Merge pull request #30 from mitre/updateDocumentation

updateDocumentation

.dockerignore

@@ -1,11 +1,8 @@
-# git
-.git
-.gitignore
-CHANGELOG.md
+# VS Code
+.vscode/
 
-# ci
-.gitlab-ci.yml
+# doc
+doc/
 
 # code
-spec
-.env
+spec/

.env-example

@@ -2,7 +2,7 @@ export EMASSER_API_KEY_API_KEY=<API key>
 export EMASSER_API_KEY_USER_UID=<unique identifier of the eMASS user EMASSER_API_KEY_API_KEY belongs to>
 export EMASSER_HOST=<FQDN of the eMASS server>
 export EMASSER_KEY_FILE_PATH=<path to your emass key in PEM format>
-export EMASSER_CERT_FILE_PATH=<path to your emass certficate in PEM format>
+export EMASSER_CERT_FILE_PATH=<path to your emass certificate in PEM format>
 export EMASSER_KEY_PASSWORD=<password for the key given in EMASSER_KEY_FILE_PATH>
 export EMASSER_CLIENT_SIDE_VALIDATION=<client side validation - true or false>
 export EMASSER_VERIFY_SSL=<verify SSL - true or false>

.github/workflows/push-to-docker-mail.yml

@@ -0,0 +1,28 @@
+name: Push emasser CLI to Docker Hub on every merge to master and tag as latest
+
+on:
+  push:
+    branches: [ main ]
+
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Checkout the emasser Repository
+        uses: actions/checkout@v2
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          tags: mitre/emasser:latest

.github/workflows/push-to-docker.yml

@@ -0,0 +1,35 @@
+name: Push emasser to Docker Hub on every release
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Run string replace
+        uses: frabert/replace-string-action@master
+        id: format-tag
+        with:
+          pattern: 'v'
+          string: "${{ github.event.release.tag_name }}"
+          replace-with: ''
+          flags: 'g'
+      - name: Checkout the emasser Repository
+        uses: actions/checkout@v2
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          tags: mitre/emasser:release-latest,mitre/emasser:${{ steps.format-tag.outputs.replaced }}

.gitignore

@@ -11,8 +11,9 @@
 
 **/*.un~
 
-emassing/test/test_example.zip
 .DS_Store
 .byebug_history
 .env
+key.pem
+client.pem
 *.gem

Dockerfile

@@ -1,10 +1,42 @@
-FROM ruby:2.5
+# Buld from ruby 2.7.5 image
+FROM ruby:2.7.5 as build
 
+LABEL name="emasser" \
+      vendor="MITRE" \
+      version="${EMASSER_VERSION}" \
+      release="1" \
+      url="https://github.com/mitre/emasser" \
+      description="Emasser is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise Mission Assurance Support Service (eMASS) by leveraging its representational state transfer (REST) application programming interface (API)." \
+      docs="https://mitre.github.io/emasser/" \
+      run="docker run -d --name ${NAME} ${IMAGE} <args>"
+
+# Set the base directory that will be used from now on
 WORKDIR /emasser
 
-COPY . .
+# Copy - source (.) destination (.)
 
+# Install dependency
+RUN gem install bundler -v '2.3.5'
+RUN apt update && apt install -y build-essential
+COPY . .
 RUN bundle install
+WORKDIR /emasser/emass_client/ruby_client
+RUN gem build emass_client.gemspec
+WORKDIR /emasser
+RUN gem build emasser.gemspec
+RUN mkdir gems
+RUN mv emass_client/ruby_client/emass_client*.gem gems/emass_client.gem
+RUN mv emasser*.gem gems/emasser.gem
+
+FROM ruby:2-alpine
+# RUN sed -i 's/https/http/g' /etc/apk/repositories
+COPY --from=build /emasser/gems /emass-gems
+
+RUN apk add build-base libcurl && gem install /emass-gems/emass_client.gem && gem install /emass-gems/emasser.gem
+
+VOLUME [ "/data" ]
+WORKDIR /data
+
+ENTRYPOINT ["emasser"]
 
