v1.1 Updated Help Documentation and scripts

README.md

@@ -43,6 +43,7 @@ If you want to run on AWS EKS, you can see the Helm Chart and Kubernetes specifi
 - [x] Exporting of various charts for download to PNG
 - [x] Filter Vulnerabilities on the Checklist page by status 
 - [x] *Live Editing of Checklist data through the web browser*
+- [x] Bulk Edits of Vulnerabilities across similar checklist types within your System grouping
 - [x] Filter vulnerabilities for your Compliance listing based on major controls
 - [x] Exporting your list of checklists and their score by status and category to MS Excel 
 - [x] Metrics exported to Prometheus for API endpoints and NATS messaging, quickly display in Grafana

deployments/chart/openrmf/Chart.yaml

@@ -13,5 +13,5 @@ maintainers:
   - name: David Gould
     email: [email protected]
 engine: gotpl 
-appVersion: 1.0
+appVersion: 1.1
 deprecated: false

deployments/chart/openrmf/templates/auditdb.yaml

@@ -67,7 +67,7 @@ spec:
     spec:
       containers:
       - name: openrmf-auditdb
-        image: mongo:{{.Values.mongoImage}}
+        image: cingulara/mongo:{{.Values.mongoImage}}
         ports:
         - containerPort: 27017
         env:

deployments/chart/openrmf/templates/checklistdb.yaml

@@ -69,7 +69,7 @@ spec:
     spec:
       containers:
       - name: openrmf-checklistdb
-        image: mongo:{{.Values.mongoImage}}
+        image: cingulara/mongo:{{.Values.mongoImage}}
         ports:
         - containerPort: 27017
         env:

deployments/chart/openrmf/templates/reportdb.yaml

@@ -77,7 +77,7 @@ spec:
     spec:
       containers:
       - name: openrmf-reportdb
-        image: mongo:{{.Values.mongoImage}}
+        image: cingulara/mongo:{{.Values.mongoImage}}
         ports:
         - containerPort: 27017
         env:

deployments/chart/openrmf/templates/scoredb.yaml

@@ -67,7 +67,7 @@ spec:
     spec:
       containers:
       - name: openrmf-scoredb
-        image: mongo:{{.Values.mongoImage}}
+        image: cingulara/mongo:{{.Values.mongoImage}}
         ports:
         - containerPort: 27017
         env:

deployments/chart/openrmf/templates/templatedb.yaml

@@ -67,7 +67,7 @@ spec:
     spec:
       containers:
       - name: openrmf-templatedb
-        image: mongo:{{.Values.mongoImage}}
+        image: cingulara/mongo:{{.Values.mongoImage}}
         ports:
         - containerPort: 27017
         env:

deployments/chart/openrmf/values.yaml

@@ -25,26 +25,26 @@ installType: minikube
 
 # versions of container to adjust
 # examples: 0.8, 0.8.1, latest
-auditImage: 1.0
-auditmsgImage: 1.0
-checklistmsgImage: 1.0
-complianceImage: 1.0
-compliancemsgImage: 1.0
-controlImage: 1.0
-controlmsgImage: 1.0
-readImage: 1.0
-saveImage: 1.0
-scoremsgImage: 1.0
-scoringImage: 1.0
-templateImage: 1.0
-templatemsgImage: 1.0
-uploadImage: 1.0
-systemmsgImage: 1.0
-webuiImage: 1.0
-reportImage: 1.0
-reportmsgImage: 1.0
-mongoImage: 4.0.5
-natsImage: 2.1.2-linux
+auditImage: 1.01.01
+auditmsgImage: 1.01.01
+checklistmsgImage: 11.01.01
+complianceImage: 1.01.01
+compliancemsgImage: 1.01.01
+controlImage: 1.01.01
+controlmsgImage: 1.01.01
+readImage: 1.01.01
+saveImage: 1.01.01
+scoremsgImage: 1.01.01
+scoringImage: 1.01.01
+templateImage: 1.01.01
+templatemsgImage: 1.01.01
+uploadImage: 1.01.01
+systemmsgImage: 1.01.01
+webuiImage: 1.01.01
+reportImage: 1.01.01
+reportmsgImage: 1.01.01
+mongoImage: 4.2.7-nonroot
+natsImage: 2.1.7-linux
 
 # storage class name for PVC
 # examples: standard, gp2, ebs-sc, efs-sc

docs/checklists.md

@@ -27,4 +27,9 @@ With the 0.12 version OpenRMF, if you are an Editor or Administrator (role) you
 
 You also can edit each Vulnerability record with those roles. The following fields in the image below can be edited. Once saved, the data in the checklist is updated and the score is recalculated for the checklist and subsequently the system. 
 
