From 601416f0edcd978706745794f06d4c17cc7c4853 Mon Sep 17 00:00:00 2001
From: sluetze <13255307+sluetze@users.noreply.github.com>
Date: Tue, 16 Jul 2024 09:01:31 +0200
Subject: [PATCH] add missing identifier and fix indentation

---
 .../general/general_node_separation/rule.yml   | 18 +++++++++++++-----
 shared/references/cce-redhat-avail.txt         |  1 -
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/applications/openshift/general/general_node_separation/rule.yml b/applications/openshift/general/general_node_separation/rule.yml
index 3ff4f755892f..625aa0cad47a 100644
--- a/applications/openshift/general/general_node_separation/rule.yml
+++ b/applications/openshift/general/general_node_separation/rule.yml
@@ -3,20 +3,28 @@ documentation_complete: true
 title: 'Create Boundaries between Resources using Nodes or Clusters'
 
 description: |-
-   Use Nodes or Clusters to isolate Workloads with high protection requirements.
+    Use Nodes or Clusters to isolate Workloads with high protection requirements.
 
-   Run the following command and review the pods and how they are deployed on Nodes. <pre>$ oc get pod -o=custom-columns=NAME:.metadata.name,NAMESPACE:.metadata.namespace,APP:.metadata.labels.app\.kubernetes\.io/name,NODE:.spec.nodeName --all-namespaces | grep -v "openshift-" </pre>
-   You can use labels or other data as custom field which helps you to identify parts of an application.
-   Ensure that Applications with high protection requirements are not colocated on Nodes or in Clusters with workloads of lower protection requirements.
+    Run the following command and review the pods and how they are deployed on Nodes.
+    <pre>$ oc get pod -o=custom-columns=NAME:.metadata.name,NAMESPACE:.metadata.namespace,APP:.metadata.labels.app\.kubernetes\.io/name,NODE:.spec.nodeName --all-namespaces | grep -v "openshift-" </pre>
+    You can use labels or other data as custom field which helps you to identify parts of an application.
+    Ensure that Applications with high protection requirements are not colocated on Nodes or in Clusters
+    with workloads of lower protection requirements.
 
 rationale: |-
-   Assigning workloads with high protection requirements to specific nodes creates and additional boundary (the node) between workloads of high protection requirements and workloads which might follow less strict requirements. An adversary which attacked a lighter protected workload now has additional obstacles for their movement towards the higher protected workloads.
+    Assigning workloads with high protection requirements to specific nodes creates and additional
+    boundary (the node) between workloads of high protection requirements and workloads which might
+    follow less strict requirements. An adversary which attacked a lighter protected workload now has
+    additional obstacles for their movement towards the higher protected workloads.
 
 references:
     bsi: APP.4.4.A14,APP.4.4.A15
 
 severity: medium
 
+identifiers:
+    cce@ocp4: CCE-90279-1
+
 ocil_clause: 'Application placement on Nodes and Clusters needs review'
 
 ocil: |-
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index 559318d050c9..a18694191a1a 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -1353,7 +1353,6 @@ CCE-88725-7
 CCE-88727-3
 CCE-88728-1
 CCE-88729-9
-CCE-88731-5
 CCE-88734-9
 CCE-88735-6
 CCE-88736-4