Use control files to generate references #11594
Conversation
jan-cerny
added
enhancement
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
This test tests if a rule.yml contains the specific references. We started to generated these reference types from control files therefore they stop being present in rule.ymls and we can't use this test.
jan-cerny
force-pushed
the
reference_removal
branch
from
c200553
to
7ab2ade
Compare
|
Code Climate has analyzed commit 7ab2ade and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 58.3% (0.0% change). View more on Code Climate. |
|
/packit retest-failed |
1 similar comment
|
/packit retest-failed |
| @@ -22,8 +22,6 @@ severity: medium | |||
| identifiers: | |||
| cce@rhel7: CCE-80548-1 | |||
|
|
|||
| references: | |||
| stigid: WA00612 | |||
There was a problem hiding this comment.
I think yes, because they don't correspond to any of the STIG profiles that we have in our project.
There was a problem hiding this comment.
I proposed a similar thing in 1ad84d6
| ssg_refcheck_test("rhel9" "ccn_basic" "ccn") | ||
| ssg_refcheck_test("rhel9" "ccn_advanced" "ccn") | ||
| # This exclude can be removed once enable_authselect has a stigid | ||
| ssg_refcheck_test("rhel9" "stig" "stigid" "enable_authselect") |
There was a problem hiding this comment.
Maybe it makes sense to start testing these references are in the final built data stream?
There was a problem hiding this comment.
Sorry for the post merge comment, @jan-cerny @Mab879
There was a problem hiding this comment.
For some products, there are CTest tests "verify-references-ssg-${PRODUCT}-ds.xml" and "missing-references-ssg-${PRODUCT}-ds.xml". I think we can extend them.
Mab879
added
New Feature
Description:
We will use control files to automatically assign references to rules for these policies:
Consequently, we will remove the test testing that the rule.yml files in git contain the references to these policies.
Rationale:
reduce data duplication, improve consistency
Review Hints:
Build
rhel9product, then review some of resolved rules and check if the referencesccn,stigidandpcidss4refer to the correct sections of respective control files.