Update Controls4Delta logic to use XCCDF stub metadata (#3046)

* updated profile_inspec and update_controls4delta to use xccdf stub metadata Signed-off-by: George M Dias <[email protected]> * update tests to comply with oclif 4.1.0 - 80% completed Signed-off-by: George M Dias <[email protected]> * update tests to comply with oclif 4.1.0 - 80% completed Signed-off-by: George M Dias <[email protected]> * Removed code updates from this PR for oclif v4 test updates and inspec profile readme generation Signed-off-by: George M Dias <[email protected]> * Removed unused npm modules Signed-off-by: George M Dias <[email protected]> --------- Signed-off-by: George M Dias <[email protected]>
mitre · Nov 20, 2024 · eba20f1 · eba20f1
1 parent 1e9af75
commit eba20f1
Show file tree

Hide file tree

Showing 6 changed files with 257 additions and 127 deletions.
diff --git a/README.md b/README.md
@@ -904,7 +904,7 @@ convert msft_secure2hdf       Translate a Microsoft Secure Score report and Secu
 
   EXAMPLES
     Using input files
-      $ saf convert msft_secure2hdf -p secureScore.json -r secureScoreControlProfiles -o output-hdf-name.json
+      $ saf convert msft_secure2hdf -p secureScore.json -r secureScoreControlProfiles -o output-hdf-name.json [-w]
 
     Using Azure tenant ID
       $ saf convert msft_secure2hdf -t "12345678-1234-1234-1234-1234567890abcd"   \
@@ -913,7 +913,8 @@ convert msft_secure2hdf       Translate a Microsoft Secure Score report and Secu
                                     -o output-hdf-name.json [-I | -C <certificate>]
 
     Using combined inputs
-      $ saf convert msft_secure2hdf -i <(jq '{"secureScore": .[0], "profiles": .[1]}' secureScore.json secureScoreControlProfiles.json) -o output-hdf-name.json
+      $ saf convert msft_secure2hdf -i <(jq '{"secureScore": .[0], "profiles": .[1]}' secureScore.json secureScoreControlProfiles.json)> \
+                                    -o output-hdf-name.json [-w]
 
 ```
 
@@ -1583,7 +1584,7 @@ generate inspec_metadata      Generate an InSpec metadata template for "saf conv
 
 #### Inspec Profile
 ```
-generate inspec_profile              Generate a new skeleton profile based on a XCCDF benchmark file
+generate inspec_profile              Generate a new skeleton profile based on a (STIG or CIS) XCCDF benchmark file 
 
 USAGE
   $ saf generate inspec_profile -X <stig-xccdf-xml> [-O <oval-xccdf-xml] [-o <output-folder>] [-m <metadata-json>] [-T (rule|group|cis|version)] [-s] [-L (info|warn|debug|verbose)] [-h] [--interactive]

diff --git a/package-lock.json b/package-lock.json
diff --git a/src/commands/convert/msft_secure2hdf.ts b/src/commands/convert/msft_secure2hdf.ts
@@ -48,28 +48,28 @@ function processInputs(
 
 export default class MsftSecure2HDF extends BaseCommand<typeof MsftSecure2HDF> {
   static readonly usage = [
-    '<%= command.id %> -p <secure-score-control-profiles> -r <secureScore-json>-o <hdf-scan-results-json> [-h]',
-    '<%= command.id %> -t <azure-tenant-id> -a <azure-app-id> -s <azure-app-secret> -o <hdf-scan-results-json> [-h]',
-    '<%= command.id %> -i <combined-inputs> -o <hdf-scan-results-json> [-h]',
-  ];
+    '<%= command.id %> -p <secure-score-control-profiles> -r <secureScore-json> -o <hdf-scan-results-json> [-w] [--interactive] [-L info|warn|debug|verbose] [-h]',
+    '<%= command.id %> -t <azure-tenant-id> -a <azure-app-id> -s <azure-app-secret> -o <hdf-scan-results-json> [-C <certificate> | -I] [-w] [--interactive] [-L info|warn|debug|verbose] [-h]',
+    '<%= command.id %> -i <combined-inputs> -o <hdf-scan-results-json> [-w] [--interactive] [-L info|warn|debug|verbose] [-h]',
+  ]
 
   static readonly description =
-    'Translate a Microsoft Secure Score report and Secure Score Control to a Heimdall Data Format JSON file.';
+    'Translate a Microsoft Secure Score report and Secure Score Control to a Heimdall Data Format JSON file.'
 
   static readonly examples = [
     {
       description: '\x1B[93mUsing input files\x1B[0m',
-      command: '<%= config.bin %> <%= command.id %> -p secureScore.json -r secureScoreControlProfiles -o output-hdf-name.json',
+      command: '<%= config.bin %> <%= command.id %> -p secureScore.json -r secureScoreControlProfiles -o output-hdf-name.json [-w]',
     },
     {
       description: '\x1B[93mUsing Azure tenant ID\x1B[0m',
-      command: '<%= config.bin %> <%= command.id %> -t "12345678-1234-1234-1234-1234567890abcd" -a "12345678-1234-1234-1234-1234567890abcd" -s "aaaaa~bbbbbbbbbbbbbbbbbbbbbbbbb-cccccccc" -o output-hdf-name.json [-I | -C <certificate>] [-t <target>...]',
+      command: '<%= config.bin %> <%= command.id %> -t "12345678-1234-1234-1234-1234567890abcd" -a "12345678-1234-1234-1234-1234567890abcd" -s "aaaaa~bbbbbbbbbbbbbbbbbbbbbbbbb-cccccccc" -o output-hdf-name.json [-I | -C <certificate>]',
     },
     {
       description: '\x1B[93mUsing combined inputs\x1B[0m',
-      command: '<%= config.bin %> <%= command.id %> -i <(jq \'{"secureScore": .[0], "profiles": .[1]}\' secureScore.json secureScoreControlProfiles.json) -o output-hdf-name.json',
+      command: '<%= config.bin %> <%= command.id %> -i <(jq \'{"secureScore": .[0], "profiles": .[1]}\' secureScore.json secureScoreControlProfiles.json)> -o output-hdf-name.json [-w]',
     },
-  ];
+  ]
 
   static readonly flags = {
     combinedInputs: Flags.string({
@@ -139,7 +139,7 @@ export default class MsftSecure2HDF extends BaseCommand<typeof MsftSecure2HDF> {
       description: 'Disable SSL verification, this is insecure.',
       exclusive: ['input', 'certificate'],
     }),
-  };
+  }
 
   async run() {
     const {flags} = await this.parse(MsftSecure2HDF)
@@ -212,7 +212,7 @@ export default class MsftSecure2HDF extends BaseCommand<typeof MsftSecure2HDF> {
       processInputs(scoreDoc, profilesDoc, flags.output, flags.includeRaw)
     } else {
       throw new Error(
-        'Invalid arguments provided.  Include (-a, -s, -t) or (-r, -p) or (-h)',
+        'Invalid arguments provided.  Valid options are: (-a, -s, -t) or (-r, -p) or (-i) or (-h)',
       )
     }
   }