templates: add rhel10 to conditional macros where rhel9 is mentioned

[vojtapolasek]

Description:

• for templates sebool, grub2_bootloader_argument_absent and grub2_bootloader_argument
• there are sometimes macros which modify behavior of the template based on the product
• add rhel10 to such lists where rhel9 is
• I tested it on RHEL 10 with automatus template mode

Rationale:

• ensure that correct checks and remediations are built for RHEL 10

Review Hints:

1. ./build_product rhel10
2. cd tests
3. python automatus.py template --libvirt qemu:///system rhel10 sebool
4. python automatus.py template --libvirt qemu:///system rhel10 grub2_bootloader_argument_absent
5. python automatus.py template --libvirt qemu:///system rhel10 grub2_bootloader_argument

Tests should pass. Note that when testing grub2_bootloader_argument, there will be one rule failing; grub2_kernel_trust_cpu_rng. This rule should not be affected by this PR, because the PR modifies the template OVAL but this particular rule has its own OVAL. Nevertheless, it is broken on RHEL 10 and should be reported as an issue.

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment

Oracle Linux 8 Environment

[github-actions]

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:12156
This image was built from commit: a5260ef

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:12156

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:12156 make deploy-local

[Mab879]

I ran ./automatus.py template --datastream ../build/ssg-rhel10-ds.xml --libvirt qemu:///system automatus_rhel10 grub2_bootloader_argument and it found the error listed below and many notapplicable. Is this expected?

ERROR - Script boot_parameter.pass.sh using profile (all) found issue:
ERROR - Rule evaluation resulted in fail, instead of expected pass during initial stage 
ERROR - The initial scan failed for rule 'xccdf_org.ssgproject.content_rule_grub2_kernel_trust_cpu_rng'.
ERROR - Script compiled_but_overridden.fail.sh using profile (all) found issue:
ERROR - Rule evaluation resulted in pass, instead of expected fail during initial stage 
ERROR - The initial scan failed for rule 'xccdf_org.ssgproject.content_rule_grub2_kernel_trust_cpu_rng'.
INFO - Script arg_not_there_etcdefaultgrub.fail.sh using profile (all) OK
ERROR - Rule evaluation resulted in error, instead of expected fixed during remediation stage 
ERROR - The remediation failed for rule 'xccdf_org.ssgproject.content_rule_grub2_kernel_trust_cpu_rng'.

[vojtapolasek]

@Mab879 I mention it in "Review hints". Yes, it is expected. The rule grub2_kernel_trust_cpu_rng is not affected by this PR.
Not applicable scripts are also expected, by looking into the folder shared/templates/grub2_bootloader_argument/tests and examining scripts you will notice that many scripts are applicable to Ubuntu or RHEL 8. But now I see that some of them are applicable to RHEL 9 and should be probably made applicable to RHEL 10. So thanks for making me go through them again :-)

[codeclimate]

Code Climate has analyzed commit a5260ef and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

[Mab879]

LGTM.