Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow multiple control files to add the same reference type #12165

Merged
merged 1 commit into from
Jul 17, 2024
Merged

Allow multiple control files to add the same reference type #12165

merged 1 commit into from
Jul 17, 2024

Conversation

yuumasato
Copy link
Member

@yuumasato yuumasato commented Jul 16, 2024
edited
Loading

Description:

  • Track references added by control files in Rule.control_references
  • After everything is compiled by (compile_all.py), the Rule.control_references is merged into Rule.references.
    This still allows us to ensure that references are not cross added from rules and control files.
    To test this add, for example, bsi: APP.4.4.A9 to any OCP rule.
  • With this commit, the references added by the control file are tracked separately from the references loaded from the rule.yml. This allows us to differentiate references coming from the rule, and references coming from the control file.

Rationale:

  • The build system is currently limited to a single ref type per control file. Two control files cannot add the same reference type.

Review Hints:

  • Checkout this PR Add Notes and Controls for SYS.1.6.A1-A4 #12161
    gh co 12161
  • Cherry-pick this commit:
    git cherry-pick 927aeafe9f6f129c993191ecf140c88d5b0b0796
  • Build OCP4 product
    ./build_product -d ocp4
  • Check that Rule general_namespace_separation has two BSI references:
             <xccdf-1.2:reference href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf">APP.4.4.A1</xccdf-1.2:reference>
             <xccdf-1.2:reference href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf">SYS.1.6.A3</xccdf-1.2:reference>

@yuumasato yuumasato requested a review from Mab879 July 16, 2024 14:16
@github-actions GitHub Actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 16, 2024
edited
Loading

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12165
This image was built from commit: 927aeaf

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12165

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12165 make deploy-local

@yuumasato yuumasato force-pushed the add_references_from_multiple_control_files branch from 115f3fc to 4246142 Compare July 16, 2024 16:54
@yuumasato yuumasato requested a review from jan-cerny July 16, 2024 16:59
@yuumasato
Allow multiple control files to add same ref type
927aeaf 
The build system is currently limited to a single ref type per control
file. Two cotnrol files cannot add the same reference type.

With this commit, the references added by the control file are tracked
separately from the references loaded from the rule.yml.
This allows us to differentiate references coming from the rule, and
references coming from the control file.
@yuumasato yuumasato force-pushed the add_references_from_multiple_control_files branch from 4246142 to 927aeaf Compare July 16, 2024 17:00
@codeclimate CodeClimate
Copy link

codeclimate bot commented Jul 16, 2024

Code Climate has analyzed commit 927aeaf and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 93.3% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

@Mab879 Mab879 added this to the 0.1.74 milestone Jul 16, 2024
@Mab879 Mab879 added the Infrastructure Our content build system label Jul 16, 2024
@Mab879 Mab879 self-assigned this Jul 16, 2024
@Mab879 Mab879 changed the title Allow multiple control files to add thesame reference type Allow multiple control files to add the same reference type Jul 16, 2024
@sluetze sluetze mentioned this pull request Jul 17, 2024
Closed
Mab879
Mab879 approved these changes Jul 17, 2024
View reviewed changes
Copy link
Member

@Mab879 Mab879 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Thanks.

@Mab879
Copy link
Member

Mab879 commented Jul 17, 2024

Waving the Automatus tests for this PR as they are not applicable for this change.

@Mab879 Mab879 merged commit f590639 into ComplianceAsCode:master Jul 17, 2024
94 of 95 checks passed
@yuumasato yuumasato deleted the add_references_from_multiple_control_files branch July 18, 2024 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mab879 Mab879 Mab879 approved these changes

@jan-cerny jan-cerny Awaiting requested review from jan-cerny

Assignees

@Mab879 Mab879

Labels
Infrastructure Our content build system
Projects
None yet
Milestone
0.1.74
Development

Successfully merging this pull request may close these issues.
2 participants
@yuumasato @Mab879