diff --git a/CHANGES.md b/CHANGES.md index e863571b..730efebf 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,14 @@ +# 0.3.0 + +- [BREAKING] Move `auditree` fetchers and checks up to arboretum.auditree. +- [NEW] Add folder hierarchy for Ansible fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for Chef fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for IBM Cloud fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for Kubernetes fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for Object Storage fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for Pager Duty fetchers, checks, and harvest reports. +- [NEW] Add folder hierarchy for Splunk fetchers, checks, and harvest reports. + # 0.2.0 - [NEW] Add Python packages fetcher and check. diff --git a/MANIFEST.in b/MANIFEST.in index 0c869610..cfff4944 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,4 +1,2 @@ -graft arboretum/provider/*/templates -graft arboretum/technology/*/templates -graft arboretum/provider/*/reports/report_templates -graft arboretum/technology/*/reports/report_templates +graft arboretum/*/templates +graft arboretum/*/reports/report_templates diff --git a/README.md b/README.md index 6fa01c18..ad4c7cd3 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,22 @@ reports built upon the [Auditree compliance automation framework][auditree-frame ## Repo content +### Functionality categorization + +Arboretum fetchers, checks, and Harvest reports are organized into functional +grouping categories. The following categories have either been contributed to +or will be contributed to in the near future. We anticipate that this list will +grow as arboretum matures. + +- [Ansible](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/ansible) +- [Auditree](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/auditree) +- [Chef](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/chef) +- [IBM Cloud](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/ibm_cloud) +- [Kubernetes](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/kubernetes) +- [Object Storage](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/object_storage) +- [Pager Duty](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/pager_duty) +- [Splunk](https://github.com/ComplianceAsCode/auditree-arboretum/tree/main/arboretum/splunk) + ### Fetchers Please read the framework documentation for [fetcher design principles][] before @@ -53,8 +69,8 @@ identified by checks. These violations are in the form of failures and warnings ### Harvest Reports Harvest reports are hosted with the fetchers/checks that collect the evidence for -the reports process. Within `auditree-arboretum` this means the code lives in the -appropriate provider or technology directory. For more details check out +the reports process. Within `auditree-arboretum` this means the harvest report code +lives in `reports` folders throughout this repository. For more details check out [harvest report development][harvest-rpt-dev] in the [harvest][harvest] README. ## Usage @@ -72,30 +88,30 @@ Follow these steps to integrate auditree-arboretum fetchers and checks into your * Add this `auditree-arboretum` package as a dependency in your Python project. * The following steps can be taken to import individual arboretum fetchers and checks. - * For a fetcher, add a `fetch__.py` module, if one - does not already exist, in your project's `fetchers` path where the `` is - either the provider or technology of that fetcher. Having a separate common "category" - module guards against name collisions across providers and technologies. - * For a check, add a `test__.py` module, if one - does not already exist, in your project's `checks` path where the `` is - either the provider or technology of that check. Having a separate common "category" - module guards against name collisions across providers and technologies. + * For a fetcher, add a `fetch__common.py` module, if one does not already + exist, in your project's `fetchers` path where the `` is + the respective category folder within this repo of that fetcher. Having a separate + common "category" module guards against name collisions across categories. + * For a check, add a `test__common.py` module, if one does not already exist, + in your project's `checks` path where the `` is the respective category folder + within this repo of that check. Having a separate common "category" module guards + against name collisions across providers and technologies. * Import the desired fetcher or check class and the `auditree-framework` will handle the rest. - For example to