Addressed various issues (#3)

* Added 5.1.1.1/5.2.3.4 control functionality, address error codes, and replace .each syntax with .map syntax Signed-off-by: Sujay Kandwal <[email protected]> * Fix 8.2.1 Signed-off-by: Sujay Kandwal <[email protected]> * Update profile to work with train Signed-off-by: Sujay Kandwal <[email protected]> * fix workflow file Signed-off-by: Sujay Kandwal <[email protected]> * make .inspec directory in workflow Signed-off-by: Sujay Kandwal <[email protected]> * fix test_profile.yml Signed-off-by: Sujay Kandwal <[email protected]> * Fix ordering config file Signed-off-by: Sujay Kandwal <[email protected]> * fix test profile again Signed-off-by: Sujay Kandwal <[email protected]> * Remove quotes Signed-off-by: Sujay Kandwal <[email protected]> * add quotes again Signed-off-by: Sujay Kandwal <[email protected]> * Add quotes to credential data Signed-off-by: Sujay Kandwal <[email protected]> * Update readme Signed-off-by: Sujay Kandwal <[email protected]> * debug workflow Signed-off-by: Sujay Kandwal <[email protected]> * check pwsh path Signed-off-by: Sujay Kandwal <[email protected]> * update workflow to accommodate pwsh_path Signed-off-by: Sujay Kandwal <[email protected]> * add commad to workflow Signed-off-by: Sujay Kandwal <[email protected]> * removing quotes Signed-off-by: Sujay Kandwal <[email protected]> * undo previous change Signed-off-by: Sujay Kandwal <[email protected]> * test connect exchange online Signed-off-by: Sujay Kandwal <[email protected]> * fix issues Signed-off-by: Sujay Kandwal <[email protected]> * try exchange connection Signed-off-by: Sujay Kandwal <[email protected]> * fix exchange code Signed-off-by: Sujay Kandwal <[email protected]> * try again Signed-off-by: Sujay Kandwal <[email protected]> * test without connect Signed-off-by: Sujay Kandwal <[email protected]> * install required modules Signed-off-by: Sujay Kandwal <[email protected]> * add force install Signed-off-by: Sujay Kandwal <[email protected]> * Update profile to work with train error handling Signed-off-by: Sujay Kandwal <[email protected]> * readme update Signed-off-by: Sujay Kandwal <[email protected]> * update workflow file Signed-off-by: Sujay Kandwal <[email protected]> * change workflow to not need add install Signed-off-by: Sujay Kandwal <[email protected]> * update readme and inspec.yml Signed-off-by: Sujay Kandwal <[email protected]> * updating README to remove STIG language and old NOTICE section Signed-off-by: Will <[email protected]> --------- Signed-off-by: Sujay Kandwal <[email protected]> Signed-off-by: Will <[email protected]> Co-authored-by: Will <[email protected]>
mitre · Jan 3, 2025 · 1829f8d · 1829f8d
1 parent 6be3a1a
commit 1829f8d
Show file tree

Hide file tree

Showing 68 changed files with 996 additions and 1,326 deletions.
diff --git a/.github/workflows/test_profile.yml b/.github/workflows/test_profile.yml
@@ -57,11 +57,50 @@ jobs:
           echo "$AUTH" | base64 --decode > cert.pfx 
           chmod 0400 cert.pfx
 
+      - name: Create .inspec directory
+        run: mkdir -p .inspec
+
+      - name: Check pwsh path
+        run: |
+          if command -v pwsh > /dev/null 2>&1; then
+            echo "pwsh found at: $(which pwsh)"
+          else
+            echo "pwsh not found in PATH"
+          fi
+
+      - name: Create config json file
+        run: |
+          echo '{
+                  "version": "1.1",
+                  "cli_options": {
+                    "color": "true"
+                  },
+                  "credentials": {
+                    "pwsh": {
+                      "pwsh-options": {
+                        "client_id": "'"${{secrets.SAF_M365_CLIENT_ID}}"'",
+                        "tenant_id": "'"${{secrets.SAF_M365_TENANT_ID}}"'",
+                        "client_secret": "'"${{secrets.SAF_M365_CLIENT_SECRET}}"'",
+                        "certificate_path": "cert.pfx",
+                        "certificate_password": "'"${{secrets.SAF_M365_CERTIFICATE_PASSWORD}}"'",
+                        "organization": "'"${{secrets.SAF_M365_ORGANIZATION}}"'",
+                        "sharepoint_admin_url": "'"${{secrets.SAF_M365_SHAREPOINT_ADMIN_URL}}"'",
+                        "pwsh_path": "'"${{secrets.SAF_M365_PWSH_PATH}}"'"
+                      }
+                    }
+                  }
+                }' > ~/.inspec/config.json
+
+      - name: Verify config json file
+        run: |
+          # Print the contents of the config file
+          cat ~/.inspec/config.json
+
       - name: Run Inspec test
         continue-on-error: true
         run: |
           bundle exec inspec exec . \
-          --input client_id=${{secrets.SAF_M365_CLIENT_ID}} tenant_id=${{secrets.SAF_M365_TENANT_ID}} client_secret=${{secrets.SAF_M365_CLIENT_SECRET}} certificate_path=cert.pfx certificate_password=${{secrets.SAF_M365_CERTIFICATE_PASSWORD}} organization=${{secrets.SAF_M365_ORGANIZATION}} \
+          -t pwsh://pwsh-options \
           --input-file=inputs.yml \
           --enhanced-outcomes \
           --reporter json:${{ env.PLATFORM }}-results.json

diff --git a/Gemfile b/Gemfile
@@ -7,6 +7,7 @@ gem 'highline'
 gem 'inspec', '>= 6.8.1'
 gem 'inspec-bin'
 gem 'inspec-core'
+gem 'inspec-pwsh', git: 'https://github.com/mitre/inspec-pwsh.git'
 gem 'json'
 gem 'kitchen-ansible'
 gem 'kitchen-inspec'
@@ -15,4 +16,6 @@ gem 'pry-byebug'
 gem 'rake'
 gem 'rubocop'
 gem 'rubocop-rake'
+gem 'ruby-pwsh'
 gem 'test-kitchen'
+gem 'train-pwsh'