chore: remove STIG library import during db initialization (#1093)

NUWCDIVNPT · Oct 4, 2023 · 95974f6 · 95974f6
1 parent ca0f0d3
commit 95974f6
Show file tree

Hide file tree

Showing 9 changed files with 2 additions and 167 deletions.
diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md
@@ -8,6 +8,7 @@
 - Copyright 2020-2023 Carl Smigielski, carl.a.smigielski@saic.com
 - Copyright 2020-2023 Christopher Daley, cdaley@rite-solutions.com
 - Copyright 2021 Russell Johnson, russell.d.johnson@saic.com
+- Copyright 2023 Mathew Ferreira, mferreira@rite-solutions.com
 - _Add the copyright date, your name, and email address here. (PLEASE KEEP THIS LINE)_
 
 ## Note for U.S. Federal Employees

diff --git a/api/launchers/stig-manager.bat b/api/launchers/stig-manager.bat
@@ -295,25 +295,7 @@
 ::==============================================================================
 :: set STIGMAN_DOCS_DISABLED=
 
-::==============================================================================
-:: STIGMAN_INIT_IMPORT_SCAP
-::
-::  | Default: "false" | Whether to fetch and import current DISA SCAP content
-::  from public.cyber.mil on initial database migration
-::
-::  Affects: API          
-::==============================================================================
-:: set STIGMAN_INIT_IMPORT_SCAP=
 
-::==============================================================================
-:: STIGMAN_INIT_IMPORT_STIGS
-::
-::  | Default: "false" | Whether to fetch and import the current DISA STIG
-::  Library compilation from public.cyber.mil on initial database migration
-::
-::  Affects: API
-::==============================================================================
-:: set STIGMAN_INIT_IMPORT_STIGS=
 
 ::==============================================================================
 :: STIGMAN_LOG_LEVEL

diff --git a/api/launchers/stig-manager.sh b/api/launchers/stig-manager.sh
@@ -294,25 +294,6 @@
 #==============================================================================
 # export STIGMAN_DOCS_DISABLED=
 
-#==============================================================================
-# STIGMAN_INIT_IMPORT_SCAP
-#
-#  | Default: "false" | Whether to fetch and import current DISA SCAP content
-#  from public.cyber.mil on initial database migration
-#
-#  Affects: API          
-#==============================================================================
-# export STIGMAN_INIT_IMPORT_SCAP=
-
-#==============================================================================
-# STIGMAN_INIT_IMPORT_STIGS
-#
-#  | Default: "false" | Whether to fetch and import the current DISA STIG
-#  Library compilation from public.cyber.mil on initial database migration
-#
-#  Affects: API
-#==============================================================================
-# export STIGMAN_INIT_IMPORT_STIGS=
 
 #==============================================================================
 # STIGMAN_LOG_LEVEL

diff --git a/api/source/index.js b/api/source/index.js
@@ -29,7 +29,6 @@ const fs = require('fs')
 const multer  = require('multer')
 const writer = require('./utils/writer.js')
 const OperationSvc = require(`./service/${config.database.type}/OperationService`)
-const smFetch = require('./utils/fetchStigs')
 const { middleware: openApiMiddleware, resolvers } = require('express-openapi-validator')
 
 // express-openapi-validator does not expose top-level HttpError in their index.js. 
@@ -235,17 +234,7 @@ async function startServer(app) {
       logger.writeError('index', 'shutdown', {message:'Failed to setup dependencies'});
       process.exit(1);  
     }
-
-    if (config.init.importStigs && isNewDb) {
-      try {
-        logger.writeInfo('index', 'starting', {message:'begin to import STIGs'});
-        await smFetch.fetchCompilation()
-      }
-      catch (e) {
-        logger.writeError('index', 'starting', {message:'failed to import STIGs'});
-      }
-    }
-
+
     // Set/change classification if indicated
     if (config.settings.setClassification) {
       await OperationSvc.setConfigurationItem('classification', config.settings.setClassification)

