def load_threat_library_data_from_path(self, paths, parent):
for config_path in paths:
abs_path = data.abs_path(parent, config_path.path)
if abs_path == data.cwd():
continue # Skip current directory as this was handled earlier
if abs_path in self.loaded_library_paths:
logger.debug(
"Skipping library path {} as we've processed it before".
format(abs_path))
continue # Skip as we've seen this path before
self.loaded_library_paths[abs_path] = True # We've seen it now
if data.is_threatspec_path(abs_path):
logger.debug(
"Found threatspec.yaml, loading library from {}".format(
abs_path))
self.load_threat_library(abs_path)
self.load_control_library(abs_path)
self.load_component_library(abs_path)
new_config_file = data.abs_path(abs_path, "threatspec.yaml")
new_config = config.Config()
logger.debug("Validating {}".format(new_config_file))
(valid, error) = data.validate_yaml_file(
new_config_file, os.path.join("data",
"config_schema.json"))
if not valid:
logger.error(
"Couldn't validate the configation file {}: {}".format(
"threatspec.yaml", error))
sys.exit(0)
new_config.load(data.read_yaml(new_config_file))
self.load_threat_library_data_from_path(
new_config.paths, abs_path)
def parse_source(self, paths, parent):
for config_path in paths:
abs_path = data.abs_path(parent, config_path.path)
if data.blacklisted_path(abs_path):
logger.debug(
"Skipping path {} as it is blacklisted".format(abs_path))
continue
logger.debug("Processing source path {}".format(abs_path))
if abs_path in self.loaded_source_paths:
logger.debug(
"Skipping source path {} as it has already been processed".
format(abs_path))
continue
self.loaded_source_paths[abs_path] = True # We've seen it now
if data.is_threatspec_path(abs_path):
logger.debug(
"Found threatspec.yaml, loading source configuration from {}"
.format(abs_path))
new_config = config.Config()
new_config_file = data.abs_path(abs_path, "threatspec.yaml")
(valid, error) = data.validate_yaml_file(
new_config_file, os.path.join("data",
"config_schema.json"))
if not valid:
logger.error(
"Couldn't validate the configation file {}: {}".format(
abs_path, error))
sys.exit(1)
new_config.load(data.read_yaml(new_config_file))
self.parse_source(new_config.paths, abs_path)
for path in data.recurse_path(abs_path):
if data.path_ignored(path, config_path.ignore):
logger.debug("Skipping ignored file path: {}".format(path))
continue
logger.debug("Parsing source files in path {}".format(path))
if os.path.isfile(path):
self.parser = self.get_parser_for_path(path, config_path)
if self.parser:
self.parser.parse_file(path)
def __init__(self):
self.threat_library = threatmodel.ThreatLibrary()
self.control_library = threatmodel.ControlLibrary()
self.component_library = threatmodel.ComponentLibrary()
self.threatmodel = threatmodel.ThreatModel()
self.threatmodel.threat_library = self.threat_library
self.threatmodel.control_library = self.control_library
self.threatmodel.component_library = self.component_library
self.threatmodel.run_id = uuid.uuid4().hex
logger.debug("Setting run id to {}".format(self.threatmodel.run_id))
self.config = config.Config()
self.parser = None
self.reporter = None
self.loaded_source_paths = {}
self.loaded_library_paths = {}