Convert to fact hash command and remove fact decrypt. Closes #251. (#252

) * Convert to fact hash command and remove fact decrypt. Closes #251. * Remove redact command as well. * change to using a sha256 hash.
quipucords · Aug 31, 2017 · 6211ff8 · 6211ff8
1 parent abbc095
commit 6211ff8
Show file tree

Hide file tree

Showing 8 changed files with 72 additions and 423 deletions.
diff --git a/README.rst b/README.rst
@@ -115,7 +115,11 @@ These python packages are required for the rho install machine to run rho:
  * json
  * subprocess
  * xmlrpclib
- * ansible.module_utils.basic
+ * ansible
+ * pexpect
+ * future
+ * sh
+ * pyxdg
 
 The following python packages are required to build & test rho from source:
  * python-devel
@@ -126,6 +130,10 @@ The following python packages are required to build & test rho from source:
  * flake8
  * pylint
  * Coverage
+ * enum34
+ * configparser
+ * six
+ * docutils
 
 -------------
 Installation
@@ -140,8 +148,7 @@ You can find the appropriate architecture and version on the `EPEL wiki <https:/
 2. Next, add the COPR repo to your server.
 You can find the appropriate architecture and version on the `COPR rho page <https://copr.fedorainfracloud.org/coprs/chambridge/rho/>`_::
 
-  cd /etc/yum.repos.d/
-  wget https://copr.fedorainfracloud.org/coprs/chambridge/rho/repo/epel-7/chambridge-rho-epel-7.repo
+  wget -O /etc/yum.repos.d/chambridge-rho-epel-7.repo https://copr.fedorainfracloud.org/coprs/chambridge/rho/repo/epel-7/chambridge-rho-epel-7.repo
 
 3. Then, install the rho package:
 
@@ -167,11 +174,9 @@ There are four rho commands:
  * ``show`` - to display a specific entry
  * ``list`` - to display one or more entries
 
- ``fact`` has four subcommands:
+ ``fact`` has two subcommands:
    * ``list`` - to display the list of facts that can be scanned
-   * ``redact`` - to remove sensitive facts from a scanned report
-   * ``encrypt`` - to encrypt sensitive facts within report
-   * ``decrypt`` - to decrypt sensitive facts within report
+   * ``hash`` - to hash sensitive facts within report
 
 The complete list of options for each command and subcommand are listed in the
 rho manpage with other usage examples. The common options are listed with the

diff --git a/doc/command_syntax_usage.rst b/doc/command_syntax_usage.rst
@@ -18,11 +18,9 @@ There are four rho commands:
  * ``show`` - to display a specific entry
  * ``list`` - to display one or more entries
 
-``fact`` has three subcommands:
+``fact`` has two subcommands:
   * ``list`` - to display the list of facts that can be scanned
-  * ``redact`` - to remove sensitive facts from a scanned report
-  * ``encrypt`` - to encrypt sensitive facts within report
-  * ``decrypt`` - to decrypt sensitive facts within report
+  * ``hash`` - to hash sensitive facts within report
 
 The complete list of options for each command and subcommand are listed in the
 rho manpage with other usage examples. The common options are listed with the

diff --git a/doc/rho.1 b/doc/rho.1
@@ -327,14 +327,14 @@ A list of facts that can be gathered during the scanning process can be obtained
 Optionally, provide a filter view of the list of facts with a regular expression -- e.g 'uname.*'.
 .PP
 .B
-Redacting Facts
+Hashing Facts
 .PP
-Sensitive facts can be removed from a report CSV file using the 'redact' command. The facts that are removed with this command are:
+Sensitive facts can be encrypted within a report CSV file using the 'hash' command. The facts that are hashed with this command are:
 .I connection.host, connection.port, uname.all,
 and
 .I uname.hostname.
 .PP
-.B rho fact redact
+.B rho fact hash
 .B --reportfile=
 .I file
 .B [--outputfile=
@@ -343,53 +343,7 @@ and
 .PP
 .TP
 --reportfile=file
-The path and filename of the comma-separated values (CSV) file to read from.
-.PP
-.TP
---outputfile=path
-The path and filename of the comma-separated values (CSV) file to be written.
-.PP
-.B
-Encrypting Facts
-.PP
-Sensitive facts can be encrypted within a report CSV file using the 'encrypt' command. The command will prompt for a password to encrypt values and should be used when decrypting these values. The password does not have to be the same as the rho vault password. The facts that are encrypted with this command are:
-.I connection.host, connection.port, uname.all,
-and
-.I uname.hostname.
-.PP
-.B rho fact encrypt
-.B --reportfile=
-.I file
-.B [--outputfile=
-.I path
-.B ]
-.PP
-.TP
---reportfile=file
-The path and filename of the comma-separated values (CSV) file to alter.
-.PP
-.TP
---outputfile=path
-The path and filename of the comma-separated values (CSV) file to be written.
-.PP
-.B
-Decrypting Facts
-.PP
-Sensitive facts can be decrypted within a report CSV file using the 'decrypt' command. The command will prompt for a password to decrypt values and should be the same that was used when encrypting these values. The facts that are decrypted with this command are:
-.I connection.host, connection.port, uname.all,
-and
-.I uname.hostname.
-.PP
-.B rho fact decrypt
-.B --reportfile=
-.I file
-.B [--outputfile=
-.I path
-.B ]
-.PP
-.TP
---reportfile=file
-The path and filename of the comma-separated values (CSV) file to alter.
+The path and filename of the comma-separated values (CSV) file to read.
 .PP
 .TP
 --outputfile=path

diff --git a/rho/cli.py b/rho/cli.py
@@ -28,9 +28,7 @@
 from rho.authlistcommand import AuthListCommand  # noqa
 from rho.authshowcommand import AuthShowCommand  # noqa
 from rho.factlistcommand import FactListCommand  # noqa
-from rho.factredactcommand import FactRedactCommand  # noqa
-from rho.factencryptcommand import FactEncryptCommand  # noqa
-from rho.factdecryptcommand import FactDecryptCommand  # noqa
+from rho.facthashcommand import FactHashCommand  # noqa
 from rho.profileaddcommand import ProfileAddCommand  # noqa
 from rho.profileclearcommand import ProfileClearCommand  # noqa
 from rho.profileeditcommand import ProfileEditCommand  # noqa

diff --git a/rho/factdecryptcommand.py b/rho/factdecryptcommand.py