From 276b8257964a530113b827a643f245c4562ba248 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 12:12:40 +0200 Subject: [PATCH 01/11] Add Gemfile for easier dev env --- Gemfile | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 Gemfile diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..b4e2a20 --- /dev/null +++ b/Gemfile @@ -0,0 +1,3 @@ +source "https://rubygems.org" + +gemspec From 79e73b935b739a054e3a24f83ffa788810d10a05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 12:15:52 +0200 Subject: [PATCH 02/11] chores: renovate dependencies --- openscap.gemspec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/openscap.gemspec b/openscap.gemspec index 5427a61..1763c17 100644 --- a/openscap.gemspec +++ b/openscap.gemspec @@ -18,8 +18,10 @@ GEMSPEC = Gem::Specification.new do |gem| gem.description = "A FFI wrapper around the OpenSCAP library. Currently it provides only subset of libopenscap functionality." - gem.add_development_dependency 'bundler', '>=1.0.0' - gem.add_runtime_dependency 'ffi', '>= 1.0.9' + gem.add_development_dependency 'test-unit' + gem.add_development_dependency :rake + gem.add_development_dependency :rubocop + gem.add_runtime_dependency 'ffi', '~> 1.15.5' gem.files = Dir['{lib,test}/**/*'] + ['COPYING', 'README.md', 'Rakefile'] gem.require_path = 'lib' From 6d0f746cd6304e85cfe46aadd42787153a2e5701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 12:15:52 +0200 Subject: [PATCH 03/11] chores: renovate dependencies --- runtest.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/runtest.sh b/runtest.sh index c1409c9..81b32a1 100755 --- a/runtest.sh +++ b/runtest.sh @@ -2,7 +2,7 @@ set -e -o pipefail set -x rm -f openscap-*.gem -gem build openscap.gemspec -gem install openscap-*.gem -rake test -rubocop +#gem build openscap.gemspec +#gem install openscap-*.gem +bundle exec rake test +bundle exec rubocop From 06611bac7f032ac4db3f3103b1163e374330a827 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 13:09:26 +0200 Subject: [PATCH 04/11] chores renovate: ci --- .github/workflows/test.yml | 24 ++++++++++++++++++++++++ runtest.sh | 3 ++- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..77073e1 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,24 @@ +name: test + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: "3.2" + bundler-cache: true + - run: | + sudo apt-get update + sudo apt-get -y install libopenscap8 + - run: | + bundle install + - run: | + ./runtest.sh diff --git a/runtest.sh b/runtest.sh index 81b32a1..5e813fa 100755 --- a/runtest.sh +++ b/runtest.sh @@ -1,8 +1,9 @@ +#!/bin/bash set -e -o pipefail set -x rm -f openscap-*.gem -#gem build openscap.gemspec +gem build openscap.gemspec #gem install openscap-*.gem bundle exec rake test bundle exec rubocop From 6ab6837bd9f6b6edbcff356811c307e7302da8f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 13:27:10 +0200 Subject: [PATCH 05/11] update rubocop config --- .rubocop.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 6976402..584a55e 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,12 +1,19 @@ inherit_from: - .rubocop_todo.yml +AllCops: + NewCops: enable + TargetRubyVersion: 3.2.2 + AllowSymlinksInCacheRootDirectory: true + SuggestExtensions: + rubocop-rake: false + Metrics/AbcSize: Max: 16 Exclude: - 'test/**/*' -Metrics/LineLength: +Layout/LineLength: Max: 110 Exclude: - 'test/**/*' @@ -21,7 +28,3 @@ Style/HashSyntax: Style/SymbolArray: EnforcedStyle: brackets - -Naming/UncommunicativeMethodParamName: - Exclude: - - '**/*' From e320ff61339ac8a14ef61f8a4399fef27eaadb1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 13:31:37 +0200 Subject: [PATCH 06/11] rubocop automatic fixes --- Gemfile | 4 +++- Rakefile | 2 +- lib/openscap/xccdf/item.rb | 2 +- lib/openscap/xccdf/session.rb | 2 +- lib/openscap/xccdf/testresult.rb | 3 +-- openscap.gemspec | 1 - test/ds/arf_test.rb | 10 +++++----- test/source_test.rb | 8 ++++---- test/xccdf/arf_test.rb | 3 +-- test/xccdf/session_ds_test.rb | 2 +- test/xccdf/session_test.rb | 4 ++-- test/xccdf/testresult_test.rb | 2 +- 12 files changed, 21 insertions(+), 22 deletions(-) diff --git a/Gemfile b/Gemfile index b4e2a20..7f4f5e9 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,5 @@ -source "https://rubygems.org" +# frozen_string_literal: true + +source 