Generate per profile testinfo tables from XCCDF 1.2 #9325
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
This commit changes the `table-${PRODUCT}-${STIG_PROFILE}-testinfo.html`
files generator to use the `ssg-${PRODUCT}-xccdf-1.2.xml` instead of
`ssg-${PRODUCT}-xccdf.xml` as an input.
jan-cerny
force-pushed
the
stig_per_profile
branch
from
e51e22f
to
615ac94
Compare
|
I have rebased this PR on the top of the latest upstream master branch because they have changed the required set of tests in our GitHub CI. |
|
Code Climate has analyzed commit 615ac94 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 42.5% (0.0% change). View more on Code Climate. |
Mab879
reviewed
Aug 26, 2022
I don't know, but they aren't there in master, so it isn't caused by this PR. |
Mab879
approved these changes
Aug 26, 2022
jan-cerny
added a commit
to jan-cerny/scap-security-guide
that referenced
this pull request
Aug 26, 2022
In ComplianceAsCode#9325 we discovered that the `table-${PRODUCT}-${STIG_PROFILE}-testinfo.html` is missing contents in `Check Text (OCIL Check)` and `800-53 Refs` columns. However, it isn't caused by ComplianceAsCode#9325, these data were empty even before, the reasons are: - the template doesn't expect OCIL as a separate file, it expects OCIL data embedded in XCCDF as it used to be in past - the template used a wrong XML namespace for CCI list so the CCI list couldn't be parsed by the template. This commit tries to solve these 2 problems. However, there are offensive `<sub>` elements in the HTML output which need still to be resolved on the level of `ocil-unlinked.xml` generator (it isn't a problem in this template).
dahaic
pushed a commit
to dahaic/scap-security-guide
that referenced
this pull request
Sep 12, 2022
In ComplianceAsCode#9325 we discovered that the `table-${PRODUCT}-${STIG_PROFILE}-testinfo.html` is missing contents in `Check Text (OCIL Check)` and `800-53 Refs` columns. However, it isn't caused by ComplianceAsCode#9325, these data were empty even before, the reasons are: - the template doesn't expect OCIL as a separate file, it expects OCIL data embedded in XCCDF as it used to be in past - the template used a wrong XML namespace for CCI list so the CCI list couldn't be parsed by the template. This commit tries to solve these 2 problems. However, there are offensive `<sub>` elements in the HTML output which need still to be resolved on the level of `ocil-unlinked.xml` generator (it isn't a problem in this template).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
This commit changes the
table-${PRODUCT}-${STIG_PROFILE}-testinfo.htmlfiles generator to use the
ssg-${PRODUCT}-xccdf-1.2.xmlinstead ofssg-${PRODUCT}-xccdf.xmlas an input.Rationale:
This reduces our dependency on XCCDF 1.1 so it will help us to remove the XCCDF 1.1 format in future.