From 09fbcb51945c308913ce1ea490119ed53a4c45f2 Mon Sep 17 00:00:00 2001 From: SG Date: Tue, 10 Oct 2023 07:15:58 -0600 Subject: [PATCH 1/3] Removed footer links to other INL projects --- README.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/README.md b/README.md index fbd6b0a..55cc8e8 100644 --- a/README.md +++ b/README.md @@ -137,15 +137,6 @@ Developers, by contributing to this software project, you are agreeing to the fo * You agree your contributions are submitted under the BSD 3-Clause license. * You represent you are authorized to make the contributions and grant the license. If your employer has rights to intellectual property that includes your contributions, you represent that you have received permission to make contributions and grant the required license on behalf of that employer. -## Other software ## - -Idaho National Laboratory is a cutting edge research facility which is constantly producing high quality research and software. Feel free to take a look at our other software and scientific offerings at: - -* [Primary Technology Offerings Page](https://www.inl.gov/inl-initiatives/technology-deployment) -* [Supported Open Source Software](https://github.com/cisagov) -* [Raw Experiment Open Source Software](https://github.com/IdahoLabResearch) -* [Unsupported Open Source Software](https://github.com/IdahoLabCuttingBoard) - ## Contact ## Contact information of maintainer(s): From 6f62972038cc9e12112a9629bfed881195ba1dc4 Mon Sep 17 00:00:00 2001 From: Seth Grover Date: Wed, 6 Mar 2024 08:56:54 -0700 Subject: [PATCH 2/3] Updates to get Dockerized working correctly and other miscellany - updated github workflow actions' versions - standardized in scripting and documentation calls to pip (from "pip" to "python3 -m pip") - updated copyright year to 2024 - update base Docker image from Ubuntu kinetic to jammy - added "EXPOSE 5000" directive to Dockerfile for web UI server (although did not test the web UI server through docker) - removed deprecated misc/scan script (which is no longer maintained and will be removed) from local.zeek - updated navv-docker.sh command to run `generate` as default command - although the documentation specified --output-dir and --zeek-logs would default to the current directory, this was not being done; added default=os.getcwd() to @click.option for those two parameters - handled case in pushd context manager where new_dir was being passed in as None, causing an exception Signed-off-by: Seth Grover --- .github/workflows/navv-build-push-ghcr.yml | 12 ++++++------ Makefile | 4 ++-- README.md | 8 ++++---- docker/Dockerfile | 6 ++++-- docker/README.md | 2 +- docker/backup_docker.sh | 2 +- docker/build_docker.sh | 2 +- docker/local.zeek | 1 - docker/navv-build-for-export.sh | 2 +- docker/navv-docker.sh | 3 ++- setup-env | 2 +- src/navv/commands.py | 2 ++ src/navv/data_types.py | 2 +- src/navv/network_analysis.py | 2 +- src/navv/spreadsheet_tools.py | 2 +- src/navv/utilities.py | 4 +++- 16 files changed, 31 insertions(+), 25 deletions(-) diff --git a/.github/workflows/navv-build-push-ghcr.yml b/.github/workflows/navv-build-push-ghcr.yml index 5766f72..5bbdca4 100644 --- a/.github/workflows/navv-build-push-ghcr.yml +++ b/.github/workflows/navv-build-push-ghcr.yml @@ -17,30 +17,30 @@ jobs: steps: - name: Cancel previous run in progress - uses: styfle/cancel-workflow-action@0.11.0 + uses: styfle/cancel-workflow-action@0.12.1 with: ignore_sha: true all_but_latest: true access_token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Log in to registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . file: ./docker/Dockerfile diff --git a/Makefile b/Makefile index c387b76..7a98292 100644 --- a/Makefile +++ b/Makefile @@ -9,11 +9,11 @@ help: # target: install-develop - Install application for development install-develop: - pip install -e . + python3 -m pip install -e . # target: install - Install production application install: - pip install navv + python3 -m pip install navv # target: generate - Generate analysis excel sheet # optionally set PCAP_PATH to a relative pcap file path diff --git a/README.md b/README.md index 55cc8e8..83c652a 100644 --- a/README.md +++ b/README.md @@ -38,7 +38,7 @@ If you intend to develop the NAVV tool: - Activate your local environment - `source .venv/bin/activate` - Install the project and its dependencies to your local virtual environment - - `pip install -e .` + - `python3 -m pip install -e .` ### Production ### @@ -48,9 +48,9 @@ If you would like to use the NAVV tool, its recommended you install it from PYPI - Install the project using `pip` - The recommended method for installing packages with `pip` is using [User Installs](https://pip.pypa.io/en/stable/user_guide/#user-installs) which installs to a user-specific location rather than system-wide. - install the latest version of NAVV - - `pip install -U navv` + - `python3 -m pip install -U navv` - or install a specific version of NAVV - - example: `pip install -U navv==3.0.1` + - example: `python3 -m pip install -U navv==3.0.1` Verify the NAVV tool has been installed by running `navv` in your console: @@ -128,7 +128,7 @@ See [`docker/README.md`](./docker/README.md) for setup and instructions for runn ## Copyright ## -[NAVV](https://github.com/cisagov/network-architecture-verification-and-validation) is Copyright 2023 Battelle Energy Alliance, LLC, licensed under the BSD-3 Clause License. +[NAVV](https://github.com/cisagov/network-architecture-verification-and-validation) is Copyright 2024 Battelle Energy Alliance, LLC, licensed under the BSD-3 Clause License. See [`LICENSE`](./LICENSE) for the terms of its release. diff --git a/docker/Dockerfile b/docker/Dockerfile index 2dcb36f..7046a01 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,6 +1,6 @@ -FROM ubuntu:kinetic +FROM ubuntu:jammy -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC LABEL maintainer="seth.grover@inl.gov" LABEL org.opencontainers.image.authors='seth.grover@inl.gov' @@ -69,5 +69,7 @@ RUN groupadd --gid ${DEFAULT_GID} ${PUSER} && \ chown ${DEFAULT_UID}:${DEFAULT_GID} /home/${PUSER} /dist && \ chmod 755 /home/${PUSER} /dist +EXPOSE 5000 + # entrypoint to drop privileges to non-privileged user and run navv ENTRYPOINT [ "/usr/local/bin/docker-uid-gid-setup.sh", "/usr/bin/python3", "-m", "navv" ] diff --git a/docker/README.md b/docker/README.md index 299afa1..0585e71 100644 --- a/docker/README.md +++ b/docker/README.md @@ -104,6 +104,6 @@ total 9.4M ``` ## Copyright -[NAVV](https://github.com/cisagov/network-architecture-verification-and-validation) is Copyright 2023 Battelle Energy Alliance, LLC, licensed under the BSD-3 Clause License. +[NAVV](https://github.com/cisagov/network-architecture-verification-and-validation) is Copyright 2024 Battelle Energy Alliance, LLC, licensed under the BSD-3 Clause License. See [`LICENSE`](./LICENSE) for the terms of its release. \ No newline at end of file diff --git a/docker/backup_docker.sh b/docker/backup_docker.sh index 71da746..4917063 100755 --- a/docker/backup_docker.sh +++ b/docker/backup_docker.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC set -e set -o pipefail diff --git a/docker/build_docker.sh b/docker/build_docker.sh index c7c4b48..664405e 100755 --- a/docker/build_docker.sh +++ b/docker/build_docker.