Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CMP-2459: PCI-DSS 4 Requirement 7 #12090

Merged
merged 3 commits into from
Jun 27, 2024
Merged

CMP-2459: PCI-DSS 4 Requirement 7 #12090

merged 3 commits into from
Jun 27, 2024

Conversation

yuumasato
Copy link
Member

Description:

  • 7.1 - not applicable
    Managing and protecting access to card holder data is a responsibility of the payment entity.
  • 7.2 - inherently met based on the single requirement that is applicable
    Assessing whether a user has legit access need to a system componetn is resposibility of the payment entity.
  • 7.3 - inherently met
    OpenShift supports and enforces RBAC by default.

@yuumasato yuumasato added OpenShift OpenShift product related. pci-dss labels Jun 25, 2024
@yuumasato yuumasato requested a review from rhmdnd June 25, 2024 14:02
@github-actions GitHub Actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions GitHub Actions
Copy link

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12090
This image was built from commit: f786e0b

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12090

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12090 make deploy-local

@codeclimate CodeClimate
Copy link

codeclimate bot commented Jun 25, 2024

Code Climate has analyzed commit f786e0b and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

rhmdnd
rhmdnd approved these changes Jun 25, 2024
View reviewed changes
Copy link
Collaborator

@rhmdnd rhmdnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@xiaojiey
Copy link
Collaborator

/hold for review

@openshift-ci openshift-ci bot added the do-not-merge/hold Used by openshift-ci-robot bot. label Jun 26, 2024
@xiaojiey
Copy link
Collaborator

/hold for test

@xiaojiey
Copy link
Collaborator

/lgtm

@xiaojiey
Copy link
Collaborator

Verification pass with ghcr.io/complianceascode/k8scontent:12090:

% oc get ccr | grep roles-defined
upstream-ocp4-pci-dss-4-0-rbac-cluster-roles-defined                                           PASS     medium
upstream-ocp4-pci-dss-4-0-rbac-roles-defined                                                   PASS     medium

@xiaojiey
Copy link
Collaborator

/unhold

@openshift-ci openshift-ci bot removed the do-not-merge/hold Used by openshift-ci-robot bot. label Jun 26, 2024
@rhmdnd rhmdnd merged commit eaf79f5 into ComplianceAsCode:master Jun 27, 2024
90 of 93 checks passed
@jan-cerny jan-cerny added this to the 0.1.74 milestone Jun 28, 2024
@yuumasato yuumasato deleted the pcidss_4_req_7 branch July 2, 2024 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rhmdnd rhmdnd rhmdnd approved these changes

@xiaojiey xiaojiey Awaiting requested review from xiaojiey

@BhargaviGudi BhargaviGudi Awaiting requested review from BhargaviGudi

Assignees

@rhmdnd rhmdnd

Labels
OpenShift OpenShift product related. pci-dss
Projects
None yet
Milestone
0.1.74
Development

Successfully merging this pull request may close these issues.
4 participants
@yuumasato @xiaojiey @rhmdnd @jan-cerny