'https://rubygems.org' gemspec diff --git a/Rakefile b/Rakefile index 128eb0e..d827466 100644 --- a/Rakefile +++ b/Rakefile @@ -7,5 +7,5 @@ Bundler::GemHelper.install_tasks :name => 'openscap' task :test do $LOAD_PATH.unshift('lib') $LOAD_PATH.unshift('test') - Dir.glob('./test/**/*_test.rb') { |f| require f } + Dir.glob('./test/**/*_test.rb').each { |f| require f } end diff --git a/lib/openscap/xccdf/item.rb b/lib/openscap/xccdf/item.rb index a75a9a8..32302a2 100644 --- a/lib/openscap/xccdf/item.rb +++ b/lib/openscap/xccdf/item.rb @@ -25,7 +25,7 @@ def self.build(t) end def initialize(t) - if self.class == OpenSCAP::Xccdf::Item + if instance_of?(OpenSCAP::Xccdf::Item) raise OpenSCAP::OpenSCAPError, "Cannot initialize #{self.class.name} abstract base class." end diff --git a/lib/openscap/xccdf/session.rb b/lib/openscap/xccdf/session.rb index 70fc918..4202a79 100644 --- a/lib/openscap/xccdf/session.rb +++ b/lib/openscap/xccdf/session.rb @@ -31,7 +31,7 @@ def load(opts = {}) def profile=(p) @profile = p if OpenSCAP.xccdf_session_set_profile_id(@s, p) == false - raise OpenSCAPError, "No profile '" + p + "' found" + raise OpenSCAPError, "No profile '#{p}' found" end end diff --git a/lib/openscap/xccdf/testresult.rb b/lib/openscap/xccdf/testresult.rb index ec51cd2..5124c9f 100644 --- a/lib/openscap/xccdf/testresult.rb +++ b/lib/openscap/xccdf/testresult.rb @@ -8,8 +8,7 @@ module OpenSCAP module Xccdf class TestResult - attr_reader :rr - attr_reader :raw + attr_reader :rr, :raw def initialize(t) case t diff --git a/openscap.gemspec b/openscap.gemspec index 1763c17..5e05478 100644 --- a/openscap.gemspec +++ b/openscap.gemspec @@ -6,7 +6,6 @@ require File.expand_path('lib/openscap/version', __dir__) GEMSPEC = Gem::Specification.new do |gem| gem.name = 'openscap' gem.version = OpenSCAP::VERSION - gem.date = Date.today.to_s gem.platform = Gem::Platform::RUBY gem.author = 'Simon Lukasik' diff --git a/test/ds/arf_test.rb b/test/ds/arf_test.rb index d8b36a7..f7ed528 100644 --- a/test/ds/arf_test.rb +++ b/test/ds/arf_test.rb @@ -15,7 +15,7 @@ def test_arf_new_nil rescue OpenSCAP::OpenSCAPError => e msg = e.to_s end - assert msg.start_with?("Cannot initialize OpenSCAP::DS::Arf with ''"), 'Message was: ' + msg + assert msg.start_with?("Cannot initialize OpenSCAP::DS::Arf with ''"), "Message was: #{msg}" end def test_arf_new_wrong_format @@ -27,7 +27,7 @@ def test_arf_new_wrong_format msg = e.to_s end assert msg.include?('Could not create Result DataStream session: File is not Result DataStream.'), - 'Message was: ' + msg + "Message was: #{msg}" end def test_create_arf_and_get_html @@ -58,7 +58,7 @@ def test_new_memory def test_new_bz_memory bziped_file = new_arf_bz - raw_data = File.open(bziped_file, 'rb').read + raw_data = File.binread(bziped_file) assert !raw_data.empty? len = File.size(bziped_file) FileUtils.rm bziped_file @@ -77,8 +77,8 @@ def test_new_bz_file def new_arf_bz create_arf - system('/usr/bin/bzip2 ' + REPORT) - REPORT + '.bz2' + system("/usr/bin/bzip2 #{REPORT}") + "#{REPORT}.bz2" end def new_arf diff --git a/test/source_test.rb b/test/source_test.rb index ad6a600..311116f 100644 --- a/test/source_test.rb +++ b/test/source_test.rb @@ -13,7 +13,7 @@ def test_source_new_nil rescue OpenSCAP::OpenSCAPError => e msg = e.to_s end - assert msg.start_with?('No filename specified!'), 'Message was: ' + msg + assert msg.start_with?('No filename specified!'), "Message was: #{msg}" end def test_source_new_ok @@ -59,11 +59,11 @@ def test_validate_invalid msg = e.to_s end assert msg.start_with?('Invalid XCCDF Checklist (1.2) content in ../data/invalid.xml.'), - 'Message was: ' + msg + "Message was: #{msg}" assert msg.include?("../data/invalid.xml:3: Element '{http"), - 'Message was: ' + msg + "Message was: #{msg}" assert msg.include?('This element is not expected. Expected is'), - 'Message was: ' + msg + "Message was: #{msg}" s.destroy end diff --git a/test/xccdf/arf_test.rb b/test/xccdf/arf_test.rb index 47a7244..c2e853b 100644 --- a/test/xccdf/arf_test.rb +++ b/test/xccdf/arf_test.rb @@ -38,7 +38,6 @@ def benchmark_from_arf_file _test_results = arf.test_result source_datastream = arf.report_request bench_source = source_datastream.select_checklist! - benchmark = OpenSCAP::Xccdf::Benchmark.new(bench_source) - benchmark + OpenSCAP::Xccdf::Benchmark.new(bench_source) end end diff --git a/test/xccdf/session_ds_test.rb b/test/xccdf/session_ds_test.rb index 37b1cca..f84716d 100644 --- a/test/xccdf/session_ds_test.rb +++ b/test/xccdf/session_ds_test.rb @@ -111,6 +111,6 @@ def test_remediate def assert_exported(files) # libopenscap compiled with --enable-debug creates debug files FileUtils.rm_rf(Dir.glob('oscap_debug.log.