in security-policies/dev/generate_rule_metadata.py [0:0]
def generate_metadata(benchmark_id: str, raw_data: pd.DataFrame, sections: dict):
"""
Generate metadata for rules
:param benchmark_id: Benchmark ID
:param raw_data: ‘Raw’ data from the spreadsheet
:param sections: Section metadata
:return: List of Rule objects
"""
normalized_data = replace_nan_with_empty_string(raw_data)
metadata = []
benchmark_tag = benchmark_id.removeprefix("cis_").upper() if benchmark_id != "cis_k8s" else f"Kubernetes"
for rule in normalized_data.to_dict(orient="records"):
# Check if rule was implemented
if not rule_is_implemented(rule["Rule Number"], benchmark_id):
continue
benchmark_metadata = generate_rule_benchmark_metadata(
benchmark_id,
rule["Rule Number"],
)
r = Rule(
id=str(
uuid.uuid5(
uuid.NAMESPACE_DNS,
f"{benchmark_metadata.name} {rule['Title']} {rule['Rule Number']}",
),
),
name=rule["Title"],
profile_applicability=f"* {rule['profile_applicability']}",
description=common.fix_code_blocks(rule["description"]),
rationale=common.fix_code_blocks(rule.get("rationale", "")),
audit=common.fix_code_blocks(rule.get("audit", "")),
remediation=common.fix_code_blocks(rule.get("remediation", "")),
impact=rule.get("impact", ""),
default_value=rule.get(
"default_value",
read_existing_default_value(rule["Rule Number"], benchmark_id),
),
references=parse_refs(rule.get("references", "")),
section=sections[rule["Section"]],
tags=[
"CIS",
benchmark_tag,
f"CIS {rule['Rule Number']}",
sections[rule["Section"]],
],
version="1.0",
benchmark=benchmark_metadata,
)
metadata.append(r)
return metadata