-![OpenRMF Edit Checklist Vulnerability Details](/assets/checklist-edit-vulnerability.png)
+![OpenRMF Edit Checklist Vulnerability Details](/assets/checklist-edit-vulnerability.png)
+
+## Bulk Edits on Similar Checklists
+As of version 1.1 you also can do a Bulk Edit on checklists within your system. This allows an edit on one checklist to be applied across all other checklists with the same Checklist Type within your system. i.e. an edit on Windows 2016 Member Server for a vulnerability to mark it as "Not a Finding" based on a group policy can be edited and then applied across all the Win2k16 checklists in your system with a click of a checkbox.
+
+This is a *big improvement* as it allows easy managing of multiple servers and checklists on hosts that are the same within your system. You must have a checklist per type per host for the RMF process artifacts. This allows much easier managing of similar hosts and workstations / servers in your system grouping.

docs/index.md

@@ -35,6 +35,7 @@ Some of the high level features are below:
 * Single source of truth for your system checklists
 * Single source of truth for your latest Nessus patch scans
 * Live online editing of your checklist through your web browser with auditing of the changes
+* Bulk editing of Vulnerabilities across similar Checklist Types within a System
 * One-click creation of your POA&M for your entire system (all servers, devices, SCAP scans, manual checklists)
 * One-click creation of your Risk Assessment Report (RAR) for your entire system (all servers, devices, SCAP scans, manual checklists)
 * One-click creation of your Test Plan Summary for your entire system (all servers, devices, SCAP scans, manual checklists)

docs/metrics.md

@@ -15,17 +15,17 @@ you can set it and forget it.
 ## .NET Core Default Metrics
 Once you have Prometheus setup, you can use the https://grafana.com/grafana/dashboards/10427 to display .NET Core metrics like the below chart. 
 
-![Image](/assets/metrics-aspnet-core-default.png?raw=true)
+![Default Metrics](/assets/metrics-aspnet-core-default.png)
 
 ## .NET Core API Controller Metrics
 Once you have Prometheus setup, you can use the https://grafana.com/grafana/dashboards/10915 to display .NET Core metrics like the below chart. 
 
-![Image](/assets/metrics-api-controller-summary.png?raw=true)
+![API Metrics](/assets/metrics-api-controller-summary.png)
 
 ## NATS Server Metrics
 Once you have Prometheus setup and you deploy the container for https://github.com/nats-io/prometheus-nats-exporter, you can use the https://grafana.com/grafana/dashboards/2279 to display NATS Server Core metrics like the below chart. 
 
-![Image](/assets/metrics-nats-server.png?raw=true)
+![NATS Server Metrics](/assets/metrics-nats-server.png)
 
 ## NATS Client Connection Metrics
 I made a NATS metrics dashboard at https://github.com/Cingulara/nats-client-metrics that goes down to the client level. The default 

docs/whatsnew.md

@@ -1,21 +1,31 @@
 ---
-title: What's New in v1.0
+title: What's New in v1.1
 nav_order: 2
 ---
 
 # What's New with OpenRMF
 
 Please refer to the <a href="https://github.com/Cingulara?tab=projects" target="_blank">OpenRMF Projects listing on GitHub</a> for more information on feature updates and timeline.
 
+## Version 1.1
+Version 1.1 was a security fix primarily with some updated functionality as outlined below:
+* Rootless containers for APIs, messages, NGINX, and MongoDB databases
+* Updated jQuery, File Upload, Bootstrap and other JS components
+* Security Fixes from an active scan of the web application 
+* Upload an existing checklist for a given checklist type and host = update the info (it was just duplicating the information)
+* Allow Bulk Edits on Vulnerabilities across similar checklist types within a System grouping
+* Container "restart: always" on the Docker Compose file
+* All CSS, HTML, JS are local not reaching out over the public Internet
+
 ## Version 1.0
 
-The latest working version is version 1.0 of OpenRMF Core. The recent updates on that are below:
+Version 1.0 of OpenRMF Core has these updates below:
 * Fixing a bug on the Web UI updating Vulnerabilities via the web form in a checklist
 * Updating the version descriptions to 1.0 throughout the codebase
 
 ## Version 0.15
 
-The latest working version is version 0.15 and is the last update before going to version 1.0 of OpenRMF Core. The recent updates on that are below:
+Version 0.15 is the last update before going to version 1.0 of OpenRMF Core. The recent updates on that are below:
 * Migrating the Web UI and all APIs behind NGINX for a single port 8080
 * Automatically updating the checklist score on the page when editing a vulnerability status
 * Various small bug fixes

scripts/docker-compose.yml

@@ -514,7 +514,7 @@ services:
       - openrmf
 
   prometheus:
-    image: prom/prometheus:2.19.2
+    image: prom/prometheus:v2.19.2
     container_name: prometheus
     command:
       - '--config.file=/etc/prometheus/prometheus.yml'

scripts/local/docker-compose.yml

@@ -60,7 +60,7 @@ services:
       - openrmf-local
 
   prometheus:
-    image: prom/prometheus:2.19.2
+    image: prom/prometheus:v2.19.2
     container_name: prometheus
     command:
       - '--config.file=/etc/prometheus/prometheus.yml'

scripts/local/local-dev-images.yml

@@ -496,7 +496,7 @@ services:
       - openrmf
 
   prometheus:
-    image: prom/prometheus:2.19.2
+    image: prom/prometheus:v2.19.2
     container_name: prometheus
     command:
       - '--config.file=/etc/prometheus/prometheus.yml'