inspec2ckl SIDATA parse stigid and title from profile names (#234)

Bialogs · web-flow · commit 0d28f1c10194 · 2021-06-07T11:26:25.000-07:00
* Update metadata.json examples for inspc2ckl

* inspec2ckl parses Profile names and sets the CKL metadata correctly.

inspec2ckl will now parse overlayed Profile and single Profile results
for the name of the profile. This information will be set in the
SIDATA CKL XML tag.

inspec2ckl now creates both a title SIDATA XML element and a stigid SIDATA
XML element using the new parsed Profile name as the data.

inspec2ckl now has the following hierarchy of inheritance for SIDATA data:
 * Provided metadata
 * Parsed Profile name
 * '' string
diff --git a/examples/inspec2ckl/metadata.json b/examples/inspec2ckl/metadata.json
@@ -1,7 +1,14 @@
 {
 	"stigid" : "RHEL_7_STIG",
+  "role": "my role",
+  "type": "my type",
+  "tech_area": "my area",
+  "target_area": "my area",
+  "web_or_database": "my database",
+  "web_db_site": "my web_db site",
+  "web_db_instance": "my web_db instance",
 	"hostname" : "myawesome",
 	"ip" : "10.10.10.10",
 	"fqdn" : "myawesome.host.com",
 	"mac" : "aa:aa:99:99:99:99"
-}
+}
diff --git a/lib/happy_mapper_tools/stig_checklist.rb b/lib/happy_mapper_tools/stig_checklist.rb
@@ -27,6 +27,11 @@ class Asset
     # Class Asset maps from the 'SI_DATA' from Checklist XML file using HappyMapper
     class SiData
       include HappyMapper
+
+      def initialize(name, data)
+        self.name = name
+        self.data = data
+      end
       tag 'SI_DATA'
       element :name, String, tag: 'SID_NAME'
       element :data, String, tag: 'SID_DATA'
@@ -35,6 +40,11 @@ class SiData
     # Class Asset maps from the 'STIG_INFO' from Checklist XML file using HappyMapper
     class StigInfo
       include HappyMapper
+
+      def initialize(si_data)
+        self.si_data = si_data
+      end
+
       tag 'STIG_INFO'
       has_many :si_data, SiData, tag: 'SI_DATA'
     end
@@ -68,6 +78,11 @@ class Vuln
     # Class Asset maps from the 'iSTIG' from Checklist XML file using HappyMapper
     class IStig
       include HappyMapper
+
+      def initialize(stig_info, vulns)
+        self.stig_info = stig_info
+        self.vuln = vulns
+      end
       tag 'iSTIG'
       has_one :stig_info, StigInfo, tag: 'STIG_INFO'
       has_many :vuln, Vuln, tag: 'VULN'
@@ -76,6 +91,10 @@ class IStig
     # Class Asset maps from the 'STIGS' from Checklist XML file using HappyMapper
     class Stigs
       include HappyMapper
+
+      def initialize(istig)
+        self.istig = istig
+      end
       tag 'STIGS'
       has_one :istig, IStig, tag: 'iSTIG'
     end
diff --git a/lib/inspec_tools/inspec.rb b/lib/inspec_tools/inspec.rb
@@ -61,6 +61,25 @@ def to_csv
 
     private
 
+    def topmost_profile_name
+      find_topmost_profile_name(0)
+    end
+
+    def find_topmost_profile_name(index, parent_name = nil)
+      # Return nil when the index is out of bounds.
+      # nil returned here will set the profile name to '' in the calling functions.
+      return nil if index > @json['profiles'].length - 1
+
+      # No parent profile means this is the parent
+      if !@json['profiles'][index].key?('parent_profile') && (@json['profiles'][index]['name'] == parent_name || index.zero?)
+        # For the initial case, parent_name will be nil, and if we are already at the parent index is also zero
+        return @json['profiles'][index]['name']
+      end
+
+      parent_name = @json['profiles'][index]['parent_profile']
+      find_topmost_profile_name(index + 1, parent_name)
+    end
+
     ###
     #  This method converts an inspec json to an array of arrays
     #
@@ -111,28 +130,19 @@ def update_ckl
     end
 
     def generate_ckl
-      stigs = HappyMapperTools::StigChecklist::Stigs.new
-      istig = HappyMapperTools::StigChecklist::IStig.new
-
       vuln_list = []
       @data.keys.each do |control_id|
         vuln_list.push(generate_vuln_data(@data[control_id]))
       end
 
-      si_data = HappyMapperTools::StigChecklist::SiData.new
-      si_data.name = 'stigid'
-      si_data.data = ''
-      if !@metadata['stigid'].nil?
-        si_data.data = @metadata['stigid']
-      end
+      si_data_data = @metadata['stigid'] || topmost_profile_name || ''
+      si_data_stigid = HappyMapperTools::StigChecklist::SiData.new('stigid', si_data_data)
+      si_data_title = HappyMapperTools::StigChecklist::SiData.new('title', si_data_data)
 
-      stig_info = HappyMapperTools::StigChecklist::StigInfo.new
-      stig_info.si_data = si_data
-      istig.stig_info = stig_info
+      stig_info = HappyMapperTools::StigChecklist::StigInfo.new([si_data_stigid, si_data_title])
 
-      istig.vuln = vuln_list
-      stigs.istig = istig
-      @checklist.stig = stigs
+      istig = HappyMapperTools::StigChecklist::IStig.new(stig_info, vuln_list)
+      @checklist.stig = HappyMapperTools::StigChecklist::Stigs.new(istig)
 
       @checklist.asset = generate_asset
     end
