ssg.build_yaml module

class ssg.build_yaml.Benchmark(id_)[source]

Bases: XCCDFEntity

Represents XCCDF Benchmark

GENERIC_FILENAME = 'benchmark.yml'
KEYS = {'cpes': <function Benchmark.<lambda>>, 'definition_location': <function XCCDFEntity.<lambda>>, 'description': <function Benchmark.<lambda>>, 'front_matter': <function Benchmark.<lambda>>, 'groups': <function Benchmark.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'notice_description': <function Benchmark.<lambda>>, 'notice_id': <function Benchmark.<lambda>>, 'platforms': <function Benchmark.<lambda>>, 'product_cpe_names': <function Benchmark.<lambda>>, 'profiles': <function Benchmark.<lambda>>, 'rear_matter': <function Benchmark.<lambda>>, 'rules': <function Benchmark.<lambda>>, 'status': <function Benchmark.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'values': <function Benchmark.<lambda>>, 'version': <function Benchmark.<lambda>>}
MANDATORY_KEYS = {'description', 'front_matter', 'rear_matter', 'status', 'title'}
add_group(group, env_yaml=None, product_cpes=None)[source]
add_profiles_from_dir(dir_, env_yaml, product_cpes)[source]
add_rule(rule)[source]
add_value(value)[source]
drop_rules_not_included_in_a_profile()[source]
classmethod from_yaml(yaml_file, env_yaml=None, product_cpes=None)[source]
get_benchmark_xml_for_profiles(env_yaml, profiles)[source]
get_components_not_included_in_a_profiles(profiles)[source]
get_not_used_cpe_platforms(profiles)[source]
get_rules_selected_in_all_profiles(profiles=None)[source]
get_used_cpe_platforms(profiles)[source]
load_entities(rules_by_id, values_by_id, groups_by_id)[source]
classmethod process_input_dict(input_contents, env_yaml, product_cpes)[source]

Take the contents of the definition as a dictionary, and add defaults or raise errors if a required member is not present.

Extend this if you want to add, remove or alter the result that will constitute the new instance.

represent_as_dict()[source]

Produce a dict representation of the class.

Extend this method if you need the representation to be different from the object.

to_file(file_name, env_yaml=None)[source]
to_xccdf()[source]

We can easily extend this script to generate a valid XCCDF instead of SSG SHORTHAND.

to_xml_element(env_yaml=None, product_cpes=None, components_to_not_include=None)[source]
unselect_empty_groups()[source]
class ssg.build_yaml.BuildLoader(profiles_dir, env_yaml, product_cpes, sce_metadata_path=None)[source]

Bases: DirectoryLoader

export_group_to_file(filename)[source]
load_components()[source]
class ssg.build_yaml.DirectoryLoader(profiles_dir, env_yaml, product_cpes)[source]

Bases: object

load_benchmark_or_group(guide_directory)[source]

Loads a given benchmark or group from the specified benchmark_file or group_file, in the context of guide_directory, profiles_dir and env_yaml.

Returns the loaded group or benchmark.

process_directory_tree(start_dir, extra_group_dirs=None)[source]
process_directory_trees(directories)[source]
save_all_entities(base_dir)[source]
save_entities(entities, destdir)[source]
class ssg.build_yaml.Group(id_)[source]

Bases: XCCDFEntity

Represents XCCDF Group

GENERIC_FILENAME = 'group.yml'
KEYS = {'conflicts': <function Group.<lambda>>, 'cpe_platform_names': <function Group.<lambda>>, 'definition_location': <function XCCDFEntity.<lambda>>, 'description': <function Group.<lambda>>, 'groups': <function Group.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'inherited_platforms': <function Group.<lambda>>, 'platform': <function Group.<lambda>>, 'platforms': <function Group.<lambda>>, 'requires': <function Group.<lambda>>, 'rules': <function Group.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'values': <function Group.<lambda>>, 'warnings': <function Group.<lambda>>}
MANDATORY_KEYS = {'description', 'front_matter', 'rear_matter', 'status', 'title'}
add_group(group, env_yaml=None, product_cpes=None)[source]
add_rule(rule, env_yaml=None, product_cpes=None)[source]
add_value(value)[source]
contains_rules(rule_ids)[source]
get_not_included_components(rule_ids_list)[source]
get_used_cpe_platforms(rule_ids_list)[source]
load_entities(rules_by_id, values_by_id, groups_by_id)[source]
classmethod process_input_dict(input_contents, env_yaml, product_cpes=None)[source]

Take the contents of the definition as a dictionary, and add defaults or raise errors if a required member is not present.

Extend this if you want to add, remove or alter the result that will constitute the new instance.

remove_rules_with_ids_not_listed(rule_ids_list)[source]
represent_as_dict()[source]

Produce a dict representation of the class.

