_modules/oscap/commands.py

from __future__ import absolute_import
import tempfile
import os
from oscap.utils import build_tailoring, normalize_id, run
from oscap.utils import xccdf_xml_to_json, oval_xml_to_json

def oscap_has_sce():
    (stdout, _, _) = run('oscap -V')
    return any([x for x in stdout.splitlines() if x.startswith('SCE Vers')])

def xccdf(benchmark,
          pillar_data=None,
          xccdf_version='1.2',
          profile='default',
          tailoring_id=None):

    tailoring_file = None
    profile = normalize_id(profile, xccdf_version=xccdf_version)

    tempdir = tempfile.mkdtemp(prefix='oscap-')

    if pillar_data:
        if not tailoring_id:
            raise Exception('Tailoring id must be set!')
        profile = normalize_id(pillar_data['profile'], typeof='profile')
        tailoring_file = os.path.join(tempdir, 'tailoring.xml')

    cmd = 'oscap xccdf eval --profile {profile} ' +\
          '--results results.xml --report report.html'
    if oscap_has_sce():
        cmd += ' --sce-results'
    if tailoring_file:
        cmd += ' --tailoring-file {tailoring_file}'
    cmd += ' {benchmark}'
    cmd = cmd.format(profile=profile,
                     tailoring_file=tailoring_file,
                     benchmark=benchmark)

    if tailoring_file:
        with open(tailoring_file, 'w') as f:
            f.write(build_tailoring(pillar_data, tailoring_id))

    stdout, stderr, rc = run(cmd, tempdir)
    res_file = os.path.join(tempdir, 'results.xml')
    if os.path.isfile(res_file):
        xccdf_xml_to_json(res_file)
    return stdout, stderr, rc, tempdir

def oval(benchmark):
    tempdir = tempfile.mkdtemp(prefix='oscap-')
    cmd = 'oscap oval eval --results results.xml --report report.html {}'
    cmd = cmd.format(benchmark)

    stdout, stderr, rc = run(cmd, tempdir)
    res_file = os.path.join(tempdir, 'results.xml')
    if os.path.isfile(res_file):
        oval_xml_to_json(res_file)
    return stdout, stderr, rc, tempdir