diff options
Diffstat (limited to 'python-auditree-framework.spec')
| -rw-r--r-- | python-auditree-framework.spec | 559 |
1 files changed, 559 insertions, 0 deletions
diff --git a/python-auditree-framework.spec b/python-auditree-framework.spec new file mode 100644 index 0000000..555e393 --- /dev/null +++ b/python-auditree-framework.spec @@ -0,0 +1,559 @@ +%global _empty_manifest_terminate_build 0 +Name: python-auditree-framework +Version: 2.0.0 +Release: 1 +Summary: Tool to run compliance control checks as unit tests +License: Apache License 2.0 +URL: https://auditree.github.io/ +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/fa/57/19506a5966f349b80dad13ca930cf68a70682f20196ac60d938f495b2f2e/auditree-framework-2.0.0.tar.gz +BuildArch: noarch + +Requires: python3-inflection +Requires: python3-GitPython +Requires: python3-jinja2 +Requires: python3-ibm-cloud-security-advisor +Requires: python3-ilcli +Requires: python3-cryptography +Requires: python3-pytest +Requires: python3-pytest-cov +Requires: python3-pre-commit +Requires: python3-Sphinx +Requires: python3-setuptools +Requires: python3-wheel +Requires: python3-twine + +%description +[![OS Compatibility][platform-badge]](#prerequisites) +[![Python Compatibility][python-badge]][python] +[![pre-commit][pre-commit-badge]][pre-commit] +[][lint-test] +[][pypi-upload] + +# auditree-framework + +Tool to run compliance control checks as unit tests and build up a body of evidence. + +This framework gives you the tools you need to create an auditable body of evidence, and is designed to be "DevSecOps" friendly. Collection & validation of evidence is modelled as python unit tests, evidence is stored & versioned in a git repository, notifications can be configured to send to Slack, create issues, contact PagerDuty, or just write files into git. The goal is to enable the digital transformation of compliance activities, and make these everyday operational tasks for the team managing the system. + +## Installation + +### Prerequisites + +- Supported for execution on OSX and LINUX. +- Supported for execution with Python 3.6 and above. + +If you haven't already you need to generate a new ssh key for your Github account as per [this guide](https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/) + +### Check out the code + +```shell +git clone git@github.com:ComplianceAsCode/auditree-framework +cd auditree-framework +``` + +### For users + +```shell +python3 -m venv venv +. venv/bin/activate +make install +``` + +### For developers + +```shell +python3 -m venv venv +. venv/bin/activate +make develop +``` + +#### Code style and formatting + +This repository uses [black][black] for code formatting and [flake8][flake8] for code styling. It also +uses [pre-commit][pre-commit] hooks that are integrated into the development process and the CI. When +you run `make develop` you are ensuring that the pre-commit hooks are installed and updated to their +latest versions for this repository. This ensures that all delivered code has been properly formatted +and passes the linter rules. See the [pre-commit configuration file][pre-commit-config] for details on +`black` and `flake8` configurations. + +Since `black` and `flake8` are installed as part of the `pre-commit` hooks, running `black` and `flake8` +manually must be done through `pre-commit`. See examples below: + +```shell +make code-format +make code-lint +``` + +...will run `black` and `flake8` on the entire repo and is equivalent to: + +```shell +pre-commit run black --all-files +pre-commit run flake8 --all-files +``` + +...and when looking to limit execution to a subset of files do similar to: + +```shell +pre-commit run black --files compliance/* +pre-commit run flake8 --files compliance/* +``` + +#### Unit tests + +To run the frameworks test suite, use: + +```shell +make test +``` + +#### Build Documentation + +Documentation sources live in `doc-source`, and are also auto-generated from the source codes doc strings. The auto-generated documentation (`compliance*rst, modules.rst`) is ignored by git & should not be modified directly - make changes in the python code. + +To build the documentation locally run: + +```shell +make docs +``` + +This will update the files in `doc` with the latest documentation. These files should not be modified by hand. + +## Try it + +Successfully complete the steps below and you should be able to find your local +evidence locker in your `$TMPDIR/compliance` folder. There you will find a `raw` +folder that contains all of the raw evidence fetched by the fetchers found in the +`demo/demo_examples/fetchers` folder along with a `reports` folder that contains +the reports generated by the checks found in the `demo/demo_examples/checks` folder. + +- Create an empty [credentials][] file: + +```shell +$ touch ~/.credentials +``` + +- Set up your environment: + +```shell +cd demo +python -m venv +. ./venv/bin/activate +pip install -r