-ENTRYPOINT ["bundle", "exec", "exe/emasser"]
 CMD ["-h"]

Gemfile.lock

@@ -36,15 +36,15 @@ GEM
     dotenv (2.7.6)
     ethon (0.15.0)
       ffi (>= 1.15.0)
-    ffi (1.15.4-x64-mingw32)
+    ffi (1.15.5-x64-mingw32)
     i18n (1.8.11)
       concurrent-ruby (~> 1.0)
     json (2.6.1)
     minitest (5.15.0)
     parallel (1.21.0)
     parser (3.1.0.0)
       ast (~> 2.4.1)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (13.0.6)
     regexp_parser (2.2.0)
     rexml (3.2.5)
@@ -92,10 +92,9 @@ GEM
 
 PLATFORMS
   x64-mingw32
-  x86_64-darwin-20
 
 DEPENDENCIES
-  bundler (~> 2.1)
+  bundler (~> 2.3)
   bundler-audit (~> 0.7)
   byebug (~> 11.1.3)
   emass_client!
@@ -109,4 +108,4 @@ DEPENDENCIES
   yaml (~> 0.2.0)
 
 BUNDLED WITH
-   2.3.4
+   2.3.5

README.md

@@ -1,4 +1,8 @@
 # emasser
+![GitHub Release Date](https://img.shields.io/github/release-date/mitre/emasser?label=Release%20Date)
+![GitHub release (latest by date)](https://img.shields.io/github/v/release/mitre/emasser?label=Release%20Version)
+[![Gem Version](https://badge.fury.io/rb/emasser.svg)](https://badge.fury.io/rb/emasser)
+</br>
 ![emasser Testing](https://github.com/mitre/emasser/actions/workflows/test-cli.yml/badge.svg)
 ![CodeQL Vulnerabilities and Errors](https://github.com/mitre/emasser/actions/workflows/codeql-analysis.yml/badge.svg)
 ![Docs Generation](https://github.com/mitre/emasser/actions/workflows/generate_docs.yml/badge.svg)
@@ -31,7 +35,7 @@ This project is actively looking for user stories, features to build, and intera
 
 ## Roadmap
 
-Emasser is currently in MVP development and we are targeting all the features listed in Current and In Development for version 1.0. The Road Map are things that the team and community have talked about as possible great additions but feedback on which should come first, second, and third are what we would love feedback on from you.
+Emasser is currently in MVP development and we are targeting all the features listed in Current and In Development for version 1.0.X. The Road Map are things that the team and community have talked about as possible great additions but feedback on which should come first, second, and third are what we would love feedback on from you.
 
 * Update a system's record with met/not met NIST 800-53 Security and Privacy controls and/or common control indicators (CCI) based on scan results expressed in [Heimdall Data Format (HDF)](https://saf.mitre.org/#/normalize).
 * Resolve a particular plan of action and milestone (POA&M) based on scan results or git-ops workflow.
@@ -49,27 +53,71 @@ Runtime Dependencies:
   * Ruby version 2.7 or greater.
   * `rubyzip (latest version)`
   * `emass_client (latest version)`
-  * On Windows the `cURL` binary is required (libcurl.dll). Options to install cURL for the emasser CLI to work are:
-    - Download the curl for windows zip file from [curl x.x.x for Windows](https://curl.se/windows/)
-      - Go into the archive and browse to /bin
-      - Locate libcurl_x64.dll (it may be just libcurl.dll)
+  * On Windows the `cURL` binary is required (libcurl.dll). To install cURL:
+    - Download cURL for windows from [curl x.x.x for Windows](https://curl.se/windows/)
+      - Go into the archive and browse to the /bin directory
+      - Locate libcurl_x64.dll (it may be named just libcurl.dll)
       - Extract the file into the Ruby installation /bin directory
       - Rename the file to `libcurl.dll` if it has the `_x64` suffix
     - Install [cURL for windows](https://community.chocolatey.org/packages/curl) and add the installation directory to the PATH.
 
