def test_get_rule_dir_remediations(): bash = sbr.get_rule_dir_remediations(rule_dir, 'bash') bash_files = list(map(os.path.basename, bash)) assert len(bash) == 2 assert 'something.sh' in bash_files assert 'rhel.sh' in bash_files rhel_bash = sbr.get_rule_dir_remediations(rule_dir, 'bash', 'rhel') assert len(rhel_bash) == 1 assert rhel_bash[0].endswith('/rhel.sh') ol_bash = sbr.get_rule_dir_remediations(rule_dir, 'bash', 'ol') assert len(ol_bash) == 0 something_bash = sbr.get_rule_dir_remediations(rule_dir, 'bash', 'something') assert len(something_bash) == 1 assert something_bash != rhel_bash
def find_remediation(fixes_from_templates_dir, rule_dir, lang, product, expected_file_name): language_fixes_from_templates_dir = os.path.join(fixes_from_templates_dir, lang) fix_path = None # first look for a static remediation rule_dir_remediations = remediation.get_rule_dir_remediations( rule_dir, lang, product) if len(rule_dir_remediations) > 0: # first item in the list has the highest priority fix_path = rule_dir_remediations[0] if fix_path is None: # check if we have a templated remediation instead if os.path.isdir(language_fixes_from_templates_dir): templated_fix_path = os.path.join( language_fixes_from_templates_dir, expected_file_name) if os.path.exists(templated_fix_path): fix_path = templated_fix_path return fix_path
def collect_fixes(product, guide_dir, fix_dirs, remediation_type): # path -> remediation # rule ID -> assoc rule rule_id_to_remediation_map = dict() for fixdir in fix_dirs: if os.path.isdir(fixdir): for filename in os.listdir(fixdir): file_path = os.path.join(fixdir, filename) rule_id, _ = os.path.splitext(filename) rule_id_to_remediation_map[rule_id] = file_path # Walk the guide last, looking for rule folders as they have the highest priority for _dir_path in ssg.rules.find_rule_dirs(guide_dir): rule_id = ssg.rules.get_rule_dir_id(_dir_path) contents = remediation.get_rule_dir_remediations(_dir_path, remediation_type, product) for _path in reversed(contents): # To be compatible with the later checks, use the rule_id # (i.e., the value of _dir) to create the fix_name rule_id_to_remediation_map[rule_id] = _path return rule_id_to_remediation_map