requirements.txt +``` + +- Run the fetchers: + +```shell +compliance --fetch --evidence local -C auditree_demo.json -v +``` + +- Run the checks: + +```shell +compliance --check demo.arboretum.accred,demo.custom.accred --evidence local -C auditree_demo.json -v +``` + +## Contribute + +Help us to improve the Auditree framework. See [CONTRIBUTING][]. + +## Ecosystem + +We are building a set of common fetchers/checks in [Arboretum](https://github.com/ComplianceAsCode/auditree-arboretum). If you have a library of checks, please let us know & we'll link here. + +We have a data gathering and reporting tool called [Harvest](https://github.com/ComplianceAsCode/auditree-harvest) which lets you process your evidence locker and generate reports over the data held. + +We have a tool called [Prune](https://github.com/ComplianceAsCode/auditree-prune) which lets you mark evidence as no longer being collected, in a suitably tracked manner. + +We have a tool called [Plant](https://github.com/ComplianceAsCode/auditree-plant) which lets you add evidence to evidence lockers without the use of fetchers or checks. + +[CONTRIBUTING]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/CONTRIBUTING.md +[credentials file]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc/design-principles.rst#credentials +[flake8]: https://gitlab.com/pycqa/flake8 +[platform-badge]: https://img.shields.io/badge/platform-osx%20|%20linux-orange.svg +[pre-commit-badge]: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white +[pre-commit]: https://github.com/pre-commit/pre-commit +[pre-commit-config]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/.pre-commit-config.yaml +[python-badge]: https://img.shields.io/badge/python-v3.6+-blue.svg +[python]: https://www.python.org/downloads/ +[quick start guide]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc-source/quick-start.rst +[black]: https://github.com/psf/black +[lint-test]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22format+%7C+lint+%7C+test%22 +[pypi-upload]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22PyPI+upload%22 +[credentials]: https://complianceascode.github.io/auditree-framework/design-principles.html#credentials + + +%package -n python3-auditree-framework +Summary: Tool to run compliance control checks as unit tests +Provides: python-auditree-framework +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-auditree-framework +[![OS Compatibility][platform-badge]](#prerequisites) +[![Python Compatibility][python-badge]][python] +[![pre-commit][pre-commit-badge]][pre-commit] +[][lint-test] +[][pypi-upload] + +# auditree-framework + +Tool to run compliance control checks as unit tests and build up a body of evidence. + +This framework gives you the tools you need to create an auditable body of evidence, and is designed to be "DevSecOps" friendly. Collection & validation of evidence is modelled as python unit tests, evidence is stored & versioned in a git repository, notifications can be configured to send to Slack, create issues, contact PagerDuty, or just write files into git. The goal is to enable the digital transformation of compliance activities, and make these everyday operational tasks for the team managing the system. + +## Installation + +### Prerequisites + +- Supported for execution on OSX and LINUX. +- Supported for execution with Python 3.6 and above. + +If you haven't already you need to generate a new ssh key for your Github account as per [this guide](https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/) + +### Check out the code + +```shell +git clone git@github.com:ComplianceAsCode/auditree-framework +cd auditree-framework +``` + +### For users + +```shell +python3 -m venv venv +. venv/bin/activate +make install +``` + +### For developers + +```shell +python3 -m venv venv +. venv/bin/activate +make develop +``` + +#### Code style and formatting + +This repository uses [black][black] for code formatting and [flake8][flake8] for code styling. It also +uses [pre-commit][pre-commit] hooks that are integrated into the development process and the CI. When +you run `make develop` you are ensuring that the pre-commit hooks are installed and updated to their +latest versions for this repository. This ensures that all delivered code has been properly formatted +and passes the linter rules. See the [pre-commit configuration file][pre-commit-config] for details on +`black` and `flake8` configurations. + +Since `black` and `flake8` are installed as part of the `pre-commit` hooks, running `black` and `flake8` +manually must be done through `pre-commit`. See examples below: + +```shell +make code-format +make code-lint +``` + +...will run `black` and `flake8` on the entire repo and is equivalent to: + +```shell +pre-commit run black --all-files +pre-commit run flake8 --all-files +``` + +...and when looking to limit execution to a subset of files do similar to: + +```shell +pre-commit run black --files