use the Abandoned Evidence fetcher from the `auditree` technology, add - the following to your `fetch_auditree_technology.py`: + For example to use the Abandoned Evidence fetcher from the `auditree` category, add + the following to your `fetch_auditree_common.py`: ```python - from arboretum.technology.auditree.fetchers.fetch_abandoned_evidence import AbandonedEvidenceFetcher + from arboretum.auditree.fetchers.fetch_abandoned_evidence import AbandonedEvidenceFetcher ``` * `auditree-arboretum` fetchers and checks are designed to execute as part of a downstream Python project, so you may need to setup your project's configuration in order for the -fetchers and checks to execute as desired. Each provider and technology folder in this -repository includes a README.md that documents each fetcher's and check's configuration. +fetchers and checks to execute as desired. Each category folder in this repository +includes a README.md that documents each fetcher's and check's configuration. * In general `auditree-arboretum` fetchers and checks expect an `org` field with content - that capture each fetcher's and check's configuration settings. + that captures each fetcher's and check's configuration settings. For example: @@ -123,9 +139,9 @@ set which is useful for organizing check notifications and targeted check execut ```json { - "arboretum.technology.auditree.checks.test_abandoned_evidence.AbandonedEvidenceCheck": { + "arboretum.auditree.checks.test_abandoned_evidence.AbandonedEvidenceCheck": { "auditree_evidence": { - "auditree_control": ["tech.auditree"] + "auditree_control": ["arboretum.auditree"] } } } diff --git a/arboretum/__init__.py b/arboretum/__init__.py index 573376ee..9c625d5a 100644 --- a/arboretum/__init__.py +++ b/arboretum/__init__.py @@ -14,4 +14,4 @@ # limitations under the License. """Arboretum - Checking your compliance & security posture, continuously.""" -__version__ = '0.2.0' +__version__ = '0.3.0' diff --git a/arboretum/ansible/README.md b/arboretum/ansible/README.md new file mode 100644 index 00000000..559dc163 --- /dev/null +++ b/arboretum/ansible/README.md @@ -0,0 +1,27 @@ +# Ansible library + +The fetchers and checks contained within this `ansible` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/technology/auditree/checks/__init__.py b/arboretum/ansible/__init__.py similarity index 92% rename from arboretum/technology/auditree/checks/__init__.py rename to arboretum/ansible/__init__.py index febae823..edd1f4ba 100644 --- a/arboretum/technology/auditree/checks/__init__.py +++ b/arboretum/ansible/__init__.py @@ -12,4 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -"""arboretum.technology.auditree validation checks.""" +"""Ansible fetchers, checks, and harvest reports.""" diff --git a/arboretum/provider/__init__.py b/arboretum/ansible/checks/__init__.py similarity index 91% rename from arboretum/provider/__init__.py rename to arboretum/ansible/checks/__init__.py index 89f53859..2da29187 100644 --- a/arboretum/provider/__init__.py +++ b/arboretum/ansible/checks/__init__.py @@ -12,4 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -"""Fetchers & checks associated to a specific vendor.""" +"""Ansible validation checks.""" diff --git a/arboretum/technology/auditree/fetchers/__init__.py b/arboretum/ansible/evidences/__init__.py similarity index 90% rename from arboretum/technology/auditree/fetchers/__init__.py rename to arboretum/ansible/evidences/__init__.py index 9eb60ac7..cf34a214 100644 --- a/arboretum/technology/auditree/fetchers/__init__.py +++ b/arboretum/ansible/evidences/__init__.py @@ -12,4 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -"""arboretum.technology.auditree evidence gathering fetchers.""" +"""Ansible evidence helper modules/classes.""" diff --git a/arboretum/technology/auditree/reports/__init__.py b/arboretum/ansible/fetchers/__init__.py similarity index 90% rename from arboretum/technology/auditree/reports/__init__.py rename to arboretum/ansible/fetchers/__init__.py index 6cec833f..8c676c47 100644 --- a/arboretum/technology/auditree/reports/__init__.py +++ b/arboretum/ansible/fetchers/__init__.py @@ -12,4 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -"""arboretum.technology.auditree harvest reports and templates.""" +"""Ansible evidence gathering fetchers.""" diff --git a/arboretum/ansible/reports/__init__.py b/arboretum/ansible/reports/__init__.py new file mode 100644 index 00000000..31f68633 --- /dev/null +++ b/arboretum/ansible/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Ansible harvest reports and templates.""" diff --git