 
-To install:
+To install (via github):
 ```bash
 git clone <path to emasser git> emasser
 cd emasser
-gem build *.gemspec
-gem install *.gem
+```
+- Build the emasser gem
+```bash
+  gem build *.gemspec
+  gem install *.gem
+```
+- Build the emass_client gem
+```bash
+  cd emass_client/ruby_client
+  gem build *.gemspec
+  gem install *.gem
+```
+
+To install (via published RubyGems):
+```bash
+gem install emasser
+```
+
+**Note:** To run in development mode there isn't a need to build the gem, simply clone from the emasser repository and use:
+```
+bundle exec exe/emasser [command]
+```
+
+## Using Docker
+### Run the emasser Docker Container (--rm remove the container when exit)
+- To run the emasser container use:
+  ```
+  docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest
+  ```
+- To list all GET, POST, PUT, or DELETE commands use:
+  ```
+  docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest get help
+  ```
+  ```
+  docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest post help
+  ```
+  ```
+  docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest put help
+  ```
+  ```
+  docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest delete help
+  ```
+
+### Delete (remove) the Docker Container
+```
+  docker rmi -f mitre/emasser
 ```
 
 ## Use
 
 **Requirement 1 & 2: Authentication and Authorization:**
-`emasser` requires authentication to eMASS as well as authorization to use the eMASS API. This authentication and authorization is **not** a function of `emasser` and needs to be handled directly with discussions with eMASS. `emasser` will accept credentials that are created based on those discussions.
+`emasser` requires authentication to eMASS as well as authorization to use the eMASS API. This authentication and authorization is **not** a function of `emasser` and needs to be handled directly with discussions with [eMASS](https://www.dcsa.mil/is/emass/). `emasser` will accept credentials that are created based on those discussions.
 
 **Approve API Client for Actionable Requests**
 Users are required to log-in to eMASS and grant permissions for a client to update data within eMASS on their behalf. This is only required for actionable requests (PUT, POST, DELETE). The Registration Endpoint and all GET requests can be accessed without completing this process with the correct permissions.
@@ -83,7 +131,7 @@ To establish an account with eMASS and/or acquire an api-key/user-uid, contact o
 ## Design
 
 **Interactions with eMASS API:**
-`emasser` leverages a MITRE dependency, `emass_client`, which provides a REST API client based on a MITRE-created [OpenAPI](https://www.openapis.org/) version 3 specification based on the official eMASS version 2.3 API documentation. This design enables REST API clients to be generated in [any supported programming language](https://swagger.io/tools/swagger-codegen/). This design decision enables `emass_client` to generate a Ruby client for `emasser` and a TypeScript client that is included with [Heimdall Enterprise Server](https://github.com/mitre/heimdall2).
+`emasser` leverages a MITRE dependency, `emass_client`, which provides a REST API client based on a MITRE-created [OpenAPI](https://www.openapis.org/) version 3 specification for the official eMASS version 3.2 API documentation. This design enables REST API clients to be generated in [any supported programming language](https://swagger.io/tools/swagger-codegen/). This design decision enables `emass_client` to generate a Ruby client for `emasser` and a TypeScript client that is included with [Heimdall Enterprise Server](https://github.com/mitre/heimdall2).
 
 **Business Logic:**
 Because interactions with the API are handled by a dependency, the bulk of `emasser` is business logic for accepting user input/output, reading data from eMASS or from input, transforming data, and routing data to the appropriate eMASS API endpoint. This business logic is organized into Ruby Classes and Modules based on the command or subcommand requested by the user.

docs/features.md

@@ -3,13 +3,15 @@
 ## Required Environment Variables
 To facilitate setting the required environment variables the emasser CLI utilized the zero-dependency module to load these variables from a .env file. An .env-example file is provided with the required fields (listed below).
 