compliance/* +pre-commit run flake8 --files compliance/* +``` + +#### Unit tests + +To run the frameworks test suite, use: + +```shell +make test +``` + +#### Build Documentation + +Documentation sources live in `doc-source`, and are also auto-generated from the source codes doc strings. The auto-generated documentation (`compliance*rst, modules.rst`) is ignored by git & should not be modified directly - make changes in the python code. + +To build the documentation locally run: + +```shell +make docs +``` + +This will update the files in `doc` with the latest documentation. These files should not be modified by hand. + +## Try it + +Successfully complete the steps below and you should be able to find your local +evidence locker in your `$TMPDIR/compliance` folder. There you will find a `raw` +folder that contains all of the raw evidence fetched by the fetchers found in the +`demo/demo_examples/fetchers` folder along with a `reports` folder that contains +the reports generated by the checks found in the `demo/demo_examples/checks` folder. + +- Create an empty [credentials][] file: + +```shell +$ touch ~/.credentials +``` + +- Set up your environment: + +```shell +cd demo +python -m venv +. ./venv/bin/activate +pip install -r requirements.txt +``` + +- Run the fetchers: + +```shell +compliance --fetch --evidence local -C auditree_demo.json -v +``` + +- Run the checks: + +```shell +compliance --check demo.arboretum.accred,demo.custom.accred --evidence local -C auditree_demo.json -v +``` + +## Contribute + +Help us to improve the Auditree framework. See [CONTRIBUTING][]. + +## Ecosystem + +We are building a set of common fetchers/checks in [Arboretum](https://github.com/ComplianceAsCode/auditree-arboretum). If you have a library of checks, please let us know & we'll link here. + +We have a data gathering and reporting tool called [Harvest](https://github.com/ComplianceAsCode/auditree-harvest) which lets you process your evidence locker and generate reports over the data held. + +We have a tool called [Prune](https://github.com/ComplianceAsCode/auditree-prune) which lets you mark evidence as no longer being collected, in a suitably tracked manner. + +We have a tool called [Plant](https://github.com/ComplianceAsCode/auditree-plant) which lets you add evidence to evidence lockers without the use of fetchers or checks. + +[CONTRIBUTING]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/CONTRIBUTING.md +[credentials file]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc/design-principles.rst#credentials +[flake8]: https://gitlab.com/pycqa/flake8 +[platform-badge]: https://img.shields.io/badge/platform-osx%20|%20linux-orange.svg +[pre-commit-badge]: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white +[pre-commit]: https://github.com/pre-commit/pre-commit +[pre-commit-config]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/.pre-commit-config.yaml +[python-badge]: https://img.shields.io/badge/python-v3.6+-blue.svg +[python]: https://www.python.org/downloads/ +[quick start guide]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc-source/quick-start.rst +[black]: https://github.com/psf/black +[lint-test]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22format+%7C+lint+%7C+test%22 +[pypi-upload]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22PyPI+upload%22 +[credentials]: https://complianceascode.github.io/auditree-framework/design-principles.html#credentials + + +%package help +Summary: Development documents and examples for auditree-framework +Provides: python3-auditree-framework-doc +%description help +[![OS Compatibility][platform-badge]](#prerequisites) +[![Python Compatibility][python-badge]][python] +[![pre-commit][pre-commit-badge]][pre-commit] +[][lint-test] +[][pypi-upload] + +# auditree-framework + +Tool to run compliance control checks as unit tests and build up a body of evidence. + +This framework gives you the tools you need to create an auditable body of evidence, and is designed to be "DevSecOps" friendly. Collection & validation of evidence is modelled as python unit tests, evidence is stored & versioned in a git repository, notifications can be configured to send to Slack, create issues, contact PagerDuty, or just write files into git. The goal is to enable the digital transformation of compliance activities, and make these everyday operational tasks for the team managing the system. + +## Installation + +### Prerequisites + +- Supported for execution on OSX and LINUX. +- Supported for execution with Python 3.6 and above. + +If you haven't already you need to generate a new ssh key for your Github account as per [this guide](https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/) + +### Check out the code + +```shell +git clone git@github.com:ComplianceAsCode/auditree-framework +cd auditree-framework +``` + +### For users + +```shell +python3 -m venv venv +. venv/bin/activate +make install +``` + +### For