Show most used rules of component

[Honny1]

Description:

This PR adds the --used-rules flag to the most-used-components command of the profile_tool.py file, which adds a list of used component's rules with the number of profiles where the rule is used.

Review Hints:

To get a list of the most used components with used rules for product RHEL9 you can run this command:

./build-scripts/profile_tool.py most-used-components --products rhel9 --used-rules

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment

Oracle Linux 8 Environment

[github-actions]

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12001
This image was built from commit: 95be94a

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12001

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12001 make deploy-local

[jan-cerny]

I wonder how the counts are computed.

If I run your tool I for example see that accounts_password_pam_minlen is used 15 times, but when I run this command I get 17:

grep -r '\<accounts_password_pam_minlen\>' build/rhel9/profiles/ | wc -l

[jan-cerny]

We need a better help text:

For every component, show usage of each rule in profiles in the given product.

[jan-cerny]

Now the output of the scripts seems to correspond to the results that we can get by searching in resolved profiles.

I'm thinking now that we should remove the "default" profile from the statistics. The "default" profile is a trash bin for rules that aren't present in any real profile but need to be kept in the data streams for backward compatibility reason. But, for the purpose of giving us a knowledge about usage of components in security profiles, the "default" profile is totally uninteresting. Do you agree?

[codeclimate]

Code Climate has analyzed commit 95be94a and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

[Honny1]

/packit rebuild-failed

[Honny1]

@jan-cerny I removed the default profile.

[jan-cerny]

/packit build

[jan-cerny]

I have generated the output for RHEL 8 content, I have checked the output and I have checked some random rules if the reported number is the same as count of occurrences in the built profiles (build/rhel8/profiles). The results were OK.