From 1c0471afdce6b72278882195534d597bc1f3eb73 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Wed, 16 Oct 2024 14:14:55 -0500
Subject: [PATCH 1/3] Update tests/validate_automatus_metadata.py to check
 platforms

---
 tests/validate_automatus_metadata.py | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/tests/validate_automatus_metadata.py b/tests/validate_automatus_metadata.py
index 47f5a5671e0..a12e6a7fa29 100755
--- a/tests/validate_automatus_metadata.py
+++ b/tests/validate_automatus_metadata.py
@@ -5,11 +5,16 @@
 import glob
 import sys
 
+import ssg.constants
+
 SSG_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), ".."))
 VALID_FIELDS = ['check', 'packages', 'platform', 'profiles', 'remediation', 'templates',
                 'variables']
 VALID_STATES = ['pass', 'fail', 'notapplicable']
 
+VALID_PLATFORMS = (list(ssg.constants.FULL_NAME_TO_PRODUCT_MAPPING.keys())
+                   + list(ssg.constants.MULTI_PLATFORM_MAPPING.keys())
+                   + ['multi_platform_all'])
 
 def _parse_args() -> argparse.Namespace:
     parser = argparse.ArgumentParser()
@@ -31,9 +36,16 @@ def _test_filename_valid(test_file: str) -> bool:
         return False
     return True
 
+def _validate_platform(param_value, test_file):
+    for platform in param_value.split(","):
+        if platform.strip() not in VALID_PLATFORMS:
+            print(f"Invalid platform '{platform}' in {test_file}", file=sys.stderr)
+            return False
+    return True
 
 def _has_invalid_param(root: str, test_file: str) -> bool:
     full_path = os.path.join(root, test_file)
+    has_no_errors = True
     with open(full_path, "r") as f:
         for line in f:
             if not line.startswith("#"):
@@ -44,10 +56,15 @@ def _has_invalid_param(root: str, test_file: str) -> bool:
             if len(parts) != 2:
                 continue
             param_name = parts[0].strip()
+            param_value = parts[1].strip()
+            if param_name == 'platform':
+                has_no_errors = _validate_platform(param_value, test_file)
+
             if param_name not in VALID_FIELDS:
                 print(f"Invalid field '{param_name}' in {test_file}", file=sys.stderr)
-                return False
-    return True
+                has_no_errors = False
+    return has_no_errors
+
 
 
 def main() -> int:

From 762e132991b6bc5d1ad49c08f59744efdf8cf2ee Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Wed, 16 Oct 2024 14:15:15 -0500
Subject: [PATCH 2/3] Fix invalid platforms in tests

---
 .../tests/pam_tally2_file_default.fail.sh                       | 2 +-
 .../tests/pam_tally2_file_non_default.fail.sh                   | 2 +-
 .../tests/pam_tally2_file_unconfigured.pass.sh                  | 2 +-
 .../tests/faillog_t.pass.sh                                     | 2 +-
 .../tests/tmp_t.fail.sh                                         | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_default.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_default.fail.sh
index 583c8e85059..0349db0252c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_default.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_default.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_non_default.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_non_default.fail.sh
index 0277992b54e..670a31d2d94 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_non_default.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_non_default.fail.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_unconfigured.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_unconfigured.pass.sh
index 26e46a925ef..e62d51b2caa 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_unconfigured.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file/tests/pam_tally2_file_unconfigured.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 cat >/etc/pam.d/common-account <<CAPTC
 account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/faillog_t.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/faillog_t.pass.sh
index 97475700389..f47afc62e6f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/faillog_t.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/faillog_t.pass.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
 # packages = policycoreutils-python-utils
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 semanage fcontext -m -t faillog_t "/var/log/tallylog"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/tmp_t.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/tmp_t.fail.sh
index 942756b0fa1..d8db583ed53 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/tmp_t.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_file_selinux/tests/tmp_t.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = policycoreutils-python-utils
-# platform = multi_platform_slmicro5
+# platform = multi_platform_slmicro
 
 semanage fcontext -m -t tmp_t "/var/log/tallylog"
 restorecon -R -v "/var/log/tallylog"

From 21e8c0fa853203057ba435ef814f0da12fbfec50 Mon Sep 17 00:00:00 2001
From: Matthew Burket <mburket@redhat.com>
Date: Wed, 16 Oct 2024 14:31:45 -0500
Subject: [PATCH 3/3] Fix PEP8 issues in tests/validate_automatus_metadata.py

---
 tests/validate_automatus_metadata.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/validate_automatus_metadata.py b/tests/validate_automatus_metadata.py
index a12e6a7fa29..b4bc9c341b5 100755
--- a/tests/validate_automatus_metadata.py
+++ b/tests/validate_automatus_metadata.py
@@ -16,6 +16,7 @@
                    + list(ssg.constants.MULTI_PLATFORM_MAPPING.keys())
                    + ['multi_platform_all'])
 
+
 def _parse_args() -> argparse.Namespace:
     parser = argparse.ArgumentParser()
     parser.add_argument("-r", "--root", required=False, default=SSG_ROOT,
@@ -36,6 +37,7 @@ def _test_filename_valid(test_file: str) -> bool:
         return False
     return True
 
+
 def _validate_platform(param_value, test_file):
     for platform in param_value.split(","):
         if platform.strip() not in VALID_PLATFORMS:
@@ -43,6 +45,7 @@ def _validate_platform(param_value, test_file):
             return False
     return True
 
+
 def _has_invalid_param(root: str, test_file: str) -> bool:
     full_path = os.path.join(root, test_file)
     has_no_errors = True
@@ -59,14 +62,12 @@ def _has_invalid_param(root: str, test_file: str) -> bool:
             param_value = parts[1].strip()
             if param_name == 'platform':
                 has_no_errors = _validate_platform(param_value, test_file)
-
             if param_name not in VALID_FIELDS:
                 print(f"Invalid field '{param_name}' in {test_file}", file=sys.stderr)
                 has_no_errors = False
     return has_no_errors
 
 
-
 def main() -> int:
     args = _parse_args()
     test_files = get_files(args.root)