developers + +```shell +python3 -m venv venv +. venv/bin/activate +make develop +``` + +#### Code style and formatting + +This repository uses [black][black] for code formatting and [flake8][flake8] for code styling. It also +uses [pre-commit][pre-commit] hooks that are integrated into the development process and the CI. When +you run `make develop` you are ensuring that the pre-commit hooks are installed and updated to their +latest versions for this repository. This ensures that all delivered code has been properly formatted +and passes the linter rules. See the [pre-commit configuration file][pre-commit-config] for details on +`black` and `flake8` configurations. + +Since `black` and `flake8` are installed as part of the `pre-commit` hooks, running `black` and `flake8` +manually must be done through `pre-commit`. See examples below: + +```shell +make code-format +make code-lint +``` + +...will run `black` and `flake8` on the entire repo and is equivalent to: + +```shell +pre-commit run black --all-files +pre-commit run flake8 --all-files +``` + +...and when looking to limit execution to a subset of files do similar to: + +```shell +pre-commit run black --files compliance/* +pre-commit run flake8 --files compliance/* +``` + +#### Unit tests + +To run the frameworks test suite, use: + +```shell +make test +``` + +#### Build Documentation + +Documentation sources live in `doc-source`, and are also auto-generated from the source codes doc strings. The auto-generated documentation (`compliance*rst, modules.rst`) is ignored by git & should not be modified directly - make changes in the python code. + +To build the documentation locally run: + +```shell +make docs +``` + +This will update the files in `doc` with the latest documentation. These files should not be modified by hand. + +## Try it + +Successfully complete the steps below and you should be able to find your local +evidence locker in your `$TMPDIR/compliance` folder. There you will find a `raw` +folder that contains all of the raw evidence fetched by the fetchers found in the +`demo/demo_examples/fetchers` folder along with a `reports` folder that contains +the reports generated by the checks found in the `demo/demo_examples/checks` folder. + +- Create an empty [credentials][] file: + +```shell +$ touch ~/.credentials +``` + +- Set up your environment: + +```shell +cd demo +python -m venv +. ./venv/bin/activate +pip install -r requirements.txt +``` + +- Run the fetchers: + +```shell +compliance --fetch --evidence local -C auditree_demo.json -v +``` + +- Run the checks: + +```shell +compliance --check demo.arboretum.accred,demo.custom.accred --evidence local -C auditree_demo.json -v +``` + +## Contribute + +Help us to improve the Auditree framework. See [CONTRIBUTING][]. + +## Ecosystem + +We are building a set of common fetchers/checks in [Arboretum](https://github.com/ComplianceAsCode/auditree-arboretum). If you have a library of checks, please let us know & we'll link here. + +We have a data gathering and reporting tool called [Harvest](https://github.com/ComplianceAsCode/auditree-harvest) which lets you process your evidence locker and generate reports over the data held. + +We have a tool called [Prune](https://github.com/ComplianceAsCode/auditree-prune) which lets you mark evidence as no longer being collected, in a suitably tracked manner. + +We have a tool called [Plant](https://github.com/ComplianceAsCode/auditree-plant) which lets you add evidence to evidence lockers without the use of fetchers or checks. + +[CONTRIBUTING]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/CONTRIBUTING.md +[credentials file]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc/design-principles.rst#credentials +[flake8]: https://gitlab.com/pycqa/flake8 +[platform-badge]: https://img.shields.io/badge/platform-osx%20|%20linux-orange.svg +[pre-commit-badge]: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white +[pre-commit]: https://github.com/pre-commit/pre-commit +[pre-commit-config]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/.pre-commit-config.yaml +[python-badge]: https://img.shields.io/badge/python-v3.6+-blue.svg +[python]: https://www.python.org/downloads/ +[quick start guide]: https://github.com/ComplianceAsCode/auditree-framework/blob/master/doc-source/quick-start.rst +[black]: https://github.com/psf/black +[lint-test]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22format+%7C+lint+%7C+test%22 +[pypi-upload]: https://github.com/ComplianceAsCode/auditree-framework/actions?query=workflow%3A%22PyPI+upload%22 +[credentials]: https://complianceascode.github.io/auditree-framework/design-principles.html#credentials + + +%prep +%autosetup -n auditree-framework-2.0.0 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-auditree-framework -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Wed May 10 2023 Python_Bot <Python_Bot@openeuler.org> - 2.0.0-1 +- Package Spec generated |