*')) - assert files.sort == Dir.glob('*').sort + assert files.sort == Dir.glob('*') end end diff --git a/test/xccdf/session_test.rb b/test/xccdf/session_test.rb index 64115e3..b341a9f 100644 --- a/test/xccdf/session_test.rb +++ b/test/xccdf/session_test.rb @@ -12,7 +12,7 @@ def test_session_new_bad rescue OpenSCAP::OpenSCAPError => e msg = e.to_s end - assert msg.start_with?("Unable to open file: ''"), 'Message was: ' + msg + assert msg.start_with?("Unable to open file: ''"), "Message was: #{msg}" end def test_session_new_nil @@ -23,7 +23,7 @@ def test_session_new_nil rescue OpenSCAP::OpenSCAPError => e msg = e.to_s end - assert msg.start_with?('No filename specified!'), 'Message was: ' + msg + assert msg.start_with?('No filename specified!'), "Message was: #{msg}" end def test_sds_false diff --git a/test/xccdf/testresult_test.rb b/test/xccdf/testresult_test.rb index babfd29..690de7b 100644 --- a/test/xccdf/testresult_test.rb +++ b/test/xccdf/testresult_test.rb @@ -18,7 +18,7 @@ def test_testresult_new_bad msg = e.to_s end assert msg.start_with?("Expected 'TestResult' element while found 'Benchmark'."), - 'Message was: ' + msg + "Message was: #{msg}" end def test_result_create_and_query_properties From 05dd4087509a6d8033dcac4d96c9c5815b166f38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 14:06:40 +0200 Subject: [PATCH 07/11] rubocop manual fixes --- .rubocop.yml | 10 ++++++++++ Gemfile | 6 ++++++ lib/openscap/xccdf.rb | 2 +- openscap.gemspec | 4 +--- 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 584a55e..97954c4 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -18,6 +18,10 @@ Layout/LineLength: Exclude: - 'test/**/*' +Lint/FloatComparison: + Exclude: + - 'test/**/*' + Metrics/MethodLength: Max: 13 Exclude: @@ -28,3 +32,9 @@ Style/HashSyntax: Style/SymbolArray: EnforcedStyle: brackets + +Naming/MethodParameterName: + Enabled: false + +Gemspec/RequireMFA: + Enabled: false diff --git a/Gemfile b/Gemfile index 7f4f5e9..e2eb384 100644 --- a/Gemfile +++ b/Gemfile @@ -3,3 +3,9 @@ source 'https://rubygems.org' gemspec + +group :development do + gem 'rake' + gem 'rubocop' + gem 'test-unit' +end diff --git a/lib/openscap/xccdf.rb b/lib/openscap/xccdf.rb index 7b907a6..e8c0033 100644 --- a/lib/openscap/xccdf.rb +++ b/lib/openscap/xccdf.rb @@ -6,7 +6,7 @@ module OpenSCAP module Xccdf NUMERIC = :float - class Item + class Item # rubocop:disable Lint/EmptyClass end end end diff --git a/openscap.gemspec b/openscap.gemspec index 5e05478..a782026 100644 --- a/openscap.gemspec +++ b/openscap.gemspec @@ -7,6 +7,7 @@ GEMSPEC = Gem::Specification.new do |gem| gem.name = 'openscap' gem.version = OpenSCAP::VERSION gem.platform = Gem::Platform::RUBY + gem.required_ruby_version = '>= 3.2.2' gem.author = 'Simon Lukasik' gem.email = 'isimluk@fedoraproject.org' @@ -17,9 +18,6 @@ GEMSPEC = Gem::Specification.new do |gem| gem.description = "A FFI wrapper around the OpenSCAP library. Currently it provides only subset of libopenscap functionality." - gem.add_development_dependency 'test-unit' - gem.add_development_dependency :rake - gem.add_development_dependency :rubocop gem.add_runtime_dependency 'ffi', '~> 1.15.5' gem.files = Dir['{lib,test}/**/*'] + ['COPYING', 'README.md', 'Rakefile'] From 28a7412dd34fbb9ec7f8c4e77005440bd36224ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 14:59:54 +0200 Subject: [PATCH 08/11] modernize hash and array style --- .rubocop.yml | 6 ----- Rakefile | 2 +- lib/openscap/ds/arf.rb | 6 ++--- lib/openscap/ds/sds.rb | 4 ++-- lib/openscap/source.rb | 8 +++---- lib/openscap/text.rb | 4 ++-- lib/openscap/xccdf/fix.rb | 8 +++---- lib/openscap/xccdf/reference.rb | 6 ++--- lib/openscap/xccdf/rule.rb | 12 +++++----- lib/openscap/xccdf/session.rb | 34 ++++++++++++++--------------- lib/openscap/xccdf/tailoring.rb | 2 +- lib/openscap/xccdf/testresult.rb | 10 ++++----- test/ds/arf_test.rb | 8 +++---- test/ds/sds_test.rb | 6 ++--- test/integration/arf_waiver_test.rb | 10 ++++----- test/source_test.rb | 2 +- test/xccdf/benchmark_test.rb | 20 ++++++++--------- test/xccdf/session_ds_test.rb | 24 ++++++++++---------- test/xccdf/testresult_test.rb | 16 +++++++------- 19 files changed, 91 insertions(+), 97 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 97954c4..41852e1 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -27,12 +27,6 @@ Metrics/MethodLength: Exclude: - 'test/**/*' -Style/HashSyntax: - EnforcedStyle: hash_rockets - -Style/SymbolArray: - EnforcedStyle: brackets - Naming/MethodParameterName: Enabled: false diff --git a/Rakefile b/Rakefile index d827466..778307e 100644 --- a/Rakefile +++ b/Rakefile @@ -2,7 +2,7 @@ require 'bundler' -Bundler::GemHelper.install_tasks :name => 'openscap' +Bundler::GemHelper.install_tasks name: 'openscap' task :test do $LOAD_PATH.unshift('lib') diff --git a/lib/openscap/ds/arf.rb b/lib/openscap/ds/arf.rb index d7904d3..7254cbc 100644 --- a/lib/openscap/ds/arf.rb +++ b/lib/openscap/ds/arf.rb @@ -58,8 +58,8 @@ def html attach_function :ds_rds_session_new_from_source, [:pointer], :pointer attach_function :ds_rds_session_free, [:pointer], :void - attach_function :ds_rds_session_select_report, [:pointer, :string], :pointer - attach_function :ds_rds_session_replace_report_with_source, [:pointer, :pointer], :int - attach_function :ds_rds_session_select_report_request, [:pointer, :string], :pointer + attach_function :ds_rds_session_select_report, %i[pointer string], :pointer + attach_function :ds_rds_session_replace_report_with_source, %i[pointer pointer], :int + attach_function :ds_rds_session_select_report_request, %i[pointer string], :pointer attach_function :ds_rds_session_get_html_report, [:pointer], :pointer end diff --git a/lib/openscap/ds/sds.rb b/lib/openscap/ds/sds.rb index 9642adb..ae88be3 100644 --- a/lib/openscap/ds/sds.rb +++ b/lib/openscap/ds/sds.rb @@ -43,6 +43,6 @@ def destroy attach_function :ds_sds_session_new_from_source, [:pointer], :pointer attach_function :ds_sds_session_free, [:pointer], :void - attach_function :ds_sds_session_select_checklist, [:pointer, :string, :string, :string], :pointer - attach_function :ds_sds_session_get_html_guide, [:pointer, :string], :string + attach_function :ds_sds_session_select_checklist, %i[pointer string string string], :pointer + attach_function :ds_sds_session_get_html_guide, %i[pointer string], :string end diff --git a/lib/openscap/source.rb b/lib/openscap/source.rb index 9f50485..702bf9d 100644 --- a/lib/openscap/source.rb +++ b/lib/openscap/source.rb @@ -51,13 +51,13 @@ def create_from_memory(param) end attach_function :oscap_source_new_from_file, [:string], :pointer - attach_function :oscap_source_new_from_memory, [:pointer, :int, :string], :pointer + attach_function :oscap_source_new_from_memory, %i[pointer int string], :pointer attach_function :oscap_source_get_scap_type, [:pointer], :int attach_function :oscap_source_free, [:pointer], :void - attach_function :oscap_source_save_as, [:pointer, :string], :int + attach_function :oscap_source_save_as, %i[pointer string], :int - callback :xml_reporter, [:string, :int, :string, :pointer], :int - attach_function :oscap_source_validate, [:pointer, :xml_reporter, :pointer], :int + callback :xml_reporter, %i[string int string pointer], :int + attach_function :oscap_source_validate, %i[pointer xml_reporter pointer], :int XmlReporterCallback = proc do |filename, line_number, error_message, e| offset = e.get_string(0).length msg = "#{filename}:#{line_number}: #{error_message}" diff --git a/lib/openscap/text.rb b/lib/openscap/text.rb index 6a1141c..89a9422 100644 --- a/lib/openscap/text.rb +++ b/lib/openscap/text.rb @@ -37,10 +37,10 @@ def destroy end attach_function :oscap_text_new, [], :pointer - attach_function :oscap_text_set_text, [:pointer, :string], :bool + attach_function :oscap_text_set_text, %i[pointer string], :bool attach_function :oscap_text_get_text, [:pointer], :string attach_function :oscap_text_free, [:pointer], :void - attach_function :oscap_textlist_get_preferred_plaintext, [:pointer, :string], :string + attach_function :oscap_textlist_get_preferred_plaintext, %i[pointer string], :string attach_function :oscap_text_iterator_free, [:pointer], :void end diff --git