a/arboretum/technology/auditree/templates/default.md.tmpl b/arboretum/ansible/templates/default.md.tmpl similarity index 100% rename from arboretum/technology/auditree/templates/default.md.tmpl rename to arboretum/ansible/templates/default.md.tmpl diff --git a/arboretum/technology/auditree/README.md b/arboretum/auditree/README.md similarity index 87% rename from arboretum/technology/auditree/README.md rename to arboretum/auditree/README.md index bed47dfb..55b9fed8 100644 --- a/arboretum/technology/auditree/README.md +++ b/arboretum/auditree/README.md @@ -1,6 +1,6 @@ -# Auditree technology library +# Auditree library -The fetchers and checks contained within this `auditree` technology folder are +The fetchers and checks contained within this `auditree` category folder are common tests that can be configured and executed for the purpose of generating compliance reports and notifications using the [auditree-framework][]. They validate the configuration and ensure smooth execution of an auditree instance. @@ -63,7 +63,7 @@ over that `threshold` value otherwise the default is 30 days. TTL is set to 1 d * Import statement: ```python - from arboretum.technology.auditree.fetchers.fetch_abandoned_evidence import AbandonedEvidenceFetcher + from arboretum.auditree.fetchers.fetch_abandoned_evidence import AbandonedEvidenceFetcher ``` ### Compliance Configuration @@ -83,7 +83,7 @@ the fetchers. * Import statement: ```python - from arboretum.technology.auditree.fetchers.fetch_compliance_config import ComplianceConfigFetcher + from arboretum.auditree.fetchers.fetch_compliance_config import ComplianceConfigFetcher ``` ### Python Packages @@ -103,7 +103,7 @@ live (TTL) is set to 1 day for all evidences. * Import statement: ```python - from arboretum.technology.auditree.fetchers.fetch_python_packages import PythonPackageFetcher + from arboretum.auditree.fetchers.fetch_python_packages import PythonPackageFetcher ``` ## Checks @@ -171,7 +171,7 @@ execution. The default threshold is 30 days beyond the time to live (TTL) setti * Import statement: ```python - from arboretum.technology.auditree.checks.test_abandoned_evidence import AbandonedEvidenceCheck + from arboretum.auditree.checks.test_abandoned_evidence import AbandonedEvidenceCheck ``` ### Compliance Configuration @@ -192,7 +192,7 @@ configuration a failure is generated and reported on. * Import statement: ```python - from auditree_central.provider.auditree.checks.test_compliance_config import ComplianceConfigCheck + from arboretum.auditree.checks.test_compliance_config import ComplianceConfigCheck ``` ### Python Packages @@ -221,13 +221,13 @@ used are not at the current release version. * Import statement: ```python - from arboretum.technology.auditree.checks.test_python_packages import PythonPackageCheck + from arboretum.auditree.checks.test_python_packages import PythonPackageCheck ``` [usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage -[fetch-abandoned-evidence]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/fetchers/fetch_abandoned_evidence.py -[fetch-compliance-config]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/fetchers/fetch_compliance_config.py -[fetch-python-packages]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/fetchers/fetch_python_packages.py -[check-abandoned-evidence]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/checks/test_abandoned_evidence.py -[check-compliance-config]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/checks/test_compliance_config.py -[check-python-packages]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/technology/auditree/checks/test_python_packages.py +[fetch-abandoned-evidence]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/fetchers/fetch_abandoned_evidence.py +[fetch-compliance-config]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/fetchers/fetch_compliance_config.py +[fetch-python-packages]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/fetchers/fetch_python_packages.py +[check-abandoned-evidence]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/checks/test_abandoned_evidence.py +[check-compliance-config]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/checks/test_compliance_config.py +[check-python-packages]: https://github.com/ComplianceAsCode/auditree-arboretum/blob/main/arboretum/auditree/checks/test_python_packages.py diff --git a/arboretum/auditree/__init__.py b/arboretum/auditree/__init__.py new file mode 100644 index 00000000..df7ea152 --- /dev/null +++ b/arboretum/auditree/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Auditree fetchers, checks, and harvest reports.""" diff --git