Merge pull request #8 from mitre/mapperCourse

Add Mapper Course Lab Support
mitre · Aug 7, 2024 · 15bd199 · 15bd199
2 parents dd36dff + dcd4b7d
commit 15bd199
Show file tree

Hide file tree

Showing 4 changed files with 102 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -16,6 +16,9 @@ The repository is setup to be very low overhead, we use a simple `build-lab.sh`
   - `curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -c stable -P inspec`
 - MITRE SAF CLI
   - <https://saf-cli.mitre.org>
+  - <https://github.com/mitre/saf>
+- MITRE Heimdall Lite
+  - <https://github.com/mitre/heimdall2>
 - Docker Compose File which starts:
   - RedHat UBI8 Container
   - NGINX Web Server Container

diff --git a/build-lab.sh b/build-lab.sh
@@ -72,6 +72,10 @@ fi
 
 echo -e "${LINE_ASCII_CONSOLE}\n"
 
+# Heimdall Lite & SAF CLI use Node v18
+nvm install 18 &> /dev/null
+nvm use 18 &> /dev/null
+
 if ! command -v saf &> /dev/null
 then
     echo -e "${VERB}Installing MITRE SAF CLI into the Environment.${RSET}"
@@ -82,6 +86,58 @@ else
 fi
 
 
+echo -e "${LINE_ASCII_CONSOLE}\n"
+
+# First check for Heimdall Lite repo
+if ! ls -A ./dev_repos/heimdall2 &> /dev/null
+then
+    echo -e "${VERB}Pulling down MITRE Heimdall Lite repository into the Environment.${RSET}"
+    git clone https://github.com/mitre/heimdall2 dev_repos/heimdall2
+else
+    echo -e "${HIGH}MITRE Heimdall Lite repository is already present.${RSET}"
+fi
+
+
+echo -e "${LINE_ASCII_CONSOLE}\n"
+
+# Then check for Node packages
+if ! ls -A ./dev_repos/heimdall2/node_modules &> /dev/null
+then
+    echo -e "${VERB}Installing required Node packages for MITRE Heimdall Lite repository.${RSET}"
+    cd dev_repos/heimdall2
+    yarn install --frozen-lockfile
+    cd ../..
+else
+    echo -e "${HIGH}MITRE Heimdall Lite Node packages are already present.${RSET}"
+fi
+
+
+echo -e "${LINE_ASCII_CONSOLE}\n"
+
+# First check for SAF CLI repo
+if ! ls -A ./dev_repos/saf &> /dev/null
+then
+    echo -e "${VERB}Pulling down MITRE SAF CLI repository into the Environment.${RSET}"
+    git clone https://github.com/mitre/saf dev_repos/saf
+else
+    echo -e "${HIGH}MITRE SAF CLI repository is already present.${RSET}"
+fi
+
+
+echo -e "${LINE_ASCII_CONSOLE}\n"
+
+# Then check for Node packages
+if ! ls -A ./dev_repos/saf/node_modules &> /dev/null
+then
+    echo -e "${VERB}Installing required Node packages for MITRE SAF CLI repository.${RSET}"
+    cd dev_repos/saf
+    npm ci
+    cd ../..
+else
+    echo -e "${HIGH}MITRE SAF CLI Node packages are already present.${RSET}"
+fi
+
+
 echo -e "${LINE_ASCII_CONSOLE}\n"
 
 echo -e "${VERB}Setting up the required Docker containers.${RSET}"

diff --git a/dev_repos/.gitkeep b/dev_repos/.gitkeep
diff --git a/test-lab.sh b/test-lab.sh
@@ -8,6 +8,8 @@ echo -e "${LINE_ASCII_CONSOLE}\n"
 echo -e "${VERB}Verify the script returns the following information:
 * A \"MITRE SAF\" version number.
 * An \"InSpec\" version number.
+* The Git integrity of the Heimdall Lite and SAF CLI repositories.
+* A Node package installation verification for the the Heimdall Lite and SAF CLI repositories.
 * Two running containers:
   - nginx
   - redhat
@@ -25,6 +27,13 @@ containersRunning=$(docker ps)
 containersMissing=''
 verificationSuccessful=true
 
+cd dev_repos/heimdall2 &> /dev/null
+gitIntegrityHeimdall=$(git status)
+yarnCheckHeimdall=$(yarn check --verify-tree)
+cd ../saf &> /dev/null
+gitIntegritySaf=$(git status)
+yarnCheckSaf=$(yarn check --verify-tree)
+cd ../.. &> /dev/null
 
 if [ -z "${versionSaf}" ]
 then
@@ -42,6 +51,36 @@ else
     statusInspec="${PASS}${versionInspec}${RSET}"
 fi
 
+if ! echo "${gitIntegrityHeimdall}" | grep --silent --extended-regexp 'working tree clean'
+then
+    verificationSuccessful=false
+    statusGitHeimdall="${FAIL}The Heimdall Lite repository has mismatched files.${RSET}"
+else
+    statusGitHeimdall="${PASS}The Heimdall Lite repository is in sync with remote.${RSET}"
+fi
+if ! echo "${yarnCheckHeimdall}" | grep --silent --extended-regexp 'success Folder in sync'
+then
+    verificationSuccessful=false
+    statusNodeHeimdall="${FAIL}The Heimdall Lite repository has mismatched Node packages.${RSET}"
+else
+    statusNodeHeimdall="${PASS}The Heimdall Lite repository has correct Node packages.${RSET}"
+fi
+
+if ! echo "${gitIntegritySaf}" | grep --silent --extended-regexp 'working tree clean'
+then
+    verificationSuccessful=false
+    statusGitSaf="${FAIL}The SAF CLI repository has mismatched files.${RSET}"
+else
+    statusGitSaf="${PASS}The SAF CLI repository is in sync with remote.${RSET}"
+fi
+if ! echo "${yarnCheckSaf}" | grep --silent --extended-regexp 'success Folder in sync'
+then
+    verificationSuccessful=false
+    statusNodeSaf="${FAIL}The SAF CLI repository has mismatched Node packages.${RSET}"
+else
+    statusNodeSaf="${PASS}The SAF CLI repository has correct Node packages.${RSET}"
+fi
+
 if ! echo "${containersRunning}" | grep --silent --extended-regexp 'nginx'
 then
     verificationSuccessful=false
@@ -56,6 +95,10 @@ fi
 echo -e "${HIGH}* MITRE SAF Version:${RSET} ${statusSaf}"
 echo -e "${HIGH}* InSpec Version:${RSET} ${statusInspec}"
 echo -e "${HIGH}* Docker is running the following container(s):${RSET}"
+echo -e "${HIGH}* Heimdall repository integrity:${RSET} ${statusGitHeimdall}"
+echo -e "${HIGH}* Heimdall Node verification:${RSET} ${statusNodeHeimdall}"
+echo -e "${HIGH}* SAF CLI repository integrity:${RSET} ${statusGitSaf}"
+echo -e "${HIGH}* SAF CLI Node verification:${RSET} ${statusNodeSaf}"
 echo "${containersRunning}" | \
     GREP_COLORS='mt=0;32' \
     grep --color=always --extended-regexp \