a/lib/openscap/xccdf/fix.rb b/lib/openscap/xccdf/fix.rb index fbf1acb..57ac09b 100644 --- a/lib/openscap/xccdf/fix.rb +++ b/lib/openscap/xccdf/fix.rb @@ -29,10 +29,10 @@ def content def to_hash { - :id => id, - :platform => platform, - :system => fix_system, - :content => content + id:, + platform:, + system: fix_system, + content: } end end diff --git a/lib/openscap/xccdf/reference.rb b/lib/openscap/xccdf/reference.rb index c8335f1..0d61271 100644 --- a/lib/openscap/xccdf/reference.rb +++ b/lib/openscap/xccdf/reference.rb @@ -24,9 +24,9 @@ def html_link def to_hash { - :title => title, - :href => href, - :html_link => html_link + title:, + href:, + html_link: } end end diff --git a/lib/openscap/xccdf/rule.rb b/lib/openscap/xccdf/rule.rb index fc192c0..93d2f85 100644 --- a/lib/openscap/xccdf/rule.rb +++ b/lib/openscap/xccdf/rule.rb @@ -11,12 +11,12 @@ class Rule < Item def severity severity = OpenSCAP.xccdf_rule_get_severity(@raw) severity_mapping = { - :xccdf_level_not_defined => 'Not defined', - :xccdf_unknown => 'Unknown', - :xccdf_info => 'Info', - :xccdf_low => 'Low', - :xccdf_medium => 'Medium', - :xccdf_high => 'High' + xccdf_level_not_defined: 'Not defined', + xccdf_unknown: 'Unknown', + xccdf_info: 'Info', + xccdf_low: 'Low', + xccdf_medium: 'Medium', + xccdf_high: 'High' } severity_mapping[severity] || severity_mapping[:xccdf_unknown] end diff --git a/lib/openscap/xccdf/session.rb b/lib/openscap/xccdf/session.rb index 4202a79..3bb3af5 100644 --- a/lib/openscap/xccdf/session.rb +++ b/lib/openscap/xccdf/session.rb @@ -17,8 +17,8 @@ def sds? def load(opts = {}) o = { - :datastream_id => nil, - :component_id => nil + datastream_id: nil, + component_id: nil }.merge(opts) if sds? OpenSCAP.xccdf_session_set_datastream_id(@s, o[:datastream_id]) @@ -45,12 +45,12 @@ def remediate def export_results(opts = {}) o = { - :rds_file => nil, - :xccdf_file => nil, - :report_file => nil, - :oval_results => false, - :oval_variables => false, - :engines_results => false + rds_file: nil, + xccdf_file: nil, + report_file: nil, + oval_results: false, + oval_variables: false, + engines_results: false }.merge!(opts) export_targets o export @@ -94,13 +94,13 @@ def export_targets(opts = {}) attach_function :xccdf_session_is_sds, [:pointer], :bool - attach_function :xccdf_session_set_profile_id, [:pointer, :string], :bool - attach_function :xccdf_session_set_datastream_id, [:pointer, :string], :void - attach_function :xccdf_session_set_component_id, [:pointer, :string], :void - attach_function :xccdf_session_set_arf_export, [:pointer, :string], :bool - attach_function :xccdf_session_set_xccdf_export, [:pointer, :string], :bool - attach_function :xccdf_session_set_report_export, [:pointer, :string], :bool - attach_function :xccdf_session_set_oval_variables_export, [:pointer, :bool], :void - attach_function :xccdf_session_set_oval_results_export, [:pointer, :bool], :void - attach_function :xccdf_session_set_check_engine_plugins_results_export, [:pointer, :bool], :void + attach_function :xccdf_session_set_profile_id, %i[pointer string], :bool + attach_function :xccdf_session_set_datastream_id, %i[pointer string], :void + attach_function :xccdf_session_set_component_id, %i[pointer string], :void + attach_function :xccdf_session_set_arf_export, %i[pointer string], :bool + attach_function :xccdf_session_set_xccdf_export, %i[pointer string], :bool + attach_function :xccdf_session_set_report_export, %i[pointer string], :bool + attach_function :xccdf_session_set_oval_variables_export, %i[pointer bool], :void + attach_function :xccdf_session_set_oval_results_export, %i[pointer bool], :void + attach_function :xccdf_session_set_check_engine_plugins_results_export, %i[pointer bool], :void end diff --git a/lib/openscap/xccdf/tailoring.rb b/lib/openscap/xccdf/tailoring.rb index 11a15d0..5b5c6d3 100644 --- a/lib/openscap/xccdf/tailoring.rb +++ b/lib/openscap/xccdf/tailoring.rb @@ -43,7 +43,7 @@ def profiles_init end end - attach_function :xccdf_tailoring_import_source, [:pointer, :pointer], :pointer + attach_function :xccdf_tailoring_import_source, %i[pointer pointer], :pointer attach_function :xccdf_tailoring_free, [:pointer], :void attach_function :xccdf_tailoring_get_profiles, [:pointer], :pointer diff --git a/lib/openscap/xccdf/testresult.rb