a/arboretum/auditree/checks/__init__.py b/arboretum/auditree/checks/__init__.py new file mode 100644 index 00000000..0bf37755 --- /dev/null +++ b/arboretum/auditree/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Auditree validation checks.""" diff --git a/arboretum/technology/auditree/checks/test_abandoned_evidence.py b/arboretum/auditree/checks/test_abandoned_evidence.py similarity index 100% rename from arboretum/technology/auditree/checks/test_abandoned_evidence.py rename to arboretum/auditree/checks/test_abandoned_evidence.py diff --git a/arboretum/technology/auditree/checks/test_compliance_config.py b/arboretum/auditree/checks/test_compliance_config.py similarity index 100% rename from arboretum/technology/auditree/checks/test_compliance_config.py rename to arboretum/auditree/checks/test_compliance_config.py diff --git a/arboretum/technology/auditree/checks/test_python_packages.py b/arboretum/auditree/checks/test_python_packages.py similarity index 96% rename from arboretum/technology/auditree/checks/test_python_packages.py rename to arboretum/auditree/checks/test_python_packages.py index 05a27185..5b46e741 100644 --- a/arboretum/technology/auditree/checks/test_python_packages.py +++ b/arboretum/auditree/checks/test_python_packages.py @@ -17,11 +17,13 @@ import json from datetime import datetime, timedelta +from arboretum.auditree.evidences.python_package_release import ( + PackageReleaseEvidence +) + from compliance.check import ComplianceCheck from compliance.evidence import DAY, ReportEvidence, with_raw_evidences -from ..evidences.python_package_release import PackageReleaseEvidence - class PythonPackageCheck(ComplianceCheck): """Compare the software versions used in Auditree execution.""" @@ -105,6 +107,10 @@ def test_auditree_framework_version(self, packages, releases): """Check auditree-framework version matches latest release.""" self._test_versions(packages, releases, 'auditree-framework') + @with_raw_evidences( + 'auditree/python_packages.json', + 'auditree/auditree_harvest_releases.xml' + ) def test_auditree_harvest_version(self, packages, releases): """Check auditree-harvest version matches latest release.""" self._test_versions(packages, releases, 'auditree-harvest') diff --git a/arboretum/auditree/evidences/__init__.py b/arboretum/auditree/evidences/__init__.py new file mode 100644 index 00000000..ecb142d3 --- /dev/null +++ b/arboretum/auditree/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Auditree evidence helper modules/classes.""" diff --git a/arboretum/technology/auditree/evidences/python_package_release.py b/arboretum/auditree/evidences/python_package_release.py similarity index 100% rename from arboretum/technology/auditree/evidences/python_package_release.py rename to arboretum/auditree/evidences/python_package_release.py diff --git a/arboretum/auditree/fetchers/__init__.py b/arboretum/auditree/fetchers/__init__.py new file mode 100644 index 00000000..44eedfda --- /dev/null +++ b/arboretum/auditree/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Auditree evidence gathering fetchers.""" diff --git a/arboretum/technology/auditree/fetchers/fetch_abandoned_evidence.py b/arboretum/auditree/fetchers/fetch_abandoned_evidence.py similarity index 100% rename from arboretum/technology/auditree/fetchers/fetch_abandoned_evidence.py rename to arboretum/auditree/fetchers/fetch_abandoned_evidence.py diff --git a/arboretum/technology/auditree/fetchers/fetch_compliance_config.py b/arboretum/auditree/fetchers/fetch_compliance_config.py similarity index 100% rename from arboretum/technology/auditree/fetchers/fetch_compliance_config.py rename to arboretum/auditree/fetchers/fetch_compliance_config.py diff --git a/arboretum/technology/auditree/fetchers/fetch_python_packages.py b/arboretum/auditree/fetchers/fetch_python_packages.py similarity index 97% rename from arboretum/technology/auditree/fetchers/fetch_python_packages.py rename to arboretum/auditree/fetchers/fetch_python_packages.py index e6dd3d1a..00d7de44 100644 --- a/arboretum/technology/auditree/fetchers/fetch_python_packages.py +++ b/arboretum/auditree/fetchers/fetch_python_packages.py @@ -16,10 +16,10 @@ import json -from arboretum.common.constants import PYPI_RSS_BASE_URL -from arboretum.technology.auditree.evidences.python_package_release import ( +from arboretum.auditree.evidences.python_package_release import ( PackageReleaseEvidence ) +from arboretum.common.constants import PYPI_RSS_BASE_URL from compliance.evidence import DAY, RawEvidence, store_raw_evidence from compliance.fetch import ComplianceFetcher diff --git