-emasser environment variables required:
+emasser environment variables (required):
 * EMASSER_API_KEY_API_KEY=`<API key>`
 * EMASSER_API_KEY_USER_UID=`<unique identifier for the API Key (EMASSER_API_KEY_API_KEY)`
 * EMASSER_HOST=`<FQDN of the eMASS server>`
 * EMASSER_KEY_FILE_PATH=`<path to your eMASS key in PEM format>`
 * EMASSER_CERT_FILE_PATH=`<path to your eMASS certificate in PEM format>`
 * EMASSER_KEY_PASSWORD=`<password for the key given in EMASSER_KEY_FILE_PATH>`
+
+emasser environment variables (optional):
 * EMASSER_CLIENT_SIDE_VALIDATION=`<client side validation - true or false>`
 * EMASSER_VERIFY_SSL=`<verify SSL - true or false>`
 * EMASSER_VERIFY_SSL_HOST=`<verify host SSL - true or false>`
@@ -19,7 +21,7 @@ emasser environment variables required:
   - To invoke any boolean parameters use --parameterName for TRUE and --no-parameterName for FALSE
   - The eMASS API provides the capability of updating multiple entries within several endpoints, however this CLI only supports updating one entry at the time.
 
-## Invoking emmaser CLI Commands
+## Invoking emasser CLI Commands
 
 The CLI invoke commands listed in this document shows them when executing from the source code (after a pull from GitHub). If an executable (.gem) is created the command to invoke the endpoint is different. For example:
 - Invoking the GET systems endpoint from the source code is:

emasser.gemspec

@@ -26,14 +26,14 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'colorize', '~> 0.8.1'
   spec.add_runtime_dependency 'dotenv', '~> 2.7.6'
   spec.add_runtime_dependency 'rubyzip', '~> 2.3.2'
-  spec.add_runtime_dependency 'thor', '~> 1.1.0'  
+  spec.add_runtime_dependency 'thor', '~> 1.1.0'
   spec.add_runtime_dependency 'emass_client', '~> 1.0'
 
-  spec.add_development_dependency 'bundler', '~> 2.1'
+  spec.add_development_dependency 'bundler', '~> 2.3'
   spec.add_development_dependency 'bundler-audit', '~> 0.7'
   spec.add_development_dependency 'byebug', '~> 11.1.3'
-  spec.add_development_dependency 'rspec', '~>3.10.0'
-  spec.add_development_dependency 'yaml', '~>0.2.0'
+  spec.add_development_dependency 'rspec', '~> 3.10.0'
+  spec.add_development_dependency 'yaml', '~> 0.2.0'
   spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rubocop', '~> 1.7'
   spec.add_development_dependency 'rubocop-minitest', '~> 0.10'

lib/emasser/cli.rb

@@ -17,13 +17,17 @@ class CLI < Thor
       require 'emasser/delete'
       register(Emasser::Delete, 'delete', 'delete [RESOURCE]', 'Deletes resources')
     elsif (ARGV[0].to_s.include? '-v') || (ARGV[0].to_s.include? '-V')
-      puts Emasser::VERSION.green
+      puts "emasser version: #{Emasser::VERSION}".green
+      exit
+    elsif ARGV[0].to_s.include? 'hello'
+      user_name = ENV['USERNAME'] || 'rookie'
+      print "Hello #{user_name} - enjoy using emasser!".cyan
       exit
     end
 
     def help
-      puts 'Emasser commands:'
-      puts '  emasser [get, put, post, delete, -v, or -V]'
+      puts 'Emasser commands:'.yellow
+      puts '  emasser [get, put, post, delete, -v, or -V]'.yellow
     end
 
     def self.exit_on_failure?