Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add apparmor rule to Ubuntu CIS profiles and minor fixes to profiles #10338

Merged
merged 7 commits into from
Mar 17, 2023
Merged

Add apparmor rule to Ubuntu CIS profiles and minor fixes to profiles #10338

merged 7 commits into from
Mar 17, 2023

Conversation

dodys
Copy link
Contributor

@dodys dodys commented Mar 15, 2023

Description:

  • Add rule all_apparmor_profiles_in_enforce_complain_mode to Ubuntu CIS profiles
  • Add SCE check to all_apparmor_profiles_in_enforce_complain_mode
  • Fix typo in cis_level1_server profile
  • Fix title and description in cis_level2_workstation profile

Rationale:

  • Rule needed for CIS on Ubuntu 22.04 and 20.04

@dodys dodys added Ubuntu Ubuntu product related. CIS CIS Benchmark related. labels Mar 15, 2023
@dodys dodys requested a review from a team as a code owner March 15, 2023 18:39
@Mab879 Mab879 self-assigned this Mar 15, 2023
@Mab879 Mab879 added this to the 0.1.67 milestone Mar 15, 2023
@Mab879 Mab879 added the Update Profile Issues or pull requests related to Profiles updates. label Mar 15, 2023
@github-actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate
Copy link

codeclimate bot commented Mar 15, 2023

Code Climate has analyzed commit cd9c69f and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 51.7% (0.0% change).

View more on Code Climate.

@openshift-ci
Copy link

openshift-ci bot commented Mar 15, 2023

@dodys: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-aws-rhcos4-e8 cd9c69f link true /test e2e-aws-rhcos4-e8
ci/prow/e2e-aws-rhcos4-moderate cd9c69f link true /test e2e-aws-rhcos4-moderate
ci/prow/e2e-aws-rhcos4-high cd9c69f link true /test e2e-aws-rhcos4-high

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@dodys
Copy link
Contributor Author

dodys commented Mar 16, 2023

/packit retest-failed

Mab879
Mab879 approved these changes Mar 16, 2023
View reviewed changes
Copy link
Member

@Mab879 Mab879 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR. I'm going wait a day for the CentOS Stream 8 test to be fixed before merging this PR.

@Mab879
Copy link
Member

Mab879 commented Mar 17, 2023

Waving the CentOS Stream due to the testing farm outage.

I'm also waving the Ubutnu CODEOWNERS requirement as @dodys cannot merge his own PR.

@Mab879 Mab879 merged commit 4b4b314 into ComplianceAsCode:master Mar 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mab879 Mab879 Mab879 approved these changes

Assignees

@Mab879 Mab879

Labels
CIS CIS Benchmark related. Ubuntu Ubuntu product related. Update Profile Issues or pull requests related to Profiles updates.
Projects
None yet
Milestone
0.1.67
Development

Successfully merging this pull request may close these issues.
2 participants
@dodys @Mab879