Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove CIS reference from image policy webhook rule #10932

Merged
merged 1 commit into from
Aug 1, 2023
Merged

Remove CIS reference from image policy webhook rule #10932

merged 1 commit into from
Aug 1, 2023

Conversation

rhmdnd
Copy link
Collaborator

@rhmdnd rhmdnd commented Jul 31, 2023

While updating the CIS profile to support 1.4.0, we implemented more
rules to ensure image configuration is setup properly, which superseded
the general advice we had for configuring image provenance.

This commit removes the CIS reference from the
general_configure_imagepolicywebhook rule since that rule is no longer
included in the CIS profile in favor of:

ocp-allowed-registries
ocp-allowed-registries-for-import
ocp-insecure-registries
ocp-insecure-allowed-registries-for-import

@rhmdnd
Remove CIS reference from image policy webhook rule
a5b8bf7 
While updating the CIS profile to support 1.4.0, we implemented more
rules to ensure image configuration is setup properly, which superseded
the general advice we had for configuring image provenance.

This commit removes the CIS reference from the
general_configure_imagepolicywebhook rule since that rule is no longer
included in the CIS profile in favor of:

  ocp-allowed-registries
  ocp-allowed-registries-for-import
  ocp-insecure-registries
  ocp-insecure-allowed-registries-for-import
@rhmdnd rhmdnd added OpenShift OpenShift product related. CIS CIS Benchmark related. labels Jul 31, 2023
@github-actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate
Copy link

codeclimate bot commented Jul 31, 2023

Code Climate has analyzed commit a5b8bf7 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 53.2% (0.0% change).

View more on Code Climate.

yuumasato
yuumasato approved these changes Aug 1, 2023
View reviewed changes
Copy link
Member

@yuumasato yuumasato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@yuumasato yuumasato self-assigned this Aug 1, 2023
@yuumasato yuumasato added this to the 0.1.70 milestone Aug 1, 2023
@yuumasato yuumasato merged commit 7966da2 into ComplianceAsCode:master Aug 1, 2023
33 of 34 checks passed
@Mab879 Mab879 added the Update Rule Issues or pull requests related to Rules updates. label Oct 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuumasato yuumasato yuumasato approved these changes

@Vincent056 Vincent056 Awaiting requested review from Vincent056

Assignees

@yuumasato yuumasato

Labels
CIS CIS Benchmark related. OpenShift OpenShift product related. Update Rule Issues or pull requests related to Rules updates.
Projects
None yet
Milestone
0.1.70
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rhmdnd @yuumasato @Mab879