a/arboretum/auditree/reports/__init__.py b/arboretum/auditree/reports/__init__.py new file mode 100644 index 00000000..15aabbbb --- /dev/null +++ b/arboretum/auditree/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Auditree harvest reports and templates.""" diff --git a/arboretum/auditree/templates/default.md.tmpl b/arboretum/auditree/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/auditree/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/technology/auditree/templates/reports/auditree/abandoned_evidence.md.tmpl b/arboretum/auditree/templates/reports/auditree/abandoned_evidence.md.tmpl similarity index 100% rename from arboretum/technology/auditree/templates/reports/auditree/abandoned_evidence.md.tmpl rename to arboretum/auditree/templates/reports/auditree/abandoned_evidence.md.tmpl diff --git a/arboretum/technology/auditree/templates/reports/auditree/compliance_config.md.tmpl b/arboretum/auditree/templates/reports/auditree/compliance_config.md.tmpl similarity index 100% rename from arboretum/technology/auditree/templates/reports/auditree/compliance_config.md.tmpl rename to arboretum/auditree/templates/reports/auditree/compliance_config.md.tmpl diff --git a/arboretum/technology/auditree/templates/reports/auditree/python_packages.md.tmpl b/arboretum/auditree/templates/reports/auditree/python_packages.md.tmpl similarity index 100% rename from arboretum/technology/auditree/templates/reports/auditree/python_packages.md.tmpl rename to arboretum/auditree/templates/reports/auditree/python_packages.md.tmpl diff --git a/arboretum/chef/README.md b/arboretum/chef/README.md new file mode 100644 index 00000000..6004ac89 --- /dev/null +++ b/arboretum/chef/README.md @@ -0,0 +1,27 @@ +# Chef library + +The fetchers and checks contained within this `chef` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/chef/__init__.py b/arboretum/chef/__init__.py new file mode 100644 index 00000000..dbe47ea3 --- /dev/null +++ b/arboretum/chef/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Chef fetchers, checks, and harvest reports.""" diff --git a/arboretum/chef/checks/__init__.py b/arboretum/chef/checks/__init__.py new file mode 100644 index 00000000..10f09376 --- /dev/null +++ b/arboretum/chef/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Chef validation checks.""" diff --git a/arboretum/chef/evidences/__init__.py b/arboretum/chef/evidences/__init__.py new file mode 100644 index 00000000..03c0ad48 --- /dev/null +++ b/arboretum/chef/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Chef evidence helper modules/classes.""" diff --git a/arboretum/chef/fetchers/__init__.py b/arboretum/chef/fetchers/__init__.py new file mode 100644 index 00000000..fc256a57 --- /dev/null +++ b/arboretum/chef/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Chef evidence gathering fetchers.""" diff --git a/arboretum/chef/reports/__init__.py b/arboretum/chef/reports/__init__.py new file mode 100644 index 00000000..85d45718 --- /dev/null +++ b/arboretum/chef/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Chef harvest reports and templates.""" diff --git a/arboretum/chef/templates/default.md.tmpl b/arboretum/chef/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/chef/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/common/__init__.py b/arboretum/common/__init__.py index afd393ab..d72b66af 100644 --- a/arboretum/common/__init__.py +++ b/arboretum/common/__init__.py @@ -12,4 +12,4 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -"""Supporting code common to multiple fetchers/checks.""" +"""Supporting code common to multiple fetchers/checks/reports.""" diff --git a/arboretum/ibm_cloud/README.md b/arboretum/ibm_cloud/README.md new file mode 100644 index 00000000..7cac52c5 --- /dev/null +++ b/arboretum/ibm_cloud/README.md @@ -0,0 +1,27 @@ +# IBM Cloud library + +The fetchers and checks contained within this `ibm_cloud` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/ibm_cloud/__init__.py b/arboretum/ibm_cloud/__init__.py new file mode 100644 index 00000000..b7c09a07 --- /dev/null +++ b/arboretum/ibm_cloud/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""IBM Cloud fetchers, checks, and harvest reports.""" diff --git a/arboretum/ibm_cloud/checks/__init__.py b/arboretum/ibm_cloud/checks/__init__.py new file mode 100644 index 00000000..bfa866c1 --- /dev/null +++ b/arboretum/ibm_cloud/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""IBM Cloud validation checks.""" diff --git a/arboretum/ibm_cloud/evidences/__init__.py b/arboretum/ibm_cloud/evidences/__init__.py new file mode 100644 index 00000000..c9b97c40 --- /dev/null +++ b/arboretum/ibm_cloud/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""IBM Cloud evidence helper modules/classes.""" diff --git a/arboretum/ibm_cloud/fetchers/__init__.py b/arboretum/ibm_cloud/fetchers/__init__.py new file mode 100644 index 00000000..45555b78 --- /dev/null +++ b/arboretum/ibm_cloud/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""IBM Cloud evidence gathering fetchers.""" diff --git a/arboretum/ibm_cloud/reports/__init__.py b/arboretum/ibm_cloud/reports/__init__.py new file mode 100644 index 00000000..5c735cab --- /dev/null +++ b/arboretum/ibm_cloud/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""IBM Cloud harvest reports and templates.""" diff --git a/arboretum/ibm_cloud/templates/default.md.tmpl b/arboretum/ibm_cloud/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/ibm_cloud/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/kubernetes/README.md b/arboretum/kubernetes/README.md new file mode 100644 index 00000000..0adce9f1 --- /dev/null +++ b/arboretum/kubernetes/README.md @@ -0,0 +1,27 @@ +# Kubernetes library + +The fetchers and checks contained within this `kubernetes` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/kubernetes/__init__.py b/arboretum/kubernetes/__init__.py new file mode 100644 index 00000000..3a71271b --- /dev/null +++ b/arboretum/kubernetes/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Kubernetes fetchers, checks, and harvest reports.""" diff --git a/arboretum/kubernetes/checks/__init__.py b/arboretum/kubernetes/checks/__init__.py new file mode 100644 index 00000000..909dee1d --- /dev/null +++ b/arboretum/kubernetes/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Kubernetes validation checks.""" diff --git a/arboretum/kubernetes/evidences/__init__.py b/arboretum/kubernetes/evidences/__init__.py new file mode 100644 index 00000000..6de915df --- /dev/null +++ b/arboretum/kubernetes/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Kubernetes evidence helper modules/classes.""" diff --git a/arboretum/kubernetes/fetchers/__init__.py b/arboretum/kubernetes/fetchers/__init__.py new file mode 100644 index 00000000..52c7c39e --- /dev/null +++ b/arboretum/kubernetes/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Kubernetes evidence gathering fetchers.""" diff --git a/arboretum/kubernetes/reports/__init__.py b/arboretum/kubernetes/reports/__init__.py new file mode 100644 index 00000000..d91109d8 --- /dev/null +++ b/arboretum/kubernetes/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Kubernetes harvest reports and templates.""" diff --git a/arboretum/kubernetes/templates/default.md.tmpl b/arboretum/kubernetes/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/kubernetes/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/object_storage/README.md b/arboretum/object_storage/README.md new file mode 100644 index 00000000..7bc067fb --- /dev/null +++ b/arboretum/object_storage/README.md @@ -0,0 +1,27 @@ +# Object Storage library + +The fetchers and checks contained within this `object_storage` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/object_storage/__init__.py b/arboretum/object_storage/__init__.py new file mode 100644 index 00000000..e299acbf --- /dev/null +++ b/arboretum/object_storage/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Object Storage fetchers, checks, and harvest reports.""" diff --git a/arboretum/object_storage/checks/__init__.py b/arboretum/object_storage/checks/__init__.py new file mode 100644 index 00000000..eff68f9c --- /dev/null +++ b/arboretum/object_storage/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Object Storage validation checks.""" diff --git a/arboretum/object_storage/evidences/__init__.py b/arboretum/object_storage/evidences/__init__.py new file mode 100644 index 00000000..b561665c --- /dev/null +++ b/arboretum/object_storage/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Object Storage evidence helper modules/classes.""" diff --git a/arboretum/object_storage/fetchers/__init__.py b/arboretum/object_storage/fetchers/__init__.py new file mode 100644 index 00000000..1f7e3c5f --- /dev/null +++ b/arboretum/object_storage/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Object Storage evidence gathering fetchers.""" diff --git a/arboretum/object_storage/reports/__init__.py b/arboretum/object_storage/reports/__init__.py new file mode 100644 index 00000000..446d1b4d --- /dev/null +++ b/arboretum/object_storage/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Object Storage harvest reports and templates.""" diff --git a/arboretum/object_storage/templates/default.md.tmpl