Merge pull request ComplianceAsCode#12505 from Mab879/update_tests_va…

…lidate_automatus_metadata.py

Ensure that platforms is valid in Automatus tests

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_default.fail.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_non_default.fail.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_unconfigured.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/faillog_t.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
 # packages = policycoreutils-python-utils
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 semanage fcontext -m -t faillog_t "/var/log/tallylog"

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/tmp_t.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = policycoreutils-python-utils
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 semanage fcontext -m -t tmp_t "/var/log/tallylog"
 restorecon -R -v "/var/log/tallylog"

tests/validate_automatus_metadata.py

@@ -5,11 +5,17 @@
 import glob
 import sys
 
+import ssg.constants
+
 SSG_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), ".."))
 VALID_FIELDS = ['check', 'packages', 'platform', 'profiles', 'remediation', 'templates',
                 'variables']
 VALID_STATES = ['pass', 'fail', 'notapplicable']
 
+VALID_PLATFORMS = (list(ssg.constants.FULL_NAME_TO_PRODUCT_MAPPING.keys())
+                   + list(ssg.constants.MULTI_PLATFORM_MAPPING.keys())
+                   + ['multi_platform_all'])
+
 
 def _parse_args() -> argparse.Namespace:
     parser = argparse.ArgumentParser()
@@ -32,8 +38,17 @@ def _test_filename_valid(test_file: str) -> bool:
     return True
 
 
+def _validate_platform(param_value, test_file):
+    for platform in param_value.split(","):
+        if platform.strip() not in VALID_PLATFORMS:
+            print(f"Invalid platform '{platform}' in {test_file}", file=sys.stderr)
+            return False
+    return True
+
+
 def _has_invalid_param(root: str, test_file: str) -> bool:
     full_path = os.path.join(root, test_file)
+    has_no_errors = True
     with open(full_path, "r") as f:
         for line in f:
             if not line.startswith("#"):
@@ -44,10 +59,13 @@ def _has_invalid_param(root: str, test_file: str) -> bool:
             if len(parts) != 2:
                 continue
             param_name = parts[0].strip()
+            param_value = parts[1].strip()
+            if param_name == 'platform':
+                has_no_errors = _validate_platform(param_value, test_file)
             if param_name not in VALID_FIELDS:
                 print(f"Invalid field '{param_name}' in {test_file}", file=sys.stderr)
-                return False
-    return True
+                has_no_errors = False
+    return has_no_errors
 
 
 def main() -> int: