Merge pull request #9811 from Mab879/srg_export_target

SRG Export XLSX in CMake
ComplianceAsCode · Nov 15, 2022 · ccc245d · ccc245d
2 parents 179f0c0 + 2a10bef
commit ccc245d
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 2 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -54,6 +54,7 @@ option(SSG_JINJA2_CACHE_ENABLED "If enabled, the jinja2 templating files will be
 option(SSG_BATS_TESTS_ENABLED "If enabled, bats will be used to run unit-tests of bash remediations." TRUE)
 option(SSG_BUILD_DISA_DELTA_FILES "If enabled, If the product has automated content from DISA for its STIG a tailoring file will be created with rules not covered by DISA's content enabled." TRUE)
 option(SSG_SCE_ENABLED "If enabled, additional SCE audit content will be enabled alongside OVAL-based auditing." FALSE)
+option(SSG_SRG_XLSX_EXPORT "If enabled, an XLSX of SRG Export will be ceated." FALSE)
 set(SSG_JINJA2_CACHE_DIR "${CMAKE_BINARY_DIR}/jinja2_cache" CACHE PATH "Where the jinja2 cached bytecode should be stored. This speeds up builds at the expense of disk space. You can use one location for multiple SSG builds for performance improvements.")
 
 # SSG_PRODUCT_DEFAULT modifies the behavior of all other options. Products

diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake
@@ -1144,6 +1144,36 @@ macro(ssg_build_html_stig_tables PRODUCT)
         DESTINATION "${SSG_TABLE_INSTALL_DIR}")
 endmacro()
 
+macro(rule_dir_json)
+    add_custom_command(
+        OUTPUT "${CMAKE_BINARY_DIR}/rule_dirs.json"
+        COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/rule_dir_json.py" "--root" "${CMAKE_SOURCE_DIR}" "--output" "${CMAKE_BINARY_DIR}/rule_dirs.json" --quiet
+        COMMENT "[rule-dir-json] creating build/rule_dirs.json"
+    )
+    add_custom_target(
+        rule_dir_json
+        DEPENDS "${CMAKE_SOURCE_DIR}/build/rule_dirs.json"
+    )
+endmacro()
+
+
+macro(ssg_build_xlsx_srg_export PRODUCT CONTROL)
+    rule_dir_json()
+    add_custom_command(
+        OUTPUT "${CMAKE_BINARY_DIR}/${PRODUCT}/${PRODUCT}_${CONTROL}_srg_export.xlsx"
+        DEPENDS "${CMAKE_BINARY_DIR}/ssg-${PRODUCT}-ds.xml"
+        DEPENDS "${CMAKE_BINARY_DIR}/rule_dirs.json"
+        COMMAND "${CMAKE_COMMAND}" -E make_directory "${CMAKE_BINARY_DIR}/${PRODUCT}"
+        COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_srg_export.py" --root "${CMAKE_SOURCE_DIR}" --json "${CMAKE_BINARY_DIR}/rule_dirs.json" --control "${CMAKE_SOURCE_DIR}/controls/${CONTROL}.yml" --product "${PRODUCT}" --out-format xlsx --output "${CMAKE_BINARY_DIR}/${PRODUCT}/${PRODUCT}_${CONTROL}_srg_export.xlsx" --build-config-yaml "${CMAKE_BINARY_DIR}/build_config.yml"
+        COMMENT "[${PRODUCT}-tables] generating XLSX SRG Export"
+    )
+    add_custom_target(
+        generate-${PRODUCT}_${CONTROL}_srg_export
+        DEPENDS "${CMAKE_BINARY_DIR}/${PRODUCT}/${PRODUCT}_${CONTROL}_srg_export.xlsx"
+    )
+    add_dependencies(${PRODUCT}-tables generate-${PRODUCT}_${CONTROL}_srg_export)
+endmacro()
+
 macro(ssg_build_html_stig_tables_per_profile PRODUCT STIG_PROFILE)
     add_custom_command(
         OUTPUT "${CMAKE_BINARY_DIR}/tables/table-${PRODUCT}-${STIG_PROFILE}-testinfo.html"

diff --git a/products/rhel9/CMakeLists.txt b/products/rhel9/CMakeLists.txt
@@ -11,6 +11,10 @@ ssg_build_html_cce_table(${PRODUCT})
 
 ssg_build_html_srgmap_tables(${PRODUCT})
 
+if (SSG_SRG_XLSX_EXPORT)
+    ssg_build_xlsx_srg_export(${PRODUCT} "srg_gpos")
+endif()
+
 # ssg_build_html_stig_tables(${PRODUCT} "stig")
 
 #ssg_build_html_stig_tables(${PRODUCT} "ospp")

diff --git a/utils/rule_dir_json.py b/utils/rule_dir_json.py
@@ -27,6 +27,8 @@ def parse_args():
                    help="Path to SSG root directory (defaults to %s)" % SSG_ROOT)
     parser.add_argument("-o", "--output", type=str, action="store", default=BUILD_OUTPUT,
                    help="File to write json output to (defaults to build/rule_dirs.json)")
+    parser.add_argument("-q", "--quiet", action="store_true",
+                        help="Hides output from the script, just creates the file.")
 
     return parser.parse_args()
 
@@ -173,6 +175,11 @@ def handle_remediations(product_list, product_yamls, rule_obj):
     return rule_remediations, r_products
 
 
+def quiet_print(msg, quiet, file):
+    if not quiet:
+        print(msg, file)
+
+
 def main():
     args = parse_args()
 
@@ -201,7 +208,7 @@ def main():
                 all_ovals = ','.join(oval_products[key])
                 msg = "Product {0} has multiple ovals in rule {1}: {2}"
                 msg = msg.format(key, rule_id, all_ovals)
-                print(msg, file=sys.stderr)
+                quiet_print(msg, args.quiet, sys.stderr)
 
         rule_obj['oval_products'] = oval_products
 
@@ -215,7 +222,7 @@ def main():
                     msg = "Product {0} has multiple remediations of the same type "
                     msg += "in rule {1}: {2}"
                     msg = msg.format(key, rule_id, all_fixes)
-                    print(msg, file=sys.stderr)
+                    quiet_print(msg, args.quiet, sys.stderr)
 
         rule_obj['remediation_products'] = r_products