Add rule sshd_use_approved_ciphers back to RHEL 9 data stream #12174
Conversation
In ComplianceAsCode#12150 we removed sshd_use_approved_ciphers from RHEL 9 profiles. This caused that the rule disappeared from the built data stream. That can break people tailorings. Also, it breaks the CI test /static-checks/removed-rules. For example: https://artifacts.dev.testing-farm.io/a38de8f4-1581-4bff-b690-c3d6f854d047/ We need to add the rule back. The rule is added to the hidden default profile, which causes that the rule is present in built data stream, but isn't present in any profile.
jan-cerny
added
BLOCKER
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
|
🤖 A k8s content image for this PR is available at: Click here to see how to deploy itIf you alread have Compliance Operator deployed: Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: |
|
Code Climate has analyzed commit a6f3398 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 59.4% (0.0% change). View more on Code Climate. |
In #12150 we removed sshd_use_approved_ciphers from RHEL 9 profiles.
This caused that the rule disappeared from the built data stream. That can break people tailorings. Also, it breaks the CI test /static-checks/removed-rules. For example:
https://artifacts.dev.testing-farm.io/a38de8f4-1581-4bff-b690-c3d6f854d047/
We need to add the rule back. The rule is added to the hidden default profile, which causes that the rule is present in built data stream, but isn't present in any profile.