Class: Sectest

Inherits:
Thor
  • Object
show all
Includes:
Thor::Actions
Defined in:
lib/norad_cli/cli/sectest.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.source_rootObject 



11
12
13
 
# File 'lib/norad_cli/cli/sectest.rb', line 11

def self.source_root
  File.join(File.dirname(File.expand_path(__FILE__)), '../templates/')
end

Instance Method Details

#buildObject 



54
55
56
57
58
59
60
61
62
 
# File 'lib/norad_cli/cli/sectest.rb', line 54

def build
  # Error check to ensure this is a plugin directory
  Dir.glob('sectests/*').select do |f|
    if File.directory? f
      # Build all for the sectest
      send('build:all', f.split('/')[-1])
    end
  end
end

#execute(name, arguments) ⇒ Object 



140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'lib/norad_cli/cli/sectest.rb', line 140

def execute(name, arguments)
  # Ensure container exists
  if !Docker::Image.exist?("#{options[:registry]}/#{name}:#{options[:version]}")
    say("Requested image #{options[:registry]}/#{name}:#{options[:version]} does not exist!", :red)
    exit(1)
  end

  # Setup and run the container
  env = ['NORAD_ROOT=', %(ASSESSMENT_PATHS=[{"id":"1", "assessment": "1"}]), 'NORAD_SECRET=1234']
  container = Docker::Container.create(Image: "#{options[:registry]}/#{name}:#{options[:version]}",
                                       Env: env,
                                       Cmd: arguments)

  # Start the container, watch stdout
  container.tap(&:start).attach { |stream, chunk| puts "#{stream}: #{chunk}" }
end

#scaffold(sectest_name) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/norad_cli/cli/sectest.rb', line 21

def scaffold(sectest_name)
  # Grab the current directory
  repo_dir = Dir.pwd

  puts options[:configurable]
  # Set options for templates
  options[:name] = sectest_name
  options[:spec_class_name] = sectest_name.split('-').map { |t| t =~ /\d+/ ? t : t.capitalize! }.join

  # Error check to ensure this is a norad security test repository

  # Create the security tests standard files
  template('tool/Dockerfile.erb', "#{repo_dir}/sectests/#{sectest_name}/Dockerfile")
  template('tool/README.md.erb', "#{repo_dir}/sectests/#{sectest_name}/README.md")
  template('tool/manifest.yml.erb', "#{repo_dir}/sectests/#{sectest_name}/manifest.yml")

  # Create a starter wrapper script
  template('tool/wrapper.rb.erb', "#{repo_dir}/sectests/#{sectest_name}/#{sectest_name}-wrapper.rb")

  # Create the spec files
  template('tool/tool_spec.rb.erb', "#{repo_dir}/spec/#{sectest_name}/#{sectest_name}_spec.rb")
  if options[:test_type] == 'authenticated'
    template('tool/Dockerfile.auth.target.erb', "#{repo_dir}/spec/#{sectest_name}/targets/Dockerfile.secure")
    template('tool/Dockerfile.auth.target.erb', "#{repo_dir}/spec/#{sectest_name}/targets/Dockerfile.vulnerable")
  else
    template('tool/Dockerfile.unauth.target.erb', "#{repo_dir}/spec/#{sectest_name}/targets/Dockerfile.secure")
    template('tool/Dockerfile.unauth.target.erb', "#{repo_dir}/spec/#{sectest_name}/targets/Dockerfile.vulnerable")
  end
end

#seedObject 



187
188
189
190
191
192
 
# File 'lib/norad_cli/cli/sectest.rb', line 187

def seed
  # Error check to ensure this is a plugin directory

  # Generate the seed file
  SeedGenerator.process_manifests(options[:seedfile], options[:docsite])
end

#specObject 



174
175
176
177
178
179
180
181
182
 
# File 'lib/norad_cli/cli/sectest.rb', line 174

def spec
  # Error check to ensure this is a plugin directory
  Dir.glob('sectests/*').select do |f|
    if File.directory? f
      # Build all for the sectest
      send('spec:image', f.split('/')[-1])
    end
  end
end