b/lib/openscap/xccdf/testresult.rb index 5124c9f..8461198 100644 --- a/lib/openscap/xccdf/testresult.rb +++ b/lib/openscap/xccdf/testresult.rb @@ -72,9 +72,9 @@ def score_init while OpenSCAP.xccdf_score_iterator_has_more(scorit) s = OpenSCAP.xccdf_score_iterator_next(scorit) scores[OpenSCAP.xccdf_score_get_system(s)] = { - :system => OpenSCAP.xccdf_score_get_system(s), - :value => OpenSCAP.xccdf_score_get_score(s), - :max => OpenSCAP.xccdf_score_get_maximum(s) + system: OpenSCAP.xccdf_score_get_system(s), + value: OpenSCAP.xccdf_score_get_score(s), + max: OpenSCAP.xccdf_score_get_maximum(s) } end OpenSCAP.xccdf_score_iterator_free(scorit) @@ -87,8 +87,8 @@ def score_init attach_function :xccdf_result_free, [:pointer], :void attach_function :xccdf_result_get_id, [:pointer], :string attach_function :xccdf_result_get_profile, [:pointer], :string - attach_function :xccdf_result_recalculate_scores, [:pointer, :pointer], :int - attach_function :xccdf_result_export_source, [:pointer, :string], :pointer + attach_function :xccdf_result_recalculate_scores, %i[pointer pointer], :int + attach_function :xccdf_result_export_source, %i[pointer string], :pointer attach_function :xccdf_result_get_rule_results, [:pointer], :pointer attach_function :xccdf_rule_result_iterator_has_more, [:pointer], :bool diff --git a/test/ds/arf_test.rb b/test/ds/arf_test.rb index f7ed528..6306ad4 100644 --- a/test/ds/arf_test.rb +++ b/test/ds/arf_test.rb @@ -52,7 +52,7 @@ def test_new_memory create_arf raw_data = File.read(REPORT) refute raw_data.empty? - arf = OpenSCAP::DS::Arf.new :content => raw_data, :path => REPORT + arf = OpenSCAP::DS::Arf.new content: raw_data, path: REPORT arf.destroy end @@ -62,7 +62,7 @@ def test_new_bz_memory assert !raw_data.empty? len = File.size(bziped_file) FileUtils.rm bziped_file - arf = OpenSCAP::DS::Arf.new :content => raw_data, :path => bziped_file, :length => len + arf = OpenSCAP::DS::Arf.new content: raw_data, path: bziped_file, length: len arf.destroy end @@ -88,9 +88,9 @@ def new_arf def create_arf @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate - @s.export_results(:rds_file => 'report.rds.xml') + @s.export_results(rds_file: 'report.rds.xml') end end diff --git a/test/ds/sds_test.rb b/test/ds/sds_test.rb index d7e2ff1..c541fd5 100644 --- a/test/ds/sds_test.rb +++ b/test/ds/sds_test.rb @@ -16,7 +16,7 @@ def test_new_non_sds assert !@s.nil? msg = nil begin - OpenSCAP::DS::Sds.new :source => @s + OpenSCAP::DS::Sds.new source: @s assert false rescue OpenSCAP::OpenSCAPError => e msg = e.to_s @@ -48,7 +48,7 @@ def tests_select_checklist_wrong sds = new_sds msg = nil begin - benchmark = sds.select_checklist! :datastream_id => 'wrong' + benchmark = sds.select_checklist! datastream_id: 'wrong' assert false rescue OpenSCAP::OpenSCAPError => e msg = e.to_s @@ -64,7 +64,7 @@ def new_sds filename = '../data/sds-complex.xml' @s = OpenSCAP::Source.new filename assert !@s.nil? - sds = OpenSCAP::DS::Sds.new :source => @s + sds = OpenSCAP::DS::Sds.new source: @s assert !sds.nil? sds end diff --git a/test/integration/arf_waiver_test.rb b/test/integration/arf_waiver_test.rb index d8703ff..738bdc8 100644 --- a/test/integration/arf_waiver_test.rb +++ b/test/integration/arf_waiver_test.rb @@ -14,10 +14,10 @@ def test_waiver_and_score assert_default_score tr.score, -1, 1 assert_default_score tr.score!(benchmark), -1, 1 - rr.override!(:new_result => :pass, - :time => 'yesterday', - :authority => 'John Hacker', - :raw_text => 'This should have passed') + rr.override!(new_result: :pass, + time: 'yesterday', + authority: 'John Hacker', + raw_text: 'This should have passed') assert rr.result == 'pass' assert_default_score tr.score, -1, 1 @@ -85,7 +85,7 @@ def arf_init @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') @s.load @s.evaluate - @s.export_results(:rds_file => 'report.rds.xml') + @s.export_results(rds_file: 'report.rds.xml') OpenSCAP::DS::Arf.new('report.rds.xml') end end diff --git a/test/source_test.rb b/test/source_test.rb index 311116f..e6aa17a 100644 --- a/test/source_test.rb +++ b/test/source_test.rb @@ -24,7 +24,7 @@ def test_source_new_ok def test_source_new_memory raw_data = File.read('../data/xccdf.xml') refute raw_data.empty? - s = OpenSCAP::Source.new(:content => raw_data, :path => '/mytestpath') + s = OpenSCAP::Source.new(content: raw_data, path: '/mytestpath') s.destroy end diff --git a/test/xccdf/benchmark_test.rb b/test/xccdf/benchmark_test.rb index f73d0d1..c4493c5 100644 --- a/test/xccdf/benchmark_test.rb +++ b/test/xccdf/benchmark_test.rb @@ -78,12 +78,12 @@ def test_items_severity def test_items_references b = benchmark_from_file install_hids_rule = b.items['xccdf_org.ssgproject.content_rule_install_hids'] - expected_references = [{ :title => 'SC-7', - :href => 'http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final.pdf', - :html_link => "SC-7" }, - { :title => '1263', - :href => 'http://iase.disa.mil/cci/index.html', - :html_link => "1263" }] + expected_references = [{ title: 'SC-7', + href: 'http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final.pdf', + html_link: "SC-7" }, + { title: '1263', + href: 'http://iase.disa.mil/cci/index.html', + html_link: "1263" }] assert_equal(expected_references, install_hids_rule.references.map(&:to_hash), 'Install hids references should be equal') b.destroy end @@ -93,10 +93,10 @@ def test_items_fixes login_defs_rule = b.items['xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs'] expected_content = ["var_accounts_minimum_age_login_defs=\"\"\ngrep -q ^PASS_MIN_DAYS /etc/login.defs && \\\nsed -i \"s/PASS_MIN_DAYS.*/PASS_MIN_DAYS\\t$var_accounts_minimum_age_login_defs/g\" /etc/login.defs\nif ! [ $? -eq 0 ]\nthen\n echo -e \"PASS_MIN_DAYS\\t$var_accounts_minimum_age_login_defs\" >> /etc/login.defs\nfi\n"] expected_hashes = [{ - :id => nil, - :platform => nil, - :content => expected_content.first, - :system => 'urn:xccdf:fix:script:sh' + id: nil, + platform: nil, + content: expected_content.first, + system: 'urn:xccdf:fix:script:sh' }] assert_equal(expected_content, login_defs_rule.fixes.map(&:content), 'Fix content should match') assert_equal(expected_hashes, login_defs_rule.fixes.map(&:to_hash), 'Fix hash should match') diff --git a/test/xccdf/session_ds_test.rb b/test/xccdf/session_ds_test.rb index f84716d..45a4986 100644 --- a/test/xccdf/session_ds_test.rb +++ b/test/xccdf/session_ds_test.rb @@ -17,7 +17,7 @@ def test_session_load def test_session_load_ds_comp @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:datastream_id => 'scap_org.open-scap_datastream_tst2', :component_id => 'scap_org.open-scap_cref_second-xccdf.xml2') + @s.load(datastream_id: 'scap_org.open-scap_datastream_tst2', component_id: 'scap_org.open-scap_cref_second-xccdf.xml2') @s.evaluate end @@ -25,7 +25,7 @@ def test_session_load_bad_datastream @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') msg = nil begin - @s.load(:datastream_id => 'nonexistent') + @s.load(datastream_id: 'nonexistent') assert false rescue OpenSCAP::OpenSCAPError => e msg = e.to_s @@ -37,7 +37,7 @@ def test_session_load_bad_component @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') msg = nil begin - @s.load(:component_id => 'nonexistent') + @s.load(component_id: 'nonexistent') assert false rescue OpenSCAP::OpenSCAPError => e msg = e.to_s @@ -47,7 +47,7 @@ def test_session_load_bad_component def test_session_set_profile @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate end @@ -69,40 +69,40 @@ def test_session_export_rds @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') @s.load @s.evaluate - @s.export_results(:rds_file => 'report.rds.xml') + @s.export_results(rds_file: 'report.rds.xml') assert_exported ['report.rds.xml'] end def test_session_export_xccdf_results @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate - @s.export_results(:xccdf_file => 'result.xccdf.xml') + @s.export_results(xccdf_file: 'result.xccdf.xml') assert_exported ['result.xccdf.xml'] end def test_session_export_html_report @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate - @s.export_results(:report_file => 'report.html', :xccdf_file => 'result.xccdf.xml') + @s.export_results(report_file: 'report.html', xccdf_file: 'result.xccdf.xml') assert_exported ['report.html', 'result.xccdf.xml'] end def test_session_export_oval_variables @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate - @s.export_results(:oval_variables => true) + @s.export_results(oval_variables: true) assert_exported [] end def test_remediate @s = OpenSCAP::Xccdf::Session.new('../data/sds-complex.xml') - @s.load(:component_id => 'scap_org.open-scap_cref_second-xccdf.xml') + @s.load(component_id: 'scap_org.open-scap_cref_second-xccdf.xml') @s.profile = 'xccdf_moc.elpmaxe.www_profile_1' @s.evaluate @s.remediate diff --git a/test/xccdf/testresult_test.rb b/test/xccdf/testresult_test.rb index 690de7b..af702bb 100644 --- a/test/xccdf/testresult_test.rb +++ b/test/xccdf/testresult_test.rb @@ -44,10 +44,10 @@ def test_override tr = new_tr rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink'] assert rr.result == 'fail' - rr.override!