usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-20 15:30:25 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

Added cpe, mscp release info
Some checks failed
Spell Check / spellcheck (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Bob Gendler
2026-03-11 11:45:51 -04:00
parent e790ab8628
commit 205669d7fb
1 changed files with 32 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
src/mscp/generate/manifest.py
View File

@@ -13,72 +13,68 @@ from pathlib import Path
# Local python modules
from ..classes import Macsecurityrule
from ..classes import Baseline
from ..common_utils import config, get_version_data, logger, mscp_data
from ..common_utils import (
config,
get_version_data,
logger,
mscp_data
)
def generate_manifest(args: argparse.Namespace) -> None:
output_basename: str = args.baseline.name
baseline_name: str = args.baseline.stem
audit_name: str = str(baseline_name)
build_path: Path = Path(config.get("output_dir", ""), baseline_name)
custom: bool = not any(Path(config["custom"]["root_dir"]).iterdir())
# baseline: Baseline = Baseline.from_yaml(args.baseline, args.language, custom)
custom: bool = not any(Path(config["custom"]["root_dir"]).iterdir())
baseline: Baseline = Baseline.from_yaml(args.baseline, "en", custom)
manifest = {}
current_version_data: dict[str, Any] = get_version_data(
baseline.platform["os"], baseline.platform["version"], mscp_data
)
manifest = {}
manifest["benchmark"] = audit_name
manifest["parent_values"] = baseline.parent_values
manifest["platform"] = baseline.platform
manifest["platform"] = {
"os": baseline.platform["os"],
"version": baseline.platform["version"],
"cpe": current_version_data["cpe"]
}
manifest["release_info"] = {
"version" : current_version_data["revision"],
"date": current_version_data["date"]
}
manifest["plist_location"] = "/Library/Preferences/org.{}.audit.plist".format(baseline_name)
manifest["log_location"] = "/Library/Logs/{}_baseline.log".format(baseline_name)
manifest["log_location"] = "/Library/Logs/{}_baseline.log".format(baseline_name)
manifest["creation_date"] = datetime.datetime.now().replace(microsecond=0).isoformat()
manifest["rules"] = []
# print(json.dumps(manifest,indent=4))
# print(baseline.profile)
for profile in baseline.profile:
for rule in profile.rules:
rule_manifest = {}
rule_manifest["id"] = rule.rule_id
rule_manifest["title"] = rule.title
rule_manifest["discussion"] = rule.discussion
# if rule.mobileconfig_info:
# for mcinfo in rule.mobileconfig_info:
# print(mcinfo.payload_content)
rule_manifest["discussion"] = rule.discussion
ref_parts = []
for org, refs in rule.references:
if refs:
if refs:
for item in refs:
try:
k, v = item
if v is not None:
if v is not None:
vals = ','.join(str(i) for i in v)
if k == "benchmark":
k = "cis_benchmark"
if k == "controls_v8":
k = "cis_controls_v8"
ref_parts.append(f"{k}|{vals}")
ref_parts.append(f"{k}|{vals}")
except ValueError as e:
continue
# print(parts)
rule_manifest["references"] = ";".join(str(x) for x in ref_parts)
rule_manifest['tags'] = ",".join(str(x) for x in rule.tags)
if rule.check:
rule_manifest["check"] = rule.check
rule_manifest["result"] = rule.result_value
rule_manifest["fix"] = {}
if rule.mobileconfig_info:
# rule_manifest["fix"] = rule.mobileconfig_info
if rule.mobileconfig_info:
rule_manifest["fix"]["mobile_config_info"] = []
for mcinfo in rule.mobileconfig_info:
# rule_manifest["fix"] = mcinfo
for mcinfo in rule.mobileconfig_info:
profile = {}
for content in mcinfo.payload_content:
profile["domain"] = mcinfo.payload_type
@@ -86,28 +82,13 @@ def generate_manifest(args: argparse.Namespace) -> None:
profile["key"] = k
profile["value"] = v
rule_manifest["fix"]["mobile_config_info"].append(profile)
# rule_manifest["fix"]["mobile_config_info"].append{
# "domain": mcinfo.payload_type,
# ""
# }
# print(mcinfo.payload_content)
# print(rule.ddm_info)
if rule.ddm_info:
rule_manifest["fix"]["ddm_info"] = {}
for ddminfo,value in rule.ddm_info.items():
rule_manifest["fix"]["ddm_info"].update({ddminfo:value})
if rule.ddm_info:
rule_manifest["fix"]["ddm_info"] = {}
for ddminfo,value in rule.ddm_info.items():
rule_manifest["fix"]["ddm_info"].update({ddminfo:value})
if rule.fix:
rule_manifest["fix"]["script"] = rule.fix
manifest['rules'].append(rule_manifest)
manifest['rules'].append(rule_manifest)
with open("{}_manifest.json".format(build_path), 'w', encoding='utf-8') as f:
json.dump(manifest, f, ensure_ascii=False, indent=4)