Updated OCI Security Health Check - Standard Edition for CIS OCI Foundation Benchmark 3.0.0

Author: oheimburger

security/security-design/shared-assets/oci-security-health-check-standard/README.md

@@ -2,7 +2,7 @@
 
 Owner: Olaf Heimburger
 
-Version: 250530 (cis_report.py version 3.0.0) for CIS OCI Foundation Benchmark 3.0.0
+Version: 250530 (cis_report.py version 3.0.0.4) for CIS OCI Foundation Benchmark 3.0.0
 
 # Introduction
 ![Flyer](./files/resources/OCI_Security_Health_Check_Standard.png)

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/README.md

@@ -2,7 +2,7 @@
 
 Owner: Olaf Heimburger
 
-Version: 250530 (cis_report.py version 3.0.0) for CIS OCI Foundation Benchmark 3.0.0
+Version: 250530 (cis_report.py version 3.0.0.4) for CIS OCI Foundation Benchmark 3.0.0
 
 ## When to use this asset?
 
@@ -343,7 +343,11 @@ The report results are summarized in two files:
 
 ## Known Issues
 
-No known issues.
+1. Python 3.8 is not supported anymore.
+   OCI Cloud Shell is the minimal required environment. The Python version used in OCI Cloud Shell is 3.9.
+2. Diagrams are not part of the HTML page.
+   This may be because of broken `numpy installation`. The following command should resolve this:
+   `pip3 install --upgrade --force-reinstall --user numpy`
 
 ## Credits
 

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/README.txt

@@ -2,7 +2,7 @@
 OCI Security Health Check - Standard Edition
 ============================================
 Owner: Olaf Heimburger
-Version: 250530 (cis_report.py version 3.0.0)  for CIS OCI Foundation Benchmark 3.0.0
+Version: 250530 (cis_report.py version 3.0.0.4)  for CIS OCI Foundation Benchmark 3.0.0
 
 When to use this asset?
 
@@ -221,7 +221,11 @@ Usage
 
 5 Known Issues
 
-No known issues.
+1. Python 3.8 is not supported anymore.
+   OCI Cloud Shell is the minimal required environment. The Python version used in OCI Cloud Shell is 3.9.
+2. Diagrams are not part of the HTML page.
+   This may be because of broken `numpy installation`. The following command should resolve this:
+   `pip3 install --upgrade --force-reinstall --user numpy`
 
 6 Credits
 

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/requirements.txt

@@ -3,7 +3,7 @@ pytz
 pandas
 openpyxl>=3.1.5
 pyyaml>=6.0
-oci>=2.147.0
+oci>=2.152.1
 requests
 matplotlib
 numpy

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/scripts/cis_reports/cis_reports.py

@@ -134,27 +134,38 @@ make_env() {
     if [ ! -d ${PYTHON_ENV} ]; then
         ${PYTHON_CMD} -m venv ${PYTHON_ENV}
     fi
-    ENV_STAMP="${PYTHON_ENV}/.ready${VERSION}"
-    if [ ! -e ${ENV_STAMP} ]; then
-        PIP_OPTS="-q --no-warn-script-location"
-        if [ -d ${PYTHON_ENV} ]; then
-            source ${PYTHON_ENV}/bin/activate
-            PYTHON_CMD=$(which python3)
-            ${PYTHON_CMD} -m pip install pip --upgrade ${PIP_OPTS}
-        fi
-
-        printf "INFO: Checking for required libraries...\n"
-        ${PYTHON_CMD} -m pip install ${PIP_OPTS} -r ${ASSESS_DIR}/requirements.txt
-        if [ $? -gt 0 ]; then
-            printf "ERROR: Permissions to install the required libraries are missing.\n"
-            printf "ERROR: Please check with your OCI administrator.\n"
-            exit 1
-        else
-            touch ${ENV_STAMP}
-        fi
-    else
-        printf "INFO: Using installed libraries...\n"
+    # ENV_STAMP="${PYTHON_ENV}/.ready${VERSION}"
+    # if [ ! -e ${ENV_STAMP} ]; then
+    #     PIP_OPTS="-q --no-warn-script-location"
+    #     if [ -d ${PYTHON_ENV} ]; then
+    #         source ${PYTHON_ENV}/bin/activate
+    #         PYTHON_CMD=$(which python3)
+    #         ${PYTHON_CMD} -m pip install pip --upgrade ${PIP_OPTS}
+    #     fi
+    #     printf "INFO: Checking for required libraries...\n"
+    #     ${PYTHON_CMD} -m pip install ${PIP_OPTS} -r ${ASSESS_DIR}/requirements.txt
+    #     if [ $? -gt 0 ]; then
+    #         printf "ERROR: Permissions to install the required libraries are missing.\n"
+    #         printf "ERROR: Please check with your OCI administrator.\n"
+    #         exit 1
+    #     else
+    #         touch ${ENV_STAMP}
+    #     fi
+    # else
+    #     printf "INFO: Using installed libraries...\n"
+    # fi
+    PIP_OPTS="-q --no-warn-script-location"
+    if [ -d ${PYTHON_ENV} ]; then
+        source ${PYTHON_ENV}/bin/activate
+        PYTHON_CMD=$(which python3)
+        ${PYTHON_CMD} -m pip install pip --upgrade ${PIP_OPTS}
     fi
+    printf "INFO: Checking for required libraries...\n"
+    ${PYTHON_CMD} -m pip install ${PIP_OPTS} -r ${ASSESS_DIR}/requirements.txt
+    if [ $? -gt 0 ]; then
+        printf "ERROR: Permissions to install the required libraries are missing.\n"
+        printf "ERROR: Please check with your OCI administrator.\n"
+        exit 1
 }
 
 check_shasum() {

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/standard.sh

@@ -1 +1 @@
-09b6436a44408b1a777bfc967455634a1cbeeda3d9335be89a49cf6fabf7c601379f8187f33c928bd4b885347f1feabd106c1b2dcb3763012b1a38e593aa3dba  oci-security-health-check-standard-250530.zip
+9ac43507f5108f957fcbcdced5a2130e53e6205234867336e33ffe47852f4af18720a23a2d774bbe6abe5a0ca917d911626d8e4e7688959ab6a0f5eb59960abc  oci-security-health-check-standard-250530.zip

security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-250530.sha512

@@ -1 +1 @@
-4bdc391730d3e5e06bd863998c534579ee98ff3325f16ae0a1a7b2b269cec6ba  oci-security-health-check-standard-250530.zip
+8ce90a4fea78cec2656a51806e8b80601429f15409b3ead9f47128aabaf25e2f  oci-security-health-check-standard-250530.zip