(:new_result => :pass, - :time => 'yesterday', - :authority => 'John Hacker', - :raw_text => 'We are testing prelink on this machine') + rr.override!(new_result: :pass, + time: 'yesterday', + authority: 'John Hacker', + raw_text: 'We are testing prelink on this machine') assert rr.result == 'pass' tr.destroy end @@ -67,10 +67,10 @@ def test_waive_and_score rr = tr.rr['xccdf_org.ssgproject.content_rule_disable_prelink'] assert rr.result == 'fail' - rr.override!(:new_result => :pass, - :time => 'yesterday', - :authority => 'John Hacker', - :raw_text => 'We are testing prelink on this machine') + rr.override!(new_result: :pass, + time: 'yesterday', + authority: 'John Hacker', + raw_text: 'We are testing prelink on this machine') assert rr.result == 'pass' assert_default_score tr.score, 34, 35 From d8001f561df0d4587ff515b33d19daae77d0e8f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 15:05:06 +0200 Subject: [PATCH 09/11] simplify readme --- README.md | 21 +++++---------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 5a60b1e..ddbcc17 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ A FFI wrapper around the OpenSCAP library. Features/problems ------------- -Current version supports minimal set of functions needed to build own scanner. This module +Current version supports minimal set of functions needed to build own scanner. This gem is self documented by its test suite. Sample Scanner Implementation @@ -23,28 +23,17 @@ Sample Scanner Implementation Development Requirements ------------- -On Fedora, command is +On Fedora, commands are - dnf install ruby-devel rubygem-rake rubygem-ffi rubygem-bundler openscap - -On RHEL you can install requirements by issuing - - yum install ruby-devel rubygem-rake rubygem-bundler openscap - gem install ffi # or install rubygem-ffi RPM package from EPEL + dnf install openscap + bundle install Test Requirements ------------- On Fedora, more packages are necessary, but rubocop can be of the latest version - dnf install rubygem-minitest rubygem-test-unit rubygems-devel bzip2 - gem install rubocop - -For tests on RHEL7, you need minitest package and specific older version of rubocop. -Newer versions of rubocop requires Ruby >= 2.1.0 - - yum install rubygem-minitest bzip2 - gem install rubocop -v 0.50.0 + dnf install bzip2 Tests are then performed using script From a3ebe65f850e0d4594893a858ebac0c6f522e979 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 15:30:10 +0200 Subject: [PATCH 10/11] add rubocop-performance --- .rubocop.yml | 3 +++ Gemfile | 1 + 2 files changed, 4 insertions(+) diff --git a/.rubocop.yml b/.rubocop.yml index 41852e1..5439286 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,6 +1,9 @@ inherit_from: - .rubocop_todo.yml +require: + - rubocop-performance + AllCops: NewCops: enable TargetRubyVersion: 3.2.2 diff --git a/Gemfile b/Gemfile index e2eb384..d5f7f48 100644 --- a/Gemfile +++ b/Gemfile @@ -7,5 +7,6 @@ gemspec group :development do gem 'rake' gem 'rubocop' + gem 'rubocop-performance' gem 'test-unit' end From 57e404c1217a7090fb7f83cd216912ffe8a99279 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0imon=20Luka=C5=A1=C3=ADk?= Date: Wed, 24 May 2023 15:33:04 +0200 Subject: [PATCH 11/11] add rubocop-thread_safety --- .rubocop.yml | 1 + Gemfile | 1 + 2 files changed, 2 insertions(+) diff --git a/.rubocop.yml b/.rubocop.yml index 5439286..6f8bf55 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -3,6 +3,7 @@ inherit_from: require: - rubocop-performance + - rubocop-thread_safety AllCops: NewCops: enable diff --git a/Gemfile b/Gemfile index d5f7f48..59a32cc 100644 --- a/Gemfile +++ b/Gemfile @@ -8,5 +8,6 @@ group :development do gem 'rake' gem 'rubocop' gem 'rubocop-performance' + gem 'rubocop-thread_safety' gem 'test-unit' end