make audit-sample-rules into a diff-style tool

Based on recent discussions, turn the test into a diff-like tool
the output of which is to be always reviewed by a human.

This is in contrast to the old (current) state which treats the
test as a regression test, assuming it is meant to normally 'pass'.

And that would make sense if we wanted to keep audit rule lists stored
in the content identical with auditd samples, but we (CaC/content)
do not want that.

Instead, the intention is to just alert about any differences, and let
the humans decide whether they are significant enough to update the
CaC/content audit rules, and how.

Signed-off-by: Jiri Jaburek <[email protected]>

conf/waivers/20-long-term

@@ -121,18 +121,6 @@
 /per-rule/.*/set_nftables_table/.*
     rhel == 9
 
-# /static-checks
-#
-# new arch= on RHEL-9.5
-# https://github.com/ComplianceAsCode/content/issues/12321
-/static-checks/audit-sample-rules/audit_ospp_general.*
-    rhel == 9.5
-# older issues with pkexec and grub2-set-bootflag, they seem to appear
-# only with older audit-3.0.x
-# https://github.com/ComplianceAsCode/content/issues/12321
-/static-checks/audit-sample-rules/audit_ospp_general.*
-    (rhel == 9 and rhel <= 9.3) or rhel == 8.8
-
 # RHEL10 - No official RHEL10 STIG/CIS benchmark yet
 /static-checks/rule-identifiers/(stig|cis.*)/.*
     rhel == 10

static-checks/diff/main.fmf

@@ -24,3 +24,9 @@ adjust:
 /profile-variables:
     summary: Diff datastreams, output profile variable refine differences
     test: python3 -m lib.runtest ./profile-variables.py
+
+/audit-sample-rules:
+    summary: Diff audit.rules between Content and installed auditd samples
+    test: python3 -m lib.runtest ./audit-sample-rules.py
+    require+:
+      - audit