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC set -e set -o pipefail diff --git a/docker/local.zeek b/docker/local.zeek index ea591ed..a2e8cb4 100644 --- a/docker/local.zeek +++ b/docker/local.zeek @@ -11,7 +11,6 @@ redef ignore_checksums = T; # redef SOCKS::default_capture_password = T; @load tuning/defaults -@load misc/scan @load frameworks/software/vulnerable @load frameworks/software/version-changes @load frameworks/software/windows-version-detection diff --git a/docker/navv-build-for-export.sh b/docker/navv-build-for-export.sh index c419b68..e9adb50 100755 --- a/docker/navv-build-for-export.sh +++ b/docker/navv-build-for-export.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC set -o pipefail set -u diff --git a/docker/navv-docker.sh b/docker/navv-docker.sh index c066e90..e96f634 100755 --- a/docker/navv-docker.sh +++ b/docker/navv-docker.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC # navv_docker.sh # @@ -186,6 +186,7 @@ $CONTAINER_ENGINE run --rm \ -w /output \ "${MOUNT_ARGS[@]}" \ "$NAVV_DOCKER_IMAGE" \ + generate \ "${IN_ARGS[@]}" \ "${OUT_ARGS[@]}" \ "$CUSTOMER_NAME" diff --git a/setup-env b/setup-env index 3392f60..eb8149c 100755 --- a/setup-env +++ b/setup-env @@ -149,7 +149,7 @@ python3 -m pip install --upgrade pip setuptools wheel # Find a requirements file (if possible) and install for req_file in "requirements-dev.txt" "requirements-test.txt" "requirements.txt"; do if [[ -f $req_file ]]; then - pip install --requirement $req_file + python3 -m pip install --requirement $req_file break fi done diff --git a/src/navv/commands.py b/src/navv/commands.py index a939ebc..8d555b2 100644 --- a/src/navv/commands.py +++ b/src/navv/commands.py @@ -43,6 +43,7 @@ required=False, help="Directory to place resultant analysis files in. Defaults to current working directory.", type=str, + default=os.getcwd(), ) @click.option( "-p", @@ -57,6 +58,7 @@ required=False, help="Path to store or contain zeek log files. Defaults to current working directory.", type=str, + default=os.getcwd(), ) @click.argument("customer_name") def generate(customer_name, output_dir, pcap, zeek_logs): diff --git a/src/navv/data_types.py b/src/navv/data_types.py index 29aa4ca..f04601f 100644 --- a/src/navv/data_types.py +++ b/src/navv/data_types.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC from dataclasses import dataclass, field import netaddr diff --git a/src/navv/network_analysis.py b/src/navv/network_analysis.py index 336e549..e4a5df2 100644 --- a/src/navv/network_analysis.py +++ b/src/navv/network_analysis.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC # python std library imports import pkg_resources diff --git a/src/navv/spreadsheet_tools.py b/src/navv/spreadsheet_tools.py index 8b4b87c..9c3fcf2 100644 --- a/src/navv/spreadsheet_tools.py +++ b/src/navv/spreadsheet_tools.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# Copyright 2023 Battelle Energy Alliance, LLC +# Copyright 2024 Battelle Energy Alliance, LLC import os import itertools diff --git a/src/navv/utilities.py b/src/navv/utilities.py index 99b3e6c..0a60b94 100644 --- a/src/navv/utilities.py +++ b/src/navv/utilities.py @@ -15,7 +15,9 @@ @contextlib.contextmanager def pushd(new_dir): previous_dir = os.getcwd() - if not os.path.isdir(new_dir): + if not new_dir: + new_dir = previous_dir + elif not os.path.isdir(new_dir): os.makedirs(new_dir) os.chdir(new_dir) try: From 63c61aa857c3bd0bb13171bf43eab12f4a184a79 Mon Sep 17 00:00:00 2001 From: Seth Grover Date: Wed, 6 Mar 2024 09:08:05 -0700 Subject: [PATCH 3/3] update publish-to-pypi actions Signed-off-by: Seth Grover --- .github/workflows/publish-to-pypi.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml index 7c75e08..b696056 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-to-pypi.yml @@ -10,9 +10,9 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python 3.10 - uses: actions/setup-python@v4.5.0 + uses: actions/setup-python@v4.7.0 with: python-version: "3.10" - name: Install pypa/build