New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added provisional remediation to audit rules. #4107
Conversation
@matejak I know there aren't merge conflicts, but when I scan and remediate, some rules that should be passing are failing. |
@yuumasato Yes, the branch is not updated and is missing some important commits from the master. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few comments.
shared/bash_remediation_functions/create_audit_remediation_file.sh
Outdated
Show resolved
Hide resolved
For some reason, the report of the remediation run fails on rules:
But on second scan, these rules pass. Edit: copy paste error |
We need to add remediations also for:
|
The remediation copies part of the recommended audit config that should assure OSPP compliance. Disadvantage: The remediation fixes more than one rule at time. Advantage: This is the way how to fix the issue from the audit project's point of view + we can guarantee related audit rule ordering.
Rebased, changed according to input. |
The inspection completed: 3 new issues |
All the audit rules are passing after the latest updates 🙂 |
@matejak Good job, thank you. |
Also ACK, I understand the solution is not ideal, and these remediations should be improved in the future. |
The remediation copies part of the recommended audit config that should assure OSPP compliance.
Disadvantage: The remediation fixes more than one rule at time.
Advantage: This is the way how to fix the issue from the audit project's point of view + we can guarantee related audit rule ordering.