search

mitre / inspec_tools

A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
https://inspec-tools.mitre.org/
Other
91 stars 30 forks source link

inspec2xccdf errors when cci tag is not an array #237

Closed rlakey closed 3 years ago

rlakey commented 3 years ago

Scenario A profile created with csv2inspec does not create the cci tag as an array so then taking the same profile and using inspec2xccdf results in the following errors:

Traceback (most recent call last): 14: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/bin/inspec_tools:23:in <main>' 13: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/bin/inspec_tools:23:inload' 12: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/exe/inspec_tools:14:in <top (required)>' 11: from C:/opscode/chef-workstation/embedded/lib/ruby/gems/2.7.0/gems/inspec-core-4.26.13/lib/inspec/base_cli.rb:35:instart' 10: from C:/opscode/chef-workstation/embedded/lib/ruby/gems/2.7.0/gems/thor-1.1.0/lib/thor/base.rb:485:in start' 9: from C:/opscode/chef-workstation/embedded/lib/ruby/gems/2.7.0/gems/thor-1.1.0/lib/thor.rb:392:indispatch' 8: from C:/opscode/chef-workstation/embedded/lib/ruby/gems/2.7.0/gems/thor-1.1.0/lib/thor/invocation.rb:127:in invoke_command' 7: from C:/opscode/chef-workstation/embedded/lib/ruby/gems/2.7.0/gems/thor-1.1.0/lib/thor/command.rb:27:inrun' 6: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/inspec_tools/plugin_cli.rb:69:in inspec2xccdf' 5: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/inspec_tools/inspec.rb:44:into_xccdf' 4: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/utilities/xccdf/to_xccdf.rb:18:in to_xml' 3: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/utilities/xccdf/to_xccdf.rb:58:inbuild_groups' 2: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/utilities/xccdf/to_xccdf.rb:58:in each' 1: from C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/utilities/xccdf/to_xccdf.rb:76:inblock in build_groups' C:/Users/rlakey/AppData/Local/chefdk/gem/ruby/2.7.0/gems/inspec_tools-2.3.7/lib/utilities/xccdf/to_xccdf.rb:126:in `build_rule_idents': CCI-000044 is not an Array type. (RuntimeError)

A profile created from xccdf2inspec does have the cci tag as an array when using an officially published STIG xccdf file.

Bialogs commented 3 years ago

This was just fixed with https://github.com/mitre/inspec_tools/pull/241 by performing type checking on the CCI field before it gets written to inspec.