Extend this method if you need the representation to be different from the object.

to_xml_element(env_yaml=None, components_to_not_include=None)[source]
class ssg.build_yaml.LinearLoader(env_yaml, resolved_path)[source]

Bases: object

add_fixes_to_rules()[source]
export_benchmark_to_file(filename)[source]
export_benchmark_to_xml()[source]
export_ocil_to_file(filename)[source]
export_ocil_to_xml(benchmark=None)[source]
find_first_groups_ids(start_dir)[source]
get_benchmark_xml_by_profile()[source]
load_benchmark(directory)[source]
load_compiled_content()[source]
load_entities_by_id(filenames, destination, cls)[source]
class ssg.build_yaml.Platform(id_)[source]

Bases: XCCDFEntity

KEYS = {'ansible_conditional': <function Platform.<lambda>>, 'bash_conditional': <function Platform.<lambda>>, 'definition_location': <function XCCDFEntity.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'name': <function Platform.<lambda>>, 'original_expression': <function Platform.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'xml_content': <function Platform.<lambda>>}
MANDATORY_KEYS = ['name', 'xml_content', 'original_expression', 'bash_conditional', 'ansible_conditional']
classmethod from_text(expression, product_cpes)[source]
classmethod from_yaml(yaml_file, env_yaml=None, product_cpes=None)[source]
get_fact_refs()[source]
get_remediation_conditional(language)[source]
get_xml()[source]
ns = 'http://cpe.mitre.org/language/2.0'
prefix = 'cpe-lang'
to_xml_element()[source]
update_conditional_from_cpe_items(language, product_cpes)[source]
class ssg.build_yaml.Rule(id_)[source]

Bases: XCCDFEntity, Templatable

Represents XCCDF Rule

GENERIC_FILENAME = 'rule.yml'
ID_LABEL = 'rule_id'
KEYS = {'bash_conditional': <function Rule.<lambda>>, 'checktext': <function Rule.<lambda>>, 'components': <function Rule.<lambda>>, 'conflicts': <function Rule.<lambda>>, 'cpe_platform_names': <function Rule.<lambda>>, 'definition_location': <function XCCDFEntity.<lambda>>, 'description': <function Rule.<lambda>>, 'fixes': <function Rule.<lambda>>, 'fixtext': <function Rule.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'identifiers': <function Rule.<lambda>>, 'inherited_cpe_platform_names': <function Rule.<lambda>>, 'inherited_platforms': <function Rule.<lambda>>, 'ocil': <function Rule.<lambda>>, 'ocil_clause': <function Rule.<lambda>>, 'oval_external_content': <function Rule.<lambda>>, 'platform': <function Rule.<lambda>>, 'platforms': <function Rule.<lambda>>, 'policy_specific_content': <function Rule.<lambda>>, 'rationale': <function Rule.<lambda>>, 'references': <function Rule.<lambda>>, 'requires': <function Rule.<lambda>>, 'sce_metadata': <function Rule.<lambda>>, 'severity': <function Rule.<lambda>>, 'srg_requirement': <function Rule.<lambda>>, 'template': <function Templatable.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'vuldiscussion': <function Rule.<lambda>>, 'warnings': <function Rule.<lambda>>}
MANDATORY_KEYS = {'description', 'rationale', 'severity', 'title'}
PRODUCT_REFERENCES = ('stigid', 'cis')
add_extra_reference(ref_type, ref_value)[source]
add_fixes(fixes)[source]
add_stig_references(stig_references)[source]
find_policy_specific_content(rule_root)[source]
classmethod from_yaml(yaml_file, env_yaml=None, product_cpes=None, sce_metadata=None)[source]
get_template_context(env_yaml)[source]
load_policy_specific_content(rule_filename, env_yaml)[source]
make_refs_and_identifiers_product_specific(product)[source]
normalize(product)[source]
read_policy_specific_content(env_yaml, files)[source]
read_policy_specific_content_file(env_yaml, filename)[source]
to_ocil()[source]
to_xml_element(env_yaml=None)[source]
triage_policy_specific_content(product_name, filenames)[source]
validate_identifiers(yaml_file)[source]
validate_references(yaml_file)[source]
class ssg.build_yaml.Value(id_)[source]

Bases: XCCDFEntity

Represents XCCDF Value

KEYS = {'definition_location': <function XCCDFEntity.<lambda>>, 'description': <function Value.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'interactive': <function Value.<lambda>>, 'operator': <function Value.<lambda>>, 'options': <function Value.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'type': <function Value.<lambda>>, 'warnings': <function Value.<lambda>>}
MANDATORY_KEYS = {'description', 'title', 'type'}
classmethod from_yaml(yaml_file, env_yaml=None, product_cpes=None)[source]
classmethod process_input_dict(input_contents, env_yaml, product_cpes=None)[source]

Take the contents of the definition as a dictionary, and add defaults or raise errors if a required member is not present.

Extend this if you want to add, remove or alter the result that will constitute the new instance.

to_xml_element()[source]
ssg.build_yaml.add_benchmark_metadata(element, contributors_file)[source]
ssg.build_yaml.add_nondata_subelements(element, subelement, attribute, attr_data)[source]

Add multiple iterations of a sublement that contains an attribute but no data For example, <requires id=”my_required_id”/>

ssg.build_yaml.add_platform_if_not_defined(platform, product_cpes)[source]
ssg.build_yaml.add_reference_elements(element, references, ref_uri_dict)[source]
ssg.build_yaml.add_reference_title_elements(benchmark_el, env_yaml)[source]
ssg.build_yaml.add_warning_elements(element, warnings)[source]
ssg.build_yaml.check_warnings(xccdf_structure)[source]
ssg.build_yaml.noop_rule_filterfunc(rule)[source]
ssg.build_yaml.reorder_according_to_ordering(unordered, ordering, regex=None)[source]
ssg.build_yaml.rule_filter_from_def(filterdef)[source]