b/arboretum/object_storage/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/object_storage/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/pager_duty/README.md b/arboretum/pager_duty/README.md new file mode 100644 index 00000000..ce5a90b0 --- /dev/null +++ b/arboretum/pager_duty/README.md @@ -0,0 +1,27 @@ +# Pager Duty library + +The fetchers and checks contained within this `pager_duty` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/pager_duty/__init__.py b/arboretum/pager_duty/__init__.py new file mode 100644 index 00000000..7dbe5f05 --- /dev/null +++ b/arboretum/pager_duty/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Pager Duty fetchers, checks, and harvest reports.""" diff --git a/arboretum/pager_duty/checks/__init__.py b/arboretum/pager_duty/checks/__init__.py new file mode 100644 index 00000000..aa8849a9 --- /dev/null +++ b/arboretum/pager_duty/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Pager Duty validation checks.""" diff --git a/arboretum/pager_duty/evidences/__init__.py b/arboretum/pager_duty/evidences/__init__.py new file mode 100644 index 00000000..6f53ee9c --- /dev/null +++ b/arboretum/pager_duty/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Pager Duty evidence helper modules/classes.""" diff --git a/arboretum/pager_duty/fetchers/__init__.py b/arboretum/pager_duty/fetchers/__init__.py new file mode 100644 index 00000000..6d82ebb7 --- /dev/null +++ b/arboretum/pager_duty/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Pager Duty evidence gathering fetchers.""" diff --git a/arboretum/pager_duty/reports/__init__.py b/arboretum/pager_duty/reports/__init__.py new file mode 100644 index 00000000..db3eaf0f --- /dev/null +++ b/arboretum/pager_duty/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Pager Duty harvest reports and templates.""" diff --git a/arboretum/pager_duty/templates/default.md.tmpl b/arboretum/pager_duty/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/pager_duty/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/splunk/README.md b/arboretum/splunk/README.md new file mode 100644 index 00000000..ffafdda6 --- /dev/null +++ b/arboretum/splunk/README.md @@ -0,0 +1,27 @@ +# Splunk library + +The fetchers and checks contained within this `splunk` category folder are +common tests that can be configured and executed for the purpose of generating +compliance reports and notifications using the [auditree-framework][]. They +validate the configuration and ensure smooth execution of an auditree instance. +See [auditree-framework documentation](https://complianceascode.github.io/auditree-framework/) +for more details. + +These tests are normally executed by a CI/CD system like +[Travis CI](https://travis-ci.com/) as part of another project that uses this +library package as a dependency. + +## Usage as a library + +See [usage][usage] for specifics on including this library as a dependency and +how to include the fetchers and checks from this library in your downstream project. + +## Fetchers + +Fetchers coming soon... + +## Checks + +Checks coming soon... + +[usage]: https://github.com/ComplianceAsCode/auditree-arboretum#usage diff --git a/arboretum/splunk/__init__.py b/arboretum/splunk/__init__.py new file mode 100644 index 00000000..a9230384 --- /dev/null +++ b/arboretum/splunk/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Splunk fetchers, checks, and harvest reports.""" diff --git a/arboretum/splunk/checks/__init__.py b/arboretum/splunk/checks/__init__.py new file mode 100644 index 00000000..a1bb009f --- /dev/null +++ b/arboretum/splunk/checks/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Splunk validation checks.""" diff --git a/arboretum/splunk/evidences/__init__.py b/arboretum/splunk/evidences/__init__.py new file mode 100644 index 00000000..87455614 --- /dev/null +++ b/arboretum/splunk/evidences/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Splunk evidence helper modules/classes.""" diff --git a/arboretum/splunk/fetchers/__init__.py b/arboretum/splunk/fetchers/__init__.py new file mode 100644 index 00000000..cd7428b7 --- /dev/null +++ b/arboretum/splunk/fetchers/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Splunk evidence gathering fetchers.""" diff --git a/arboretum/splunk/reports/__init__.py b/arboretum/splunk/reports/__init__.py new file mode 100644 index 00000000..531a5485 --- /dev/null +++ b/arboretum/splunk/reports/__init__.py @@ -0,0 +1,15 @@ +# -*- mode:python; coding:utf-8 -*- +# Copyright (c) 2020 IBM Corp. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Splunk harvest reports and templates.""" diff --git a/arboretum/splunk/templates/default.md.tmpl b/arboretum/splunk/templates/default.md.tmpl new file mode 100644 index 00000000..7055b20d --- /dev/null +++ b/arboretum/splunk/templates/default.md.tmpl @@ -0,0 +1,77 @@ +{#- -*- mode:jinja2; coding: utf-8 -*- -#} +{# +Copyright (c) 2020 IBM Corp. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +#} + +# {{ test.title }} Report {{ now.strftime('%Y-%m-%d') }} +{% if test.total_issues_count(results) == 0 %} +No issues found! +{% else %} +## Results + +{% if test.warnings_for_check_count(results) > 0 -%} +* [Warnings](#warnings): {{ test.warnings_for_check_count(results) }} +{% for k in all_warnings.keys() -%} + {% if all_warnings[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_warnings[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif %} +{% if test.failures_for_check_count(results) > 0 %} +* [Failures](#failures): {{ test.failures_for_check_count(results) }} +{% for k in all_failures.keys() -%} + {% if all_failures[k]|length > 0 -%} + {% set anchor = k.lower()|replace(' ', '-') %} + * [{{ k|capitalize }}](#{{ anchor }}): {{ all_failures[k]|length }} + {%- endif %} +{%- endfor -%} +{% endif -%} +{% endif %} + + +{% if test.warnings_for_check_count(results) > 0 -%} +## Warnings + +{% for type in all_warnings.keys()|sort -%} +{% if all_warnings[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_warnings[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at }}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} + +{% if test.failures_for_check_count(results) > 0 -%} +## Failures + +{% for type in all_failures.keys()|sort -%} +{% if all_failures[type]|length > 0 %} +#### {{ type|capitalize }} #### +{% for at in all_failures[type]| sort %} +{% if not link -%} +* {{ at -}} +{%- else -%} +* [{{ at -}}]({{ link }}/{{ at }}) +{%- endif %} +{%- endfor %} +{% endif -%} +{% endfor %} +{% endif %} diff --git a/arboretum/technology/__init__.py b/arboretum/technology/__init__.py deleted file mode 100644 index 006ebd5b..00000000 --- a/arboretum/technology/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- mode:python; coding:utf-8 -*- -# Copyright (c) 2020 IBM Corp. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""Fetchers & checks associated to a specific, vendor agnostic technology.""" diff --git a/arboretum/technology/auditree/__init__.py b/arboretum/technology/auditree/__init__.py deleted file mode 100644 index abf0a00b..00000000 --- a/arboretum/technology/auditree/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- mode:python; coding:utf-8 -*- -# Copyright (c) 2020 IBM Corp. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""arboretum.technology.auditree fetchers, checks, and harvest reports.""" diff --git a/arboretum/technology/auditree/evidences/__init__.py b/arboretum/technology/auditree/evidences/__init__.py deleted file mode 100644 index 494ab8f4..00000000 --- a/arboretum/technology/auditree/evidences/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- mode:python; coding:utf-8 -*- -# Copyright (c) 2020 IBM Corp. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""arboretum.technology.auditree evidence helper modules/classes.""" diff --git a/controls.json b/controls.json index 8fd1188b..b933f3b1 100644 --- a/controls.json +++ b/controls.json @@ -1,17 +1,17 @@ { - "arboretum.technology.auditree.checks.test_abandoned_evidence.AbandonedEvidenceCheck": { + "arboretum.auditree.checks.test_abandoned_evidence.AbandonedEvidenceCheck": { "auditree_evidence": { - "auditree_control": ["tech.auditree"] + "auditree_control": ["arboretum.auditree"] } }, - "arboretum.technology.auditree.checks.test_compliance_config.ComplianceConfigCheck": { + "arboretum.auditree.checks.test_compliance_config.ComplianceConfigCheck": { "auditree_evidence": { - "auditree_control": ["tech.auditree"] + "auditree_control": ["arboretum.auditree"] } }, - "arboretum.technology.auditree.checks.test_python_packages.PythonPackageCheck": { + "arboretum.auditree.checks.test_python_packages.PythonPackageCheck": { "auditree_evidence": { - "auditree_control": ["tech.auditree"] + "auditree_control": ["arboretum.auditree"] } } } diff --git a/test/test_evidences/test_python_package_release.py b/test/test_evidences/test_python_package_release.py index e7f83377..ee75e7c4 100644 --- a/test/test_evidences/test_python_package_release.py +++ b/test/test_evidences/test_python_package_release.py @@ -16,7 +16,7 @@ import unittest -from arboretum.technology.auditree.evidences.python_package_release import ( +from arboretum.auditree.evidences.python_package_release import ( PackageReleaseEvidence )