diff --git a/api/source/utils/config.js b/api/source/utils/config.js
@@ -65,9 +65,6 @@ let config = {
             return props          
         }
     },
-    init: {
-        importStigs: process.env.STIGMAN_INIT_IMPORT_STIGS === "true",
-    },
     swaggerUi: {
         enabled: process.env.STIGMAN_SWAGGER_ENABLED === "true", 
         authority: process.env.STIGMAN_SWAGGER_OIDC_PROVIDER || process.env.STIGMAN_SWAGGER_AUTHORITY || process.env.STIGMAN_OIDC_PROVIDER || "http://localhost:8080/auth/realms/stigman", 

diff --git a/api/source/utils/fetchStigs.js b/api/source/utils/fetchStigs.js
diff --git a/docs/installation-and-setup/envvars.csv b/docs/installation-and-setup/envvars.csv
@@ -57,8 +57,6 @@
 | The location of the documentation files, relative to the API source directory. Note that if running source from a clone of the GitHub repository, the docs are located at `../../docs/_build/html` relative to the API directory. ","API, documentation"
 "STIGMAN_DOCS_DISABLED","| **Default** ``false``
 | Whether to *not* serve the project Documentation.  NOTE: If you choose to serve the Client from the API container but not the Documentation, the links do the Docs on the home page will not work. ","Documentation                "
-"STIGMAN_INIT_IMPORT_STIGS","| **Default** ``false``
-| Whether to fetch and import the current DISA STIG Library compilation from public.cyber.mil on initial database migration ","API"
 "STIGMAN_LOG_LEVEL","| **Default** ``3``
 | Controls the granularity of the generated log output, from 1 to 4. Each level is inclusive of the ones before it. Level 1 will log only errors, level 2 includes warnings, level 3 includes status and transaction logs, and level 4 includes debug-level logs","API"
 "STIGMAN_LOG_MODE","| **Default** ``combined``

diff --git a/docs/installation-and-setup/installation-and-setup.rst b/docs/installation-and-setup/installation-and-setup.rst
@@ -249,11 +249,6 @@ It is likely you will have to set at least some of these Environment Variables,
     - STIGMAN_SWAGGER_AUTHORITY
     - STIGMAN_SWAGGER_REDIRECT
 
-STIG Manager can be configured to download and import the latest STIG library on first startup. These options require access to `https://public.cyber.mil <https://public.cyber.mil/stigs/>`_ to complete. STIGs can also be imported manually. Enable this function by setting this Variable to "true":
-
-  * STIGMAN_INIT_IMPORT_STIGS
-
-
 Additional Suggested Configuration
 =======================================
 

diff --git a/docs/the-project/DockerHub_Readme.md b/docs/the-project/DockerHub_Readme.md
@@ -57,7 +57,6 @@ services:
       - STIGMAN_CLASSIFICATION=U
       - STIGMAN_DB_HOST=db
       - STIGMAN_DB_PASSWORD=stigman
-      - STIGMAN_INIT_IMPORT_STIGS=true
       # Change envvar below if non-localhost browsers will access the API
       - STIGMAN_CLIENT_OIDC_PROVIDER=http://localhost:8080/realms/stigman
       # Customize the Welcome widget on the Home tab
@@ -78,7 +77,6 @@ $ docker-compose up -d && docker-compose logs -f
 ```
 - STIG Manager will wait for MySQL and Keycloak to become ready
 - When MySQL is ready, STIG Manager will perform an initial migration and create the necessary schema objects.
-- STIG Manager will then connect to [DoD Cyber Exchange](https://public.cyber.mil) and import the latest STIG Library Compilation and any available SCAP content.
 - When STIG Manager is ready to handle requests, it will output a JSON log entry similar to:
 ```
 {"date":"2022-02-18T18:25:50.749Z","level":3,"component":"index","type":"started","data":{"durationS":0.956811184,"port":"54000","api":"/api","client":"/","documentation":"/docs","swagger":"/api-docs"}}