forked from oscal-compass/compliance-to-policy
-
Notifications
You must be signed in to change notification settings - Fork 1
/
result_to_compliance.py
66 lines (56 loc) · 2 KB
/
result_to_compliance.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import argparse
import os
import pathlib
import sys
import yaml
from c2p.framework.c2p import C2P
from c2p.framework.models import RawResult
from c2p.framework.models.c2p_config import C2PConfig, ComplianceOscal
from c2p.framework.models.raw_result import RawResult
sys.path.append(os.path.join(os.path.dirname(__file__), '../..'))
from plugins_public.plugins.kyverno import PluginKyverno
TEST_DATA_DIR = 'plugins_public/tests/data/kyverno'
parser = argparse.ArgumentParser()
parser.add_argument(
'-polr',
'--policy-report',
type=str,
default=f'{TEST_DATA_DIR}/policyreports.wgpolicyk8s.io.yaml',
help='Path to policy report',
required=False,
)
parser.add_argument(
'-cpolr',
'--cluster-policy-report',
type=str,
default=f'{TEST_DATA_DIR}/clusterpolicyreports.wgpolicyk8s.io.yaml',
help='Path to cluster policy report',
required=False,
)
parser.add_argument(
'-c',
'--component_definition',
type=str,
default=f'{TEST_DATA_DIR}/component-definition.json',
help=f'Path to component-definition.json (default: {TEST_DATA_DIR}/component-definition.json',
required=False,
)
args = parser.parse_args()
# Setup c2p_config
c2p_config = C2PConfig()
c2p_config.compliance = ComplianceOscal()
c2p_config.compliance.component_definition = args.component_definition
c2p_config.pvp_name = 'Kyverno'
c2p_config.result_title = 'Kyverno Assessment Results'
c2p_config.result_description = 'OSCAL Assessment Results from Kyverno'
# Construct C2P
c2p = C2P(c2p_config)
# Create pvp_result from raw result via plugin
cpolr = yaml.safe_load(pathlib.Path(args.cluster_policy_report).open('r'))
polr = yaml.safe_load(pathlib.Path(args.policy_report).open('r'))
pvp_raw_result = RawResult(data=cpolr['items'] + polr['items'])
pvp_result = PluginKyverno().generate_pvp_result(pvp_raw_result)
# Transform pvp_result to OSCAL Assessment Result
c2p.set_pvp_result(pvp_result)
oscal_assessment_results = c2p.result_to_oscal()
print(oscal_assessment_results.oscal_serialize_json(pretty=True))