-
Notifications
You must be signed in to change notification settings - Fork 473
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
output engine: threats: Generate THREATS.md file
Signed-off-by: John Andersen <[email protected]>
- Loading branch information
Showing
4 changed files
with
202 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,143 @@ | ||
# Copyright (C) 2021 Intel Corporation | ||
# SPDX-License-Identifier: GPL-3.0-or-later | ||
|
||
import os | ||
from typing import Dict, List, Union | ||
|
||
|
||
from ..merge import MergeReports | ||
|
||
from ..log import LOGGER | ||
from ..util import CVEData, ProductInfo | ||
|
||
|
||
def output_threats( | ||
all_cve_data: Dict[ProductInfo, CVEData], | ||
scanned_dir: str, | ||
filename: str, | ||
theme_dir: str, | ||
total_files: int, | ||
products_with_cve: int, | ||
products_without_cve: int, | ||
merge_report: Union[None, MergeReports], | ||
logger: LOGGER, | ||
outfile, | ||
): | ||
"""Returns a THREATS.md report including depedencies found""" | ||
from pprint import pprint | ||
pprint(locals()) | ||
|
||
import textwrap | ||
outfile.write( | ||
textwrap.dedent( | ||
f""" | ||
# Threat Model | ||
""" | ||
) | ||
) | ||
|
||
# ------------------ BEGIN MERMAID OUTPUT ------------------ | ||
outfile.write( | ||
textwrap.dedent( | ||
""" | ||
```mermaid | ||
""" | ||
) | ||
) | ||
|
||
# Write out the mermaid diagram | ||
import sys | ||
import asyncio | ||
import contextlib | ||
import dffml | ||
import dffml.cli.dataflow | ||
|
||
|
||
# TODO Check if dataflow extra is installed. Build dataflows from scan | ||
# results. Generate mermaid daigrams from flows. | ||
import cve_bin_tool.scanners.dataflow | ||
|
||
# The overlayed keyword arguements of fields within to be created | ||
field_modifications = { | ||
"dataflow": {"default_factory": lambda: cve_bin_tool.scanners.dataflow.COLLECTOR_DATAFLOW}, | ||
"simple": {"default": True}, | ||
"stages": {"default_factory": lambda: [dffml.Stage.PROCESSING.value]}, | ||
} | ||
# Create a derived class | ||
DiagramForMyDataFlow = dffml.cli.dataflow.Diagram.subclass( | ||
"DiagramForMyDataFlow", field_modifications, | ||
) | ||
print(DiagramForMyDataFlow) | ||
# <class 'dffml.util.cli.cmd.DiagramForMyDataFlow'> | ||
print(DiagramForMyDataFlow.CONFIG) | ||
# <class 'types.DiagramForMyDataFlowConfig'> | ||
with contextlib.redirect_stdout(outfile): | ||
asyncio.run(DiagramForMyDataFlow._main()) | ||
|
||
|
||
outfile.write( | ||
textwrap.dedent( | ||
""" | ||
``` | ||
""" | ||
) | ||
) | ||
# ------------------ END MERMAID OUTPUT ------------------ | ||
|
||
# ------------------ BEGIN OPEN ARCHITECTURE OUTPUT ------------------ | ||
outfile.write( | ||
textwrap.dedent( | ||
f""" | ||
```json | ||
""" | ||
) | ||
) | ||
|
||
# Write out the mermaid diagram | ||
import sys | ||
import asyncio | ||
import contextlib | ||
import dffml | ||
import dffml.cli.dataflow | ||
import dffml.service.dev | ||
|
||
|
||
import dffml_config_yaml.configloader | ||
|
||
|
||
# TODO Check if dataflow extra is installed. Build dataflows from scan | ||
# results. Generate mermaid daigrams from flows. | ||
import cve_bin_tool.scanners.dataflow | ||
|
||
# The overlayed keyword arguements of fields within to be created | ||
field_modifications = { | ||
"export": {"default_factory": lambda: "cve_bin_tool.scanners.dataflow:COLLECTOR_DATAFLOW"}, | ||
# "configloader": {"default_factory": lambda: dffml_config_yaml.configloader.YamlConfigLoader}, | ||
"configloader": {"default_factory": lambda: dffml.JSONConfigLoader}, | ||
} | ||
|
||
# Create a derived class | ||
ExportForMyDataFlow = dffml.service.dev.Export.subclass( | ||
"ExportForMyDataFlow", field_modifications, | ||
) | ||
print(ExportForMyDataFlow) | ||
# <class 'dffml.util.cli.cmd.ExportForMyDataFlow'> | ||
print(ExportForMyDataFlow.CONFIG) | ||
# <class 'types.ExportForMyDataFlowConfig'> | ||
import io | ||
a_out = io.StringIO() | ||
a_out.buffer = io.BytesIO() | ||
with contextlib.redirect_stdout(a_out): | ||
asyncio.run(ExportForMyDataFlow._main()) | ||
|
||
import json | ||
outfile.write(json.dumps(json.loads(a_out.buffer.getvalue().decode()), indent=4)) | ||
outfile.write( | ||
textwrap.dedent( | ||
""" | ||
``` | ||
""" | ||
) | ||
) | ||
# ------------------ END OPEN ARCHITECTURE OUTPUT ------------------ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters