Skip to content

Comments

Remove all references for dropped OVALs#2809

Merged
mpreisler merged 1 commit intoComplianceAsCode:masterfrom
yuumasato:remove_references_to_dropped_ovals
May 1, 2018
Merged

Remove all references for dropped OVALs#2809
mpreisler merged 1 commit intoComplianceAsCode:masterfrom
yuumasato:remove_references_to_dropped_ovals

Conversation

@yuumasato
Copy link
Member

@yuumasato yuumasato commented Apr 30, 2018

Description:

  • Remove all references to OVAL definitions dropped due to incompleteness.

Rationale:

  • OVAL 5.10 doesn't have systemdunitproperty test, and some definitions can be incomplete.
  • When building content with only OVAL 5.10, incomplete OVAL definitions are dropped. But references to these definitions still existed in auxiliary data structures. Not dropping them was causing a traceback when later we tried to add check-exports.
Traceback (most recent call last):
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/utils/relabel-ids.py", line 514, in <module>
    main()
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/utils/relabel-ids.py", line 500, in main
    oval_linker.link_xccdf()
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/utils/relabel-ids.py", line 99, in link_xccdf
    self.add_missing_check_exports(check, checkcontentref)
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/utils/relabel-ids.py", line 225, in add_missing_check_exports
    for def_id in self.get_nested_definitions(check_name):
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/utils/relabel-ids.py", line 211, in get_nested_definitions
    extensions = parse_oval.find_extending_defs(self.oval_groups, definition_tree)
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/modules/parse_oval.py", line 94, in find_extending_defs
    finder.find_element(defn, "extend_definition", "definition_ref")
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/modules/parse_oval.py", line 35, in find_element
    self._recurse(start_element)
  File "/home/jenkins/workspace/scap-security-guide-nightly-oval510-zip/shared/modules/parse_oval.py", line 38, in _recurse
    if element.tag.endswith(self.target):
AttributeError: 'NoneType' object has no attribute 'tag'

@yuumasato
Remove all references for dropped OVALs
de07ee7 
When dropping OVAL checks due to incompleteness we should drop all
references to them to keep consistency.
@yuumasato yuumasato added the BLOCKER Impediments to release, like failure to build content, or content built is out of standard's syntax label Apr 30, 2018
@yuumasato yuumasato added this to the 0.1.39 milestone Apr 30, 2018
@pep8speaks
Copy link

pep8speaks commented Apr 30, 2018

Hello @yuumasato! Thanks for submitting the PR.

Line 14:1: E402 module level import not at top of file
Line 15:1: E402 module level import not at top of file
Line 20:1: E402 module level import not at top of file

@yuumasato
Copy link
Member Author

yuumasato commented Apr 30, 2018

For reference Jenkins trying to build content with only OVAL 5.10: https://jenkins.open-scap.org/view/SCAP%20Security%20Guide/job/scap-security-guide-nightly-oval510-zip/

@mpreisler mpreisler self-assigned this May 1, 2018
@mpreisler
Copy link
Member

mpreisler commented May 1, 2018

ACK

@mpreisler mpreisler merged commit e0eb27c into ComplianceAsCode:master May 1, 2018
@yuumasato yuumasato deleted the remove_references_to_dropped_ovals branch May 2, 2018 20:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

BLOCKER Impediments to release, like failure to build content, or content built is out of standard's syntax

Projects

None yet

Milestone

0.1.39

Development

Successfully merging this pull request may close these issues.

3 participants

@yuumasato @pep8speaks @mpreisler