Merge pull request #11213 from jan-cerny/11183

Add a better Error Message For Undefined Identifier Types
ComplianceAsCode · Oct 20, 2023 · 440747b · 440747b
2 parents a7f0de6 + a3c4cb3
commit 440747b
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 5 deletions.
diff --git a/ssg/build_yaml.py b/ssg/build_yaml.py
@@ -31,6 +31,7 @@
                         SSG_BENCHMARK_LATEST_URI,
                         SSG_PROJECT_NAME,
                         SSG_REF_URIS,
+                        SSG_IDENT_URIS,
                         PREFIX_TO_NS,
                         FIX_TYPE_TO_SYSTEM
                         )
@@ -960,6 +961,15 @@ def _add_fixes_elements(self, rule_el):
             # into corresponding XCCDF <sub> elements
             ssg.build_remediations.expand_xccdf_subs(fix_el, fix_type)
 
+    def _add_ident_elements(self, rule):
+        for ident_type, ident_val in self.identifiers.items():
+            if ident_type not in SSG_IDENT_URIS:
+                msg = "Invalid identifier type '%s' in rule '%s'" % (ident_type, self.id_)
+                raise ValueError(msg)
+            ident = ET.SubElement(rule, '{%s}ident' % XCCDF12_NS)
+            ident.set("system", SSG_IDENT_URIS[ident_type])
+            ident.text = ident_val
+
     def to_xml_element(self, env_yaml=None):
         rule = ET.Element('{%s}Rule' % XCCDF12_NS)
         rule.set('selected', 'false')
@@ -988,11 +998,7 @@ def to_xml_element(self, env_yaml=None):
             rule, "conflicts", "idref",
             list(map(lambda x: OSCAP_RULE + x, self.conflicts)))
 
-        for ident_type, ident_val in self.identifiers.items():
-            ident = ET.SubElement(rule, '{%s}ident' % XCCDF12_NS)
-            if ident_type == 'cce':
-                ident.set('system', cce_uri)
-                ident.text = ident_val
+        self._add_ident_elements(rule)
         self._add_fixes_elements(rule)
 
         ocil_parent = rule

diff --git a/ssg/constants.py b/ssg/constants.py
@@ -514,3 +514,8 @@ class OvalNamespaces:
     "products/chromium/guide",
     "products/firefox/guide",
 }
+
+
+SSG_IDENT_URIS = {
+    'cce': cce_uri
+}