Please sign in to comment.