Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate manpage with CMake better #10624

Merged
merged 5 commits into from
Jun 12, 2023
Merged

Integrate manpage with CMake better #10624

merged 5 commits into from
Jun 12, 2023

Conversation

matejak
Copy link
Member

@matejak matejak commented May 23, 2023
edited

Pass the build information to the script that generates the manpage from the template to

  • use CMake paths, and to
  • leave out info about artifacts that are not built.

Left to do:

  • Describe the tailoring accordingly.
  • Update static parts of the template if we know how.

Rationale:

Review Hints:

  • The manpage is generated to the top of the build directory. Check it out.

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label May 23, 2023
@openshift-ci
Copy link

openshift-ci bot commented May 23, 2023

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@github-actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

jan-cerny
jan-cerny reviewed Jun 5, 2023
View reviewed changes
CMakeLists.txt Outdated
@@ -26,6 +26,7 @@ set(SSG_CONTENT_INSTALL_DIR "${CMAKE_INSTALL_DATADIR}/xml/scap/ssg/content")
set(SSG_GUIDE_INSTALL_DIR "${CMAKE_INSTALL_DOCDIR}/guides")
set(SSG_TABLE_INSTALL_DIR "${CMAKE_INSTALL_DOCDIR}/tables")
set(SSG_ANSIBLE_ROLE_INSTALL_DIR "${CMAKE_INSTALL_DATADIR}/scap-security-guide/ansible")
set(SSG_ANSIBLE_PER_RULE_PLAYBOOKS_ISNTALL_DIR "${SSG_ANSIBLE_ROLE_INSTALL_DIR}/rule_playbooks")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo

cmake/SSGCommon.cmake Outdated
@@ -79,7 +79,7 @@ endmacro()
macro(ssg_build_man_page)
add_custom_command(
OUTPUT "${CMAKE_BINARY_DIR}/scap-security-guide.8"
COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${SSG_BUILD_SCRIPTS}/generate_man_page.py" --template "${CMAKE_SOURCE_DIR}/docs/man_page_template.jinja" --input_dir "${CMAKE_BINARY_DIR}" --output "${CMAKE_BINARY_DIR}/scap-security-guide.8"
COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${SSG_BUILD_SCRIPTS}/generate_man_page.py" --template "${CMAKE_SOURCE_DIR}/docs/man_page_template.jinja" --input_dir "${CMAKE_BINARY_DIR}" --output "${CMAKE_BINARY_DIR}/scap-security-guide.8" --install-prefix "${CMAKE_INSTALL_PREFIX}" --separate-scap-files "${SSG_SEPARATE_SCAP_FILES_ENABLED}:${SSG_CONTENT_INSTALL_DIR}" --profile-bash "${SSG_BASH_SCRIPTS_ENABLED}:${SSG_BASH_ROLE_INSTALL_DIR}" --profile-ansible "${SSG_ANSIBLE_PLAYBOOKS_ENABLED}:${SSG_ANSIBLE_ROLE_INSTALL_DIR}" --ansible-per-rule "${SSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED}:${SSG_ANSIBLE_PER_RULE_PLAYBOOKS_ISNTALL_DIR}" --kickstarts "ON:${SSG_KICKSTART_INSTALL_DIR}" --tailoring "ON:${SSG_TAILORING_INSTALL_DIR}" --content-path "${SSG_CONTENT_INSTALL_DIR}"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

inconsistent indentation

docs/man_page_template.jinja
.RS
Contains delta tailoring, whatever that means.
.RE
{{%- endif %}}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you considered dropping the 2 sections about deployment below?

docs/man_page_template.jinja Outdated
{{% if tailoring_path -%}}
.I {{{ install_prefix }}}/{{{ tailoring_path }}}/
.RS
Contains delta tailoring, whatever that means.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't a good text for a man page. The man page should provide specific information. I propose:

Contains tailoring files that enable rules that are not covered by third-party SCAP content and disables rules that are covered by the content shipped in scap-security-guide.

build-scripts/generate_man_page.py Outdated
substitution_dicts = {"products": all_products}
substitution_dicts = dict(
products=all_products,
content_path=args.content_path,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be possible to handle also these items by parse_arguments_into_dict as well?

@jan-cerny jan-cerny self-assigned this Jun 5, 2023
@matejak
Integrate manpage with CMake better
47dd0e3 
Pass the build information to the script that generates the manpage
from the template to
- use CMake paths, and to
- leave out info about artifacts that are not built.
@matejak
Address reviewer feedback
8139324
@matejak
Remove the deployment section
eeb7c0b 
The text may make sense, but it should not be in an upstream project.
Regulations like these should be maintained and supplied by institutions
where the project is used, and should not be visible to the upstream general public.
@matejak
Fix a cmake linting error
d19fbee
@jan-cerny jan-cerny added this to the 0.1.69 milestone Jun 9, 2023
@jan-cerny jan-cerny added the Documentation Update in project documentation. label Jun 9, 2023
jan-cerny
jan-cerny reviewed Jun 9, 2023
View reviewed changes
Copy link
Collaborator

@jan-cerny jan-cerny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have build and reviewed the generated manual page.

I like the proposed changes very much. It's a great improvement!

I have some fresh new ideas:

  • You can modernize the example in the examples section by showcasing the usage of the --results-arf option instead of the --results and --oval-results.
  • you can link the project repo instead of the wiki
  • we sometimes incorrectly use "datastream" or other misspelled variants, we should always use "data stream"

Feel free to apply the ideas or mark the PR as ready to review.

@matejak matejak marked this pull request as ready for review June 9, 2023 16:21
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Used by openshift-ci bot. label Jun 9, 2023
@codeclimate
Copy link

codeclimate bot commented Jun 9, 2023

Code Climate has analyzed commit bc2a32a and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 52.8%.

View more on Code Climate.

jan-cerny
jan-cerny approved these changes Jun 12, 2023
View reviewed changes
Copy link
Collaborator

@jan-cerny jan-cerny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have seen the generated man page for rhel8.

Thank you.

@jan-cerny jan-cerny merged commit 897eaae into ComplianceAsCode:master Jun 12, 2023
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels
Documentation Update in project documentation.
Projects
None yet
Milestone
0.1.69
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@matejak @jan-cerny