Add schema

2017-02-13 12:01:05 +01:00 · 2017-02-13 12:01:05 +01:00 · 94290cfaa9
parent 178faf2adc
commit 94290cfaa9
12 changed files with 85 additions and 24 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -7,26 +7,22 @@ sudo: required
 dist: trusty

 python:
-    - "2.7"
-    - "3.3"
    - "3.4"
    - "3.5"
    - "3.5-dev"
+    - "3.6"
+    - "3.6-dev"
    - "nightly"

 install:
-    - git clone https://github.com/stedolan/jq.git
-    - pushd jq
-    - autoreconf -i
-    - ./configure --disable-maintainer-mode
-    - make
-    - sudo make install
-    - popd
+    - sudo apt-get update -qq
+    - sudo apt-get install -y -qq jq moreutils
+    - pip install jsonschema
    - git clone https://github.com/MISP/PyTaxonomies.git
    - pushd PyTaxonomies
    - pip install .
    - popd

 script:
-    - cat */*.json | jq .
+    - ./validate_all.sh
    - pytaxonomies -l MANIFEST.json -a
--- a/PAP/machinetag.json
+++ b/PAP/machinetag.json
@ -24,6 +24,5 @@
      "expanded": "(PAP:WHITE) No restrictions in using this information.",
      "colour": "#ffffff"
    }
-  ],
-  "values": null
+  ]
 }
--- a/diamond-model/machinetag.json
+++ b/diamond-model/machinetag.json
@ -21,6 +21,5 @@
      "value": "Victim",
      "expanded": "A victim is the target of the adversary and against whom vulnerabilities and exposures are exploited and capabilities used. A victim can be described in whichever way necessary and appropriate: organization, person, target email address, IP address, domain, etc. However, it is useful to define the victim persona and their assets separately as they serve different analytic functions. Victim personae are useful in non-technical analysis such as cyber-victimology and social-political centered approaches whereas victim assets are associated with common technical approaches such as vulnerability analysis.."
    }
-  ],
-  "values": null
+  ]
 }
--- a/euci/machinetag.json
+++ b/euci/machinetag.json
@ -23,6 +23,5 @@
      "expanded": "RESTREINT UE/EU RESTRICTED",
      "description": "Information and material the unauthorised disclosure of which could be disadvantageous to the interests of the European Union or of one or more of the Member States."
    }
-  ],
-  "values": null
+  ]
 }
--- a/europol-event/machinetag.json
+++ b/europol-event/machinetag.json
@ -234,6 +234,5 @@
      "expanded": "Undetermined",
      "description": "Field aimed at the classification of unprocessed events, which have remained undetermined from the beginning."
    }
-  ],
-  "values": null
+  ]
 }
--- a/information-security-indicators/machinetag.json
+++ b/information-security-indicators/machinetag.json
@ -1,7 +1,7 @@
 {
  "namespace": "information-security-indicators",
  "description": "A full set of operational indicators for organizations to use to benchmark their security posture.",
-  "version": "1",
+  "version": 1,
  "predicates": [
    {
      "value": "IEX",
@ -582,4 +582,4 @@
      ]
    }
  ]
-}
+}
--- a/jq_all_the_things.sh
+++ b/jq_all_the_things.sh
@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+set -x
+
+# Seeds sponge, from moreutils
+
+for dir in ./*/list.json
+do
+    cat ${dir} | jq . | sponge ${dir}
+done
+
+cat schema.json | jq . | sponge schema.json
+cat MANIFEST.json | jq . | sponge MANIFEST.json
--- a/kill-chain/machinetag.json
+++ b/kill-chain/machinetag.json
@ -32,6 +32,5 @@
      "value": "Actions on Objectives",
      "expanded": "Only now, after progressing through the first six phases, can intruders take actions to achieve their original objectives. Typically, this objective is data exfiltration which involves collecting, encrypting and extracting information from the victim environment; violations of data integrity or availability are potential objectives as well. Alternatively, the intruders may only desire access to the initial victim box for use as a hop point to compromise additional systems and move laterally inside the network."
    }
-  ],
-  "values": null
+  ]
 }
--- a/rt_event_status/machinetag.json
+++ b/rt_event_status/machinetag.json
@ -1,7 +1,7 @@
 {
  "namespace": "rt_event_status",
  "description": "Status of events used in Request Tracker.",
-  "version": "1.0",
+  "version": 1,
  "predicates": [
    {
      "value": "event-status",
--- a/schema.json
+++ b/schema.json
@ -0,0 +1,36 @@
+{
+  "$schema": "http://json-schema.org/schema#",
+  "title": "Validator for misp-taxonomies",
+  "id": "https://www.github.com/MISP/misp-taxonomies/schema.json",
+  "type": "object",
+  "properties": {
+    "namespace": {
+      "type": "string"
+    },
+    "description": {
+      "type": "string"
+    },
+    "version": {
+      "type": "integer"
+    },
+    "predicates": {
+      "type": "array",
+      "uniqueItems": true,
+      "items": {
+        "type": "object"
+      }
+    },
+    "values": {
+      "type": "array",
+      "uniqueItems": true,
+      "items": {
+        "type": "object"
+      }
+    }
+  },
+  "required": [
+    "namespace",
+    "description",
+    "version"
+  ]
+}
--- a/tlp/machinetag.json
+++ b/tlp/machinetag.json
@ -1,5 +1,4 @@
 {
-  "values": null,
  "predicates": [
    {
      "colour": "#CC0033",
--- a/validate_all.sh
+++ b/validate_all.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -e
+set -x
+
+./jq_all_the_things.sh
+
+diffs=`git status --porcelain | wc -l`
+
+if ! [ $diffs -eq 1 ]; then
+	echo "Please make sure you run ./jq_all_the_things.sh before commiting."
+	exit 1
+fi
+
+for dir in */machinetag.json
+do
+  echo -n "${dir}: "
+  jsonschema -i ${dir} schema.json
+  echo ''
+done
+